From e54c2448cd94357de64419f20ec543c56313d3cd Mon Sep 17 00:00:00 2001 From: Jim Ma Date: Fri, 2 Jul 2021 11:24:10 +0800 Subject: [PATCH] Update kustomize 1. Remove unused cdn and scheduler service in kustomize 2. Support containerd v1.5.0+ in kustomize Signed-off-by: Jim Ma --- deploy/charts/dragonfly/values.yaml | 1 + .../bases/cdn/service.yaml | 19 ----------------- .../bases/dfdaemon/daemonset.yaml | 21 ++++++++++++------- .../bases/dfdaemon/dfget.yaml | 6 +++--- .../bases/kustomization.yaml | 1 - .../bases/scheduler/service.yaml | 18 ---------------- .../bases/cdn/service.yaml | 19 ----------------- .../bases/dfdaemon/daemonset.yaml | 21 ++++++++++++------- .../bases/dfdaemon/dfget.yaml | 6 +++--- .../bases/kustomization.yaml | 1 - .../bases/scheduler/service.yaml | 18 ---------------- 11 files changed, 33 insertions(+), 98 deletions(-) delete mode 100644 deploy/kustomize/single-cluster-native/bases/cdn/service.yaml delete mode 100644 deploy/kustomize/single-cluster-openkruise/bases/cdn/service.yaml diff --git a/deploy/charts/dragonfly/values.yaml b/deploy/charts/dragonfly/values.yaml index 581bf37bd..513729a5c 100644 --- a/deploy/charts/dragonfly/values.yaml +++ b/deploy/charts/dragonfly/values.yaml @@ -127,6 +127,7 @@ dfdaemon: # https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/troubleshooting-kubeadm/#hostport-services-do-not-work # by default, dfdaemon injects the 65001 port to host network by sharing host network namespace, # if you want to use hostPort, please empty .config.proxy.tcpListen.namespace below, and keep .hostNetwork == false + # for performance, injecting the 65001 port to host network is better than hostPort hostPort: 65001 # using hostNetwork when pod with host network can communicate with normal pods with cni network hostNetwork: false diff --git a/deploy/kustomize/single-cluster-native/bases/cdn/service.yaml b/deploy/kustomize/single-cluster-native/bases/cdn/service.yaml deleted file mode 100644 index 1c3756eed..000000000 --- a/deploy/kustomize/single-cluster-native/bases/cdn/service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: cdn -spec: - selector: - app: dragonfly - component: cdn - type: ClusterIP - clusterIP: None - ports: - - name: grpc - port: 8003 - protocol: TCP - targetPort: 8003 - - name: http - port: 8001 - protocol: TCP - targetPort: 8001 \ No newline at end of file diff --git a/deploy/kustomize/single-cluster-native/bases/dfdaemon/daemonset.yaml b/deploy/kustomize/single-cluster-native/bases/dfdaemon/daemonset.yaml index 8834e2255..52eabca3a 100644 --- a/deploy/kustomize/single-cluster-native/bases/dfdaemon/daemonset.yaml +++ b/deploy/kustomize/single-cluster-native/bases/dfdaemon/daemonset.yaml @@ -25,22 +25,27 @@ spec: - name: dfdaemon image: dragonflyoss/dfget imagePullPolicy: "Always" + ports: # 65001 is in host network, no need here + - containerPort: 65000 + - containerPort: 65002 volumeMounts: - name: config mountPath: /etc/dragonfly - name: netns # the mountPath is setting in proxy.tcpListen.namespace - mountPath: /host/ns/net - ports: # 65001 is in host network, no need here - - containerPort: 65000 - - containerPort: 65002 + mountPath: /host/ns securityContext: - capabilities: - add: - - SYS_ADMIN # setns need CAP_SYS_ADMIN capability + # FIXME dfget daemon only need /proc/1/ns/net and CAP_SYS_ADMIN + # but containerd resolves the symbolic of /proc/1/ns/net from v1.5.0 + # due to /proc/1/ns/net is not a regular symbolic link, it always failed. + # https://github.com/containerd/containerd/blob/v1.5.0/pkg/cri/opts/spec_linux.go#L171 + privileged: true + #capabilities: + # add: + # - SYS_ADMIN volumes: - name: config configMap: name: dfdaemon - name: netns hostPath: - path: /proc/1/ns/net # bind mount host net ns to pod, dfdaemon can listen 65001 in host network \ No newline at end of file + path: /proc/1/ns # bind mount host net ns to pod, dfdaemon can listen 65001 in host network \ No newline at end of file diff --git a/deploy/kustomize/single-cluster-native/bases/dfdaemon/dfget.yaml b/deploy/kustomize/single-cluster-native/bases/dfdaemon/dfget.yaml index cafad2320..30327ddac 100644 --- a/deploy/kustomize/single-cluster-native/bases/dfdaemon/dfget.yaml +++ b/deploy/kustomize/single-cluster-native/bases/dfdaemon/dfget.yaml @@ -16,11 +16,11 @@ scheduler: # below example is a stand address netAddrs: - type: tcp - addr: scheduler-0.dragonfly.svc:8002 + addr: scheduler-0.dragonfly-system.svc:8002 - type: tcp - addr: scheduler-1.dragonfly.svc:8002 + addr: scheduler-1.dragonfly-system.svc:8002 - type: tcp - addr: scheduler-2.dragonfly.svc:8002 + addr: scheduler-2.dragonfly-system.svc:8002 # schedule timeout scheduleTimeout: 10s diff --git a/deploy/kustomize/single-cluster-native/bases/kustomization.yaml b/deploy/kustomize/single-cluster-native/bases/kustomization.yaml index 09f5d83b7..c198463e0 100644 --- a/deploy/kustomize/single-cluster-native/bases/kustomization.yaml +++ b/deploy/kustomize/single-cluster-native/bases/kustomization.yaml @@ -2,7 +2,6 @@ namespace: dragonfly-system resources: - namespace.yaml - cdn/rabc.yaml -- cdn/service.yaml - cdn/serviceaccount.yaml - cdn/statefulset.yaml - dfdaemon/seviceaccount.yaml diff --git a/deploy/kustomize/single-cluster-native/bases/scheduler/service.yaml b/deploy/kustomize/single-cluster-native/bases/scheduler/service.yaml index af33776b3..22d59cc6d 100644 --- a/deploy/kustomize/single-cluster-native/bases/scheduler/service.yaml +++ b/deploy/kustomize/single-cluster-native/bases/scheduler/service.yaml @@ -1,21 +1,3 @@ -apiVersion: v1 -kind: Service -metadata: - name: scheduler -spec: - selector: - app: dragonfly - component: scheduler - type: ClusterIP - clusterIP: None - ports: - - name: grpc - port: 8002 - protocol: TCP - targetPort: 8002 - ---- - apiVersion: v1 kind: Service metadata: diff --git a/deploy/kustomize/single-cluster-openkruise/bases/cdn/service.yaml b/deploy/kustomize/single-cluster-openkruise/bases/cdn/service.yaml deleted file mode 100644 index 1c3756eed..000000000 --- a/deploy/kustomize/single-cluster-openkruise/bases/cdn/service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: cdn -spec: - selector: - app: dragonfly - component: cdn - type: ClusterIP - clusterIP: None - ports: - - name: grpc - port: 8003 - protocol: TCP - targetPort: 8003 - - name: http - port: 8001 - protocol: TCP - targetPort: 8001 \ No newline at end of file diff --git a/deploy/kustomize/single-cluster-openkruise/bases/dfdaemon/daemonset.yaml b/deploy/kustomize/single-cluster-openkruise/bases/dfdaemon/daemonset.yaml index 7e3796648..ce3c5c10a 100644 --- a/deploy/kustomize/single-cluster-openkruise/bases/dfdaemon/daemonset.yaml +++ b/deploy/kustomize/single-cluster-openkruise/bases/dfdaemon/daemonset.yaml @@ -27,22 +27,27 @@ spec: - name: dfdaemon image: dragonflyoss/dfget imagePullPolicy: "Always" + ports: # 65001 is in host network, no need here + - containerPort: 65000 + - containerPort: 65002 volumeMounts: - name: config mountPath: /etc/dragonfly - name: netns # the mountPath is setting in proxy.tcpListen.namespace - mountPath: /host/ns/net - ports: # 65001 is in host network, no need here - - containerPort: 65000 - - containerPort: 65002 + mountPath: /host/ns securityContext: - capabilities: - add: - - SYS_ADMIN # setns need CAP_SYS_ADMIN capability + # FIXME dfget daemon only need /proc/1/ns/net and CAP_SYS_ADMIN + # but containerd resolves the symbolic of /proc/1/ns/net from v1.5.0 + # due to /proc/1/ns/net is not a regular symbolic link, it always failed. + # https://github.com/containerd/containerd/blob/v1.5.0/pkg/cri/opts/spec_linux.go#L171 + privileged: true + #capabilities: + # add: + # - SYS_ADMIN volumes: - name: config configMap: name: dfdaemon - name: netns hostPath: - path: /proc/1/ns/net # bind mount host net ns to pod, dfdaemon can listen 65001 in host network \ No newline at end of file + path: /proc/1/ns # bind mount host net ns to pod, dfdaemon can listen 65001 in host network \ No newline at end of file diff --git a/deploy/kustomize/single-cluster-openkruise/bases/dfdaemon/dfget.yaml b/deploy/kustomize/single-cluster-openkruise/bases/dfdaemon/dfget.yaml index cafad2320..30327ddac 100644 --- a/deploy/kustomize/single-cluster-openkruise/bases/dfdaemon/dfget.yaml +++ b/deploy/kustomize/single-cluster-openkruise/bases/dfdaemon/dfget.yaml @@ -16,11 +16,11 @@ scheduler: # below example is a stand address netAddrs: - type: tcp - addr: scheduler-0.dragonfly.svc:8002 + addr: scheduler-0.dragonfly-system.svc:8002 - type: tcp - addr: scheduler-1.dragonfly.svc:8002 + addr: scheduler-1.dragonfly-system.svc:8002 - type: tcp - addr: scheduler-2.dragonfly.svc:8002 + addr: scheduler-2.dragonfly-system.svc:8002 # schedule timeout scheduleTimeout: 10s diff --git a/deploy/kustomize/single-cluster-openkruise/bases/kustomization.yaml b/deploy/kustomize/single-cluster-openkruise/bases/kustomization.yaml index 09f5d83b7..c198463e0 100644 --- a/deploy/kustomize/single-cluster-openkruise/bases/kustomization.yaml +++ b/deploy/kustomize/single-cluster-openkruise/bases/kustomization.yaml @@ -2,7 +2,6 @@ namespace: dragonfly-system resources: - namespace.yaml - cdn/rabc.yaml -- cdn/service.yaml - cdn/serviceaccount.yaml - cdn/statefulset.yaml - dfdaemon/seviceaccount.yaml diff --git a/deploy/kustomize/single-cluster-openkruise/bases/scheduler/service.yaml b/deploy/kustomize/single-cluster-openkruise/bases/scheduler/service.yaml index af33776b3..22d59cc6d 100644 --- a/deploy/kustomize/single-cluster-openkruise/bases/scheduler/service.yaml +++ b/deploy/kustomize/single-cluster-openkruise/bases/scheduler/service.yaml @@ -1,21 +1,3 @@ -apiVersion: v1 -kind: Service -metadata: - name: scheduler -spec: - selector: - app: dragonfly - component: scheduler - type: ClusterIP - clusterIP: None - ports: - - name: grpc - port: 8002 - protocol: TCP - targetPort: 8002 - ---- - apiVersion: v1 kind: Service metadata: