From 23eed840ee9049ca60a062364c7fad12268f8701 Mon Sep 17 00:00:00 2001 From: Or Shoval Date: Sun, 21 Jul 2024 11:39:30 +0300 Subject: [PATCH] passt: Build and publish Passt binding CNI image Include DaemonSet manifest to deploy the binary on the cluster nodes. Signed-off-by: Or Shoval --- .github/workflows/publish-img.yaml | 28 +++++++++++++++++ Makefile | 5 +++ hack/cluster.sh | 3 +- passt/Dockerfile | 9 ++++++ passt/passt-binding-cni-ds.yaml | 49 ++++++++++++++++++++++++++++++ 5 files changed, 93 insertions(+), 1 deletion(-) create mode 100644 passt/Dockerfile create mode 100644 passt/passt-binding-cni-ds.yaml diff --git a/.github/workflows/publish-img.yaml b/.github/workflows/publish-img.yaml index 5705b133..6d7acf42 100644 --- a/.github/workflows/publish-img.yaml +++ b/.github/workflows/publish-img.yaml @@ -8,6 +8,7 @@ on: env: REGISTRY: ghcr.io IMAGE_NAME: kubevirt/ipam-controller + PASST_BINDING_CNI_IMAGE_NAME: kubevirt/passt-binding-cni jobs: push-amd64: @@ -39,6 +40,11 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + - name: Fetch KubeVirt Release + run: | + KUBEVIRT_VERSION=$(curl -sSL https://storage.googleapis.com/kubevirt-prow/release/kubevirt/kubevirt/stable.txt) + echo "KUBEVIRT_VERSION=${KUBEVIRT_VERSION}" >> $GITHUB_ENV + - name: Push latest container image if: github.repository_owner == 'kubevirt' uses: docker/build-push-action@v5.3.0 @@ -48,6 +54,17 @@ jobs: tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest file: Dockerfile + - name: Push latest passt binding cni container image + if: github.repository_owner == 'kubevirt' + uses: docker/build-push-action@v5.3.0 + with: + context: . + push: true + tags: ${{ env.REGISTRY }}/${{ env.PASST_BINDING_CNI_IMAGE_NAME }}:latest + file: passt/Dockerfile + build-args: | + KUBEVIRT_VERSION=${{ env.KUBEVIRT_VERSION }} + - name: Push stable container image if: startsWith(github.ref, 'refs/tags/') uses: docker/build-push-action@v5.3.0 @@ -57,6 +74,17 @@ jobs: tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }} file: Dockerfile + - name: Push stable passt binding cni container image + if: startsWith(github.ref, 'refs/tags/') + uses: docker/build-push-action@v5.3.0 + with: + context: . + push: true + tags: ${{ env.REGISTRY }}/${{ env.PASST_BINDING_CNI_IMAGE_NAME }}:${{ github.ref_name }} + file: passt/Dockerfile + build-args: | + KUBEVIRT_VERSION=${{ env.KUBEVIRT_VERSION }} + - name: Template release manifests if: startsWith(github.ref, 'refs/tags/') run: IMG=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }} make build-installer diff --git a/Makefile b/Makefile index e63f2a8c..f0c95663 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,8 @@ # Image URL to use all building/pushing image targets IMG ?= kubevirt-ipam-controller:latest +PASST_IMG ?= kubevirt/passt-binding-cni:latest + # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. ENVTEST_K8S_VERSION = 1.29.0 @@ -100,10 +102,13 @@ run: manifests generate fmt vet ## Run a controller from your host. .PHONY: docker-build docker-build: ## Build docker image with the manager. $(CONTAINER_TOOL) build -t ${IMG} . + export KUBEVIRT_VERSION=$$(curl -sSL https://storage.googleapis.com/kubevirt-prow/release/kubevirt/kubevirt/stable.txt) && \ + $(CONTAINER_TOOL) build --build-arg KUBEVIRT_VERSION=$${KUBEVIRT_VERSION} -f passt/Dockerfile -t ${PASST_IMG} . .PHONY: docker-push docker-push: ## Push docker image with the manager. $(CONTAINER_TOOL) push ${IMG} + $(CONTAINER_TOOL) push ${PASST_IMG} # PLATFORMS defines the target platforms for the manager image be built to provide support to multiple # architectures. (i.e. make docker-buildx IMG=myregistry/mypoperator:0.0.1). To use this option you need to: diff --git a/hack/cluster.sh b/hack/cluster.sh index 4b268e60..0f73c27b 100755 --- a/hack/cluster.sh +++ b/hack/cluster.sh @@ -64,8 +64,9 @@ function down() { function sync() { local img=localhost:5000/kubevirt-ipam-controller + local passt_img=localhost:5000/passt-binding-cni local tag=latest - IMG=$img:$tag make \ + IMG=$img:$tag PASST_IMG=$passt_img:$tag make \ build \ docker-build \ docker-push diff --git a/passt/Dockerfile b/passt/Dockerfile new file mode 100644 index 00000000..3290a9fb --- /dev/null +++ b/passt/Dockerfile @@ -0,0 +1,9 @@ +FROM registry.access.redhat.com/ubi9/ubi-minimal + +ARG KUBEVIRT_VERSION + +ENV CNI_PATH="/cni" + +RUN mkdir -p ${CNI_PATH} +ADD https://github.com/kubevirt/kubevirt/releases/download/${KUBEVIRT_VERSION}/kubevirt-passt-binding ${CNI_PATH}/network-passt-binding +RUN chmod +x ${CNI_PATH}/network-passt-binding diff --git a/passt/passt-binding-cni-ds.yaml b/passt/passt-binding-cni-ds.yaml new file mode 100644 index 00000000..9b21a2d8 --- /dev/null +++ b/passt/passt-binding-cni-ds.yaml @@ -0,0 +1,49 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: passt-binding-cni + namespace: kube-system + labels: + tier: node + app: passt-binding-cni +spec: + selector: + matchLabels: + name: passt-binding-cni + updateStrategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 10% + template: + metadata: + labels: + name: passt-binding-cni + tier: node + app: passt-binding-cni + annotations: + description: passt-binding-cni installs 'passt binding' CNI on cluster nodes + spec: + priorityClassName: system-cluster-critical + containers: + - name: installer + image: ghcr.io/kubevirt/passt-binding-cni:latest + command: [ "/bin/sh", "-ce" ] + args: + - | + ls -la "/cni/network-passt-binding" + cp -f "/cni/network-passt-binding" "/opt/cni/bin" + echo "passt binding CNI plugin installation complete..sleep inf" + sleep infinity + resources: + requests: + cpu: "10m" + memory: "15Mi" + securityContext: + privileged: true + volumeMounts: + - name: cnibin + mountPath: /opt/cni/bin + volumes: + - name: cnibin + hostPath: + path: /opt/cni/bin