Started by upstream project "pipeline-nightly" build number 77 originally caused by: Started by timer Running as SYSTEM [EnvInject] - Loading node environment variables. Building remotely on slave-openstack-gz1_1 (openstack) in workspace /home/jenkins/workspace/deploy-tf-k8s-manifests [WS-CLEANUP] Deleting project workspace... [WS-CLEANUP] Deferred wipeout is disabled by the job configuration... [WS-CLEANUP] Done The recommended git tool is: git No credentials specified Wiping out workspace first. Cloning the remote Git repository Cloning repository https://github.com/opensdn-io/tf-jenkins.git > git init /home/jenkins/workspace/deploy-tf-k8s-manifests/src/opensdn-io/tf-jenkins # timeout=10 Fetching upstream changes from https://github.com/opensdn-io/tf-jenkins.git > git --version # timeout=10 > git --version # 'git version 2.25.1' > git fetch --tags --force --progress -- https://github.com/opensdn-io/tf-jenkins.git +refs/heads/*:refs/remotes/origin/* # timeout=10 > git config remote.origin.url https://github.com/opensdn-io/tf-jenkins.git # timeout=10 > git config --add remote.origin.fetch +refs/heads/*:refs/remotes/origin/* # timeout=10 Avoid second fetch > git rev-parse refs/remotes/origin/master^{commit} # timeout=10 Checking out Revision d123cf296746e4d7c49b1db909bcef43ae30e239 (refs/remotes/origin/master) > git config core.sparsecheckout # timeout=10 > git checkout -f d123cf296746e4d7c49b1db909bcef43ae30e239 # timeout=10 Commit message: "use r24.1 tag for deployer image in ansible case" > git rev-list --no-walk d123cf296746e4d7c49b1db909bcef43ae30e239 # timeout=10 The recommended git tool is: NONE No credentials specified Wiping out workspace first. Cloning the remote Git repository Cloning repository https://github.com/opensdn-io/tf-devstack.git > git init /home/jenkins/workspace/deploy-tf-k8s-manifests/src/opensdn-io/tf-devstack # timeout=10 Fetching upstream changes from https://github.com/opensdn-io/tf-devstack.git > git --version # timeout=10 > git --version # 'git version 2.25.1' > git fetch --tags --force --progress -- https://github.com/opensdn-io/tf-devstack.git +refs/heads/*:refs/remotes/origin/* # timeout=10 > git config remote.origin.url https://github.com/opensdn-io/tf-devstack.git # timeout=10 > git config --add remote.origin.fetch +refs/heads/*:refs/remotes/origin/* # timeout=10 Avoid second fetch > git rev-parse refs/remotes/origin/master^{commit} # timeout=10 Checking out Revision 2f03a1e26e811ba39d6f10fd1924476f08a26fcf (refs/remotes/origin/master) > git config core.sparsecheckout # timeout=10 > git checkout -f 2f03a1e26e811ba39d6f10fd1924476f08a26fcf # timeout=10 Commit message: "fix k8s_manifests" > git rev-list --no-walk 2f03a1e26e811ba39d6f10fd1924476f08a26fcf # timeout=10 Copied 3 artifacts from "pipeline-nightly" build number 77 [deploy-tf-k8s-manifests] $ /bin/bash -xe /tmp/jenkins5650816709586112328.sh + source /home/jenkins/workspace/deploy-tf-k8s-manifests/global.env ++ export PIPELINE_BUILD_TAG=jenkins-pipeline-nightly-77 ++ PIPELINE_BUILD_TAG=jenkins-pipeline-nightly-77 ++ export SLAVE=openstack ++ SLAVE=openstack ++ export SLAVE_REGION=gz1 ++ SLAVE_REGION=gz1 ++ export LOGS_HOST=nexus.gz1.opensdn.io ++ LOGS_HOST=nexus.gz1.opensdn.io ++ export LOGS_PATH=/var/www/logs/jenkins_logs/nightly/pipeline_77 ++ LOGS_PATH=/var/www/logs/jenkins_logs/nightly/pipeline_77 ++ export LOGS_URL=http://nexus.gz1.opensdn.io:8082/jenkins_logs/nightly/pipeline_77 ++ LOGS_URL=http://nexus.gz1.opensdn.io:8082/jenkins_logs/nightly/pipeline_77 ++ export SITE_MIRROR=http://nexus.gz1.opensdn.io/repository ++ SITE_MIRROR=http://nexus.gz1.opensdn.io/repository ++ export CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 ++ CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 ++ export DEPLOYER_CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 ++ DEPLOYER_CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 ++ export CONTRAIL_CONTAINER_TAG=nightly ++ CONTRAIL_CONTAINER_TAG=nightly ++ export CONTRAIL_DEPLOYER_CONTAINER_TAG=nightly ++ CONTRAIL_DEPLOYER_CONTAINER_TAG=nightly ++ export CONTAINER_REGISTRY_ORIGINAL=nexus.gz1.opensdn.io:5102 ++ CONTAINER_REGISTRY_ORIGINAL=nexus.gz1.opensdn.io:5102 ++ export DEPLOYER_CONTAINER_REGISTRY_ORIGINAL=nexus.gz1.opensdn.io:5102 ++ DEPLOYER_CONTAINER_REGISTRY_ORIGINAL=nexus.gz1.opensdn.io:5102 ++ export CONTRAIL_CONTAINER_TAG_ORIGINAL=nightly ++ CONTRAIL_CONTAINER_TAG_ORIGINAL=nightly ++ export CONTRAIL_DEPLOYER_CONTAINER_TAG_ORIGINAL=nightly ++ CONTRAIL_DEPLOYER_CONTAINER_TAG_ORIGINAL=nightly ++ export GERRIT_PIPELINE=nightly ++ GERRIT_PIPELINE=nightly ++ export GERRIT_BRANCH=master ++ GERRIT_BRANCH=master ++ export REPOS_CHANNEL=latest ++ REPOS_CHANNEL=latest + desc='Pipeline: pipeline-nightly-77 Random: 45657 Stream: k8s-manifests' + desc+='
Job logs: http://nexus.gz1.opensdn.io:8082/jenkins_logs/nightly/pipeline_77/k8s-manifests' + echo 'DESCRIPTION Pipeline: pipeline-nightly-77 Random: 45657 Stream: k8s-manifests
Job logs: http://nexus.gz1.opensdn.io:8082/jenkins_logs/nightly/pipeline_77/k8s-manifests' DESCRIPTION Pipeline: pipeline-nightly-77 Random: 45657 Stream: k8s-manifests
Job logs: http://nexus.gz1.opensdn.io:8082/jenkins_logs/nightly/pipeline_77/k8s-manifests [description-setter] Description set: Pipeline: pipeline-nightly-77 Random: 45657 Stream: k8s-manifests
Job logs: http://nexus.gz1.opensdn.io:8082/jenkins_logs/nightly/pipeline_77/k8s-manifests' [deploy-tf-k8s-manifests] $ /bin/bash -xe /tmp/jenkins1234577293063600496.sh + set -eo pipefail + source /home/jenkins/workspace/deploy-tf-k8s-manifests/global.env ++ export PIPELINE_BUILD_TAG=jenkins-pipeline-nightly-77 ++ PIPELINE_BUILD_TAG=jenkins-pipeline-nightly-77 ++ export SLAVE=openstack ++ SLAVE=openstack ++ export SLAVE_REGION=gz1 ++ SLAVE_REGION=gz1 ++ export LOGS_HOST=nexus.gz1.opensdn.io ++ LOGS_HOST=nexus.gz1.opensdn.io ++ export LOGS_PATH=/var/www/logs/jenkins_logs/nightly/pipeline_77 ++ LOGS_PATH=/var/www/logs/jenkins_logs/nightly/pipeline_77 ++ export LOGS_URL=http://nexus.gz1.opensdn.io:8082/jenkins_logs/nightly/pipeline_77 ++ LOGS_URL=http://nexus.gz1.opensdn.io:8082/jenkins_logs/nightly/pipeline_77 ++ export SITE_MIRROR=http://nexus.gz1.opensdn.io/repository ++ SITE_MIRROR=http://nexus.gz1.opensdn.io/repository ++ export CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 ++ CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 ++ export DEPLOYER_CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 ++ DEPLOYER_CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 ++ export CONTRAIL_CONTAINER_TAG=nightly ++ CONTRAIL_CONTAINER_TAG=nightly ++ export CONTRAIL_DEPLOYER_CONTAINER_TAG=nightly ++ CONTRAIL_DEPLOYER_CONTAINER_TAG=nightly ++ export CONTAINER_REGISTRY_ORIGINAL=nexus.gz1.opensdn.io:5102 ++ CONTAINER_REGISTRY_ORIGINAL=nexus.gz1.opensdn.io:5102 ++ export DEPLOYER_CONTAINER_REGISTRY_ORIGINAL=nexus.gz1.opensdn.io:5102 ++ DEPLOYER_CONTAINER_REGISTRY_ORIGINAL=nexus.gz1.opensdn.io:5102 ++ export CONTRAIL_CONTAINER_TAG_ORIGINAL=nightly ++ CONTRAIL_CONTAINER_TAG_ORIGINAL=nightly ++ export CONTRAIL_DEPLOYER_CONTAINER_TAG_ORIGINAL=nightly ++ CONTRAIL_DEPLOYER_CONTAINER_TAG_ORIGINAL=nightly ++ export GERRIT_PIPELINE=nightly ++ GERRIT_PIPELINE=nightly ++ export GERRIT_BRANCH=master ++ GERRIT_BRANCH=master ++ export REPOS_CHANNEL=latest ++ REPOS_CHANNEL=latest + ./src/opensdn-io/tf-jenkins/infra/gerrit/apply_patchsets.sh ./src opensdn-io/tf-jenkins ./patchsets-info.json + ./src/opensdn-io/tf-jenkins/infra/gerrit/apply_patchsets.sh ./src opensdn-io/tf-devstack ./patchsets-info.json [deploy-tf-k8s-manifests] $ /bin/bash -xe /tmp/jenkins11447448916375739626.sh + set -eo pipefail + source /home/jenkins/workspace/deploy-tf-k8s-manifests/global.env ++ export PIPELINE_BUILD_TAG=jenkins-pipeline-nightly-77 ++ PIPELINE_BUILD_TAG=jenkins-pipeline-nightly-77 ++ export SLAVE=openstack ++ SLAVE=openstack ++ export SLAVE_REGION=gz1 ++ SLAVE_REGION=gz1 ++ export LOGS_HOST=nexus.gz1.opensdn.io ++ LOGS_HOST=nexus.gz1.opensdn.io ++ export LOGS_PATH=/var/www/logs/jenkins_logs/nightly/pipeline_77 ++ LOGS_PATH=/var/www/logs/jenkins_logs/nightly/pipeline_77 ++ export LOGS_URL=http://nexus.gz1.opensdn.io:8082/jenkins_logs/nightly/pipeline_77 ++ LOGS_URL=http://nexus.gz1.opensdn.io:8082/jenkins_logs/nightly/pipeline_77 ++ export SITE_MIRROR=http://nexus.gz1.opensdn.io/repository ++ SITE_MIRROR=http://nexus.gz1.opensdn.io/repository ++ export CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 ++ CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 ++ export DEPLOYER_CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 ++ DEPLOYER_CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 ++ export CONTRAIL_CONTAINER_TAG=nightly ++ CONTRAIL_CONTAINER_TAG=nightly ++ export CONTRAIL_DEPLOYER_CONTAINER_TAG=nightly ++ CONTRAIL_DEPLOYER_CONTAINER_TAG=nightly ++ export CONTAINER_REGISTRY_ORIGINAL=nexus.gz1.opensdn.io:5102 ++ CONTAINER_REGISTRY_ORIGINAL=nexus.gz1.opensdn.io:5102 ++ export DEPLOYER_CONTAINER_REGISTRY_ORIGINAL=nexus.gz1.opensdn.io:5102 ++ DEPLOYER_CONTAINER_REGISTRY_ORIGINAL=nexus.gz1.opensdn.io:5102 ++ export CONTRAIL_CONTAINER_TAG_ORIGINAL=nightly ++ CONTRAIL_CONTAINER_TAG_ORIGINAL=nightly ++ export CONTRAIL_DEPLOYER_CONTAINER_TAG_ORIGINAL=nightly ++ CONTRAIL_DEPLOYER_CONTAINER_TAG_ORIGINAL=nightly ++ export GERRIT_PIPELINE=nightly ++ GERRIT_PIPELINE=nightly ++ export GERRIT_BRANCH=master ++ GERRIT_BRANCH=master ++ export REPOS_CHANNEL=latest ++ REPOS_CHANNEL=latest + source ./src/opensdn-io/tf-jenkins/infra/openstack/definitions ++ export PROVIDER=openstack ++ PROVIDER=openstack ++ export OS_NETWORK=management ++ OS_NETWORK=management ++ export OS_DATA_NETWORK=data ++ OS_DATA_NETWORK=data ++ export OS_SG=default ++ OS_SG=default ++ export RESERVED_INSTANCES_COUNT=3 ++ RESERVED_INSTANCES_COUNT=3 ++ export RESERVED_CORES_COUNT=16 ++ RESERVED_CORES_COUNT=16 ++ export VM_BOOT_RETRIES=120 ++ VM_BOOT_RETRIES=120 ++ export VM_BOOT_DELAY=60 ++ VM_BOOT_DELAY=60 ++ export VOLUME_TYPE=ceph-ssd ++ VOLUME_TYPE=ceph-ssd ++ ENVIRONMENT_OS=rocky9 ++ VM_TYPES=(['xsmall']='STD3-1-4' ['small']='STD3-2-8' ['medium']='STD3-4-16' ['large']='STD3-8-32') ++ declare -A VM_TYPES ++ VOLUME_SIZE=(['xsmall']='50' ['small']='50' ['medium']='80' ['large']='80') ++ declare -A VOLUME_SIZE ++ OS_IMAGES=(['CENTOS7']='prepared-centos7' ['CENTOS8']='prepared-centos8' ['UBUNTU20']='prepared-ubuntu20' ['UBUNTU22']='prepared-ubuntu22' ['UBUNTU24']='prepared-ubuntu24' ['ROCKY9']='prepared-rocky92') ++ declare -A OS_IMAGES ++ OS_IMAGE_USERS=(['CENTOS7']='centos' ['CENTOS8']='centos' ['UBUNTU20']='ubuntu' ['UBUNTU22']='ubuntu' ['UBUNTU24']='ubuntu' ['ROCKY9']='rocky' ['ROCKY92']='rocky') ++ declare -A OS_IMAGE_USERS ++ OS_IMAGES_UP=(['CENTOS7']='centos' ['CENTOS8']='centos' ['UBUNTU20']='ubuntu' ['UBUNTU22']='ubuntu' ['UBUNTU24']='ubuntu' ['ROCKY9']='rocky' ['ROCKY92']='rocky') ++ declare -A OS_IMAGES_UP ++ OS_IMAGES_DOWN=(['CENTOS7']='' ['CENTOS8']='' ['UBUNTU20']='' ['UBUNTU22']='' ['UBUNTU24']='' ['ROCKY9']='' ['ROCKY92']='') ++ declare -A OS_IMAGES_DOWN ++ SSH_OPTIONS='-T -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o PasswordAuthentication=no' + source /home/jenkins/workspace/deploy-tf-k8s-manifests/deps.deploy-tf-k8s-manifests.45657.env ++ export PROVIDER=openstack ++ PROVIDER=openstack ++ export ENVIRONMENT_OS=rocky9 ++ ENVIRONMENT_OS=rocky9 ++ export IMAGE=aa1bd152-a8d4-49ef-85ea-82a4dab8cf7f ++ IMAGE=aa1bd152-a8d4-49ef-85ea-82a4dab8cf7f ++ export IMAGE_SSH_USER=rocky ++ IMAGE_SSH_USER=rocky ++ export INSTANCE_IDS=08330093-b777-4f29-991c-1651676401f8, ++ INSTANCE_IDS=08330093-b777-4f29-991c-1651676401f8, ++ export instance_ip=10.0.0.22 ++ instance_ip=10.0.0.22 ++ export CONTROLLER_NODES=10.0.0.22, ++ CONTROLLER_NODES=10.0.0.22, ++ export ORCHESTRATOR=kubernetes ++ ORCHESTRATOR=kubernetes ++ export DEPLOYER=k8s_manifests ++ DEPLOYER=k8s_manifests ++ export JOB_LOGS_PATH=k8s-manifests ++ JOB_LOGS_PATH=k8s-manifests + source /home/jenkins/workspace/deploy-tf-k8s-manifests/vars.deploy-tf-k8s-manifests.45657.env ++ export MONITORING_DEPLOY_TARGET=AIO ++ MONITORING_DEPLOY_TARGET=AIO ++ export MONITORING_DEPLOYER=k8s_manifests ++ MONITORING_DEPLOYER=k8s_manifests ++ export MONITORING_ORCHESTRATOR=k8s ++ MONITORING_ORCHESTRATOR=k8s + export FULL_LOGS_PATH=/var/www/logs/jenkins_logs/nightly/pipeline_77/k8s-manifests + FULL_LOGS_PATH=/var/www/logs/jenkins_logs/nightly/pipeline_77/k8s-manifests + export DEBUG=true + DEBUG=true + ./src/opensdn-io/tf-jenkins/jobs/devstack/k8s_manifests/deploy_tf.sh ++ readlink -e ./src/opensdn-io/tf-jenkins/jobs/devstack/k8s_manifests/deploy_tf.sh + my_file=/home/jenkins/workspace/deploy-tf-k8s-manifests/src/opensdn-io/tf-jenkins/jobs/devstack/k8s_manifests/deploy_tf.sh ++ dirname /home/jenkins/workspace/deploy-tf-k8s-manifests/src/opensdn-io/tf-jenkins/jobs/devstack/k8s_manifests/deploy_tf.sh + my_dir=/home/jenkins/workspace/deploy-tf-k8s-manifests/src/opensdn-io/tf-jenkins/jobs/devstack/k8s_manifests + source /home/jenkins/workspace/deploy-tf-k8s-manifests/src/opensdn-io/tf-jenkins/jobs/devstack/k8s_manifests/definitions ++ [[ kubernetes != \k\u\b\e\r\n\e\t\e\s ]] ++ export 'SSH_OPTIONS=-T -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o PasswordAuthentication=no' ++ SSH_OPTIONS='-T -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o PasswordAuthentication=no' + /home/jenkins/workspace/deploy-tf-k8s-manifests/src/opensdn-io/tf-jenkins/jobs/devstack/k8s_manifests/../common/run_stage.sh k8s_manifests + echo 'INFO: Deploy k8s_manifests/ (deploy-tf-k8s-manifests)' INFO: Deploy k8s_manifests/ (deploy-tf-k8s-manifests) + script=deploy_all.sh + cat + declare -f -F add_deployrc + echo 'src/opensdn-io/tf-devstack/k8s_manifests/run.sh ' + chmod a+x /home/jenkins/workspace/deploy-tf-k8s-manifests/deploy_all.sh + ssh_cmd='ssh -i **** -T -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o PasswordAuthentication=no ' + rsync -a -e 'ssh -i **** -T -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o PasswordAuthentication=no ' /home/jenkins/workspace/deploy-tf-k8s-manifests/src /home/jenkins/workspace/deploy-tf-k8s-manifests/deploy_all.sh rocky@10.0.0.22:./ Warning: Permanently added '10.0.0.22' (ECDSA) to the list of known hosts. + eval ssh -i **** -T -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o PasswordAuthentication=no rocky@10.0.0.22 ./deploy_all.sh ++ ssh -i **** -T -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o PasswordAuthentication=no rocky@10.0.0.22 ./deploy_all.sh Warning: Permanently added '10.0.0.22' (ECDSA) to the list of known hosts. + export WORKSPACE=/home/rocky + WORKSPACE=/home/rocky + export DEBUG=true + DEBUG=true + export PROVIDER=openstack + PROVIDER=openstack + export ORCHESTRATOR=kubernetes + ORCHESTRATOR=kubernetes + export OPENSTACK_VERSION= + OPENSTACK_VERSION= + export CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 + CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 + export DEPLOYER_CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 + DEPLOYER_CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 + export CONTRAIL_CONTAINER_TAG=nightly + CONTRAIL_CONTAINER_TAG=nightly + export CONTRAIL_DEPLOYER_CONTAINER_TAG=nightly + CONTRAIL_DEPLOYER_CONTAINER_TAG=nightly + export CONTRAIL_DEPLOYER_BRANCH= + CONTRAIL_DEPLOYER_BRANCH= + export CONFIG_API_WORKER_COUNT= + CONFIG_API_WORKER_COUNT= + export SSL_ENABLE= + SSL_ENABLE= + export CONTROLLER_NODES=10.0.0.22, + CONTROLLER_NODES=10.0.0.22, + export AGENT_NODES= + AGENT_NODES= + export CONTROL_NODES= + CONTROL_NODES= + export DATA_NETWORK= + DATA_NETWORK= + export ENABLE_DPDK_SRIOV= + ENABLE_DPDK_SRIOV= + export ENABLE_NAGIOS= + ENABLE_NAGIOS= + export LEGACY_ANALYTICS_ENABLE= + LEGACY_ANALYTICS_ENABLE= + export HUGEPAGES_ENABLED= + HUGEPAGES_ENABLED= + export HUGE_PAGES_2MB= + HUGE_PAGES_2MB= + export PATH=/home/rocky/.local/bin:/home/rocky/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/usr/sbin + PATH=/home/rocky/.local/bin:/home/rocky/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/usr/sbin + export CONTAINER_RUNTIME= + CONTAINER_RUNTIME= + export IPA_NODES= + IPA_NODES= + export K8S_CA= + K8S_CA= + export DEPLOY_IPA_SERVER= + DEPLOY_IPA_SERVER= + export IPA_PASSWORD= + IPA_PASSWORD= + export ENABLE_RHEL_REGISTRATION=false + ENABLE_RHEL_REGISTRATION=false + export K8S_RESOLV_CONFG_MODE=none + K8S_RESOLV_CONFG_MODE=none + export CERT_SIGNER= + CERT_SIGNER= + export DOMAIN= + DOMAIN= + export NAMESERVER_LIST= + NAMESERVER_LIST= + export NTP_SERVERS= + NTP_SERVERS= + export KOLLA_MODE= + KOLLA_MODE= + src/opensdn-io/tf-devstack/k8s_manifests/run.sh ++ set -o errexit +++ whoami ++ [[ rocky == root ]] ++ export WORKSPACE=/home/rocky ++ WORKSPACE=/home/rocky ++ TF_CONFIG_DIR=/home/rocky/.tf ++ TF_DEVENV_PROFILE=/home/rocky/.tf/dev.env ++ TF_STACK_PROFILE=/home/rocky/.tf/stack.env ++ TF_STAGES_DIR=/home/rocky/.tf/.stages +++ egrep '^ID=' +++ cat /etc/os-release /etc/redhat-release /etc/rocky-release /etc/system-release +++ awk -F= '{print $2}' +++ tr -d '"' ++ export DISTRO=rocky ++ DISTRO=rocky +++ egrep '^VERSION_ID=' +++ cat /etc/os-release /etc/redhat-release /etc/rocky-release /etc/system-release +++ awk -F= '{print $2}' +++ tr -d '"' ++ export DISTRO_VERSION_ID=9.2 ++ DISTRO_VERSION_ID=9.2 +++ ip route get 1 +++ grep -o 'dev.