├── cloud
└── .gitignore
├── roles
├── infrastructure
│ ├── dpdk
│ │ ├── templates
│ │ │ └── dpdk.fact.j2
│ │ ├── files
│ │ │ ├── dpdk0kni.conf
│ │ │ └── dpdk.conf
│ │ ├── defaults
│ │ │ └── main.yml
│ │ └── tasks
│ │ │ └── cleanup.yml
│ ├── docker
│ │ ├── meta
│ │ │ └── main.yml
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── templates
│ │ │ ├── config.json.j2
│ │ │ ├── http-proxy.conf.j2
│ │ │ └── daemon.json.j2
│ │ ├── tasks
│ │ │ └── prune.yml
│ │ └── files
│ │ │ └── requirements.txt
│ ├── golang
│ │ ├── meta
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ └── cleanup.yml
│ │ └── defaults
│ │ │ └── main.yml
│ ├── ptp
│ │ ├── node
│ │ │ ├── defaults
│ │ │ │ └── main.yml
│ │ │ └── meta
│ │ │ │ └── main.yml
│ │ ├── controlplane
│ │ │ ├── meta
│ │ │ │ └── main.yml
│ │ │ ├── defaults
│ │ │ │ └── main.yml
│ │ │ └── files
│ │ │ │ └── default_config.patch
│ │ └── common
│ │ │ ├── tasks
│ │ │ └── verify_ptp_status.yml
│ │ │ ├── defaults
│ │ │ └── main.yml
│ │ │ └── files
│ │ │ └── default_slave.patch
│ ├── time_setup_ntp
│ │ └── defaults
│ │ │ └── main.yml
│ ├── bind_device_to_driver
│ │ └── defaults
│ │ │ └── main.yml
│ ├── sriov_device_init
│ │ ├── meta
│ │ │ └── main.yml
│ │ └── defaults
│ │ │ └── main.yml
│ ├── os_setup
│ │ ├── tasks
│ │ │ ├── reset_connection.yml
│ │ │ ├── install_epel_repository.yml
│ │ │ ├── proxy_yum_remove.yml
│ │ │ ├── disable_yum_plugins.yml
│ │ │ ├── enable_ipv4_forwarding.yml
│ │ │ ├── add_kubeovn_env.yml
│ │ │ ├── proxy_yum_add.yml
│ │ │ ├── add_udev_kvm_system_rule.yml
│ │ │ ├── reload_udev.yml
│ │ │ ├── disable_fingerprint.yml
│ │ │ ├── remove_yum_excludes.yml
│ │ │ ├── add_yum_excludes.yml
│ │ │ ├── disable_selinux.yml
│ │ │ ├── disable_swap.yml
│ │ │ ├── proxy_os_env_remove.yml
│ │ │ └── reinstall_python_requests_if_needed.yml
│ │ └── defaults
│ │ │ └── main.yml
│ ├── time_verify_ntp
│ │ └── defaults
│ │ │ └── main.yml
│ ├── custom_kernel
│ │ ├── tasks
│ │ │ └── readiness.yml
│ │ └── defaults
│ │ │ └── main.yml
│ ├── qemu
│ │ ├── tasks
│ │ │ └── cleanup.yml
│ │ └── defaults
│ │ │ └── main.yml
│ ├── git_repo
│ │ ├── defaults
│ │ │ └── main.yml
│ │ └── tasks
│ │ │ ├── cleanup.yml
│ │ │ └── gitconfig_remove.yml
│ ├── e810_driver_update
│ │ └── defaults
│ │ │ └── main.yml
│ ├── grub
│ │ ├── defaults
│ │ │ └── main.yml
│ │ └── tasks
│ │ │ └── readiness.yml
│ ├── vca_node_setup
│ │ ├── files
│ │ │ ├── shutdown_vca.sh
│ │ │ └── init_vca.sh
│ │ ├── defaults
│ │ │ └── main.yml
│ │ └── templates
│ │ │ └── install_docker.sh.j2
│ ├── configure_tuned
│ │ └── defaults
│ │ │ └── main.yml
│ └── conditional_reboot
│ │ └── tasks
│ │ └── main.yml
├── kubernetes
│ ├── node
│ │ ├── meta
│ │ │ └── main.yml
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ ├── readiness.yml
│ │ │ └── vca_node_cleanup.yml
│ │ └── defaults
│ │ │ └── main.yml
│ ├── controlplane
│ │ ├── meta
│ │ │ └── main.yml
│ │ └── tasks
│ │ │ ├── cleanup.yml
│ │ │ └── readiness.yml
│ ├── helm
│ │ ├── meta
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ └── cleanup.yml
│ │ └── defaults
│ │ │ └── main.yml
│ ├── rmd
│ │ ├── node
│ │ │ └── meta
│ │ │ │ └── main.yml
│ │ ├── controlplane
│ │ │ ├── meta
│ │ │ │ └── main.yml
│ │ │ └── templates
│ │ │ │ └── rmdNetworkPolicy.yaml.j2
│ │ └── common
│ │ │ ├── tasks
│ │ │ └── cleanup.yml
│ │ │ └── defaults
│ │ │ └── main.yml
│ ├── cni
│ │ ├── sriov
│ │ │ ├── node
│ │ │ │ ├── tasks
│ │ │ │ │ ├── cleanup.yml
│ │ │ │ │ └── main.yml
│ │ │ │ └── meta
│ │ │ │ │ └── main.yml
│ │ │ └── controlplane
│ │ │ │ ├── files
│ │ │ │ └── sriov
│ │ │ │ │ ├── Chart.yaml
│ │ │ │ │ ├── .helmignore
│ │ │ │ │ ├── values.yaml
│ │ │ │ │ └── templates
│ │ │ │ │ └── NOTES.txt
│ │ │ │ ├── meta
│ │ │ │ └── main.yml
│ │ │ │ └── tasks
│ │ │ │ ├── readiness.yml
│ │ │ │ └── cleanup.yml
│ │ ├── flannel
│ │ │ ├── node
│ │ │ │ ├── meta
│ │ │ │ │ └── main.yml
│ │ │ │ └── tasks
│ │ │ │ │ ├── cleanup.yml
│ │ │ │ │ └── main.yml
│ │ │ ├── controlplane
│ │ │ │ ├── meta
│ │ │ │ │ └── main.yml
│ │ │ │ ├── tasks
│ │ │ │ │ ├── cleanup.yml
│ │ │ │ │ └── readiness.yml
│ │ │ │ ├── templates
│ │ │ │ │ ├── customize_flannel_conf.yml.j2
│ │ │ │ │ ├── flannel_change_cidr.yml.j2
│ │ │ │ │ └── flannel_network_definition.yml.j2
│ │ │ │ ├── defaults
│ │ │ │ │ └── main.yml
│ │ │ │ └── files
│ │ │ │ │ └── kustomization.yml
│ │ │ └── common
│ │ │ │ └── tasks
│ │ │ │ └── main.yml
│ │ ├── kubeovn
│ │ │ ├── node
│ │ │ │ ├── meta
│ │ │ │ │ └── main.yml
│ │ │ │ └── tasks
│ │ │ │ │ ├── cleanup.yml
│ │ │ │ │ └── readiness.yml
│ │ │ ├── controlplane
│ │ │ │ ├── meta
│ │ │ │ │ └── main.yml
│ │ │ │ ├── files
│ │ │ │ │ ├── kustomization.yaml
│ │ │ │ │ └── ovn_central.yaml
│ │ │ │ ├── templates
│ │ │ │ │ ├── crd_local.yml.j2
│ │ │ │ │ ├── kustomization_kube_ovn.yaml.j2
│ │ │ │ │ └── kustomization_ovn.yaml.j2
│ │ │ │ └── tasks
│ │ │ │ │ ├── cleanup.yml
│ │ │ │ │ └── readiness.yml
│ │ │ └── common
│ │ │ │ ├── defaults
│ │ │ │ └── main.yml
│ │ │ │ ├── templates
│ │ │ │ └── config.cfg.j2
│ │ │ │ └── tasks
│ │ │ │ ├── cleanup.yml
│ │ │ │ └── main.yml
│ │ ├── userspace
│ │ │ ├── node
│ │ │ │ ├── meta
│ │ │ │ │ └── main.yml
│ │ │ │ └── tasks
│ │ │ │ │ ├── cleanup.yml
│ │ │ │ │ └── main.yml
│ │ │ ├── controlplane
│ │ │ │ ├── meta
│ │ │ │ │ └── main.yml
│ │ │ │ ├── tasks
│ │ │ │ │ └── cleanup.yml
│ │ │ │ └── templates
│ │ │ │ │ └── openness-userspace-crd.yml.j2
│ │ │ └── common
│ │ │ │ ├── tasks
│ │ │ │ └── cleanup.yml
│ │ │ │ └── defaults
│ │ │ │ └── main.yml
│ │ ├── calico
│ │ │ ├── node
│ │ │ │ └── tasks
│ │ │ │ │ └── cleanup.yml
│ │ │ └── controlplane
│ │ │ │ ├── tasks
│ │ │ │ ├── cleanup.yml
│ │ │ │ └── readiness.yml
│ │ │ │ ├── files
│ │ │ │ ├── customize_calico_container.yml
│ │ │ │ ├── kustomization_ebpf.yml
│ │ │ │ └── kustomization.yml
│ │ │ │ ├── templates
│ │ │ │ ├── change_cidr.yml.j2
│ │ │ │ ├── customize_calico_conf.yml.j2
│ │ │ │ └── calico_net_attach_def.yml.j2
│ │ │ │ └── defaults
│ │ │ │ └── main.yml
│ │ ├── multus
│ │ │ ├── controlplane
│ │ │ │ ├── files
│ │ │ │ │ └── multus-cni
│ │ │ │ │ │ ├── values.yaml
│ │ │ │ │ │ ├── Chart.yaml
│ │ │ │ │ │ ├── templates
│ │ │ │ │ │ ├── serviceaccount.yaml
│ │ │ │ │ │ ├── crb.yaml
│ │ │ │ │ │ ├── cr.yaml
│ │ │ │ │ │ ├── NOTES.txt
│ │ │ │ │ │ └── crd.yaml
│ │ │ │ │ │ └── .helmignore
│ │ │ │ ├── defaults
│ │ │ │ │ └── main.yml
│ │ │ │ └── tasks
│ │ │ │ │ ├── main.yml
│ │ │ │ │ ├── readiness.yml
│ │ │ │ │ └── cleanup.yml
│ │ │ └── node
│ │ │ │ └── tasks
│ │ │ │ └── readiness.yml
│ │ ├── weavenet
│ │ │ ├── controlplane
│ │ │ │ ├── defaults
│ │ │ │ │ └── main.yml
│ │ │ │ └── tasks
│ │ │ │ │ ├── cleanup.yml
│ │ │ │ │ └── main.yml
│ │ │ └── node
│ │ │ │ └── tasks
│ │ │ │ ├── cleanup.yml
│ │ │ │ └── main.yml
│ │ ├── ovn4nfv
│ │ │ └── controlplane
│ │ │ │ ├── files
│ │ │ │ └── kustomization.yml
│ │ │ │ ├── templates
│ │ │ │ ├── attach-network-ovn.yml
│ │ │ │ └── customize_ovn4nfv_container.yml.j2
│ │ │ │ ├── tasks
│ │ │ │ └── cleanup.yml
│ │ │ │ └── defaults
│ │ │ │ └── main.yml
│ │ ├── defaults
│ │ │ └── main.yml
│ │ └── tasks
│ │ │ └── common.yml
│ ├── common
│ │ ├── meta
│ │ │ └── main.yml
│ │ ├── files
│ │ │ └── sysctl_k8s.conf
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── templates
│ │ │ └── http-proxy.conf.j2
│ │ ├── tasks
│ │ │ ├── proxy.yml
│ │ │ └── readiness.yml
│ │ └── defaults
│ │ │ └── main.yml
│ ├── opae_fpga
│ │ ├── node
│ │ │ ├── files
│ │ │ │ └── opaedeps.conf
│ │ │ ├── defaults
│ │ │ │ └── main.yml
│ │ │ └── tasks
│ │ │ │ └── cleanup.yml
│ │ └── controlplane
│ │ │ ├── defaults
│ │ │ └── main.yml
│ │ │ └── tasks
│ │ │ ├── cleanup.yml
│ │ │ └── main.yml
│ ├── kubevirt
│ │ ├── node
│ │ │ ├── meta
│ │ │ │ └── main.yml
│ │ │ ├── defaults
│ │ │ │ └── main.yml
│ │ │ └── tasks
│ │ │ │ ├── cleanup.yml
│ │ │ │ └── main.yml
│ │ └── controlplane
│ │ │ ├── files
│ │ │ ├── add_cmk_toleration.yml
│ │ │ ├── localStorageClass.yaml
│ │ │ └── cdiNetworkPolicy.yaml
│ │ │ ├── templates
│ │ │ └── kustomization.yml.j2
│ │ │ ├── tasks
│ │ │ └── readiness.yml
│ │ │ └── defaults
│ │ │ └── main.yml
│ ├── biosfw
│ │ ├── controlplane
│ │ │ ├── defaults
│ │ │ │ └── main.yml
│ │ │ └── tasks
│ │ │ │ ├── cleanup.yml
│ │ │ │ └── main.yml
│ │ └── node
│ │ │ ├── defaults
│ │ │ └── main.yml
│ │ │ └── tasks
│ │ │ └── main.yml
│ ├── bb_config
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── charts
│ │ │ └── bb_config
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── templates
│ │ │ │ ├── NOTES.txt
│ │ │ │ └── fpga-config.yaml
│ │ ├── tasks
│ │ │ └── cleanup.yml
│ │ └── files
│ │ │ └── Dockerfile
│ ├── hddl
│ │ ├── network_edge
│ │ │ ├── node
│ │ │ │ ├── meta
│ │ │ │ │ └── main.yml
│ │ │ │ └── templates
│ │ │ │ │ ├── build.sh.j2
│ │ │ │ │ ├── shell.sh.j2
│ │ │ │ │ └── run_hddl.sh.j2
│ │ │ ├── controlplane
│ │ │ │ ├── meta
│ │ │ │ │ └── main.yml
│ │ │ │ └── tasks
│ │ │ │ │ ├── main.yml
│ │ │ │ │ └── cleanup.yml
│ │ │ └── common
│ │ │ │ ├── tasks
│ │ │ │ └── main.yml
│ │ │ │ └── defaults
│ │ │ │ └── main.yml
│ │ └── vca_setup
│ │ │ ├── defaults
│ │ │ └── main.yml
│ │ │ ├── files
│ │ │ └── vca-tas-policy.yaml
│ │ │ └── tasks
│ │ │ └── main.yml
│ ├── device_plugins
│ │ ├── meta
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ ├── main.yml
│ │ │ ├── download.yml
│ │ │ └── cleanup.yml
│ │ ├── charts
│ │ │ ├── gpu-plugin
│ │ │ │ └── Chart.yaml
│ │ │ └── vpu-plugin
│ │ │ │ └── Chart.yaml
│ │ ├── templates
│ │ │ ├── vpu_values.yaml.j2
│ │ │ └── gpu_values.yaml.j2
│ │ └── defaults
│ │ │ └── main.yml
│ ├── cmk
│ │ ├── node
│ │ │ ├── tasks
│ │ │ │ ├── cleanup.yml
│ │ │ │ └── main.yml
│ │ │ └── defaults
│ │ │ │ └── main.yml
│ │ └── controlplane
│ │ │ ├── templates
│ │ │ └── helm_values.yml.j2
│ │ │ └── defaults
│ │ │ └── main.yml
│ ├── custom_namespace
│ │ └── tasks
│ │ │ ├── main.yml
│ │ │ ├── cleanup.yml
│ │ │ ├── create_ns.yml
│ │ │ └── delete_ns.yml
│ ├── qat_dev_plugin
│ │ ├── node
│ │ │ └── defaults
│ │ │ │ └── main.yml
│ │ └── controller
│ │ │ ├── charts
│ │ │ └── intel-qat-plugin
│ │ │ │ ├── templates
│ │ │ │ ├── NOTES.txt
│ │ │ │ └── qat_plugin_configmap.yaml
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── .helmignore
│ │ │ ├── templates
│ │ │ └── values.yml.j2
│ │ │ ├── defaults
│ │ │ └── main.yml
│ │ │ └── tasks
│ │ │ └── cleanup.yml
│ ├── istio
│ │ ├── templates
│ │ │ ├── authentication.yaml.j2
│ │ │ ├── kiali_def.yaml.j2
│ │ │ └── default.yaml.j2
│ │ ├── tasks
│ │ │ ├── readiness.yml
│ │ │ ├── policy.yml
│ │ │ ├── main.yml
│ │ │ └── smi.yml
│ │ └── defaults
│ │ │ └── main.yml
│ ├── nfd
│ │ ├── tasks
│ │ │ ├── main.yml
│ │ │ ├── readiness.yml
│ │ │ └── cleanup.yml
│ │ ├── files
│ │ │ └── worker.yml.patch
│ │ └── defaults
│ │ │ └── main.yml
│ ├── harbor_registry
│ │ ├── node
│ │ │ └── tasks
│ │ │ │ ├── readiness.yml
│ │ │ │ ├── node_cert.yml
│ │ │ │ └── cleanup.yml
│ │ └── controlplane
│ │ │ ├── tasks
│ │ │ ├── readiness.yml
│ │ │ └── cleanup.yml
│ │ │ └── defaults
│ │ │ └── main.yml
│ └── dashboard
│ │ ├── templates
│ │ └── values.yml.j2
│ │ ├── files
│ │ └── clusterrolebinding.yml
│ │ └── tasks
│ │ └── cleanup.yml
├── telemetry
│ ├── certs
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── files
│ │ │ └── namespace.yml
│ │ └── tasks
│ │ │ └── cleanup.yml
│ ├── collectd
│ │ ├── node
│ │ │ ├── templates
│ │ │ │ └── configs
│ │ │ │ │ ├── common
│ │ │ │ │ ├── ipmi.conf.j2
│ │ │ │ │ ├── write_prometheus.conf.j2
│ │ │ │ │ ├── intel_pmu.conf.j2
│ │ │ │ │ ├── intel_rdt.conf.j2
│ │ │ │ │ ├── default_plugins.conf.j2
│ │ │ │ │ └── hugepages.conf.j2
│ │ │ │ │ ├── flexran
│ │ │ │ │ ├── fpga_telemetry.conf.j2
│ │ │ │ │ └── ovs_stats.conf.j2
│ │ │ │ │ ├── corenetwork
│ │ │ │ │ ├── ovs_stats.conf.j2
│ │ │ │ │ └── exec.conf.j2
│ │ │ │ │ └── smartcity
│ │ │ │ │ └── exec.conf.j2
│ │ │ ├── defaults
│ │ │ │ └── main.yml
│ │ │ ├── files
│ │ │ │ ├── ovs_pmd_stats.sh
│ │ │ │ ├── write_notification.sh
│ │ │ │ └── 0001-Remove-whitespace.patch
│ │ │ └── tasks
│ │ │ │ └── cleanup.yml
│ │ └── controlplane
│ │ │ ├── charts
│ │ │ ├── Chart.yaml
│ │ │ └── templates
│ │ │ │ └── NOTES.txt
│ │ │ ├── tasks
│ │ │ ├── readiness.yml
│ │ │ └── cleanup.yml
│ │ │ ├── files
│ │ │ └── rdt_gcc_version.patch
│ │ │ └── defaults
│ │ │ └── main.yml
│ ├── cadvisor
│ │ ├── controlplane
│ │ │ ├── defaults
│ │ │ │ └── main.yml
│ │ │ ├── charts
│ │ │ │ ├── Chart.yaml
│ │ │ │ ├── templates
│ │ │ │ │ └── NOTES.txt
│ │ │ │ └── values.yaml
│ │ │ └── tasks
│ │ │ │ ├── readiness.yml
│ │ │ │ ├── cleanup.yml
│ │ │ │ └── main.yml
│ │ └── node
│ │ │ └── tasks
│ │ │ ├── cleanup.yml
│ │ │ └── main.yml
│ ├── pcm
│ │ └── controlplane
│ │ │ ├── defaults
│ │ │ └── main.yml
│ │ │ ├── charts
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── NOTES.txt
│ │ │ │ └── pcm_service.yml
│ │ │ └── values.yaml
│ │ │ └── tasks
│ │ │ └── cleanup.yml
│ ├── opentelemetry
│ │ ├── controlplane
│ │ │ ├── defaults
│ │ │ │ └── main.yml
│ │ │ ├── charts
│ │ │ │ ├── Chart.yaml
│ │ │ │ ├── templates
│ │ │ │ │ ├── NOTES.txt
│ │ │ │ │ ├── collector-service.yaml
│ │ │ │ │ └── collector-configmap.yaml
│ │ │ │ └── .helmignore
│ │ │ └── tasks
│ │ │ │ └── cleanup.yml
│ │ └── node
│ │ │ └── tasks
│ │ │ └── cleanup.yml
│ ├── tas
│ │ ├── files
│ │ │ ├── add_cmk_toleration.yml
│ │ │ ├── adapter-values.yml
│ │ │ ├── configure-scheduler.sh.patch
│ │ │ ├── kustomization_scheduler.yaml
│ │ │ ├── custom-metrics-apiservice.yaml.patch
│ │ │ ├── descheduler_policy.yaml
│ │ │ ├── extend_scheduler.yml
│ │ │ └── kustomization.yaml
│ │ ├── tasks
│ │ │ └── readiness.yml
│ │ ├── templates
│ │ │ ├── use_local_docker_registry.yml.j2
│ │ │ ├── scheduler-config.yml
│ │ │ └── tls-config.yml.j2
│ │ └── defaults
│ │ │ └── main.yml
│ ├── grafana
│ │ ├── templates
│ │ │ ├── default-dashboards-providers.yml
│ │ │ ├── volume.yml
│ │ │ └── values.yml
│ │ └── files
│ │ │ └── _pod.tpl.patch
│ └── prometheus
│ │ ├── tasks
│ │ └── readiness.yml
│ │ ├── files
│ │ ├── server-service-tls.yaml
│ │ └── node-exporter-configmap.yaml
│ │ └── templates
│ │ └── volume.yml
└── applications
│ ├── openness
│ ├── node
│ │ ├── tasks
│ │ │ ├── fact.yml
│ │ │ ├── main.yml
│ │ │ ├── prebuild.yml
│ │ │ ├── cleanup.yml
│ │ │ └── prebuild
│ │ │ │ └── certificate_dirs.yml
│ │ ├── defaults
│ │ │ └── main.yml
│ │ └── files
│ │ │ └── logrotate_edgenode
│ ├── controlplane
│ │ ├── files
│ │ │ └── logrotate_openness
│ │ ├── tasks
│ │ │ └── readiness.yml
│ │ └── defaults
│ │ │ └── main.yml
│ └── common
│ │ └── tasks
│ │ └── main.yml
│ ├── video_analytics_services
│ ├── templates
│ │ └── Chart.yaml.j2
│ ├── tasks
│ │ └── cleanup.yml
│ └── defaults
│ │ └── main.yml
│ ├── kafka
│ ├── templates
│ │ ├── eaa-user.yml
│ │ └── volume.yml
│ ├── tasks
│ │ └── readiness.yml
│ └── defaults
│ │ └── main.yml
│ └── emco
│ └── controlplane
│ └── defaults
│ └── main.yml
├── .gitignore
├── inventory
└── default
│ ├── host_vars
│ ├── node01
│ │ └── 10-default.yml
│ └── controller
│ │ └── 10-default.yml
│ └── group_vars
│ └── edgenode_vca_group
│ └── 10-default.yml
├── flavors
├── cdn-transcode
│ └── all.yml
├── minimal
│ └── all.yml
├── cdn-caching
│ └── all.yml
├── media-analytics-vca
│ └── all.yml
├── media-analytics
│ └── all.yml
└── central_orchestrator
│ └── all.yml
├── ansible.cfg
├── scripts
├── log_all.json
├── task_log_file.sh
└── parse_args.sh
├── tasks
├── settings_check_common.yml
├── print_vars.yml
├── precheck_hostname.yml
└── collect_logs.yml
├── Pipfile
├── .ansible-lint
└── README.md
/cloud/.gitignore:
--------------------------------------------------------------------------------
1 | Dockerfile
2 | .cloud/
3 |
--------------------------------------------------------------------------------
/roles/infrastructure/dpdk/templates/dpdk.fact.j2:
--------------------------------------------------------------------------------
1 | {
2 | "_dpdk_install_dir": "{{ _dpdk_install_dir }}"
3 | }
4 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | /biosfw/
2 | /logs/
3 | *.pyc
4 | /inventory/default/group_vars/*/30_*_flavor.yml
5 | /inventory/automated/
6 |
--------------------------------------------------------------------------------
/inventory/default/host_vars/node01/10-default.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
--------------------------------------------------------------------------------
/roles/infrastructure/docker/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies: []
7 |
--------------------------------------------------------------------------------
/roles/infrastructure/dpdk/files/dpdk0kni.conf:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | options rte_kni carrier=on
5 |
--------------------------------------------------------------------------------
/roles/infrastructure/golang/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies: []
7 |
--------------------------------------------------------------------------------
/roles/infrastructure/ptp/node/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | ptp_domain: "0"
--------------------------------------------------------------------------------
/flavors/cdn-transcode/all.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | # cdn-transcode flavor is the same as default settings
5 |
--------------------------------------------------------------------------------
/roles/infrastructure/time_setup_ntp/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | ntp_servers: []
7 |
--------------------------------------------------------------------------------
/roles/kubernetes/node/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - kubernetes/common
8 |
--------------------------------------------------------------------------------
/flavors/minimal/all.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | # Placeholder since minimal flavor is the same as default settings
5 |
--------------------------------------------------------------------------------
/roles/kubernetes/controlplane/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - kubernetes/common
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/helm/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - kubernetes/controlplane
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/rmd/node/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - kubernetes/rmd/common
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/sriov/node/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | # TODO: sriov_device_init cleanup
7 |
--------------------------------------------------------------------------------
/roles/kubernetes/common/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - role: infrastructure/docker
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/opae_fpga/node/files/opaedeps.conf:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | mtd
5 | pps_core
6 | ptp
7 | iqvlinux
8 | i40e
9 |
--------------------------------------------------------------------------------
/roles/kubernetes/kubevirt/node/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - role: infrastructure/qemu
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/rmd/controlplane/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - kubernetes/rmd/common
8 |
--------------------------------------------------------------------------------
/roles/telemetry/certs/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | _telemetry_certs_dest: "{{ openness_dir }}/certs/telemetry"
6 |
--------------------------------------------------------------------------------
/roles/infrastructure/dpdk/files/dpdk.conf:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | uio
5 | igb_uio
6 | rte_kni
7 | vfio
8 | vfio-pci
9 |
10 |
--------------------------------------------------------------------------------
/roles/infrastructure/ptp/node/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright © 2020 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - role: infrastructure/ptp/common
8 |
9 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/flannel/node/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | dependencies:
6 | - kubernetes/cni/flannel/common
7 |
--------------------------------------------------------------------------------
/roles/infrastructure/bind_device_to_driver/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | driver: "igb_uio"
7 | pci_address: ""
8 |
--------------------------------------------------------------------------------
/roles/infrastructure/ptp/controlplane/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright © 2020 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - role: infrastructure/ptp/common
8 |
9 |
--------------------------------------------------------------------------------
/roles/infrastructure/sriov_device_init/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2021 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - role: infrastructure/dpdk
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/biosfw/controlplane/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | _biosfw_plugin_dest: "/usr/bin/kubectl-biosfw"
7 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/kubeovn/node/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - kubernetes/cni/kubeovn/common
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/userspace/node/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - kubernetes/cni/userspace/common
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/opae_fpga/controlplane/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | _rsu_plugin_dest: "/usr/bin/kubectl-rsu"
7 |
--------------------------------------------------------------------------------
/roles/infrastructure/os_setup/tasks/reset_connection.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | - name: reset connection
6 | meta: reset_connection
7 |
--------------------------------------------------------------------------------
/roles/kubernetes/bb_config/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | _bb_config:
7 | image: "bb-config-utility"
8 | tag: 0.1.0
9 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/calico/node/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | # no cleanup required, it's cleaned up during cluster reset
7 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/flannel/controlplane/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | dependencies:
6 | - kubernetes/cni/flannel/common
7 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/flannel/node/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | # no cleanup required, it's cleaned up during cluster reset
7 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/kubeovn/controlplane/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - kubernetes/cni/kubeovn/common
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/sriov/node/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - role: infrastructure/sriov_device_init
8 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/node/templates/configs/common/ipmi.conf.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | LoadPlugin ipmi
5 |
6 |
7 |
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/userspace/controlplane/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - kubernetes/cni/userspace/common
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/userspace/node/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | # no cleanup required, it's cleaned up during cluster reset
7 |
--------------------------------------------------------------------------------
/roles/kubernetes/common/files/sysctl_k8s.conf:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | net.bridge.bridge-nf-call-ip6tables = 1
5 | net.bridge.bridge-nf-call-iptables = 1
6 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/node/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | _barometer_repo_url: https://github.com/opnfv/barometer.git
7 |
--------------------------------------------------------------------------------
/roles/infrastructure/time_verify_ntp/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _date_threshold_seconds: 120
7 | _ntp_time_set: /tmp/ntp_time_set
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/calico/controlplane/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | # no cleanup required, it's cleaned up during cluster reset
7 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/flannel/controlplane/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | # no cleanup required, it's cleaned up during cluster reset
7 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/userspace/controlplane/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | # no cleanup required, it's cleaned up during cluster reset
7 |
--------------------------------------------------------------------------------
/roles/kubernetes/hddl/network_edge/node/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - role: kubernetes/hddl/network_edge/common
8 |
9 |
--------------------------------------------------------------------------------
/roles/telemetry/cadvisor/controlplane/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _cadvisor_chart_dir: "{{ ne_helm_charts_default_dir }}/cadvisor"
7 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/multus/controlplane/files/multus-cni/values.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | registry_ip: ""
7 | registry_port: ""
8 | image_tag: ""
9 |
--------------------------------------------------------------------------------
/roles/kubernetes/hddl/network_edge/controlplane/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - role: kubernetes/hddl/network_edge/common
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/device_plugins/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | dependencies:
7 | - kubernetes/helm
8 | - kubernetes/harbor_registry/controlplane
9 |
--------------------------------------------------------------------------------
/roles/telemetry/pcm/controlplane/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | _pcm_chart_dir: "{{ ne_helm_charts_default_dir }}/pcm"
6 | _pcm_pullPolicy: "Always"
7 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/node/templates/configs/flexran/fpga_telemetry.conf.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | LoadPlugin fpga_telemetry
5 |
6 |
7 |
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/device_plugins/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | - include_tasks: download.yml
6 | - include_tasks: vpu_plugin.yml
7 | - include_tasks: gpu_plugin.yml
8 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/node/files/ovs_pmd_stats.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | # SPDX-License-Identifier: Apache-2.0
3 | # Copyright (c) 2020 Intel Corporation
4 |
5 | sudo python /pmd/ovs_pmd_stats.py --socket-pid-file /var/run/openvswitch/ovs-vswitchd.pid
6 |
--------------------------------------------------------------------------------
/roles/applications/openness/node/tasks/fact.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: update node repo path
7 | set_fact:
8 | _git_repo_dest: "{{ openness_dir }}/edgeservices"
9 |
--------------------------------------------------------------------------------
/roles/kubernetes/cmk/node/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: remove CPU Manager config dir
7 | file:
8 | path: /etc/cmk
9 | state: absent
10 |
--------------------------------------------------------------------------------
/roles/kubernetes/custom_namespace/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: Create custom namespaces
7 | include_tasks: create_ns.yml
8 | with_items: "{{ _custom_ns }}"
9 |
--------------------------------------------------------------------------------
/roles/kubernetes/custom_namespace/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: Cleanup custom namespaces
7 | include_tasks: delete_ns.yml
8 | with_items: "{{ _custom_ns }}"
9 |
--------------------------------------------------------------------------------
/roles/kubernetes/kubevirt/node/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | kubevirt_default_pv_dir: /var/vd/
7 | kubevirt_default_pv_vol_name: vol
8 | kubevirt_pv_vm_max_num: 64
9 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/node/templates/configs/common/write_prometheus.conf.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | LoadPlugin write_prometheus
5 |
6 | Port "9104"
7 |
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/weavenet/controlplane/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _weavenet_yaml: "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"
7 |
--------------------------------------------------------------------------------
/roles/kubernetes/helm/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | - name: remove helm binaries
6 | file:
7 | path: "{{ _helm_binary_path }}"
8 | state: absent
9 | become: yes
10 |
--------------------------------------------------------------------------------
/roles/telemetry/opentelemetry/controlplane/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _otel_collector_chart_dir: "{{ ne_helm_charts_default_dir }}/otel_collector"
7 | _otel_img_tag: 0.34.0
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/kubevirt/node/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: Delete PV directories
7 | file:
8 | path: "{{ kubevirt_default_pv_dir }}"
9 | state: absent
10 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/node/files/write_notification.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | # SPDX-License-Identifier: Apache-2.0
3 | # Copyright (c) 2020 Intel Corporation
4 |
5 | rm -f /tmp/notifications
6 | while read x y
7 | do
8 | echo "$x$y" >> /tmp/notifications
9 | done
10 |
--------------------------------------------------------------------------------
/roles/telemetry/cadvisor/node/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | - name: remove cAdvisor certificates
6 | file:
7 | path: "{{ openness_dir }}/certs/telemetry/cadvisor"
8 | state: absent
9 |
--------------------------------------------------------------------------------
/roles/infrastructure/custom_kernel/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: requested kernel should be active
7 | assert:
8 | that:
9 | - ansible_kernel == kernel_version
10 |
11 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/ovn4nfv/controlplane/files/kustomization.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | resources:
7 | - ovn4nfv-k8s-plugin.yml
8 |
9 | patchesStrategicMerge:
10 | - customize_ovn4nfv_container.yml
11 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/sriov/controlplane/files/sriov/Chart.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | apiVersion: v2
5 | name: sriov-cni
6 | description: A Helm chart for sriov-cni and sriov-dp
7 | type: application
8 | version: 0.1.0
9 |
--------------------------------------------------------------------------------
/roles/applications/openness/node/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | _configs_dest: "{{ openness_dir }}/configs"
6 | _certs_dest: "{{ openness_dir }}/certs"
7 | _kafka_certs_dest: "{{ _certs_dest }}/eaa-kafka"
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/weavenet/node/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: delete WeaveNet binaries
7 | command: rm -rf /opt/cni/bin/weave-*
8 | changed_when: true
9 | ignore_errors: yes
10 |
--------------------------------------------------------------------------------
/roles/telemetry/pcm/controlplane/charts/Chart.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | apiVersion: v2
5 | name: pcm
6 | description: A Helm chart for deployment of pcm
7 | type: application
8 | version: 0.1.0
9 | appVersion: 1.0
10 |
--------------------------------------------------------------------------------
/roles/kubernetes/biosfw/controlplane/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: remove biosfw plugin
7 | file:
8 | path: "{{ _biosfw_plugin_dest }}"
9 | state: absent
10 | become: yes
11 |
--------------------------------------------------------------------------------
/roles/applications/openness/node/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 |
6 | - include_tasks: ../../common/tasks/main.yml
7 | - include_tasks: fact.yml
8 | - include_tasks: prebuild.yml
9 | - include_tasks: build.yml
10 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/multus/controlplane/files/multus-cni/Chart.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | apiVersion: v2
7 | name: multus-cni
8 | description: A Helm chart for multus-cni
9 | type: application
10 | version: 0.1.0
11 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/multus/controlplane/files/multus-cni/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | apiVersion: v1
7 | kind: ServiceAccount
8 | metadata:
9 | name: multus
10 | namespace: kube-system
11 |
--------------------------------------------------------------------------------
/roles/kubernetes/opae_fpga/controlplane/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: Remove RSU kubectl plugin
7 | file:
8 | path: "{{ _rsu_plugin_dest }}"
9 | state: absent
10 | become: yes
11 |
--------------------------------------------------------------------------------
/roles/telemetry/tas/files/add_cmk_toleration.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - op: add
7 | path: /spec/template/spec/tolerations/-
8 | value:
9 | effect: NoSchedule
10 | key: cmk
11 | operator: Exists
12 |
--------------------------------------------------------------------------------
/roles/telemetry/cadvisor/controlplane/charts/Chart.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | apiVersion: v2
5 | name: cadvisor
6 | description: A Helm chart for deployment of cadvisor
7 | type: application
8 | version: 0.1.0
9 | appVersion: 1.0
10 |
--------------------------------------------------------------------------------
/roles/telemetry/cadvisor/controlplane/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: verify cadvisor daemonset
7 | check_k8s_object:
8 | name: cadvisor
9 | namespace: telemetry
10 | kind: daemonset
11 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/controlplane/charts/Chart.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | apiVersion: v2
5 | name: collectd
6 | description: A Helm chart for deployment of collectd
7 | type: application
8 | version: 0.1.0
9 | appVersion: 1.0
10 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/controlplane/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: verify collectd daemonset
7 | check_k8s_object:
8 | name: collectd
9 | namespace: telemetry
10 | kind: daemonset
11 |
--------------------------------------------------------------------------------
/roles/infrastructure/ptp/controlplane/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _config_patch: default_config.patch
7 | _master_clock: "{{ 'CLOCK_REALTIME' if ptp_port_gm is not defined or ptp_port_gm is none else ptp_port_gm }}"
8 |
9 |
--------------------------------------------------------------------------------
/roles/kubernetes/biosfw/node/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | _syscfg_local_path: "{{ role_path }}/../../../../biosfw/syscfg_package.zip"
7 | _syscfg_remote_path: "{{ _git_repo_dest }}/build/biosfw/syscfg_package.zip"
8 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/multus/controlplane/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | # Tested on v3.3 and v3.4.1 versions. With newer versions some changes in chart might be required
5 | _multus_image_tag: v3.6
6 | _multus_image_name: nfvpe/multus
7 |
--------------------------------------------------------------------------------
/roles/applications/openness/node/files/logrotate_edgenode:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | /var/log/edgeservices/* {
5 | weekly
6 | rotate 3
7 | size 10M
8 | compress
9 | delaycompress
10 | missingok
11 | notifempty
12 | }
13 |
--------------------------------------------------------------------------------
/roles/infrastructure/os_setup/tasks/install_epel_repository.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | - name: install EPEL package
6 | yum:
7 | name: epel-release
8 | state: present
9 | become: yes
10 | when: not offline_enable
11 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/flannel/controlplane/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: verify flannel daemonsets
7 | check_k8s_object:
8 | name: kube-flannel-ds
9 | namespace: kube-system
10 | kind: daemonset
11 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/flannel/controlplane/templates/customize_flannel_conf.yml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - op: replace
7 | path: /spec/template/spec/initContainers/0/args/2
8 | value: "/etc/cni/net.d/{{ cni_weight }}-flannel.conflist"
9 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/kubeovn/common/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _kubeovn_scripts:
7 | - ovs-vsctl
8 | - ovn-nbctl
9 |
10 | _kubeovn_scripts_dest: /usr/local/bin
11 |
12 | _kubeovn_ovs_config_path: /opt/ovs-config
13 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/node/templates/configs/flexran/ovs_stats.conf.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 |
5 | Interval 1
6 |
7 |
8 | Socket "/var/run/openvswitch/db.sock"
9 |
10 |
--------------------------------------------------------------------------------
/roles/applications/openness/controlplane/files/logrotate_openness:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | /var/log/openness/* {
5 | weekly
6 | rotate 3
7 | size 10M
8 | compress
9 | delaycompress
10 | missingok
11 | notifempty
12 | }
13 |
--------------------------------------------------------------------------------
/roles/infrastructure/os_setup/tasks/proxy_yum_remove.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | - name: Remove yum.conf proxy settings
6 | lineinfile:
7 | dest: /etc/yum.conf
8 | regexp: "^proxy=.*"
9 | state: absent
10 | become: yes
11 |
--------------------------------------------------------------------------------
/roles/kubernetes/hddl/network_edge/node/templates/build.sh.j2:
--------------------------------------------------------------------------------
1 | #!/bin/bash -e
2 |
3 | # SPDX-License-Identifier: Apache-2.0
4 | # Copyright (c) 2020 Intel Corporation
5 |
6 | IMAGE="openness-ubuntu1804-analytics-hddldaemon"
7 | DIR=$(dirname $(readlink -f "$0"))
8 |
9 | . "${DIR}/../../../../script/build.sh"
10 |
--------------------------------------------------------------------------------
/roles/kubernetes/hddl/network_edge/node/templates/shell.sh.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | #!/bin/bash -e
5 |
6 | IMAGE="openness-ubuntu1804-analytics-hddldaemon"
7 | DIR=$(dirname $(readlink -f "$0"))
8 |
9 | . "${DIR}/../../../../script/shell.sh"
10 |
--------------------------------------------------------------------------------
/roles/kubernetes/kubevirt/controlplane/files/add_cmk_toleration.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - op: add
7 | path: /spec/template/spec/tolerations
8 | value:
9 | - effect: NoSchedule
10 | key: cmk
11 | operator: Exists
12 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/node/templates/configs/corenetwork/ovs_stats.conf.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 |
5 | Interval 1
6 |
7 |
8 | Socket "/var/run/openvswitch/db.sock"
9 |
10 |
--------------------------------------------------------------------------------
/roles/telemetry/tas/files/adapter-values.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | deploymentNamespace: telemetry
7 | serviceAccountNamespace: telemetry
8 | configMapNamespace: telemetry
9 | serviceNamespace: telemetry
10 | apiServiceNamespace: telemetry
11 |
--------------------------------------------------------------------------------
/roles/telemetry/tas/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: verify telemetry-aware-scheduling deployment
7 | check_k8s_object:
8 | name: telemetry-aware-scheduling
9 | namespace: telemetry
10 | kind: deployment
11 |
--------------------------------------------------------------------------------
/roles/kubernetes/bb_config/charts/bb_config/Chart.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 | apiVersion: v2
4 | name: bb_config
5 | description: A Helm chart for programming Baseband FEC queues via BBDEV application
6 | type: application
7 | version: 0.1.0
8 | appVersion: 0.1.0
9 |
--------------------------------------------------------------------------------
/roles/kubernetes/common/handlers/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 | - name: enable and restart kubelet
6 | systemd:
7 | name: kubelet
8 | daemon_reload: yes
9 | enabled: yes
10 | masked: no
11 | state: restarted
12 | become: yes
13 |
--------------------------------------------------------------------------------
/roles/kubernetes/device_plugins/charts/gpu-plugin/Chart.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | apiVersion: v2
6 | name: "intel-gpu-plugin"
7 | description: "gpu plugin for openness network edge"
8 | type: application
9 | version: 0.1.0
10 | appVersion: 0.17.0
11 |
--------------------------------------------------------------------------------
/roles/kubernetes/device_plugins/charts/vpu-plugin/Chart.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | apiVersion: v2
6 | name: "intel-vpu-plugin"
7 | description: "vpu plugin for openness network edge"
8 | type: application
9 | version: 0.1.0
10 | appVersion: 0.17.0
11 |
--------------------------------------------------------------------------------
/roles/kubernetes/hddl/network_edge/node/templates/run_hddl.sh.j2:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # SPDX-License-Identifier: Apache-2.0
4 | # Copyright (c) 2020 Intel Corporation
5 |
6 | source /opt/intel/openvino/bin/setupvars.sh
7 |
8 | cd /opt/intel/openvino/deployment_tools/inference_engine/external/hddl/bin
9 | ./hddldaemon
10 |
--------------------------------------------------------------------------------
/roles/kubernetes/node/handlers/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 | - name: enable and restart kubelet
6 | systemd:
7 | name: kubelet
8 | daemon_reload: yes
9 | enabled: yes
10 | masked: no
11 | state: restarted
12 | become: yes
13 |
--------------------------------------------------------------------------------
/roles/telemetry/opentelemetry/controlplane/charts/Chart.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 | apiVersion: v2
4 | name: otel-collector
5 | description: A Helm chart for deployment of OpenTelemetry Collector
6 | type: application
7 | version: 0.1.0
8 | appVersion: 1.0
9 |
10 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/calico/controlplane/files/customize_calico_container.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - op: add
7 | path: /spec/template/spec/containers/0/env/-
8 | value:
9 | name: IP_AUTODETECTION_METHOD
10 | value: "can-reach=8.8.8.8"
11 |
--------------------------------------------------------------------------------
/roles/kubernetes/kubevirt/controlplane/files/localStorageClass.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | apiVersion: storage.k8s.io/v1
5 | kind: StorageClass
6 | metadata:
7 | name: local-storage
8 | provisioner: kubernetes.io/no-provisioner
9 | volumeBindingMode: Immediate
10 |
--------------------------------------------------------------------------------
/roles/kubernetes/qat_dev_plugin/node/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | qat_sriov_numvfs: 16
7 | manufacturer_id: "8086"
8 | qat_dev_ids: ["0435", "37c8", "19e2", "6f54", "18a0"]
9 | qat_vf_dev_id: "37c9"
10 | qat_vf_driver: "vfio-pci"
11 |
--------------------------------------------------------------------------------
/roles/telemetry/certs/files/namespace.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | {
7 | "kind": "Namespace",
8 | "apiVersion": "v1",
9 | "metadata": {
10 | "name": "telemetry",
11 | "labels": {
12 | "name": "telemetry"
13 | }
14 | }
15 | }
16 |
--------------------------------------------------------------------------------
/ansible.cfg:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | [defaults]
5 | host_key_checking = False
6 | show_custom_stats = True
7 | callback_whitelist = profile_roles
8 | stdout_callback = debug
9 | roles_path = ./roles
10 | timeout = 60
11 |
12 | [connection]
13 | pipelining = True
14 |
--------------------------------------------------------------------------------
/roles/applications/openness/node/tasks/prebuild.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 |
6 | - include_tasks: prebuild/copy_configs_to_appliance.yml
7 | - include_tasks: prebuild/certificate_dirs.yml
8 | - include_tasks: prebuild/kafka_certs.yml
9 | when: eaa_enable
10 |
--------------------------------------------------------------------------------
/roles/infrastructure/docker/handlers/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 | - name: enable and start docker service
6 | systemd:
7 | name: docker
8 | enabled: yes
9 | masked: no
10 | state: restarted
11 | daemon_reload: yes
12 | become: yes
13 |
--------------------------------------------------------------------------------
/roles/kubernetes/opae_fpga/node/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | _opae_local_path_stp: "{{ role_path }}/../../../../opae_fpga/OPAE_SDK_1.3.7-5_el7.zip"
7 | _opae_remote_path: "{{ _git_repo_dest }}/build/fpga_opae/"
8 | _vran_image_dir: "/temp/vran_images/"
9 |
--------------------------------------------------------------------------------
/roles/infrastructure/os_setup/tasks/disable_yum_plugins.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | - name: Disable yum plugins
6 | lineinfile:
7 | dest: /etc/yum.conf
8 | regexp: "^plugins=.*"
9 | state: absent
10 | when: os_remove_yum_plugins
11 | become: yes
12 |
--------------------------------------------------------------------------------
/roles/kubernetes/istio/templates/authentication.yaml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | apiVersion: security.istio.io/v1beta1
5 | kind: PeerAuthentication
6 | metadata:
7 | name: default
8 | namespace: {{ istio_deployment_namespace }}
9 | spec:
10 | mtls:
11 | mode: STRICT
12 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/flannel/controlplane/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _flannel_version: v0.13.0
7 | _flannel_url: https://raw.githubusercontent.com/coreos/flannel/{{ _flannel_version }}/Documentation/kube-flannel.yml
8 |
9 | flannel_cidr: "10.244.0.0/16"
10 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/multus/node/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: 00-multus.conf should be present
7 | stat:
8 | path: /etc/cni/net.d/00-multus.conf
9 | register: this
10 | failed_when: not this.stat.exists
11 | changed_when: false
12 |
13 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/sriov/controlplane/meta/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | dependencies:
6 | - role: infrastructure/sriov_device_init
7 | vars:
8 | _git_repo_dest: "{{ openness_dir }}/edgeservices"
9 | when: single_node_deployment | default(false)
10 |
--------------------------------------------------------------------------------
/roles/kubernetes/opae_fpga/node/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 |
6 | - name: remove opaedeps.conf
7 | file:
8 | path: /etc/modules-load.d/opaedeps.conf
9 | state: absent
10 | become: yes
11 |
12 | # Docker images will be removed during Docker's cleanup
13 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/node/templates/configs/common/intel_pmu.conf.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | LoadPlugin intel_pmu
5 |
6 |
7 | ReportHardwareCacheEvents true
8 | ReportKernelPMUEvents true
9 | ReportSoftwareEvents true
10 | Cores "[0-4]"
11 |
12 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/node/templates/configs/common/intel_rdt.conf.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | # Known issue: intel_rdt plugin can conflict with RMD. Should be used exclusively.
5 | # LoadPlugin intel_rdt
6 |
7 |
8 | Interval 1
9 | Cores ""
10 |
11 |
--------------------------------------------------------------------------------
/roles/infrastructure/os_setup/tasks/enable_ipv4_forwarding.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | - name: Enable IPv4 forwarding
6 | sysctl:
7 | name: net.ipv4.ip_forward
8 | value: "1"
9 | sysctl_set: yes
10 | state: present
11 | reload: yes
12 | become: yes
13 |
--------------------------------------------------------------------------------
/roles/kubernetes/cmk/node/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | # The CMK chart directory on Controller (should be the same as in roles/cmk/controlplane/defaults/main.yml)
7 | _cmk_chart_dir: "{{ ne_helm_charts_default_dir }}/cpu-manager-for-kubernetes"
8 | _cmk_tag: "v1.4.1"
9 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/node/templates/configs/common/default_plugins.conf.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | LoadPlugin logfile
5 |
6 | LogLevel info
7 | File STDOUT
8 | Timestamp true
9 |
10 |
11 | LoadPlugin cpu
12 | LoadPlugin cpufreq
13 | LoadPlugin load
14 |
--------------------------------------------------------------------------------
/scripts/log_all.json:
--------------------------------------------------------------------------------
1 | {
2 | "commands": [
3 | "date",
4 | "git status",
5 | "git diff",
6 | "git log -n100"
7 | ],
8 | "excludePaths": [
9 | "offline_package_creator/opcdownloads$",
10 | "unpack_offline_package/files/.*\\.tar.gz",
11 | "^opae_fpga",
12 | "^biosfw"
13 | ]
14 | }
--------------------------------------------------------------------------------
/roles/infrastructure/os_setup/tasks/add_kubeovn_env.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: OVN_NB_DB -> /etc/environment
7 | lineinfile:
8 | path: /etc/environment
9 | state: present
10 | line: "OVN_NB_DB=unix:/var/run/ovn/ovnnb_db.sock"
11 | become: yes
12 |
13 |
--------------------------------------------------------------------------------
/roles/infrastructure/qemu/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: remove sources
7 | file:
8 | path: "{{ _qemu_download_url }}"
9 | state: absent
10 |
11 | - name: remove binaries
12 | file:
13 | path: "{{ _qemu_install_dir }}"
14 | state: absent
15 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/kubeovn/controlplane/files/kustomization.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | resources:
7 | - ovn.yaml
8 |
9 | patchesJson6902:
10 | - target:
11 | group: apps
12 | version: v1
13 | kind: DaemonSet
14 | name: ovs-ovn
15 | path: enable_dpdk.yaml
16 |
--------------------------------------------------------------------------------
/roles/kubernetes/helm/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _helm_version: "v3.1.2"
7 | _helm_name: "helm-{{ _helm_version }}-linux-amd64"
8 | _helm_download_url: "https://get.helm.sh"
9 | _helm_download_item: "{{ _helm_name }}.tar.gz"
10 | _helm_binary_path: /usr/local/bin/helm
11 |
--------------------------------------------------------------------------------
/roles/infrastructure/git_repo/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 |
6 | # If True, then repository will be deleted and cloned again
7 | # If False, repository will be left as it is and any changes won't be overwritten.