*' +++ awk '{print($2)}' ++ export PHYS_INT=eth0 ++ PHYS_INT=eth0 +++ ip addr show dev eth0 +++ grep 'inet ' +++ awk '{print $2}' +++ cut -d / -f 1 +++ head -n 1 ++ export NODE_IP=10.0.0.22 ++ NODE_IP=10.0.0.22 +++ ip r +++ grep -E '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/[0-9]+ dev eth0 ' +++ awk '{print $1}' ++ export NODE_CIDR=10.0.0.0/24 ++ NODE_CIDR=10.0.0.0/24 +++ whoami ++ export SSH_USER=rocky ++ SSH_USER=rocky ++ DEV_ENV=false ++ export CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 ++ CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 ++ export DEPLOYER_CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 ++ DEPLOYER_CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 ++ export CONTRAIL_CONTAINER_TAG=nightly ++ CONTRAIL_CONTAINER_TAG=nightly ++ export CONTRAIL_DEPLOYER_CONTAINER_TAG=nightly ++ CONTRAIL_DEPLOYER_CONTAINER_TAG=nightly ++ CONTROLLER_NODES=10.0.0.22, ++ CONTROL_NODES=10.0.0.22, +++ echo 10.0.0.22, +++ tr , ' ' ++ export 'CONTROLLER_NODES=10.0.0.22 ' ++ CONTROLLER_NODES='10.0.0.22 ' +++ echo 10.0.0.22, +++ tr , ' ' ++ export 'CONTROL_NODES=10.0.0.22 ' ++ CONTROL_NODES='10.0.0.22 ' ++ AGENT_NODES=10.0.0.22 +++ echo 10.0.0.22 +++ tr , ' ' ++ export AGENT_NODES=10.0.0.22 ++ AGENT_NODES=10.0.0.22 +++ echo +++ tr , ' ' ++ export IPA_NODES= ++ IPA_NODES= ++ export TF_LOG_DIR=/home/rocky/.tf/logs ++ TF_LOG_DIR=/home/rocky/.tf/logs ++ export SSL_ENABLE=false ++ SSL_ENABLE=false ++ export LEGACY_ANALYTICS_ENABLE=true ++ LEGACY_ANALYTICS_ENABLE=true ++ export 'SSH_OPTIONS=-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o PasswordAuthentication=no -o ServerAliveInterval=60' ++ SSH_OPTIONS='-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o PasswordAuthentication=no -o ServerAliveInterval=60' ++ export HUGE_PAGES_2MB=256 ++ HUGE_PAGES_2MB=256 ++ export ORCHESTRATOR=kubernetes ++ ORCHESTRATOR=kubernetes ++ export CONTAINER_RUNTIME=docker ++ CONTAINER_RUNTIME=docker ++ CONTROLLER_SERVICES=(['analytics']='api collector nodemgr ' ['config']='nodemgr schema api device-manager svc-monitor ' ['config-database']='nodemgr zookeeper rabbitmq cassandra ' ['control']='nodemgr control dns named ' ['webui']='web job ' ['_']='redis ') ++ declare -A CONTROLLER_SERVICES ++ AGENT_SERVICES=(['vrouter']='nodemgr agent ') ++ declare -A AGENT_SERVICES ++ [[ true == \t\r\u\e ]] ++ CONTROLLER_SERVICES['analytics-alarm']='alarm-gen kafka nodemgr ' ++ CONTROLLER_SERVICES['analytics-snmp']='snmp-collector topology nodemgr ' ++ CONTROLLER_SERVICES['database']='query-engine cassandra nodemgr ' ++ [[ kubernetes == \k\u\b\e\r\n\e\t\e\s ]] ++ CONTROLLER_SERVICES['kubernetes']='kube-manager ' ++ trap trap_exit EXIT + source /home/rocky/src/opensdn-io/tf-devstack/k8s_manifests/../common/functions.sh ++ fmy_file=/home/rocky/src/opensdn-io/tf-devstack/k8s_manifests/../common/functions.sh +++ dirname /home/rocky/src/opensdn-io/tf-devstack/k8s_manifests/../common/functions.sh ++ fmy_dir=/home/rocky/src/opensdn-io/tf-devstack/k8s_manifests/../common + source /home/rocky/src/opensdn-io/tf-devstack/k8s_manifests/../common/stages.sh ++ STAGE= ++ [[ -n '' ]] ++ last_stage= + source /home/rocky/src/opensdn-io/tf-devstack/k8s_manifests/../common/collect_logs.sh ++ export PATH=/home/rocky/.local/bin:/home/rocky/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/usr/sbin:/usr/sbin ++ PATH=/home/rocky/.local/bin:/home/rocky/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/usr/sbin:/usr/sbin +++ ip route get 1 +++ grep -o 'dev.*' +++ awk '{print($2)}' ++ export PHYS_INT=eth0 ++ PHYS_INT=eth0 +++ ip addr show dev eth0 +++ grep 'inet ' +++ awk '{print $2}' +++ cut -d / -f 1 +++ head -n 1 ++ export NODE_IP=10.0.0.22 ++ NODE_IP=10.0.0.22 ++ [[ src/opensdn-io/tf-devstack/k8s_manifests/run.sh == *\c\o\l\l\e\c\t\_\l\o\g\s\.\s\h ]] + source /home/rocky/src/opensdn-io/tf-devstack/k8s_manifests/functions.sh + init_output_logging + [[ -n /home/rocky/.tf/logs ]] + mkdir -p /home/rocky/.tf/logs + exec ++ tee -a /home/rocky/.tf/logs/output.log ++ date + echo 'INFO: =================== Mon Apr 28 01:32:09 AM UTC 2025 ===================' INFO: =================== Mon Apr 28 01:32:09 AM UTC 2025 =================== + STAGES=(['all']='build k8s manifest tf wait logs' ['default']='k8s manifest tf wait' ['master']='build k8s manifest tf wait' ['platform']='k8s') + declare -A STAGES + export DEPLOYER=k8s_manifests + DEPLOYER=k8s_manifests + export WAIT_TIMEOUT=1500 + WAIT_TIMEOUT=1500 + deployer_image=tf-container-builder-src + deployer_dir=/home/rocky/tf-container-builder + AGENT_LABEL=node-role.opencontrail.org/agent= + KUBE_MANIFEST=/home/rocky/tf-container-builder/kubernetes/manifests/contrail-standalone-kubernetes.yaml + TF_POD_SUBNET=10.32.0.0/12 + TF_SERVICE_SUBNET=10.96.0.0/12 + declare -A DEPLOYMENT_ENV + run_stages + [[ -z '' ]] + STAGE=default + local 'stages=k8s manifest tf wait' + local run_func=run_stage + [[ -z k8s manifest tf wait ]] + load_tf_devenv_profile + '[' -e /home/rocky/.tf/dev.env ']' + echo + echo '[there is no tf devenv configuration to load]' [there is no tf devenv configuration to load] + '[' -z nexus.gz1.opensdn.io:5102 ']' + true + '[' -z nexus.gz1.opensdn.io:5102 ']' + true + '[' -z nightly ']' + true + '[' -z nightly ']' + true + echo 'INFO: Applying stages k8s manifest tf wait' INFO: Applying stages k8s manifest tf wait + for stage in ${stages[@]} ++ date + echo 'INFO: Running stage k8s at Mon Apr 28 01:32:09 AM UTC 2025' INFO: Running stage k8s at Mon Apr 28 01:32:09 AM UTC 2025 + run_stage k8s + finished_stage k8s + '[' -e /home/rocky/.tf/.stages/k8s ']' + echo 'Skipping stage k8s because it'\''s finished' Skipping stage k8s because it's finished + [[ k8s != \w\a\i\t ]] + mkdir -p /home/rocky/.tf/.stages + touch /home/rocky/.tf/.stages/k8s ++ date + echo 'INFO: Stage k8s was run successfully Mon Apr 28 01:32:09 AM UTC 2025' INFO: Stage k8s was run successfully Mon Apr 28 01:32:09 AM UTC 2025 + last_stage=k8s + for stage in ${stages[@]} ++ date + echo 'INFO: Running stage manifest at Mon Apr 28 01:32:09 AM UTC 2025' INFO: Running stage manifest at Mon Apr 28 01:32:09 AM UTC 2025 + run_stage manifest + finished_stage manifest + '[' -e /home/rocky/.tf/.stages/manifest ']' + manifest + fetch_deployer_no_docker tf-container-builder-src /home/rocky/tf-container-builder + [[ 2 != 2 ]] + local deployer_image=tf-container-builder-src + local deployer_dir=/home/rocky/tf-container-builder ++ mktemp -d + local tmp_deployer_layers_dir=/tmp/tmp.Nm7Ho0cGCk ++ mktemp -d + local archive_tmp_dir=/tmp/tmp.Pu8bJSNG5n + /home/rocky/src/opensdn-io/tf-devstack/k8s_manifests/../common/download-frozen-image-v2.sh /tmp/tmp.Nm7Ho0cGCk tf-container-builder-src:nightly nexus.gz1.opensdn.io is an alias for nexus.opensdn.io. nexus.opensdn.io has address 212.233.90.199 INFO: ishost = true namespace = registry_url = nexus.gz1.opensdn.io:5102 INFO: Downloading 'tf-container-builder-src:nightly@nightly' (1 layers)... INFO: Download of images into '/tmp/tmp.Nm7Ho0cGCk' complete. INFO: Use something like the following to load the result into a Docker daemon: INFO: tar -cC '/tmp/tmp.Nm7Ho0cGCk' . | docker load ++ cat /tmp/tmp.Nm7Ho0cGCk/manifest.json ++ jq --raw-output '.[0].Layers[0]' + tar xf /tmp/tmp.Nm7Ho0cGCk/c82ee94b67f161ea855a5b2aaa1e37b143b2ac6667a26df967b714dfac7d9b24/layer.tar -C /tmp/tmp.Pu8bJSNG5n + sudo rm -rf /home/rocky/tf-container-builder + [[ ! -d /tmp/tmp.Pu8bJSNG5n/src ]] + mv /tmp/tmp.Pu8bJSNG5n/src /home/rocky/tf-container-builder + rm /home/rocky/tf-container-builder/common.env + CONTRAIL_REGISTRY=nexus.gz1.opensdn.io:5102 + CONTRAIL_CONTAINER_TAG=nightly + HOST_IP=10.0.0.22 + JVM_EXTRA_OPTS='-Xms1g -Xmx2g' + LINUX_DISTR=rocky + CLOUD_ORCHESTRATOR=kubernetes + KUBERNETES_PUBLIC_FIP_POOL='{'\''project'\'' : '\''k8s-default'\'', '\''domain'\'': '\''default-domain'\'', '\''name'\'': '\''__fip_pool_public__'\'' , '\''network'\'' : '\''__public__'\''}' + KUBERNETES_IP_FABRIC_SNAT=true + KUBERNETES_IP_FABRIC_FORWARDING=false + CONTROLLER_NODES=10.0.0.22, + AGENT_NODES=10.0.0.22 + HUGE_PAGES_2MB=256 + /home/rocky/tf-container-builder/kubernetes/manifests/resolve-manifest.sh /home/rocky/tf-container-builder/kubernetes/manifests/contrail-standalone-kubernetes.yaml ++ env_dir=/home/rocky/tf-container-builder/kubernetes/manifests/../.. ++ [[ ! -d /home/rocky/tf-container-builder/kubernetes/manifests/../.. ]] ++ env_file=/home/rocky/tf-container-builder/kubernetes/manifests/../../common.env ++ '[' -f /home/rocky/tf-container-builder/kubernetes/manifests/../../common.env ']' +++ ip route show +++ grep 'default via' +++ awk '{print $5}' ++ default_interface=eth0 +++ ip route show dev eth0 +++ grep default +++ awk '{print $3}' ++ default_gateway=10.0.0.1 +++ awk -F= '/^ID=/{print $2}' /etc/os-release +++ tr -d '"' ++ linux_id=rocky ++ [[ rocky == \c\e\n\t\o\s ]] +++ awk -F= '/^VERSION_ID=/{print $2}' /etc/os-release +++ tr -d '"' ++ linux_ver_id=9.2 ++ export LINUX_DISTR=rocky ++ LINUX_DISTR=rocky ++ export LINUX_DISTR_VER= ++ LINUX_DISTR_VER= ++ [[ -z '' ]] ++ [[ rocky =~ centos ]] ++ LINUX_DISTR_VER=latest ++ export UBUNTU_DISTR=ubuntu ++ UBUNTU_DISTR=ubuntu ++ export UBUNTU_DISTR_VERSION=22.04 ++ UBUNTU_DISTR_VERSION=22.04 ++ export LINUX_ID=rocky ++ LINUX_ID=rocky ++ export LINUX_VER_ID=9.2 ++ LINUX_VER_ID=9.2 ++ export HOST_IP=10.0.0.22 ++ HOST_IP=10.0.0.22 ++ [[ 10.0.0.22 == \a\u\t\o ]] ++ export CONTRAIL_SOURCE=/root/contrail ++ CONTRAIL_SOURCE=/root/contrail ++ export K8S_VERSION=1.15.4 ++ K8S_VERSION=1.15.4 ++ [[ rocky =~ ubi8 ]] ++ export OPENSTACK_VERSION=queens ++ OPENSTACK_VERSION=queens ++ export CONTAINER_NAME_PREFIX=opensdn ++ CONTAINER_NAME_PREFIX=opensdn ++ '[' -z nightly ']' ++ export CONTRAIL_CONTAINER_TAG=nightly ++ CONTRAIL_CONTAINER_TAG=nightly ++ export CONTRAIL_REGISTRY=nexus.gz1.opensdn.io:5102 ++ CONTRAIL_REGISTRY=nexus.gz1.opensdn.io:5102 ++ export CONTRAIL_REGISTRY_PUSH=1 ++ CONTRAIL_REGISTRY_PUSH=1 ++ export CONTRAIL_REPOSITORY=auto ++ CONTRAIL_REPOSITORY=auto ++ default_registry_ip=10.0.0.22 ++ [[ nexus.gz1.opensdn.io:5102 == \a\u\t\o ]] ++ [[ auto == \a\u\t\o ]] ++ export CONTRAIL_REPOSITORY=http://10.0.0.22/nightly ++ CONTRAIL_REPOSITORY=http://10.0.0.22/nightly ++ export CONTRAIL_PARALLEL_BUILD=false ++ CONTRAIL_PARALLEL_BUILD=false ++ export CONTRAIL_KEEP_LOG_FILES=false ++ CONTRAIL_KEEP_LOG_FILES=false ++ export GENERAL_EXTRA_RPMS= ++ GENERAL_EXTRA_RPMS= ++ export BASE_EXTRA_RPMS=https://repos.fedorapeople.org/repos/openstack/EOL/openstack-queens/rdo-release-queens-2.noarch.rpm ++ BASE_EXTRA_RPMS=https://repos.fedorapeople.org/repos/openstack/EOL/openstack-queens/rdo-release-queens-2.noarch.rpm ++ export DOCKER_REPO=https://download.docker.com/linux/centos/docker-ce.repo ++ DOCKER_REPO=https://download.docker.com/linux/centos/docker-ce.repo ++ export CONTROLLER_NODES=10.0.0.22, ++ CONTROLLER_NODES=10.0.0.22, ++ export AGENT_NODES=10.0.0.22 ++ AGENT_NODES=10.0.0.22 ++ export ANALYTICS_NODES=10.0.0.22, ++ ANALYTICS_NODES=10.0.0.22, ++ export ANALYTICSDB_NODES=10.0.0.22, ++ ANALYTICSDB_NODES=10.0.0.22, ++ export ANALYTICS_SNMP_NODES=10.0.0.22, ++ ANALYTICS_SNMP_NODES=10.0.0.22, ++ export ANALYTICS_ALARM_NODES=10.0.0.22, ++ ANALYTICS_ALARM_NODES=10.0.0.22, ++ export CONFIG_NODES=10.0.0.22, ++ CONFIG_NODES=10.0.0.22, ++ export CONFIGDB_NODES=10.0.0.22, ++ CONFIGDB_NODES=10.0.0.22, ++ export 'CONTROL_NODES=10.0.0.22 ' ++ CONTROL_NODES='10.0.0.22 ' ++ export KAFKA_NODES=10.0.0.22, ++ KAFKA_NODES=10.0.0.22, ++ export LOG_LEVEL=SYS_NOTICE ++ LOG_LEVEL=SYS_NOTICE ++ export METADATA_PROXY_SECRET=contrail ++ METADATA_PROXY_SECRET=contrail ++ export PHYSICAL_INTERFACE=eth0 ++ PHYSICAL_INTERFACE=eth0 ++ export VROUTER_GATEWAY=10.0.0.1 ++ VROUTER_GATEWAY=10.0.0.1 ++ export RABBITMQ_NODES=10.0.0.22, ++ RABBITMQ_NODES=10.0.0.22, ++ export RABBITMQ_NODE_PORT=5673 ++ RABBITMQ_NODE_PORT=5673 ++ export WEBUI_NODES=10.0.0.22, ++ WEBUI_NODES=10.0.0.22, ++ export ZOOKEEPER_NODES=10.0.0.22, ++ ZOOKEEPER_NODES=10.0.0.22, ++ export ZOOKEEPER_PORT=2181 ++ ZOOKEEPER_PORT=2181 ++ export ZOOKEEPER_PORTS=2888:3888 ++ ZOOKEEPER_PORTS=2888:3888 ++ export ANALYTICS_API_VIP= ++ ANALYTICS_API_VIP= ++ export CONFIG_API_VIP= ++ CONFIG_API_VIP= ++ export AAA_MODE=no-auth ++ AAA_MODE=no-auth ++ export AUTH_MODE=noauth ++ AUTH_MODE=noauth ++ export CLOUD_ORCHESTRATOR=kubernetes ++ CLOUD_ORCHESTRATOR=kubernetes ++ export KUBERNETES_API_SERVER=10.0.0.22 ++ KUBERNETES_API_SERVER=10.0.0.22 ++ export KUBERNETES_API_SECURE_PORT=6443 ++ KUBERNETES_API_SECURE_PORT=6443 ++ export KUBERNETES_IP_FABRIC_SNAT=true ++ KUBERNETES_IP_FABRIC_SNAT=true ++ export KUBERNETES_IP_FABRIC_FORWARDING=false ++ KUBERNETES_IP_FABRIC_FORWARDING=false ++ export DPDK_UIO_DRIVER=uio_pci_generic ++ DPDK_UIO_DRIVER=uio_pci_generic ++ export CPU_CORE_MASK=0x01 ++ CPU_CORE_MASK=0x01 ++ export SERVICE_CORE_MASK= ++ SERVICE_CORE_MASK= ++ export DPDK_CTRL_THREAD_MASK= ++ DPDK_CTRL_THREAD_MASK= ++ export HUGE_PAGES= ++ HUGE_PAGES= ++ export NIC_OFFLOAD_ENABLE=False ++ NIC_OFFLOAD_ENABLE=False ++ export DPDK_ENABLE_VLAN_FWRD=False ++ DPDK_ENABLE_VLAN_FWRD=False ++ export 'JVM_EXTRA_OPTS=-Xms1g -Xmx2g' ++ JVM_EXTRA_OPTS='-Xms1g -Xmx2g' ++ export SSL_ENABLE=false ++ SSL_ENABLE=false ++ export SSL_INSECURE=True ++ SSL_INSECURE=True ++ export SERVER_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ SERVER_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ export SERVER_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ SERVER_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ export SERVER_CA_CERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ SERVER_CA_CERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ export SERVER_CA_KEYFILE=/etc/contrail/ssl/private/ca-key.pem ++ SERVER_CA_KEYFILE=/etc/contrail/ssl/private/ca-key.pem ++ export XMPP_SSL_ENABLE=false ++ XMPP_SSL_ENABLE=false ++ export XMPP_SERVER_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ XMPP_SERVER_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ export XMPP_SERVER_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ XMPP_SERVER_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ export XMPP_SERVER_CA_CERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ XMPP_SERVER_CA_CERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ export CONFIG_API_SSL_ENABLE=false ++ CONFIG_API_SSL_ENABLE=false ++ export CONFIG_API_SERVER_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ CONFIG_API_SERVER_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ export CONFIG_API_SERVER_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ CONFIG_API_SERVER_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ export CONFIG_API_SERVER_CA_CERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ CONFIG_API_SERVER_CA_CERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ export ANALYTICS_API_SSL_ENABLE=false ++ ANALYTICS_API_SSL_ENABLE=false ++ export ANALYTICS_API_SSL_INSECURE=True ++ ANALYTICS_API_SSL_INSECURE=True ++ export ANALYTICS_API_SERVER_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ ANALYTICS_API_SERVER_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ export ANALYTICS_API_SERVER_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ ANALYTICS_API_SERVER_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ export ANALYTICS_API_SERVER_CA_CERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ ANALYTICS_API_SERVER_CA_CERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ export INTROSPECT_SSL_ENABLE=false ++ INTROSPECT_SSL_ENABLE=false ++ export INTROSPECT_SSL_INSECURE=True ++ INTROSPECT_SSL_INSECURE=True ++ export INTROSPECT_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ INTROSPECT_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ export INTROSPECT_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ INTROSPECT_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ export INTROSPECT_CA_CERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ INTROSPECT_CA_CERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ export SANDESH_SSL_ENABLE=false ++ SANDESH_SSL_ENABLE=false ++ export SANDESH_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ SANDESH_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ export SANDESH_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ SANDESH_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ export SANDESH_SERVER_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ SANDESH_SERVER_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ export SANDESH_SERVER_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ SANDESH_SERVER_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ export SANDESH_CA_CERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ SANDESH_CA_CERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ export KEYSTONE_AUTH_PROTO=http ++ KEYSTONE_AUTH_PROTO=http ++ export KEYSTONE_AUTH_INSECURE=True ++ KEYSTONE_AUTH_INSECURE=True ++ export KEYSTONE_AUTH_CERTFILE= ++ KEYSTONE_AUTH_CERTFILE= ++ export KEYSTONE_AUTH_KEYFILE= ++ KEYSTONE_AUTH_KEYFILE= ++ export KEYSTONE_AUTH_CA_CERTFILE= ++ KEYSTONE_AUTH_CA_CERTFILE= ++ export RABBITMQ_SSL_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ RABBITMQ_SSL_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ export RABBITMQ_SSL_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ RABBITMQ_SSL_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ export RABBITMQ_SSL_CACERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ RABBITMQ_SSL_CACERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ export RABBITMQ_USE_SSL=False ++ RABBITMQ_USE_SSL=False ++ export RABBITMQ_SSL_VER=tlsv1.2 ++ RABBITMQ_SSL_VER=tlsv1.2 ++ export RABBITMQ_CLIENT_SSL_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ RABBITMQ_CLIENT_SSL_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ export RABBITMQ_CLIENT_SSL_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ RABBITMQ_CLIENT_SSL_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ export RABBITMQ_CLIENT_SSL_CACERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ RABBITMQ_CLIENT_SSL_CACERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ export METADATA_SSL_ENABLE=false ++ METADATA_SSL_ENABLE=false ++ export METADATA_SSL_CERTFILE= ++ METADATA_SSL_CERTFILE= ++ export METADATA_SSL_KEYFILE= ++ METADATA_SSL_KEYFILE= ++ export METADATA_SSL_CA_CERTFILE= ++ METADATA_SSL_CA_CERTFILE= ++ export METADATA_SSL_CERT_TYPE= ++ METADATA_SSL_CERT_TYPE= ++ export REDIS_SSL_ENABLE=False ++ REDIS_SSL_ENABLE=False ++ export REDIS_SSL_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ REDIS_SSL_CERTFILE=/etc/contrail/ssl/certs/server.pem ++ export REDIS_SSL_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ REDIS_SSL_KEYFILE=/etc/contrail/ssl/private/server-privkey.pem ++ export REDIS_SSL_CACERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ REDIS_SSL_CACERTFILE=/etc/contrail/ssl/certs/ca-cert.pem ++ [[ '' == True ]] ++ [[ rocky =~ ubuntu ]] ++ [[ rocky =~ rocky ]] ++ export VROUTER_KERNEL_INIT_IMAGE=opensdn-vrouter-kernel-init ++ VROUTER_KERNEL_INIT_IMAGE=opensdn-vrouter-kernel-init ++ export VENDOR_NAME=Juniper ++ VENDOR_NAME=Juniper ++ export VENDOR_DOMAIN=net.juniper.contrail ++ VENDOR_DOMAIN=net.juniper.contrail + IFS= ++ sed -e 's/"/\\"/g' -e 's/\$/uUu/g' -e 's/{{ *\([^ }]\+\) *}}/$\1/g' /home/rocky/tf-container-builder/kubernetes/manifests/contrail-standalone-kubernetes.yaml + yaml='# Configs section # Note: using \"..\" for ports, because in v1 there is a bug # which leads to an error # \"..error unmarshaling JSON: json: cannot unmarshal number into Go value of type string..\" # (https://github.com/kubernetes/kubernetes/issues/2763) --- apiVersion: v1 kind: ConfigMap metadata: name: env namespace: kube-system data: AAA_MODE: $AAA_MODE ANALYTICS_API_VIP: \"$ANALYTICS_API_VIP\" ANALYTICS_NODES: $ANALYTICS_NODES ANALYTICSDB_NODES: $ANALYTICSDB_NODES ANALYTICS_SNMP_NODES: $ANALYTICS_SNMP_NODES ANALYTICS_ALARM_NODES: $ANALYTICS_ALARM_NODES ANALYTICSDB_ENABLE: \"true\" ANALYTICS_ALARM_ENABLE: \"true\" ANALYTICS_SNMP_ENABLE: \"true\" AUTH_MODE: $AUTH_MODE CLOUD_ORCHESTRATOR: $CLOUD_ORCHESTRATOR CONFIG_API_VIP: \"$CONFIG_API_VIP\" CONFIG_NODES: $CONFIG_NODES CONFIGDB_NODES: $CONFIGDB_NODES CONTROL_NODES: $CONTROL_NODES CONTROLLER_NODES: $CONTROLLER_NODES KUBERNETES_IP_FABRIC_FORWARDING: \"$KUBERNETES_IP_FABRIC_FORWARDING\" KUBERNETES_IP_FABRIC_SNAT: \"$KUBERNETES_IP_FABRIC_SNAT\" KUBERNETES_PUBLIC_FIP_POOL: \"$KUBERNETES_PUBLIC_FIP_POOL\" LOG_LEVEL: $LOG_LEVEL METADATA_PROXY_SECRET: $METADATA_PROXY_SECRET PHYSICAL_INTERFACE: $PHYSICAL_INTERFACE RABBITMQ_NODES: $RABBITMQ_NODES RABBITMQ_NODE_PORT: \"$RABBITMQ_NODE_PORT\" VROUTER_GATEWAY: $VROUTER_GATEWAY HUGE_PAGES_2MB: \"128\" WEBUI_NODES: $WEBUI_NODES WEBUI_VIP: \"$WEBUI_VIP\" --- # default params will be set in provisioner environment apiVersion: v1 kind: ConfigMap metadata: name: defaults-env namespace: kube-system data: --- apiVersion: v1 kind: ConfigMap metadata: name: configzookeeperenv namespace: kube-system data: ZOOKEEPER_NODES: $CONFIGDB_NODES ZOOKEEPER_PORT: \"$ZOOKEEPER_PORT\" ZOOKEEPER_PORTS: \"$ZOOKEEPER_PORTS\" --- apiVersion: v1 kind: ConfigMap metadata: name: opensdn-analyticsdb-config namespace: kube-system data: JVM_EXTRA_OPTS: $JVM_EXTRA_OPTS CASSANDRA_SEEDS: $ANALYTICSDB_NODES CASSANDRA_CLUSTER_NAME: Contrail CASSANDRA_START_RPC: \"true\" CASSANDRA_LISTEN_ADDRESS: auto CASSANDRA_PORT: \"9160\" CASSANDRA_CQL_PORT: \"9042\" CASSANDRA_SSL_STORAGE_PORT: \"7001\" CASSANDRA_STORAGE_PORT: \"7000\" CASSANDRA_JMX_LOCAL_PORT: \"7200\" --- apiVersion: v1 kind: ConfigMap metadata: name: opensdn-configdb-config namespace: kube-system data: JVM_EXTRA_OPTS: $JVM_EXTRA_OPTS CASSANDRA_SEEDS: $CONFIGDB_NODES CASSANDRA_CLUSTER_NAME: ContrailConfigDB CASSANDRA_START_RPC: \"true\" CASSANDRA_LISTEN_ADDRESS: auto CASSANDRA_PORT: \"9161\" CASSANDRA_CQL_PORT: \"9041\" CASSANDRA_SSL_STORAGE_PORT: \"7011\" CASSANDRA_STORAGE_PORT: \"7010\" CASSANDRA_JMX_LOCAL_PORT: \"7201\" --- apiVersion: v1 kind: ConfigMap metadata: name: rabbitmq-config namespace: kube-system data: RABBITMQ_ERLANG_COOKIE: \"47EFF3BB-4786-46E0-A5BB-58455B3C2CB4\" --- apiVersion: v1 kind: ConfigMap metadata: name: kube-manager-config namespace: kube-system data: KUBERNETES_API_SERVER: $KUBERNETES_API_SERVER KUBERNETES_API_SECURE_PORT: \"$KUBERNETES_API_SECURE_PORT\" K8S_TOKEN_FILE: \"/tmp/serviceaccount/token\" # Containers section --- apiVersion: apps/v1 kind: DaemonSet metadata: name: config-zookeeper namespace: kube-system labels: app: config-zookeeper spec: selector: matchLabels: app: config-zookeeper template: metadata: labels: app: config-zookeeper spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/configdb\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true containers: - name: config-zookeeper image: \"$CONTRAIL_REGISTRY/opensdn-external-zookeeper:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" env: - name: NODE_TYPE value: config-database envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/lib/zookeeper name: zookeeper-data - mountPath: /var/log/zookeeper name: zookeeper-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: zookeeper-data hostPath: path: /var/lib/contrail/config-zookeeper - name: zookeeper-logs hostPath: path: /var/log/contrail/config-zookeeper --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-analyticsdb namespace: kube-system labels: app: opensdn-analyticsdb spec: selector: matchLabels: app: opensdn-analyticsdb template: metadata: labels: app: opensdn-analyticsdb spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/analyticsdb\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" env: - name: NODE_TYPE value: \"database\" - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: opensdn-analyticsdb-config securityContext: privileged: true volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin - mountPath: /host/var/lib name: host-var-lib containers: - name: opensdn-analyticsdb-nodemgr image: \"$CONTRAIL_REGISTRY/opensdn-nodemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: database - name: DATABASE_NODEMGR__DEFAULTS__minimum_diskGB value: \"2\" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-analyticsdb-provisioner image: \"$CONTRAIL_REGISTRY/opensdn-provisioner:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: database - name: DATABASE_NODEMGR__DEFAULTS__minimum_diskGB value: \"2\" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-analyticsdb image: \"$CONTRAIL_REGISTRY/opensdn-external-cassandra:$CONTRAIL_CONTAINER_TAG\" securityContext: capabilities: add: [\"SYS_NICE\"] imagePullPolicy: \"\" env: - name: NODE_TYPE value: database envFrom: - configMapRef: name: opensdn-analyticsdb-config volumeMounts: - mountPath: /var/lib/cassandra name: analyticsdb-data - mountPath: /var/log/cassandra name: analyticsdb-logs - name: opensdn-analytics-query-engine image: \"$CONTRAIL_REGISTRY/opensdn-analytics-query-engine:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true env: - name: NODE_TYPE value: database envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: analyticsdb-data hostPath: path: /var/lib/contrail/analyticsdb - name: analyticsdb-logs hostPath: path: /var/log/contrail/database - name: opensdn-logs hostPath: path: /var/log/contrail - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin - name: host-var-lib hostPath: path: /var/lib --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-configdb namespace: kube-system labels: app: opensdn-configdb spec: selector: matchLabels: app: opensdn-configdb template: metadata: labels: app: opensdn-configdb spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/configdb\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true containers: - name: opensdn-configdb image: \"$CONTRAIL_REGISTRY/opensdn-external-cassandra:$CONTRAIL_CONTAINER_TAG\" securityContext: capabilities: add: [\"SYS_NICE\"] imagePullPolicy: \"\" env: - name: NODE_TYPE value: config-database envFrom: - configMapRef: name: opensdn-configdb-config volumeMounts: - mountPath: /var/lib/cassandra name: configdb-data - mountPath: /var/log/cassandra name: configdb-logs - name: opensdn-config-database-nodemgr image: \"$CONTRAIL_REGISTRY/opensdn-nodemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: opensdn-configdb-config env: - name: NODE_TYPE value: config-database - name: CONFIG_DATABASE_NODEMGR__DEFAULTS__minimum_diskGB value: \"2\" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-config-database-provisioner image: \"$CONTRAIL_REGISTRY/opensdn-provisioner:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: opensdn-configdb-config env: - name: NODE_TYPE value: config-database - name: CONFIG_DATABASE_NODEMGR__DEFAULTS__minimum_diskGB value: \"2\" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: configdb-data hostPath: path: /var/lib/contrail/configdb - name: configdb-logs hostPath: path: /var/log/contrail/config-database - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin - name: opensdn-logs hostPath: path: /var/log/contrail --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-analytics namespace: kube-system labels: app: opensdn-analytics spec: selector: matchLabels: app: opensdn-analytics template: metadata: labels: app: opensdn-analytics spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/analytics\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin containers: - name: opensdn-analytics-api image: \"$CONTRAIL_REGISTRY/opensdn-analytics-api:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-analytics-collector image: \"$CONTRAIL_REGISTRY/opensdn-analytics-collector:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: capabilities: add: [\"SYS_PTRACE\"] envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-analytics-nodemgr image: \"$CONTRAIL_REGISTRY/opensdn-nodemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: analytics volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-analytics-provisioner image: \"$CONTRAIL_REGISTRY/opensdn-provisioner:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: analytics volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin - name: opensdn-logs hostPath: path: /var/log/contrail --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-analytics-snmp namespace: kube-system labels: app: opensdn-analytics-snmp spec: selector: matchLabels: app: opensdn-analytics-snmp template: metadata: labels: app: opensdn-analytics-snmp spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/analytics_snmp\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" env: - name: NODE_TYPE value: \"analytics-snmp\" - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: env - configMapRef: name: opensdn-analyticsdb-config securityContext: privileged: true volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin - mountPath: /host/var/lib name: host-var-lib containers: - name: opensdn-analytics-snmp-collector image: \"$CONTRAIL_REGISTRY/opensdn-analytics-snmp-collector:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs env: - name: NODE_TYPE value: analytics-snmp - name: opensdn-analytics-snmp-topology image: \"$CONTRAIL_REGISTRY/opensdn-analytics-snmp-topology:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs env: - name: NODE_TYPE value: analytics-snmp - name: opensdn-analytics-snmp-nodemgr image: \"$CONTRAIL_REGISTRY/opensdn-nodemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: analytics-snmp volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-analytics-snmp-provisioner image: \"$CONTRAIL_REGISTRY/opensdn-provisioner:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: analytics-snmp volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: host-var-lib hostPath: path: /var/lib - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-analytics-alarm namespace: kube-system labels: app: opensdn-analytics-alarm spec: selector: matchLabels: app: opensdn-analytics-alarm template: metadata: labels: app: opensdn-analytics-alarm spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/analytics_alarm\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" env: - name: NODE_TYPE value: \"analytics-alarm\" - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: env - configMapRef: name: opensdn-analyticsdb-config securityContext: privileged: true volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin - mountPath: /host/var/lib name: host-var-lib containers: - name: kafka image: \"$CONTRAIL_REGISTRY/opensdn-external-kafka:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"IfNotPresent\" securityContext: privileged: true env: - name: NODE_TYPE value: analytics-alarm - name: KAFKA_NODES value: $KAFKA_NODES envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/kafka name: kafka-logs - name: opensdn-analytics-alarm-gen image: \"$CONTRAIL_REGISTRY/opensdn-analytics-alarm-gen:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs env: - name: NODE_TYPE value: analytics-alarm - name: opensdn-analytics-alarm-nodemgr image: \"$CONTRAIL_REGISTRY/opensdn-nodemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: analytics-alarm volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-analytics-alarm-provisioner image: \"$CONTRAIL_REGISTRY/opensdn-provisioner:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: analytics-alarm volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: host-var-lib hostPath: path: /var/lib - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin - name: kafka-logs hostPath: path: /var/log/contrail/kafka --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-controller-control namespace: kube-system labels: app: opensdn-controller-control spec: selector: matchLabels: app: opensdn-controller-control template: metadata: labels: app: opensdn-controller-control spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/control\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin containers: - name: opensdn-controller-control image: \"$CONTRAIL_REGISTRY/opensdn-controller-control-control:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: capabilities: add: [\"SYS_PTRACE\"] envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-control-dns image: \"$CONTRAIL_REGISTRY/opensdn-controller-control-dns:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: capabilities: add: [\"SYS_PTRACE\"] envFrom: - configMapRef: name: env volumeMounts: - mountPath: /etc/contrail name: dns-config - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-control-named image: \"$CONTRAIL_REGISTRY/opensdn-controller-control-named:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env securityContext: privileged: true volumeMounts: - mountPath: /etc/contrail name: dns-config - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-nodemgr image: \"$CONTRAIL_REGISTRY/opensdn-nodemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: control volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-controller-provisioner image: \"$CONTRAIL_REGISTRY/opensdn-provisioner:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: control volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: dns-config emptyDir: {} - name: host-usr-bin hostPath: path: /usr/bin --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-controller-config namespace: kube-system labels: app: opensdn-controller-config spec: selector: matchLabels: app: opensdn-controller-config template: metadata: labels: app: opensdn-controller-config spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/config\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin containers: - name: opensdn-controller-config-api image: \"$CONTRAIL_REGISTRY/opensdn-controller-config-api:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-config-devicemgr image: \"$CONTRAIL_REGISTRY/opensdn-controller-config-devicemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-config-schema image: \"$CONTRAIL_REGISTRY/opensdn-controller-config-schema:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-config-svcmonitor image: \"$CONTRAIL_REGISTRY/opensdn-controller-config-svcmonitor:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-config-nodemgr image: \"$CONTRAIL_REGISTRY/opensdn-nodemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: config - name: CASSANDRA_CQL_PORT value: \"9041\" - name: CASSANDRA_JMX_LOCAL_PORT value: \"7201\" - name: CONFIG_NODEMGR__DEFAULTS__minimum_diskGB value: \"2\" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-controller-config-provisioner image: \"$CONTRAIL_REGISTRY/opensdn-provisioner:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: config - name: CONFIG_NODEMGR__DEFAULTS__minimum_diskGB value: \"2\" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-controller-webui namespace: kube-system labels: app: opensdn-controller-webui spec: selector: matchLabels: app: opensdn-controller-webui template: metadata: labels: app: opensdn-controller-webui spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/webui\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin containers: - name: opensdn-controller-webui-job image: \"$CONTRAIL_REGISTRY/opensdn-controller-webui-job:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-webui-web image: \"$CONTRAIL_REGISTRY/opensdn-controller-webui-web:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: host-usr-bin hostPath: path: /usr/bin --- apiVersion: apps/v1 kind: DaemonSet metadata: name: redis namespace: kube-system labels: app: redis spec: selector: matchLabels: app: redis template: metadata: labels: app: redis spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/analytics\" operator: Exists - matchExpressions: - key: \"node-role.opencontrail.org/webui\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true containers: - name: redis image: \"$CONTRAIL_REGISTRY/opensdn-external-redis:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/lib/redis name: redis-data - mountPath: /var/log/redis name: redis-logs volumes: - name: redis-data hostPath: path: /var/lib/contrail/redis - name: redis-logs hostPath: path: /var/log/contrail/redis --- apiVersion: apps/v1 kind: DaemonSet metadata: name: rabbitmq namespace: kube-system labels: app: rabbitmq spec: selector: matchLabels: app: rabbitmq template: metadata: labels: app: rabbitmq spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/configdb\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true containers: - name: rabbitmq image: \"$CONTRAIL_REGISTRY/opensdn-external-rabbitmq:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" env: - name: NODE_TYPE value: config-database - name: RABBITMQ_LOGS value: '\''/var/log/rabbitmq/rabbitmq.log'\'' - name: RABBITMQ_SASL_LOGS value: '\''/var/log/rabbitmq/rabbitmq_sasl.log'\'' envFrom: - configMapRef: name: env - configMapRef: name: rabbitmq-config volumeMounts: - mountPath: /var/lib/rabbitmq name: rabbitmq-data - mountPath: /var/log/rabbitmq name: rabbitmq-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: rabbitmq-data hostPath: path: /var/lib/contrail/rabbitmq - name: rabbitmq-logs hostPath: path: /var/log/contrail/rabbitmq --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-kube-manager namespace: kube-system labels: app: opensdn-kube-manager spec: selector: matchLabels: app: opensdn-kube-manager template: metadata: labels: app: opensdn-kube-manager spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/config\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule - key: node.kubernetes.io/not-ready operator: Exists effect: NoSchedule automountServiceAccountToken: false hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin containers: - name: opensdn-kube-manager image: \"$CONTRAIL_REGISTRY/opensdn-kubernetes-kube-manager:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: kube-manager-config volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /tmp/serviceaccount name: pod-secret imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: pod-secret secret: secretName: opensdn-kube-manager-token - name: host-usr-bin hostPath: path: /usr/bin --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-agent namespace: kube-system labels: app: opensdn-agent spec: selector: matchLabels: app: opensdn-agent template: metadata: labels: app: opensdn-agent spec: #Disable affinity for single node setup affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/agent\" operator: Exists #Enable tolerations for single node setup tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule - key: node.kubernetes.io/not-ready operator: Exists effect: NoSchedule automountServiceAccountToken: false hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin - name: opensdn-vrouter-kernel-init image: \"$CONTRAIL_REGISTRY/$VROUTER_KERNEL_INIT_IMAGE:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env volumeMounts: - mountPath: /usr/src name: usr-src - mountPath: /lib/modules name: lib-modules - mountPath: /etc/sysconfig/network-scripts name: network-scripts - mountPath: /host/bin name: host-bin - name: opensdn-kubernetes-cni-init image: \"$CONTRAIL_REGISTRY/opensdn-kubernetes-cni-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/lib/contrail name: var-lib-contrail - mountPath: /host/etc_cni name: etc-cni - mountPath: /host/opt_cni_bin name: opt-cni-bin - mountPath: /host/log_cni name: var-log-contrail-cni - mountPath: /var/log/contrail name: opensdn-logs containers: - name: opensdn-vrouter-agent image: \"$CONTRAIL_REGISTRY/opensdn-vrouter-agent:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" # TODO: Priveleged mode is requied because w/o it the device /dev/net/tun # is not present in the container. The mounting it into container # doesnt help because of permissions are not enough syscalls, # e.g. https://github.com/Juniper/opensdn-controller/blob/master/src/vnsw/agent/contrail/linux/pkt0_interface.cc: 48. securityContext: privileged: true resources: limits: hugepages-2Mi: 256Mi requests: hugepages-2Mi: 256Mi memory: 256Mi envFrom: - configMapRef: name: env lifecycle: preStop: exec: command: [\"/clean-up.sh\"] volumeMounts: - mountPath: /dev name: dev - mountPath: /var/run name: var-run - mountPath: /etc/sysconfig/network-scripts name: network-scripts - mountPath: /host/bin name: host-bin - mountPath: /host/etc name: host-etc - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /usr/src name: usr-src - mountPath: /lib/modules name: lib-modules - mountPath: /var/lib/contrail name: var-lib-contrail - mountPath: /var/crashes name: var-crashes - mountPath: /tmp/serviceaccount name: pod-secret - name: opensdn-agent-nodemgr image: \"$CONTRAIL_REGISTRY/opensdn-nodemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env env: - name: NODE_TYPE value: vrouter volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - mountPath: /var/lib/contrail/loadbalancer name: lb-nodemgr - name: opensdn-agent-provisioner image: \"$CONTRAIL_REGISTRY/opensdn-provisioner:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: defaults-env env: - name: NODE_TYPE value: vrouter volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: dev hostPath: path: /dev - name: network-scripts hostPath: path: /etc/sysconfig/network-scripts - name: host-bin hostPath: path: /bin - name: host-etc hostPath: path: /etc - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: pod-secret secret: secretName: opensdn-kube-manager-token - name: usr-src hostPath: path: /usr/src - name: lib-modules hostPath: path: /lib/modules - name: var-lib-contrail hostPath: path: /var/lib/contrail - name: var-crashes hostPath: path: /var/crashes - name: etc-cni hostPath: path: /etc/cni - name: opt-cni-bin hostPath: path: /opt/cni/bin - name: var-log-contrail-cni hostPath: path: /var/log/contrail/cni - name: opensdn-logs hostPath: path: /var/log/contrail - name: host-usr-bin hostPath: path: /usr/bin - name: lb-nodemgr hostPath: path: /var/lib/contrail/loadbalancer # Meta information section --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: opensdn-kube-manager namespace: kube-system rules: - apiGroups: [\"*\"] resources: [\"*\"] verbs: [\"*\"] --- apiVersion: v1 kind: ServiceAccount metadata: name: opensdn-kube-manager namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: opensdn-kube-manager roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: opensdn-kube-manager subjects: - kind: ServiceAccount name: opensdn-kube-manager namespace: kube-system --- apiVersion: v1 kind: Secret metadata: name: opensdn-kube-manager-token namespace: kube-system annotations: kubernetes.io/service-account.name: opensdn-kube-manager type: kubernetes.io/service-account-token' + sed 's/uUu/$/g' + eval echo '"# Configs section # Note: using \"..\" for ports, because in v1 there is a bug # which leads to an error # \"..error unmarshaling JSON: json: cannot unmarshal number into Go value of type string..\" # (https://github.com/kubernetes/kubernetes/issues/2763) --- apiVersion: v1 kind: ConfigMap metadata: name: env namespace: kube-system data: AAA_MODE: $AAA_MODE ANALYTICS_API_VIP: \"$ANALYTICS_API_VIP\" ANALYTICS_NODES: $ANALYTICS_NODES ANALYTICSDB_NODES: $ANALYTICSDB_NODES ANALYTICS_SNMP_NODES: $ANALYTICS_SNMP_NODES ANALYTICS_ALARM_NODES: $ANALYTICS_ALARM_NODES ANALYTICSDB_ENABLE: \"true\" ANALYTICS_ALARM_ENABLE: \"true\" ANALYTICS_SNMP_ENABLE: \"true\" AUTH_MODE: $AUTH_MODE CLOUD_ORCHESTRATOR: $CLOUD_ORCHESTRATOR CONFIG_API_VIP: \"$CONFIG_API_VIP\" CONFIG_NODES: $CONFIG_NODES CONFIGDB_NODES: $CONFIGDB_NODES CONTROL_NODES: $CONTROL_NODES CONTROLLER_NODES: $CONTROLLER_NODES KUBERNETES_IP_FABRIC_FORWARDING: \"$KUBERNETES_IP_FABRIC_FORWARDING\" KUBERNETES_IP_FABRIC_SNAT: \"$KUBERNETES_IP_FABRIC_SNAT\" KUBERNETES_PUBLIC_FIP_POOL: \"$KUBERNETES_PUBLIC_FIP_POOL\" LOG_LEVEL: $LOG_LEVEL METADATA_PROXY_SECRET: $METADATA_PROXY_SECRET PHYSICAL_INTERFACE: $PHYSICAL_INTERFACE RABBITMQ_NODES: $RABBITMQ_NODES RABBITMQ_NODE_PORT: \"$RABBITMQ_NODE_PORT\" VROUTER_GATEWAY: $VROUTER_GATEWAY HUGE_PAGES_2MB: \"128\" WEBUI_NODES: $WEBUI_NODES WEBUI_VIP: \"$WEBUI_VIP\" --- # default params will be set in provisioner environment apiVersion: v1 kind: ConfigMap metadata: name: defaults-env namespace: kube-system data: --- apiVersion: v1 kind: ConfigMap metadata: name: configzookeeperenv namespace: kube-system data: ZOOKEEPER_NODES: $CONFIGDB_NODES ZOOKEEPER_PORT: \"$ZOOKEEPER_PORT\" ZOOKEEPER_PORTS: \"$ZOOKEEPER_PORTS\" --- apiVersion: v1 kind: ConfigMap metadata: name: opensdn-analyticsdb-config namespace: kube-system data: JVM_EXTRA_OPTS: $JVM_EXTRA_OPTS CASSANDRA_SEEDS: $ANALYTICSDB_NODES CASSANDRA_CLUSTER_NAME: Contrail CASSANDRA_START_RPC: \"true\" CASSANDRA_LISTEN_ADDRESS: auto CASSANDRA_PORT: \"9160\" CASSANDRA_CQL_PORT: \"9042\" CASSANDRA_SSL_STORAGE_PORT: \"7001\" CASSANDRA_STORAGE_PORT: \"7000\" CASSANDRA_JMX_LOCAL_PORT: \"7200\" --- apiVersion: v1 kind: ConfigMap metadata: name: opensdn-configdb-config namespace: kube-system data: JVM_EXTRA_OPTS: $JVM_EXTRA_OPTS CASSANDRA_SEEDS: $CONFIGDB_NODES CASSANDRA_CLUSTER_NAME: ContrailConfigDB CASSANDRA_START_RPC: \"true\" CASSANDRA_LISTEN_ADDRESS: auto CASSANDRA_PORT: \"9161\" CASSANDRA_CQL_PORT: \"9041\" CASSANDRA_SSL_STORAGE_PORT: \"7011\" CASSANDRA_STORAGE_PORT: \"7010\" CASSANDRA_JMX_LOCAL_PORT: \"7201\" --- apiVersion: v1 kind: ConfigMap metadata: name: rabbitmq-config namespace: kube-system data: RABBITMQ_ERLANG_COOKIE: \"47EFF3BB-4786-46E0-A5BB-58455B3C2CB4\" --- apiVersion: v1 kind: ConfigMap metadata: name: kube-manager-config namespace: kube-system data: KUBERNETES_API_SERVER: $KUBERNETES_API_SERVER KUBERNETES_API_SECURE_PORT: \"$KUBERNETES_API_SECURE_PORT\" K8S_TOKEN_FILE: \"/tmp/serviceaccount/token\" # Containers section --- apiVersion: apps/v1 kind: DaemonSet metadata: name: config-zookeeper namespace: kube-system labels: app: config-zookeeper spec: selector: matchLabels: app: config-zookeeper template: metadata: labels: app: config-zookeeper spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/configdb\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true containers: - name: config-zookeeper image: \"$CONTRAIL_REGISTRY/opensdn-external-zookeeper:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" env: - name: NODE_TYPE value: config-database envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/lib/zookeeper name: zookeeper-data - mountPath: /var/log/zookeeper name: zookeeper-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: zookeeper-data hostPath: path: /var/lib/contrail/config-zookeeper - name: zookeeper-logs hostPath: path: /var/log/contrail/config-zookeeper --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-analyticsdb namespace: kube-system labels: app: opensdn-analyticsdb spec: selector: matchLabels: app: opensdn-analyticsdb template: metadata: labels: app: opensdn-analyticsdb spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/analyticsdb\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" env: - name: NODE_TYPE value: \"database\" - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: opensdn-analyticsdb-config securityContext: privileged: true volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin - mountPath: /host/var/lib name: host-var-lib containers: - name: opensdn-analyticsdb-nodemgr image: \"$CONTRAIL_REGISTRY/opensdn-nodemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: database - name: DATABASE_NODEMGR__DEFAULTS__minimum_diskGB value: \"2\" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-analyticsdb-provisioner image: \"$CONTRAIL_REGISTRY/opensdn-provisioner:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: database - name: DATABASE_NODEMGR__DEFAULTS__minimum_diskGB value: \"2\" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-analyticsdb image: \"$CONTRAIL_REGISTRY/opensdn-external-cassandra:$CONTRAIL_CONTAINER_TAG\" securityContext: capabilities: add: [\"SYS_NICE\"] imagePullPolicy: \"\" env: - name: NODE_TYPE value: database envFrom: - configMapRef: name: opensdn-analyticsdb-config volumeMounts: - mountPath: /var/lib/cassandra name: analyticsdb-data - mountPath: /var/log/cassandra name: analyticsdb-logs - name: opensdn-analytics-query-engine image: \"$CONTRAIL_REGISTRY/opensdn-analytics-query-engine:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true env: - name: NODE_TYPE value: database envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: analyticsdb-data hostPath: path: /var/lib/contrail/analyticsdb - name: analyticsdb-logs hostPath: path: /var/log/contrail/database - name: opensdn-logs hostPath: path: /var/log/contrail - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin - name: host-var-lib hostPath: path: /var/lib --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-configdb namespace: kube-system labels: app: opensdn-configdb spec: selector: matchLabels: app: opensdn-configdb template: metadata: labels: app: opensdn-configdb spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/configdb\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true containers: - name: opensdn-configdb image: \"$CONTRAIL_REGISTRY/opensdn-external-cassandra:$CONTRAIL_CONTAINER_TAG\" securityContext: capabilities: add: [\"SYS_NICE\"] imagePullPolicy: \"\" env: - name: NODE_TYPE value: config-database envFrom: - configMapRef: name: opensdn-configdb-config volumeMounts: - mountPath: /var/lib/cassandra name: configdb-data - mountPath: /var/log/cassandra name: configdb-logs - name: opensdn-config-database-nodemgr image: \"$CONTRAIL_REGISTRY/opensdn-nodemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: opensdn-configdb-config env: - name: NODE_TYPE value: config-database - name: CONFIG_DATABASE_NODEMGR__DEFAULTS__minimum_diskGB value: \"2\" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-config-database-provisioner image: \"$CONTRAIL_REGISTRY/opensdn-provisioner:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: opensdn-configdb-config env: - name: NODE_TYPE value: config-database - name: CONFIG_DATABASE_NODEMGR__DEFAULTS__minimum_diskGB value: \"2\" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: configdb-data hostPath: path: /var/lib/contrail/configdb - name: configdb-logs hostPath: path: /var/log/contrail/config-database - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin - name: opensdn-logs hostPath: path: /var/log/contrail --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-analytics namespace: kube-system labels: app: opensdn-analytics spec: selector: matchLabels: app: opensdn-analytics template: metadata: labels: app: opensdn-analytics spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/analytics\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin containers: - name: opensdn-analytics-api image: \"$CONTRAIL_REGISTRY/opensdn-analytics-api:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-analytics-collector image: \"$CONTRAIL_REGISTRY/opensdn-analytics-collector:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: capabilities: add: [\"SYS_PTRACE\"] envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-analytics-nodemgr image: \"$CONTRAIL_REGISTRY/opensdn-nodemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: analytics volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-analytics-provisioner image: \"$CONTRAIL_REGISTRY/opensdn-provisioner:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: analytics volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin - name: opensdn-logs hostPath: path: /var/log/contrail --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-analytics-snmp namespace: kube-system labels: app: opensdn-analytics-snmp spec: selector: matchLabels: app: opensdn-analytics-snmp template: metadata: labels: app: opensdn-analytics-snmp spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/analytics_snmp\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" env: - name: NODE_TYPE value: \"analytics-snmp\" - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: env - configMapRef: name: opensdn-analyticsdb-config securityContext: privileged: true volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin - mountPath: /host/var/lib name: host-var-lib containers: - name: opensdn-analytics-snmp-collector image: \"$CONTRAIL_REGISTRY/opensdn-analytics-snmp-collector:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs env: - name: NODE_TYPE value: analytics-snmp - name: opensdn-analytics-snmp-topology image: \"$CONTRAIL_REGISTRY/opensdn-analytics-snmp-topology:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs env: - name: NODE_TYPE value: analytics-snmp - name: opensdn-analytics-snmp-nodemgr image: \"$CONTRAIL_REGISTRY/opensdn-nodemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: analytics-snmp volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-analytics-snmp-provisioner image: \"$CONTRAIL_REGISTRY/opensdn-provisioner:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: analytics-snmp volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: host-var-lib hostPath: path: /var/lib - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-analytics-alarm namespace: kube-system labels: app: opensdn-analytics-alarm spec: selector: matchLabels: app: opensdn-analytics-alarm template: metadata: labels: app: opensdn-analytics-alarm spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/analytics_alarm\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" env: - name: NODE_TYPE value: \"analytics-alarm\" - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: env - configMapRef: name: opensdn-analyticsdb-config securityContext: privileged: true volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin - mountPath: /host/var/lib name: host-var-lib containers: - name: kafka image: \"$CONTRAIL_REGISTRY/opensdn-external-kafka:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"IfNotPresent\" securityContext: privileged: true env: - name: NODE_TYPE value: analytics-alarm - name: KAFKA_NODES value: $KAFKA_NODES envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/kafka name: kafka-logs - name: opensdn-analytics-alarm-gen image: \"$CONTRAIL_REGISTRY/opensdn-analytics-alarm-gen:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs env: - name: NODE_TYPE value: analytics-alarm - name: opensdn-analytics-alarm-nodemgr image: \"$CONTRAIL_REGISTRY/opensdn-nodemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: analytics-alarm volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-analytics-alarm-provisioner image: \"$CONTRAIL_REGISTRY/opensdn-provisioner:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: analytics-alarm volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: host-var-lib hostPath: path: /var/lib - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin - name: kafka-logs hostPath: path: /var/log/contrail/kafka --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-controller-control namespace: kube-system labels: app: opensdn-controller-control spec: selector: matchLabels: app: opensdn-controller-control template: metadata: labels: app: opensdn-controller-control spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/control\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin containers: - name: opensdn-controller-control image: \"$CONTRAIL_REGISTRY/opensdn-controller-control-control:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: capabilities: add: [\"SYS_PTRACE\"] envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-control-dns image: \"$CONTRAIL_REGISTRY/opensdn-controller-control-dns:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: capabilities: add: [\"SYS_PTRACE\"] envFrom: - configMapRef: name: env volumeMounts: - mountPath: /etc/contrail name: dns-config - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-control-named image: \"$CONTRAIL_REGISTRY/opensdn-controller-control-named:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env securityContext: privileged: true volumeMounts: - mountPath: /etc/contrail name: dns-config - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-nodemgr image: \"$CONTRAIL_REGISTRY/opensdn-nodemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: control volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-controller-provisioner image: \"$CONTRAIL_REGISTRY/opensdn-provisioner:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: control volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: dns-config emptyDir: {} - name: host-usr-bin hostPath: path: /usr/bin --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-controller-config namespace: kube-system labels: app: opensdn-controller-config spec: selector: matchLabels: app: opensdn-controller-config template: metadata: labels: app: opensdn-controller-config spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/config\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin containers: - name: opensdn-controller-config-api image: \"$CONTRAIL_REGISTRY/opensdn-controller-config-api:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-config-devicemgr image: \"$CONTRAIL_REGISTRY/opensdn-controller-config-devicemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-config-schema image: \"$CONTRAIL_REGISTRY/opensdn-controller-config-schema:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-config-svcmonitor image: \"$CONTRAIL_REGISTRY/opensdn-controller-config-svcmonitor:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-config-nodemgr image: \"$CONTRAIL_REGISTRY/opensdn-nodemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: config - name: CASSANDRA_CQL_PORT value: \"9041\" - name: CASSANDRA_JMX_LOCAL_PORT value: \"7201\" - name: CONFIG_NODEMGR__DEFAULTS__minimum_diskGB value: \"2\" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-controller-config-provisioner image: \"$CONTRAIL_REGISTRY/opensdn-provisioner:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: config - name: CONFIG_NODEMGR__DEFAULTS__minimum_diskGB value: \"2\" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-controller-webui namespace: kube-system labels: app: opensdn-controller-webui spec: selector: matchLabels: app: opensdn-controller-webui template: metadata: labels: app: opensdn-controller-webui spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/webui\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin containers: - name: opensdn-controller-webui-job image: \"$CONTRAIL_REGISTRY/opensdn-controller-webui-job:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-webui-web image: \"$CONTRAIL_REGISTRY/opensdn-controller-webui-web:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: host-usr-bin hostPath: path: /usr/bin --- apiVersion: apps/v1 kind: DaemonSet metadata: name: redis namespace: kube-system labels: app: redis spec: selector: matchLabels: app: redis template: metadata: labels: app: redis spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/analytics\" operator: Exists - matchExpressions: - key: \"node-role.opencontrail.org/webui\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true containers: - name: redis image: \"$CONTRAIL_REGISTRY/opensdn-external-redis:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/lib/redis name: redis-data - mountPath: /var/log/redis name: redis-logs volumes: - name: redis-data hostPath: path: /var/lib/contrail/redis - name: redis-logs hostPath: path: /var/log/contrail/redis --- apiVersion: apps/v1 kind: DaemonSet metadata: name: rabbitmq namespace: kube-system labels: app: rabbitmq spec: selector: matchLabels: app: rabbitmq template: metadata: labels: app: rabbitmq spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/configdb\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true containers: - name: rabbitmq image: \"$CONTRAIL_REGISTRY/opensdn-external-rabbitmq:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" env: - name: NODE_TYPE value: config-database - name: RABBITMQ_LOGS value: '\''/var/log/rabbitmq/rabbitmq.log'\'' - name: RABBITMQ_SASL_LOGS value: '\''/var/log/rabbitmq/rabbitmq_sasl.log'\'' envFrom: - configMapRef: name: env - configMapRef: name: rabbitmq-config volumeMounts: - mountPath: /var/lib/rabbitmq name: rabbitmq-data - mountPath: /var/log/rabbitmq name: rabbitmq-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: rabbitmq-data hostPath: path: /var/lib/contrail/rabbitmq - name: rabbitmq-logs hostPath: path: /var/log/contrail/rabbitmq --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-kube-manager namespace: kube-system labels: app: opensdn-kube-manager spec: selector: matchLabels: app: opensdn-kube-manager template: metadata: labels: app: opensdn-kube-manager spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/config\" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule - key: node.kubernetes.io/not-ready operator: Exists effect: NoSchedule automountServiceAccountToken: false hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin containers: - name: opensdn-kube-manager image: \"$CONTRAIL_REGISTRY/opensdn-kubernetes-kube-manager:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: kube-manager-config volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /tmp/serviceaccount name: pod-secret imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: pod-secret secret: secretName: opensdn-kube-manager-token - name: host-usr-bin hostPath: path: /usr/bin --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-agent namespace: kube-system labels: app: opensdn-agent spec: selector: matchLabels: app: opensdn-agent template: metadata: labels: app: opensdn-agent spec: #Disable affinity for single node setup affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: \"node-role.opencontrail.org/agent\" operator: Exists #Enable tolerations for single node setup tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule - key: node.kubernetes.io/not-ready operator: Exists effect: NoSchedule automountServiceAccountToken: false hostNetwork: true initContainers: - name: opensdn-node-init image: \"$CONTRAIL_REGISTRY/opensdn-node-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: \"$CONTRAIL_REGISTRY/opensdn-status:$CONTRAIL_CONTAINER_TAG\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin - name: opensdn-vrouter-kernel-init image: \"$CONTRAIL_REGISTRY/$VROUTER_KERNEL_INIT_IMAGE:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" securityContext: privileged: true envFrom: - configMapRef: name: env volumeMounts: - mountPath: /usr/src name: usr-src - mountPath: /lib/modules name: lib-modules - mountPath: /etc/sysconfig/network-scripts name: network-scripts - mountPath: /host/bin name: host-bin - name: opensdn-kubernetes-cni-init image: \"$CONTRAIL_REGISTRY/opensdn-kubernetes-cni-init:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/lib/contrail name: var-lib-contrail - mountPath: /host/etc_cni name: etc-cni - mountPath: /host/opt_cni_bin name: opt-cni-bin - mountPath: /host/log_cni name: var-log-contrail-cni - mountPath: /var/log/contrail name: opensdn-logs containers: - name: opensdn-vrouter-agent image: \"$CONTRAIL_REGISTRY/opensdn-vrouter-agent:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" # TODO: Priveleged mode is requied because w/o it the device /dev/net/tun # is not present in the container. The mounting it into container # doesnt help because of permissions are not enough syscalls, # e.g. https://github.com/Juniper/opensdn-controller/blob/master/src/vnsw/agent/contrail/linux/pkt0_interface.cc: 48. securityContext: privileged: true resources: limits: hugepages-2Mi: 256Mi requests: hugepages-2Mi: 256Mi memory: 256Mi envFrom: - configMapRef: name: env lifecycle: preStop: exec: command: [\"/clean-up.sh\"] volumeMounts: - mountPath: /dev name: dev - mountPath: /var/run name: var-run - mountPath: /etc/sysconfig/network-scripts name: network-scripts - mountPath: /host/bin name: host-bin - mountPath: /host/etc name: host-etc - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /usr/src name: usr-src - mountPath: /lib/modules name: lib-modules - mountPath: /var/lib/contrail name: var-lib-contrail - mountPath: /var/crashes name: var-crashes - mountPath: /tmp/serviceaccount name: pod-secret - name: opensdn-agent-nodemgr image: \"$CONTRAIL_REGISTRY/opensdn-nodemgr:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env env: - name: NODE_TYPE value: vrouter volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - mountPath: /var/lib/contrail/loadbalancer name: lb-nodemgr - name: opensdn-agent-provisioner image: \"$CONTRAIL_REGISTRY/opensdn-provisioner:$CONTRAIL_CONTAINER_TAG\" imagePullPolicy: \"\" envFrom: - configMapRef: name: env - configMapRef: name: defaults-env env: - name: NODE_TYPE value: vrouter volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: $KUBERNETES_SECRET_CONTRAIL_REPO volumes: - name: dev hostPath: path: /dev - name: network-scripts hostPath: path: /etc/sysconfig/network-scripts - name: host-bin hostPath: path: /bin - name: host-etc hostPath: path: /etc - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: pod-secret secret: secretName: opensdn-kube-manager-token - name: usr-src hostPath: path: /usr/src - name: lib-modules hostPath: path: /lib/modules - name: var-lib-contrail hostPath: path: /var/lib/contrail - name: var-crashes hostPath: path: /var/crashes - name: etc-cni hostPath: path: /etc/cni - name: opt-cni-bin hostPath: path: /opt/cni/bin - name: var-log-contrail-cni hostPath: path: /var/log/contrail/cni - name: opensdn-logs hostPath: path: /var/log/contrail - name: host-usr-bin hostPath: path: /usr/bin - name: lb-nodemgr hostPath: path: /var/lib/contrail/loadbalancer # Meta information section --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: opensdn-kube-manager namespace: kube-system rules: - apiGroups: [\"*\"] resources: [\"*\"] verbs: [\"*\"] --- apiVersion: v1 kind: ServiceAccount metadata: name: opensdn-kube-manager namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: opensdn-kube-manager roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: opensdn-kube-manager subjects: - kind: ServiceAccount name: opensdn-kube-manager namespace: kube-system --- apiVersion: v1 kind: Secret metadata: name: opensdn-kube-manager-token namespace: kube-system annotations: kubernetes.io/service-account.name: opensdn-kube-manager type: kubernetes.io/service-account-token"' ++ echo '# Configs section # Note: using ".." for ports, because in v1 there is a bug # which leads to an error # "..error unmarshaling JSON: json: cannot unmarshal number into Go value of type string.." # (https://github.com/kubernetes/kubernetes/issues/2763) --- apiVersion: v1 kind: ConfigMap metadata: name: env namespace: kube-system data: AAA_MODE: no-auth ANALYTICS_API_VIP: "" ANALYTICS_NODES: 10.0.0.22, ANALYTICSDB_NODES: 10.0.0.22, ANALYTICS_SNMP_NODES: 10.0.0.22, ANALYTICS_ALARM_NODES: 10.0.0.22, ANALYTICSDB_ENABLE: "true" ANALYTICS_ALARM_ENABLE: "true" ANALYTICS_SNMP_ENABLE: "true" AUTH_MODE: noauth CLOUD_ORCHESTRATOR: kubernetes CONFIG_API_VIP: "" CONFIG_NODES: 10.0.0.22, CONFIGDB_NODES: 10.0.0.22, CONTROL_NODES: 10.0.0.22 CONTROLLER_NODES: 10.0.0.22, KUBERNETES_IP_FABRIC_FORWARDING: "false" KUBERNETES_IP_FABRIC_SNAT: "true" KUBERNETES_PUBLIC_FIP_POOL: "{'\''project'\'' : '\''k8s-default'\'', '\''domain'\'': '\''default-domain'\'', '\''name'\'': '\''__fip_pool_public__'\'' , '\''network'\'' : '\''__public__'\''}" LOG_LEVEL: SYS_NOTICE METADATA_PROXY_SECRET: contrail PHYSICAL_INTERFACE: eth0 RABBITMQ_NODES: 10.0.0.22, RABBITMQ_NODE_PORT: "5673" VROUTER_GATEWAY: 10.0.0.1 HUGE_PAGES_2MB: "128" WEBUI_NODES: 10.0.0.22, WEBUI_VIP: "" --- # default params will be set in provisioner environment apiVersion: v1 kind: ConfigMap metadata: name: defaults-env namespace: kube-system data: --- apiVersion: v1 kind: ConfigMap metadata: name: configzookeeperenv namespace: kube-system data: ZOOKEEPER_NODES: 10.0.0.22, ZOOKEEPER_PORT: "2181" ZOOKEEPER_PORTS: "2888:3888" --- apiVersion: v1 kind: ConfigMap metadata: name: opensdn-analyticsdb-config namespace: kube-system data: JVM_EXTRA_OPTS: -Xms1g -Xmx2g CASSANDRA_SEEDS: 10.0.0.22, CASSANDRA_CLUSTER_NAME: Contrail CASSANDRA_START_RPC: "true" CASSANDRA_LISTEN_ADDRESS: auto CASSANDRA_PORT: "9160" CASSANDRA_CQL_PORT: "9042" CASSANDRA_SSL_STORAGE_PORT: "7001" CASSANDRA_STORAGE_PORT: "7000" CASSANDRA_JMX_LOCAL_PORT: "7200" --- apiVersion: v1 kind: ConfigMap metadata: name: opensdn-configdb-config namespace: kube-system data: JVM_EXTRA_OPTS: -Xms1g -Xmx2g CASSANDRA_SEEDS: 10.0.0.22, CASSANDRA_CLUSTER_NAME: ContrailConfigDB CASSANDRA_START_RPC: "true" CASSANDRA_LISTEN_ADDRESS: auto CASSANDRA_PORT: "9161" CASSANDRA_CQL_PORT: "9041" CASSANDRA_SSL_STORAGE_PORT: "7011" CASSANDRA_STORAGE_PORT: "7010" CASSANDRA_JMX_LOCAL_PORT: "7201" --- apiVersion: v1 kind: ConfigMap metadata: name: rabbitmq-config namespace: kube-system data: RABBITMQ_ERLANG_COOKIE: "47EFF3BB-4786-46E0-A5BB-58455B3C2CB4" --- apiVersion: v1 kind: ConfigMap metadata: name: kube-manager-config namespace: kube-system data: KUBERNETES_API_SERVER: 10.0.0.22 KUBERNETES_API_SECURE_PORT: "6443" K8S_TOKEN_FILE: "/tmp/serviceaccount/token" # Containers section --- apiVersion: apps/v1 kind: DaemonSet metadata: name: config-zookeeper namespace: kube-system labels: app: config-zookeeper spec: selector: matchLabels: app: config-zookeeper template: metadata: labels: app: config-zookeeper spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: "node-role.opencontrail.org/configdb" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true containers: - name: config-zookeeper image: "nexus.gz1.opensdn.io:5102/opensdn-external-zookeeper:nightly" imagePullPolicy: "" env: - name: NODE_TYPE value: config-database envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/lib/zookeeper name: zookeeper-data - mountPath: /var/log/zookeeper name: zookeeper-logs imagePullSecrets: - name: volumes: - name: zookeeper-data hostPath: path: /var/lib/contrail/config-zookeeper - name: zookeeper-logs hostPath: path: /var/log/contrail/config-zookeeper --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-analyticsdb namespace: kube-system labels: app: opensdn-analyticsdb spec: selector: matchLabels: app: opensdn-analyticsdb template: metadata: labels: app: opensdn-analyticsdb spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: "node-role.opencontrail.org/analyticsdb" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: "nexus.gz1.opensdn.io:5102/opensdn-node-init:nightly" imagePullPolicy: "" env: - name: NODE_TYPE value: "database" - name: CONTRAIL_STATUS_IMAGE value: "nexus.gz1.opensdn.io:5102/opensdn-status:nightly" envFrom: - configMapRef: name: opensdn-analyticsdb-config securityContext: privileged: true volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin - mountPath: /host/var/lib name: host-var-lib containers: - name: opensdn-analyticsdb-nodemgr image: "nexus.gz1.opensdn.io:5102/opensdn-nodemgr:nightly" imagePullPolicy: "" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: database - name: DATABASE_NODEMGR__DEFAULTS__minimum_diskGB value: "2" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-analyticsdb-provisioner image: "nexus.gz1.opensdn.io:5102/opensdn-provisioner:nightly" imagePullPolicy: "" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: database - name: DATABASE_NODEMGR__DEFAULTS__minimum_diskGB value: "2" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-analyticsdb image: "nexus.gz1.opensdn.io:5102/opensdn-external-cassandra:nightly" securityContext: capabilities: add: ["SYS_NICE"] imagePullPolicy: "" env: - name: NODE_TYPE value: database envFrom: - configMapRef: name: opensdn-analyticsdb-config volumeMounts: - mountPath: /var/lib/cassandra name: analyticsdb-data - mountPath: /var/log/cassandra name: analyticsdb-logs - name: opensdn-analytics-query-engine image: "nexus.gz1.opensdn.io:5102/opensdn-analytics-query-engine:nightly" imagePullPolicy: "" securityContext: privileged: true env: - name: NODE_TYPE value: database envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: volumes: - name: analyticsdb-data hostPath: path: /var/lib/contrail/analyticsdb - name: analyticsdb-logs hostPath: path: /var/log/contrail/database - name: opensdn-logs hostPath: path: /var/log/contrail - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin - name: host-var-lib hostPath: path: /var/lib --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-configdb namespace: kube-system labels: app: opensdn-configdb spec: selector: matchLabels: app: opensdn-configdb template: metadata: labels: app: opensdn-configdb spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: "node-role.opencontrail.org/configdb" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true containers: - name: opensdn-configdb image: "nexus.gz1.opensdn.io:5102/opensdn-external-cassandra:nightly" securityContext: capabilities: add: ["SYS_NICE"] imagePullPolicy: "" env: - name: NODE_TYPE value: config-database envFrom: - configMapRef: name: opensdn-configdb-config volumeMounts: - mountPath: /var/lib/cassandra name: configdb-data - mountPath: /var/log/cassandra name: configdb-logs - name: opensdn-config-database-nodemgr image: "nexus.gz1.opensdn.io:5102/opensdn-nodemgr:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env - configMapRef: name: opensdn-configdb-config env: - name: NODE_TYPE value: config-database - name: CONFIG_DATABASE_NODEMGR__DEFAULTS__minimum_diskGB value: "2" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-config-database-provisioner image: "nexus.gz1.opensdn.io:5102/opensdn-provisioner:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: opensdn-configdb-config env: - name: NODE_TYPE value: config-database - name: CONFIG_DATABASE_NODEMGR__DEFAULTS__minimum_diskGB value: "2" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: volumes: - name: configdb-data hostPath: path: /var/lib/contrail/configdb - name: configdb-logs hostPath: path: /var/log/contrail/config-database - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin - name: opensdn-logs hostPath: path: /var/log/contrail --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-analytics namespace: kube-system labels: app: opensdn-analytics spec: selector: matchLabels: app: opensdn-analytics template: metadata: labels: app: opensdn-analytics spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: "node-role.opencontrail.org/analytics" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: "nexus.gz1.opensdn.io:5102/opensdn-node-init:nightly" imagePullPolicy: "" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: "nexus.gz1.opensdn.io:5102/opensdn-status:nightly" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin containers: - name: opensdn-analytics-api image: "nexus.gz1.opensdn.io:5102/opensdn-analytics-api:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-analytics-collector image: "nexus.gz1.opensdn.io:5102/opensdn-analytics-collector:nightly" imagePullPolicy: "" securityContext: capabilities: add: ["SYS_PTRACE"] envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-analytics-nodemgr image: "nexus.gz1.opensdn.io:5102/opensdn-nodemgr:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: analytics volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-analytics-provisioner image: "nexus.gz1.opensdn.io:5102/opensdn-provisioner:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: analytics volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: volumes: - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin - name: opensdn-logs hostPath: path: /var/log/contrail --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-analytics-snmp namespace: kube-system labels: app: opensdn-analytics-snmp spec: selector: matchLabels: app: opensdn-analytics-snmp template: metadata: labels: app: opensdn-analytics-snmp spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: "node-role.opencontrail.org/analytics_snmp" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: "nexus.gz1.opensdn.io:5102/opensdn-node-init:nightly" imagePullPolicy: "" env: - name: NODE_TYPE value: "analytics-snmp" - name: CONTRAIL_STATUS_IMAGE value: "nexus.gz1.opensdn.io:5102/opensdn-status:nightly" envFrom: - configMapRef: name: env - configMapRef: name: opensdn-analyticsdb-config securityContext: privileged: true volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin - mountPath: /host/var/lib name: host-var-lib containers: - name: opensdn-analytics-snmp-collector image: "nexus.gz1.opensdn.io:5102/opensdn-analytics-snmp-collector:nightly" imagePullPolicy: "" securityContext: privileged: true envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs env: - name: NODE_TYPE value: analytics-snmp - name: opensdn-analytics-snmp-topology image: "nexus.gz1.opensdn.io:5102/opensdn-analytics-snmp-topology:nightly" imagePullPolicy: "" securityContext: privileged: true envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs env: - name: NODE_TYPE value: analytics-snmp - name: opensdn-analytics-snmp-nodemgr image: "nexus.gz1.opensdn.io:5102/opensdn-nodemgr:nightly" imagePullPolicy: "" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: analytics-snmp volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-analytics-snmp-provisioner image: "nexus.gz1.opensdn.io:5102/opensdn-provisioner:nightly" imagePullPolicy: "" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: analytics-snmp volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: host-var-lib hostPath: path: /var/lib - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-analytics-alarm namespace: kube-system labels: app: opensdn-analytics-alarm spec: selector: matchLabels: app: opensdn-analytics-alarm template: metadata: labels: app: opensdn-analytics-alarm spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: "node-role.opencontrail.org/analytics_alarm" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: "nexus.gz1.opensdn.io:5102/opensdn-node-init:nightly" imagePullPolicy: "" env: - name: NODE_TYPE value: "analytics-alarm" - name: CONTRAIL_STATUS_IMAGE value: "nexus.gz1.opensdn.io:5102/opensdn-status:nightly" envFrom: - configMapRef: name: env - configMapRef: name: opensdn-analyticsdb-config securityContext: privileged: true volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin - mountPath: /host/var/lib name: host-var-lib containers: - name: kafka image: "nexus.gz1.opensdn.io:5102/opensdn-external-kafka:nightly" imagePullPolicy: "IfNotPresent" securityContext: privileged: true env: - name: NODE_TYPE value: analytics-alarm - name: KAFKA_NODES value: 10.0.0.22, envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/kafka name: kafka-logs - name: opensdn-analytics-alarm-gen image: "nexus.gz1.opensdn.io:5102/opensdn-analytics-alarm-gen:nightly" imagePullPolicy: "" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs env: - name: NODE_TYPE value: analytics-alarm - name: opensdn-analytics-alarm-nodemgr image: "nexus.gz1.opensdn.io:5102/opensdn-nodemgr:nightly" imagePullPolicy: "" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: analytics-alarm volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-analytics-alarm-provisioner image: "nexus.gz1.opensdn.io:5102/opensdn-provisioner:nightly" imagePullPolicy: "" securityContext: privileged: true envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: opensdn-analyticsdb-config env: - name: NODE_TYPE value: analytics-alarm volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: host-var-lib hostPath: path: /var/lib - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin - name: kafka-logs hostPath: path: /var/log/contrail/kafka --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-controller-control namespace: kube-system labels: app: opensdn-controller-control spec: selector: matchLabels: app: opensdn-controller-control template: metadata: labels: app: opensdn-controller-control spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: "node-role.opencontrail.org/control" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: "nexus.gz1.opensdn.io:5102/opensdn-node-init:nightly" imagePullPolicy: "" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: "nexus.gz1.opensdn.io:5102/opensdn-status:nightly" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin containers: - name: opensdn-controller-control image: "nexus.gz1.opensdn.io:5102/opensdn-controller-control-control:nightly" imagePullPolicy: "" securityContext: capabilities: add: ["SYS_PTRACE"] envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-control-dns image: "nexus.gz1.opensdn.io:5102/opensdn-controller-control-dns:nightly" imagePullPolicy: "" securityContext: capabilities: add: ["SYS_PTRACE"] envFrom: - configMapRef: name: env volumeMounts: - mountPath: /etc/contrail name: dns-config - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-control-named image: "nexus.gz1.opensdn.io:5102/opensdn-controller-control-named:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env securityContext: privileged: true volumeMounts: - mountPath: /etc/contrail name: dns-config - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-nodemgr image: "nexus.gz1.opensdn.io:5102/opensdn-nodemgr:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: control volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-controller-provisioner image: "nexus.gz1.opensdn.io:5102/opensdn-provisioner:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: control volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: dns-config emptyDir: {} - name: host-usr-bin hostPath: path: /usr/bin --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-controller-config namespace: kube-system labels: app: opensdn-controller-config spec: selector: matchLabels: app: opensdn-controller-config template: metadata: labels: app: opensdn-controller-config spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: "node-role.opencontrail.org/config" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: "nexus.gz1.opensdn.io:5102/opensdn-node-init:nightly" imagePullPolicy: "" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: "nexus.gz1.opensdn.io:5102/opensdn-status:nightly" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin containers: - name: opensdn-controller-config-api image: "nexus.gz1.opensdn.io:5102/opensdn-controller-config-api:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-config-devicemgr image: "nexus.gz1.opensdn.io:5102/opensdn-controller-config-devicemgr:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-config-schema image: "nexus.gz1.opensdn.io:5102/opensdn-controller-config-schema:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-config-svcmonitor image: "nexus.gz1.opensdn.io:5102/opensdn-controller-config-svcmonitor:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-config-nodemgr image: "nexus.gz1.opensdn.io:5102/opensdn-nodemgr:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: config - name: CASSANDRA_CQL_PORT value: "9041" - name: CASSANDRA_JMX_LOCAL_PORT value: "7201" - name: CONFIG_NODEMGR__DEFAULTS__minimum_diskGB value: "2" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - name: opensdn-controller-config-provisioner image: "nexus.gz1.opensdn.io:5102/opensdn-provisioner:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env - configMapRef: name: defaults-env - configMapRef: name: configzookeeperenv env: - name: NODE_TYPE value: config - name: CONFIG_NODEMGR__DEFAULTS__minimum_diskGB value: "2" volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: host-usr-bin hostPath: path: /usr/bin --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-controller-webui namespace: kube-system labels: app: opensdn-controller-webui spec: selector: matchLabels: app: opensdn-controller-webui template: metadata: labels: app: opensdn-controller-webui spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: "node-role.opencontrail.org/webui" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true initContainers: - name: opensdn-node-init image: "nexus.gz1.opensdn.io:5102/opensdn-node-init:nightly" imagePullPolicy: "" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: "nexus.gz1.opensdn.io:5102/opensdn-status:nightly" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin containers: - name: opensdn-controller-webui-job image: "nexus.gz1.opensdn.io:5102/opensdn-controller-webui-job:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - name: opensdn-controller-webui-web image: "nexus.gz1.opensdn.io:5102/opensdn-controller-webui-web:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: host-usr-bin hostPath: path: /usr/bin --- apiVersion: apps/v1 kind: DaemonSet metadata: name: redis namespace: kube-system labels: app: redis spec: selector: matchLabels: app: redis template: metadata: labels: app: redis spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: "node-role.opencontrail.org/analytics" operator: Exists - matchExpressions: - key: "node-role.opencontrail.org/webui" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true containers: - name: redis image: "nexus.gz1.opensdn.io:5102/opensdn-external-redis:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/lib/redis name: redis-data - mountPath: /var/log/redis name: redis-logs volumes: - name: redis-data hostPath: path: /var/lib/contrail/redis - name: redis-logs hostPath: path: /var/log/contrail/redis --- apiVersion: apps/v1 kind: DaemonSet metadata: name: rabbitmq namespace: kube-system labels: app: rabbitmq spec: selector: matchLabels: app: rabbitmq template: metadata: labels: app: rabbitmq spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: "node-role.opencontrail.org/configdb" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule hostNetwork: true containers: - name: rabbitmq image: "nexus.gz1.opensdn.io:5102/opensdn-external-rabbitmq:nightly" imagePullPolicy: "" env: - name: NODE_TYPE value: config-database - name: RABBITMQ_LOGS value: '\''/var/log/rabbitmq/rabbitmq.log'\'' - name: RABBITMQ_SASL_LOGS value: '\''/var/log/rabbitmq/rabbitmq_sasl.log'\'' envFrom: - configMapRef: name: env - configMapRef: name: rabbitmq-config volumeMounts: - mountPath: /var/lib/rabbitmq name: rabbitmq-data - mountPath: /var/log/rabbitmq name: rabbitmq-logs imagePullSecrets: - name: volumes: - name: rabbitmq-data hostPath: path: /var/lib/contrail/rabbitmq - name: rabbitmq-logs hostPath: path: /var/log/contrail/rabbitmq --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-kube-manager namespace: kube-system labels: app: opensdn-kube-manager spec: selector: matchLabels: app: opensdn-kube-manager template: metadata: labels: app: opensdn-kube-manager spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: "node-role.opencontrail.org/config" operator: Exists tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule - key: node.kubernetes.io/not-ready operator: Exists effect: NoSchedule automountServiceAccountToken: false hostNetwork: true initContainers: - name: opensdn-node-init image: "nexus.gz1.opensdn.io:5102/opensdn-node-init:nightly" imagePullPolicy: "" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: "nexus.gz1.opensdn.io:5102/opensdn-status:nightly" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin containers: - name: opensdn-kube-manager image: "nexus.gz1.opensdn.io:5102/opensdn-kubernetes-kube-manager:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env - configMapRef: name: kube-manager-config volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /tmp/serviceaccount name: pod-secret imagePullSecrets: - name: volumes: - name: opensdn-logs hostPath: path: /var/log/contrail - name: pod-secret secret: secretName: opensdn-kube-manager-token - name: host-usr-bin hostPath: path: /usr/bin --- apiVersion: apps/v1 kind: DaemonSet metadata: name: opensdn-agent namespace: kube-system labels: app: opensdn-agent spec: selector: matchLabels: app: opensdn-agent template: metadata: labels: app: opensdn-agent spec: #Disable affinity for single node setup affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: "node-role.opencontrail.org/agent" operator: Exists #Enable tolerations for single node setup tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule - key: node.kubernetes.io/not-ready operator: Exists effect: NoSchedule automountServiceAccountToken: false hostNetwork: true initContainers: - name: opensdn-node-init image: "nexus.gz1.opensdn.io:5102/opensdn-node-init:nightly" imagePullPolicy: "" securityContext: privileged: true env: - name: CONTRAIL_STATUS_IMAGE value: "nexus.gz1.opensdn.io:5102/opensdn-status:nightly" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /host/usr/bin name: host-usr-bin - name: opensdn-vrouter-kernel-init image: "nexus.gz1.opensdn.io:5102/opensdn-vrouter-kernel-init:nightly" imagePullPolicy: "" securityContext: privileged: true envFrom: - configMapRef: name: env volumeMounts: - mountPath: /usr/src name: usr-src - mountPath: /lib/modules name: lib-modules - mountPath: /etc/sysconfig/network-scripts name: network-scripts - mountPath: /host/bin name: host-bin - name: opensdn-kubernetes-cni-init image: "nexus.gz1.opensdn.io:5102/opensdn-kubernetes-cni-init:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env volumeMounts: - mountPath: /var/lib/contrail name: var-lib-contrail - mountPath: /host/etc_cni name: etc-cni - mountPath: /host/opt_cni_bin name: opt-cni-bin - mountPath: /host/log_cni name: var-log-contrail-cni - mountPath: /var/log/contrail name: opensdn-logs containers: - name: opensdn-vrouter-agent image: "nexus.gz1.opensdn.io:5102/opensdn-vrouter-agent:nightly" imagePullPolicy: "" # TODO: Priveleged mode is requied because w/o it the device /dev/net/tun # is not present in the container. The mounting it into container # doesnt help because of permissions are not enough syscalls, # e.g. https://github.com/Juniper/opensdn-controller/blob/master/src/vnsw/agent/contrail/linux/pkt0_interface.cc: 48. securityContext: privileged: true resources: limits: hugepages-2Mi: 256Mi requests: hugepages-2Mi: 256Mi memory: 256Mi envFrom: - configMapRef: name: env lifecycle: preStop: exec: command: ["/clean-up.sh"] volumeMounts: - mountPath: /dev name: dev - mountPath: /var/run name: var-run - mountPath: /etc/sysconfig/network-scripts name: network-scripts - mountPath: /host/bin name: host-bin - mountPath: /host/etc name: host-etc - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /usr/src name: usr-src - mountPath: /lib/modules name: lib-modules - mountPath: /var/lib/contrail name: var-lib-contrail - mountPath: /var/crashes name: var-crashes - mountPath: /tmp/serviceaccount name: pod-secret - name: opensdn-agent-nodemgr image: "nexus.gz1.opensdn.io:5102/opensdn-nodemgr:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env env: - name: NODE_TYPE value: vrouter volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs - mountPath: /var/run name: var-run - mountPath: /run/runc name: run-runc - mountPath: /var/lib/contrail/loadbalancer name: lb-nodemgr - name: opensdn-agent-provisioner image: "nexus.gz1.opensdn.io:5102/opensdn-provisioner:nightly" imagePullPolicy: "" envFrom: - configMapRef: name: env - configMapRef: name: defaults-env env: - name: NODE_TYPE value: vrouter volumeMounts: - mountPath: /var/log/contrail name: opensdn-logs imagePullSecrets: - name: volumes: - name: dev hostPath: path: /dev - name: network-scripts hostPath: path: /etc/sysconfig/network-scripts - name: host-bin hostPath: path: /bin - name: host-etc hostPath: path: /etc - name: var-run hostPath: path: /var/run - name: run-runc hostPath: path: /run/runc - name: pod-secret secret: secretName: opensdn-kube-manager-token - name: usr-src hostPath: path: /usr/src - name: lib-modules hostPath: path: /lib/modules - name: var-lib-contrail hostPath: path: /var/lib/contrail - name: var-crashes hostPath: path: /var/crashes - name: etc-cni hostPath: path: /etc/cni - name: opt-cni-bin hostPath: path: /opt/cni/bin - name: var-log-contrail-cni hostPath: path: /var/log/contrail/cni - name: opensdn-logs hostPath: path: /var/log/contrail - name: host-usr-bin hostPath: path: /usr/bin - name: lb-nodemgr hostPath: path: /var/lib/contrail/loadbalancer # Meta information section --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: opensdn-kube-manager namespace: kube-system rules: - apiGroups: ["*"] resources: ["*"] verbs: ["*"] --- apiVersion: v1 kind: ServiceAccount metadata: name: opensdn-kube-manager namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: opensdn-kube-manager roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: opensdn-kube-manager subjects: - kind: ServiceAccount name: opensdn-kube-manager namespace: kube-system --- apiVersion: v1 kind: Secret metadata: name: opensdn-kube-manager-token namespace: kube-system annotations: kubernetes.io/service-account.name: opensdn-kube-manager type: kubernetes.io/service-account-token' + [[ manifest != \w\a\i\t ]] + mkdir -p /home/rocky/.tf/.stages + touch /home/rocky/.tf/.stages/manifest ++ date + echo 'INFO: Stage manifest was run successfully Mon Apr 28 01:32:09 AM UTC 2025' INFO: Stage manifest was run successfully Mon Apr 28 01:32:09 AM UTC 2025 + last_stage=manifest + for stage in ${stages[@]} ++ date + echo 'INFO: Running stage tf at Mon Apr 28 01:32:09 AM UTC 2025' INFO: Running stage tf at Mon Apr 28 01:32:09 AM UTC 2025 + run_stage tf + finished_stage tf + '[' -e /home/rocky/.tf/.stages/tf ']' + tf + sync_time + [[ k8s_manifests == \o\p\e\n\s\h\i\f\t\3 ]] + local user=rocky + shift + true + local 'nodes=10.0.0.22 10.0.0.22 ' ++ date + echo 'INFO: check time sync on nodes and force sync Mon Apr 28 01:32:09 AM UTC 2025' INFO: check time sync on nodes and force sync Mon Apr 28 01:32:09 AM UTC 2025 + echo 'INFO: controller nodes - 10.0.0.22 ' INFO: controller nodes - 10.0.0.22 + echo 'INFO: agent nodes - 10.0.0.22' INFO: agent nodes - 10.0.0.22 + echo 'INFO: openstack controller nodes - ' INFO: openstack controller nodes - + local machine ++ echo 10.0.0.22 10.0.0.22 ++ tr ' ' '\n' ++ sort -u + for machine in $(echo $nodes | tr " " "\n" | sort -u) + local addr=10.0.0.22 + '[' -z rocky ']' + addr=rocky@10.0.0.22 + echo 'INFO: sync time on machine rocky@10.0.0.22' INFO: sync time on machine rocky@10.0.0.22 + scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o PasswordAuthentication=no -o ServerAliveInterval=60 /home/rocky/src/opensdn-io/tf-devstack/k8s_manifests/../common/sync_time.sh rocky@10.0.0.22:/tmp/sync_time.sh Warning: Permanently added '10.0.0.22' (ED25519) to the list of known hosts. + ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o PasswordAuthentication=no -o ServerAliveInterval=60 rocky@10.0.0.22 DEBUG=true /tmp/sync_time.sh Warning: Permanently added '10.0.0.22' (ED25519) to the list of known hosts. + ps ax + grep -v grep + grep -q bin/chronyd ++ date INFO: Mon Apr 28 01:32:10 AM UTC 2025: ensure time is synced (chronyd) + echo 'INFO: Mon Apr 28 01:32:10 AM UTC 2025: ensure time is synced (chronyd)' + time_sync_func=chrony_sync + show_time=chrony_show_time + '[' -z chrony_sync ']' + i=30 + chrony_sync ++ chronyc -n sources + local 'out=MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^- 89.179.240.219 2 10 377 686 +1117us[+1080us] +/- 13ms ^- 176.108.252.7 2 10 377 175 -398us[ -441us] +/- 28ms ^* 178.217.98.201 2 10 377 28 -171us[ -216us] +/- 3890us ^- 109.195.84.246 2 10 377 173 +188us[ +145us] +/- 21ms' + echo 'MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^- 89.179.240.219 2 10 377 686 +1117us[+1080us] +/- 13ms ^- 176.108.252.7 2 10 377 175 -398us[ -441us] +/- 28ms ^* 178.217.98.201 2 10 377 28 -171us[ -216us] +/- 3890us ^- 109.195.84.246 2 10 377 173 +188us[ +145us] +/- 21ms' + grep -q '^\^\*' ++ date INFO: Mon Apr 28 01:32:10 AM UTC 2025: time is synced + echo 'INFO: Mon Apr 28 01:32:10 AM UTC 2025: time is synced' + ensure_kube_api_ready + wait_cmd_success 'kubectl get nodes' 3 40 + local 'cmd=kubectl get nodes' + local interval=3 + local max=40 + local silent_cmd=1 ++ set +o + local 'state=set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace' + [[ ehxB =~ e ]] + state+='; set -e' + [[ true == \t\r\u\e ]] + set -o pipefail + local i=0 + [[ 1 != \0 ]] + local 'to_dev_null=&>/dev/null' + eval 'kubectl get nodes' '&>/dev/null' ++ kubectl get nodes + echo '' + echo 'INFO: done in 0s' INFO: done in 0s + eval 'set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace; set -e' ++ set +o allexport ++ set -o braceexpand ++ set +o emacs ++ set +o errexit ++ set +o errtrace ++ set +o functrace ++ set -o hashall ++ set +o histexpand ++ set +o history ++ set +o ignoreeof ++ set -o interactive-comments ++ set +o keyword ++ set +o monitor ++ set +o noclobber ++ set +o noexec ++ set +o noglob ++ set +o nolog ++ set +o notify ++ set +o nounset ++ set +o onecmd ++ set +o physical ++ set +o pipefail ++ set +o posix ++ set +o privileged ++ set +o verbose ++ set +o vi ++ set -o xtrace ++ set -e + labels=($(grep "key: \"node-role." $WORKSPACE/tf.yaml | tr -s [:space:] | sort -u | cut -d: -f2 | tr -d \")) ++ grep 'key: "node-role.' /home/rocky/tf.yaml ++ tr -s '[:space:]' ++ sort -u ++ tr -d '"' ++ cut -d: -f2 + label_nodes_by_ip node-role.opencontrail.org/agent= 10.0.0.22 + local label=node-role.opencontrail.org/agent= + shift ++ echo 10.0.0.22 ++ tr ' ' '\n' + local node_ips=10.0.0.22 + wait_cmd_success 'kubectl get nodes --no-headers' 5 2 + local 'cmd=kubectl get nodes --no-headers' + local interval=5 + local max=2 + local silent_cmd=1 ++ set +o + local 'state=set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace' + [[ ehxB =~ e ]] + state+='; set -e' + [[ true == \t\r\u\e ]] + set -o pipefail + local i=0 + [[ 1 != \0 ]] + local 'to_dev_null=&>/dev/null' + eval 'kubectl get nodes --no-headers' '&>/dev/null' ++ kubectl get nodes --no-headers + echo '' + echo 'INFO: done in 0s' INFO: done in 0s + eval 'set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace; set -e' ++ set +o allexport ++ set -o braceexpand ++ set +o emacs ++ set +o errexit ++ set +o errtrace ++ set +o functrace ++ set -o hashall ++ set +o histexpand ++ set +o history ++ set +o ignoreeof ++ set -o interactive-comments ++ set +o keyword ++ set +o monitor ++ set +o noclobber ++ set +o noexec ++ set +o noglob ++ set +o nolog ++ set +o notify ++ set +o nounset ++ set +o onecmd ++ set +o physical ++ set +o pipefail ++ set +o posix ++ set +o privileged ++ set +o verbose ++ set +o vi ++ set -o xtrace ++ set -e ++ kubectl get nodes --no-headers ++ cut -d ' ' -f 1 + for node in $(kubectl get nodes --no-headers | cut -d ' ' -f 1) ++ kubectl get node cn-jenkins-deploy-platform-k8s-manifests-182-1 '-o=jsonpath={.status.addresses[?(@.type=="InternalIP")].address}' + local nodeip=10.0.0.22 + echo 10.0.0.22 + grep -wF 10.0.0.22 10.0.0.22 + kubectl label node --overwrite cn-jenkins-deploy-platform-k8s-manifests-182-1 node-role.opencontrail.org/agent= node/cn-jenkins-deploy-platform-k8s-manifests-182-1 labeled + for label in ${labels[@]} + label_nodes_by_ip node-role.opencontrail.org/agent= 10.0.0.22 + local label=node-role.opencontrail.org/agent= + shift ++ echo 10.0.0.22 ++ tr ' ' '\n' + local node_ips=10.0.0.22 + wait_cmd_success 'kubectl get nodes --no-headers' 5 2 + local 'cmd=kubectl get nodes --no-headers' + local interval=5 + local max=2 + local silent_cmd=1 ++ set +o + local 'state=set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace' + [[ ehxB =~ e ]] + state+='; set -e' + [[ true == \t\r\u\e ]] + set -o pipefail + local i=0 + [[ 1 != \0 ]] + local 'to_dev_null=&>/dev/null' + eval 'kubectl get nodes --no-headers' '&>/dev/null' ++ kubectl get nodes --no-headers + echo '' + echo 'INFO: done in 0s' INFO: done in 0s + eval 'set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace; set -e' ++ set +o allexport ++ set -o braceexpand ++ set +o emacs ++ set +o errexit ++ set +o errtrace ++ set +o functrace ++ set -o hashall ++ set +o histexpand ++ set +o history ++ set +o ignoreeof ++ set -o interactive-comments ++ set +o keyword ++ set +o monitor ++ set +o noclobber ++ set +o noexec ++ set +o noglob ++ set +o nolog ++ set +o notify ++ set +o nounset ++ set +o onecmd ++ set +o physical ++ set +o pipefail ++ set +o posix ++ set +o privileged ++ set +o verbose ++ set +o vi ++ set -o xtrace ++ set -e ++ kubectl get nodes --no-headers ++ cut -d ' ' -f 1 + for node in $(kubectl get nodes --no-headers | cut -d ' ' -f 1) ++ kubectl get node cn-jenkins-deploy-platform-k8s-manifests-182-1 '-o=jsonpath={.status.addresses[?(@.type=="InternalIP")].address}' + local nodeip=10.0.0.22 + echo 10.0.0.22 + grep -wF 10.0.0.22 10.0.0.22 + kubectl label node --overwrite cn-jenkins-deploy-platform-k8s-manifests-182-1 node-role.opencontrail.org/agent= node/cn-jenkins-deploy-platform-k8s-manifests-182-1 not labeled + for label in ${labels[@]} + label_nodes_by_ip node-role.opencontrail.org/analytics= 10.0.0.22 + local label=node-role.opencontrail.org/analytics= + shift ++ echo 10.0.0.22 ++ tr ' ' '\n' + local node_ips=10.0.0.22 + wait_cmd_success 'kubectl get nodes --no-headers' 5 2 + local 'cmd=kubectl get nodes --no-headers' + local interval=5 + local max=2 + local silent_cmd=1 ++ set +o + local 'state=set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace' + [[ ehxB =~ e ]] + state+='; set -e' + [[ true == \t\r\u\e ]] + set -o pipefail + local i=0 + [[ 1 != \0 ]] + local 'to_dev_null=&>/dev/null' + eval 'kubectl get nodes --no-headers' '&>/dev/null' ++ kubectl get nodes --no-headers + echo '' + echo 'INFO: done in 0s' INFO: done in 0s + eval 'set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace; set -e' ++ set +o allexport ++ set -o braceexpand ++ set +o emacs ++ set +o errexit ++ set +o errtrace ++ set +o functrace ++ set -o hashall ++ set +o histexpand ++ set +o history ++ set +o ignoreeof ++ set -o interactive-comments ++ set +o keyword ++ set +o monitor ++ set +o noclobber ++ set +o noexec ++ set +o noglob ++ set +o nolog ++ set +o notify ++ set +o nounset ++ set +o onecmd ++ set +o physical ++ set +o pipefail ++ set +o posix ++ set +o privileged ++ set +o verbose ++ set +o vi ++ set -o xtrace ++ set -e ++ kubectl get nodes --no-headers ++ cut -d ' ' -f 1 + for node in $(kubectl get nodes --no-headers | cut -d ' ' -f 1) ++ kubectl get node cn-jenkins-deploy-platform-k8s-manifests-182-1 '-o=jsonpath={.status.addresses[?(@.type=="InternalIP")].address}' + local nodeip=10.0.0.22 + echo 10.0.0.22 + grep -wF 10.0.0.22 10.0.0.22 + kubectl label node --overwrite cn-jenkins-deploy-platform-k8s-manifests-182-1 node-role.opencontrail.org/analytics= node/cn-jenkins-deploy-platform-k8s-manifests-182-1 labeled + for label in ${labels[@]} + label_nodes_by_ip node-role.opencontrail.org/analytics_alarm= 10.0.0.22 + local label=node-role.opencontrail.org/analytics_alarm= + shift ++ echo 10.0.0.22 ++ tr ' ' '\n' + local node_ips=10.0.0.22 + wait_cmd_success 'kubectl get nodes --no-headers' 5 2 + local 'cmd=kubectl get nodes --no-headers' + local interval=5 + local max=2 + local silent_cmd=1 ++ set +o + local 'state=set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace' + [[ ehxB =~ e ]] + state+='; set -e' + [[ true == \t\r\u\e ]] + set -o pipefail + local i=0 + [[ 1 != \0 ]] + local 'to_dev_null=&>/dev/null' + eval 'kubectl get nodes --no-headers' '&>/dev/null' ++ kubectl get nodes --no-headers + echo '' + echo 'INFO: done in 0s' INFO: done in 0s + eval 'set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace; set -e' ++ set +o allexport ++ set -o braceexpand ++ set +o emacs ++ set +o errexit ++ set +o errtrace ++ set +o functrace ++ set -o hashall ++ set +o histexpand ++ set +o history ++ set +o ignoreeof ++ set -o interactive-comments ++ set +o keyword ++ set +o monitor ++ set +o noclobber ++ set +o noexec ++ set +o noglob ++ set +o nolog ++ set +o notify ++ set +o nounset ++ set +o onecmd ++ set +o physical ++ set +o pipefail ++ set +o posix ++ set +o privileged ++ set +o verbose ++ set +o vi ++ set -o xtrace ++ set -e ++ kubectl get nodes --no-headers ++ cut -d ' ' -f 1 + for node in $(kubectl get nodes --no-headers | cut -d ' ' -f 1) ++ kubectl get node cn-jenkins-deploy-platform-k8s-manifests-182-1 '-o=jsonpath={.status.addresses[?(@.type=="InternalIP")].address}' + local nodeip=10.0.0.22 + echo 10.0.0.22 + grep -wF 10.0.0.22 10.0.0.22 + kubectl label node --overwrite cn-jenkins-deploy-platform-k8s-manifests-182-1 node-role.opencontrail.org/analytics_alarm= node/cn-jenkins-deploy-platform-k8s-manifests-182-1 labeled + for label in ${labels[@]} + label_nodes_by_ip node-role.opencontrail.org/analyticsdb= 10.0.0.22 + local label=node-role.opencontrail.org/analyticsdb= + shift ++ echo 10.0.0.22 ++ tr ' ' '\n' + local node_ips=10.0.0.22 + wait_cmd_success 'kubectl get nodes --no-headers' 5 2 + local 'cmd=kubectl get nodes --no-headers' + local interval=5 + local max=2 + local silent_cmd=1 ++ set +o + local 'state=set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace' + [[ ehxB =~ e ]] + state+='; set -e' + [[ true == \t\r\u\e ]] + set -o pipefail + local i=0 + [[ 1 != \0 ]] + local 'to_dev_null=&>/dev/null' + eval 'kubectl get nodes --no-headers' '&>/dev/null' ++ kubectl get nodes --no-headers + echo '' + echo 'INFO: done in 0s' INFO: done in 0s + eval 'set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace; set -e' ++ set +o allexport ++ set -o braceexpand ++ set +o emacs ++ set +o errexit ++ set +o errtrace ++ set +o functrace ++ set -o hashall ++ set +o histexpand ++ set +o history ++ set +o ignoreeof ++ set -o interactive-comments ++ set +o keyword ++ set +o monitor ++ set +o noclobber ++ set +o noexec ++ set +o noglob ++ set +o nolog ++ set +o notify ++ set +o nounset ++ set +o onecmd ++ set +o physical ++ set +o pipefail ++ set +o posix ++ set +o privileged ++ set +o verbose ++ set +o vi ++ set -o xtrace ++ set -e ++ kubectl get nodes --no-headers ++ cut -d ' ' -f 1 + for node in $(kubectl get nodes --no-headers | cut -d ' ' -f 1) ++ kubectl get node cn-jenkins-deploy-platform-k8s-manifests-182-1 '-o=jsonpath={.status.addresses[?(@.type=="InternalIP")].address}' + local nodeip=10.0.0.22 + echo 10.0.0.22 + grep -wF 10.0.0.22 10.0.0.22 + kubectl label node --overwrite cn-jenkins-deploy-platform-k8s-manifests-182-1 node-role.opencontrail.org/analyticsdb= node/cn-jenkins-deploy-platform-k8s-manifests-182-1 labeled + for label in ${labels[@]} + label_nodes_by_ip node-role.opencontrail.org/analytics_snmp= 10.0.0.22 + local label=node-role.opencontrail.org/analytics_snmp= + shift ++ echo 10.0.0.22 ++ tr ' ' '\n' + local node_ips=10.0.0.22 + wait_cmd_success 'kubectl get nodes --no-headers' 5 2 + local 'cmd=kubectl get nodes --no-headers' + local interval=5 + local max=2 + local silent_cmd=1 ++ set +o + local 'state=set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace' + [[ ehxB =~ e ]] + state+='; set -e' + [[ true == \t\r\u\e ]] + set -o pipefail + local i=0 + [[ 1 != \0 ]] + local 'to_dev_null=&>/dev/null' + eval 'kubectl get nodes --no-headers' '&>/dev/null' ++ kubectl get nodes --no-headers + echo '' + echo 'INFO: done in 0s' INFO: done in 0s + eval 'set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace; set -e' ++ set +o allexport ++ set -o braceexpand ++ set +o emacs ++ set +o errexit ++ set +o errtrace ++ set +o functrace ++ set -o hashall ++ set +o histexpand ++ set +o history ++ set +o ignoreeof ++ set -o interactive-comments ++ set +o keyword ++ set +o monitor ++ set +o noclobber ++ set +o noexec ++ set +o noglob ++ set +o nolog ++ set +o notify ++ set +o nounset ++ set +o onecmd ++ set +o physical ++ set +o pipefail ++ set +o posix ++ set +o privileged ++ set +o verbose ++ set +o vi ++ set -o xtrace ++ set -e ++ kubectl get nodes --no-headers ++ cut -d ' ' -f 1 + for node in $(kubectl get nodes --no-headers | cut -d ' ' -f 1) ++ kubectl get node cn-jenkins-deploy-platform-k8s-manifests-182-1 '-o=jsonpath={.status.addresses[?(@.type=="InternalIP")].address}' + local nodeip=10.0.0.22 + echo 10.0.0.22 + grep -wF 10.0.0.22 10.0.0.22 + kubectl label node --overwrite cn-jenkins-deploy-platform-k8s-manifests-182-1 node-role.opencontrail.org/analytics_snmp= node/cn-jenkins-deploy-platform-k8s-manifests-182-1 labeled + for label in ${labels[@]} + label_nodes_by_ip node-role.opencontrail.org/config= 10.0.0.22 + local label=node-role.opencontrail.org/config= + shift ++ echo 10.0.0.22 ++ tr ' ' '\n' + local node_ips=10.0.0.22 + wait_cmd_success 'kubectl get nodes --no-headers' 5 2 + local 'cmd=kubectl get nodes --no-headers' + local interval=5 + local max=2 + local silent_cmd=1 ++ set +o + local 'state=set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace' + [[ ehxB =~ e ]] + state+='; set -e' + [[ true == \t\r\u\e ]] + set -o pipefail + local i=0 + [[ 1 != \0 ]] + local 'to_dev_null=&>/dev/null' + eval 'kubectl get nodes --no-headers' '&>/dev/null' ++ kubectl get nodes --no-headers + echo '' + echo 'INFO: done in 0s' INFO: done in 0s + eval 'set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace; set -e' ++ set +o allexport ++ set -o braceexpand ++ set +o emacs ++ set +o errexit ++ set +o errtrace ++ set +o functrace ++ set -o hashall ++ set +o histexpand ++ set +o history ++ set +o ignoreeof ++ set -o interactive-comments ++ set +o keyword ++ set +o monitor ++ set +o noclobber ++ set +o noexec ++ set +o noglob ++ set +o nolog ++ set +o notify ++ set +o nounset ++ set +o onecmd ++ set +o physical ++ set +o pipefail ++ set +o posix ++ set +o privileged ++ set +o verbose ++ set +o vi ++ set -o xtrace ++ set -e ++ kubectl get nodes --no-headers ++ cut -d ' ' -f 1 + for node in $(kubectl get nodes --no-headers | cut -d ' ' -f 1) ++ kubectl get node cn-jenkins-deploy-platform-k8s-manifests-182-1 '-o=jsonpath={.status.addresses[?(@.type=="InternalIP")].address}' + local nodeip=10.0.0.22 + echo 10.0.0.22 + grep -wF 10.0.0.22 10.0.0.22 + kubectl label node --overwrite cn-jenkins-deploy-platform-k8s-manifests-182-1 node-role.opencontrail.org/config= node/cn-jenkins-deploy-platform-k8s-manifests-182-1 labeled + for label in ${labels[@]} + label_nodes_by_ip node-role.opencontrail.org/configdb= 10.0.0.22 + local label=node-role.opencontrail.org/configdb= + shift ++ tr ' ' '\n' ++ echo 10.0.0.22 + local node_ips=10.0.0.22 + wait_cmd_success 'kubectl get nodes --no-headers' 5 2 + local 'cmd=kubectl get nodes --no-headers' + local interval=5 + local max=2 + local silent_cmd=1 ++ set +o + local 'state=set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace' + [[ ehxB =~ e ]] + state+='; set -e' + [[ true == \t\r\u\e ]] + set -o pipefail + local i=0 + [[ 1 != \0 ]] + local 'to_dev_null=&>/dev/null' + eval 'kubectl get nodes --no-headers' '&>/dev/null' ++ kubectl get nodes --no-headers + echo '' + echo 'INFO: done in 0s' INFO: done in 0s + eval 'set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace; set -e' ++ set +o allexport ++ set -o braceexpand ++ set +o emacs ++ set +o errexit ++ set +o errtrace ++ set +o functrace ++ set -o hashall ++ set +o histexpand ++ set +o history ++ set +o ignoreeof ++ set -o interactive-comments ++ set +o keyword ++ set +o monitor ++ set +o noclobber ++ set +o noexec ++ set +o noglob ++ set +o nolog ++ set +o notify ++ set +o nounset ++ set +o onecmd ++ set +o physical ++ set +o pipefail ++ set +o posix ++ set +o privileged ++ set +o verbose ++ set +o vi ++ set -o xtrace ++ set -e ++ kubectl get nodes --no-headers ++ cut -d ' ' -f 1 + for node in $(kubectl get nodes --no-headers | cut -d ' ' -f 1) ++ kubectl get node cn-jenkins-deploy-platform-k8s-manifests-182-1 '-o=jsonpath={.status.addresses[?(@.type=="InternalIP")].address}' + local nodeip=10.0.0.22 + echo 10.0.0.22 + grep -wF 10.0.0.22 10.0.0.22 + kubectl label node --overwrite cn-jenkins-deploy-platform-k8s-manifests-182-1 node-role.opencontrail.org/configdb= node/cn-jenkins-deploy-platform-k8s-manifests-182-1 labeled + for label in ${labels[@]} + label_nodes_by_ip node-role.opencontrail.org/control= 10.0.0.22 + local label=node-role.opencontrail.org/control= + shift ++ echo 10.0.0.22 ++ tr ' ' '\n' + local node_ips=10.0.0.22 + wait_cmd_success 'kubectl get nodes --no-headers' 5 2 + local 'cmd=kubectl get nodes --no-headers' + local interval=5 + local max=2 + local silent_cmd=1 ++ set +o + local 'state=set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace' + [[ ehxB =~ e ]] + state+='; set -e' + [[ true == \t\r\u\e ]] + set -o pipefail + local i=0 + [[ 1 != \0 ]] + local 'to_dev_null=&>/dev/null' + eval 'kubectl get nodes --no-headers' '&>/dev/null' ++ kubectl get nodes --no-headers + echo '' + echo 'INFO: done in 0s' INFO: done in 0s + eval 'set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace; set -e' ++ set +o allexport ++ set -o braceexpand ++ set +o emacs ++ set +o errexit ++ set +o errtrace ++ set +o functrace ++ set -o hashall ++ set +o histexpand ++ set +o history ++ set +o ignoreeof ++ set -o interactive-comments ++ set +o keyword ++ set +o monitor ++ set +o noclobber ++ set +o noexec ++ set +o noglob ++ set +o nolog ++ set +o notify ++ set +o nounset ++ set +o onecmd ++ set +o physical ++ set +o pipefail ++ set +o posix ++ set +o privileged ++ set +o verbose ++ set +o vi ++ set -o xtrace ++ set -e ++ kubectl get nodes --no-headers ++ cut -d ' ' -f 1 + for node in $(kubectl get nodes --no-headers | cut -d ' ' -f 1) ++ kubectl get node cn-jenkins-deploy-platform-k8s-manifests-182-1 '-o=jsonpath={.status.addresses[?(@.type=="InternalIP")].address}' + local nodeip=10.0.0.22 + echo 10.0.0.22 + grep -wF 10.0.0.22 10.0.0.22 + kubectl label node --overwrite cn-jenkins-deploy-platform-k8s-manifests-182-1 node-role.opencontrail.org/control= node/cn-jenkins-deploy-platform-k8s-manifests-182-1 labeled + for label in ${labels[@]} + label_nodes_by_ip node-role.opencontrail.org/webui= 10.0.0.22 + local label=node-role.opencontrail.org/webui= + shift ++ echo 10.0.0.22 ++ tr ' ' '\n' + local node_ips=10.0.0.22 + wait_cmd_success 'kubectl get nodes --no-headers' 5 2 + local 'cmd=kubectl get nodes --no-headers' + local interval=5 + local max=2 + local silent_cmd=1 ++ set +o + local 'state=set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace' + [[ ehxB =~ e ]] + state+='; set -e' + [[ true == \t\r\u\e ]] + set -o pipefail + local i=0 + [[ 1 != \0 ]] + local 'to_dev_null=&>/dev/null' + eval 'kubectl get nodes --no-headers' '&>/dev/null' ++ kubectl get nodes --no-headers + echo '' + echo 'INFO: done in 0s' INFO: done in 0s + eval 'set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace; set -e' ++ set +o allexport ++ set -o braceexpand ++ set +o emacs ++ set +o errexit ++ set +o errtrace ++ set +o functrace ++ set -o hashall ++ set +o histexpand ++ set +o history ++ set +o ignoreeof ++ set -o interactive-comments ++ set +o keyword ++ set +o monitor ++ set +o noclobber ++ set +o noexec ++ set +o noglob ++ set +o nolog ++ set +o notify ++ set +o nounset ++ set +o onecmd ++ set +o physical ++ set +o pipefail ++ set +o posix ++ set +o privileged ++ set +o verbose ++ set +o vi ++ set -o xtrace ++ set -e ++ kubectl get nodes --no-headers ++ cut -d ' ' -f 1 + for node in $(kubectl get nodes --no-headers | cut -d ' ' -f 1) ++ kubectl get node cn-jenkins-deploy-platform-k8s-manifests-182-1 '-o=jsonpath={.status.addresses[?(@.type=="InternalIP")].address}' + local nodeip=10.0.0.22 + echo 10.0.0.22 + grep -wF 10.0.0.22 10.0.0.22 + kubectl label node --overwrite cn-jenkins-deploy-platform-k8s-manifests-182-1 node-role.opencontrail.org/webui= node/cn-jenkins-deploy-platform-k8s-manifests-182-1 labeled + kubectl apply -f /home/rocky/tf.yaml configmap/env created configmap/defaults-env created configmap/configzookeeperenv created configmap/opensdn-analyticsdb-config created configmap/opensdn-configdb-config created configmap/rabbitmq-config created configmap/kube-manager-config created Warning: spec.template.spec.imagePullSecrets[0].name: invalid empty name "" daemonset.apps/config-zookeeper created daemonset.apps/opensdn-analyticsdb created daemonset.apps/opensdn-configdb created daemonset.apps/opensdn-analytics created daemonset.apps/opensdn-analytics-snmp created daemonset.apps/opensdn-analytics-alarm created daemonset.apps/opensdn-controller-control created daemonset.apps/opensdn-controller-config created daemonset.apps/opensdn-controller-webui created daemonset.apps/redis created daemonset.apps/rabbitmq created daemonset.apps/opensdn-kube-manager created daemonset.apps/opensdn-agent created clusterrole.rbac.authorization.k8s.io/opensdn-kube-manager created serviceaccount/opensdn-kube-manager created clusterrolebinding.rbac.authorization.k8s.io/opensdn-kube-manager created secret/opensdn-kube-manager-token created + echo 'TF Web UI will be available at https://10.0.0.22:8143' TF Web UI will be available at https://10.0.0.22:8143 + echo 'Use admin/contrail123 to log in' Use admin/contrail123 to log in + [[ tf != \w\a\i\t ]] + mkdir -p /home/rocky/.tf/.stages + touch /home/rocky/.tf/.stages/tf ++ date + echo 'INFO: Stage tf was run successfully Mon Apr 28 01:32:13 AM UTC 2025' INFO: Stage tf was run successfully Mon Apr 28 01:32:13 AM UTC 2025 + last_stage=tf + for stage in ${stages[@]} ++ date + echo 'INFO: Running stage wait at Mon Apr 28 01:32:13 AM UTC 2025' INFO: Running stage wait at Mon Apr 28 01:32:13 AM UTC 2025 + run_stage wait + finished_stage wait + '[' -e /home/rocky/.tf/.stages/wait ']' + wait + local timeout=1500 + wait_cmd_success is_active 10 150 + local cmd=is_active + local interval=10 + local max=150 + local silent_cmd=1 ++ set +o + local 'state=set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace' + [[ ehxB =~ e ]] + state+='; set -e' + [[ true == \t\r\u\e ]] + set -o pipefail + local i=0 + [[ 1 != \0 ]] + local 'to_dev_null=&>/dev/null' + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=1 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=2 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=3 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=4 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=5 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=6 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=7 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=8 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=9 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=10 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=11 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=12 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=13 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=14 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=15 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=16 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=17 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=18 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + printf . .+ i=19 + (( i > max )) + sleep 10 + eval is_active '&>/dev/null' ++ is_active + echo '' + echo 'INFO: done in 190s' INFO: done in 190s + eval 'set +o allexport set -o braceexpand set +o emacs set +o errexit set +o errtrace set +o functrace set -o hashall set +o histexpand set +o history set +o ignoreeof set -o interactive-comments set +o keyword set +o monitor set +o noclobber set +o noexec set +o noglob set +o nolog set +o notify set +o nounset set +o onecmd set +o physical set +o pipefail set +o posix set +o privileged set +o verbose set +o vi set -o xtrace; set -e' ++ set +o allexport ++ set -o braceexpand ++ set +o emacs ++ set +o errexit ++ set +o errtrace ++ set +o functrace ++ set -o hashall ++ set +o histexpand ++ set +o history ++ set +o ignoreeof ++ set -o interactive-comments ++ set +o keyword ++ set +o monitor ++ set +o noclobber ++ set +o noexec ++ set +o noglob ++ set +o nolog ++ set +o notify ++ set +o nounset ++ set +o onecmd ++ set +o physical ++ set +o pipefail ++ set +o posix ++ set +o privileged ++ set +o verbose ++ set +o vi ++ set -o xtrace ++ set -e + [[ wait != \w\a\i\t ]] ++ date + echo 'INFO: Stage wait was run successfully Mon Apr 28 01:35:36 AM UTC 2025' INFO: Stage wait was run successfully Mon Apr 28 01:35:36 AM UTC 2025 + last_stage=wait + save_tf_stack_profile + local file=/home/rocky/.tf/stack.env + echo + echo '[update tf stack configuration]' [update tf stack configuration] ++ dirname /home/rocky/.tf/stack.env + mkdir -p /home/rocky/.tf + collect_deployment_env + : + cat + echo 'tf setup profile /home/rocky/.tf/stack.env' tf setup profile /home/rocky/.tf/stack.env + cat /home/rocky/.tf/stack.env DEPLOYER=k8s_manifests CONTRAIL_CONTAINER_TAG=nightly CONTRAIL_DEPLOYER_CONTAINER_TAG=nightly CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 DEPLOYER_CONTAINER_REGISTRY=nexus.gz1.opensdn.io:5102 ORCHESTRATOR=kubernetes OPENSTACK_VERSION="" CONTROLLER_NODES="10.0.0.22 " AGENT_NODES="10.0.0.22" CONTROL_NODES="10.0.0.22 " SSL_ENABLE="false" LEGACY_ANALYTICS_ENABLE="true" HUGE_PAGES_1G= CONTAINER_RUNTIME=docker K8S_CA= DEPLOY_IPA_SERVER= IPA_PASSWORD= ++ date + echo 'INFO: Successful deployment Mon Apr 28 01:35:36 AM UTC 2025' INFO: Successful deployment Mon Apr 28 01:35:36 AM UTC 2025 + echo '' + trap_exit ++ jobs -p + local childs= + echo 'DEBUG: kill running child jobs: ' DEBUG: kill running child jobs: + local p + echo 'INFO: Deploy finished' INFO: Deploy finished + exit + exit Archiving artifacts Finished: SUCCESS