8 | # Option mainly for developers.
9 | always_clean_repository: True
10 |
--------------------------------------------------------------------------------
/roles/infrastructure/os_setup/tasks/proxy_yum_add.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | - name: Add proxy to /etc/yum.conf
6 | lineinfile:
7 | path: /etc/yum.conf
8 | line: proxy={{ proxy_yum }}
9 | when:
10 | - proxy_yum|length > 0
11 | - proxy_enable | bool
12 | become: yes
13 |
--------------------------------------------------------------------------------
/roles/applications/video_analytics_services/templates/Chart.yaml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | apiVersion: v2
5 | name: {{ _vas_helmReleaseName }}
6 | description: A Helm chart for Video Analytics Service
7 | type: application
8 | version: {{ _vas_helmChartVersion }}
9 | appVersion: {{ _vas_helmChartVersion }}
10 |
--------------------------------------------------------------------------------
/roles/infrastructure/e810_driver_update/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | _ice_local_path: "{{ role_path }}/../../../nic_drivers/ice-1.3.2.tar.gz"
7 | _iavf_local_path: "{{ role_path }}/../../../nic_drivers/iavf-4.0.2.tar.gz"
8 | _ice_driver: "ice-1.3.2"
9 | _iavf_driver: "iavf-4.0.2"
10 |
--------------------------------------------------------------------------------
/roles/telemetry/cadvisor/controlplane/charts/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | {{/*
2 | SPDX-License-Identifier: Apache-2.0
3 | Copyright (c) 2020 Intel Corporation
4 | */}}
5 |
6 | Installing {{ .Chart.Name }}.
7 |
8 | The release is named {{ .Release.Name }}.
9 |
10 | To use the helm release:
11 |
12 | $ helm status {{ .Release.Name }}
13 | $ helm get all {{ .Release.Name }}
14 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/node/templates/configs/common/hugepages.conf.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | LoadPlugin hugepages
5 |
6 |
7 | ReportPerNodeHP true
8 | ReportRootHP true
9 | ValuesPages true
10 | ValuesBytes false
11 | ValuesPercentage false
12 |
13 |
--------------------------------------------------------------------------------
/roles/telemetry/pcm/controlplane/charts/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | {{/*
2 | SPDX-License-Identifier: Apache-2.0
3 | Copyright (c) 2020 Intel Corporation
4 | */}}
5 |
6 | Installing {{ .Chart.Name }}.
7 |
8 | The release is named {{ .Release.Name }}.
9 |
10 | To use the helm release:
11 |
12 | $ helm status {{ .Release.Name }}
13 | $ helm get all {{ .Release.Name }}
14 |
--------------------------------------------------------------------------------
/roles/applications/kafka/templates/eaa-user.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | apiVersion: kafka.strimzi.io/v1beta1
7 | kind: KafkaUser
8 | metadata:
9 | name: "{{ kafka_eaa_user }}"
10 | labels:
11 | strimzi.io/cluster: "{{ kafka_cluster }}"
12 | spec:
13 | authentication:
14 | type: tls
15 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/controlplane/charts/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | {{/*
2 | SPDX-License-Identifier: Apache-2.0
3 | Copyright (c) 2020 Intel Corporation
4 | */}}
5 |
6 | Installing {{ .Chart.Name }}.
7 |
8 | The release is named {{ .Release.Name }}.
9 |
10 | To use the helm release:
11 |
12 | $ helm status {{ .Release.Name }}
13 | $ helm get all {{ .Release.Name }}
14 |
--------------------------------------------------------------------------------
/roles/infrastructure/os_setup/tasks/add_udev_kvm_system_rule.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | - name: Add udev kvm system rule
6 | lineinfile:
7 | dest: /etc/udev/rules.d/80-kvm.rules
8 | line: KERNEL=="kvm", GROUP="kvm", MODE="0666"
9 | state: present
10 | create: yes
11 | become: yes
12 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/kubeovn/controlplane/files/ovn_central.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - op: add
7 | path: /spec/template/spec/containers/0/command
8 | value: [ "/bin/sh", "-c", "if [ -z $KUBERNETES_SERVICE_HOST ]; then echo 'KUBERNETES_SERVICE_HOST is unset - exiting...'; exit 1; fi; /root/start-db.sh" ]
9 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/userspace/common/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: delete userspace executable
7 | file:
8 | path: /opt/cni/bin/userspace
9 | state: absent
10 |
11 | - name: delete go files
12 | file:
13 | path: "{{ _userspace.download_dir }}"
14 | state: absent
15 |
--------------------------------------------------------------------------------
/roles/kubernetes/bb_config/charts/bb_config/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | {{/*
2 | SPDX-License-Identifier: Apache-2.0
3 | Copyright (c) 2020 Intel Corporation
4 | */}}
5 |
6 | Installing {{ .Chart.Name }}.
7 |
8 | The release is named {{ .Release.Name }}.
9 |
10 | To use the helm release:
11 |
12 | $ helm status {{ .Release.Name }}
13 | $ helm get all {{ .Release.Name }}
14 |
--------------------------------------------------------------------------------
/roles/kubernetes/nfd/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: check if host is controller
7 | debug:
8 | msg: "NFD is only for controller/k8s master host"
9 | when: "'controller_group' not in group_names"
10 |
11 | - include_tasks: nfd.yml
12 | when: "'controller_group' in group_names"
13 |
--------------------------------------------------------------------------------
/roles/infrastructure/os_setup/tasks/reload_udev.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | - name: Reload udev rules (1/2)
6 | command: udevadm control --reload-rules
7 | changed_when: true
8 | become: yes
9 |
10 | - name: Retrigger udev (2/2)
11 | command: udevadm trigger
12 | changed_when: true
13 | become: yes
14 |
--------------------------------------------------------------------------------
/roles/kubernetes/biosfw/controlplane/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: copy biosfw plugin to dir with executables
7 | copy:
8 | src: "{{ _git_repo_dest }}/network-edge/kubectl-biosfw"
9 | dest: "{{ _biosfw_plugin_dest }}"
10 | mode: 0755
11 | remote_src: yes
12 | become: yes
13 |
--------------------------------------------------------------------------------
/roles/kubernetes/kubevirt/node/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: Create directories for PV
7 | file:
8 | path: "{{ kubevirt_default_pv_dir }}{{ kubevirt_default_pv_vol_name }}{{ item }}"
9 | state: directory
10 | with_sequence: start=0 end="{{ kubevirt_pv_vm_max_num }}"
11 | become: yes
12 |
--------------------------------------------------------------------------------
/roles/telemetry/opentelemetry/controlplane/charts/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | {{/*
2 | SPDX-License-Identifier: Apache-2.0
3 | Copyright (c) 2020 Intel Corporation
4 | */}}
5 |
6 | Installing {{ .Chart.Name }}.
7 |
8 | The release is named {{ .Release.Name }}.
9 |
10 | To use the helm release:
11 |
12 | $ helm status {{ .Release.Name }}
13 | $ helm get all {{ .Release.Name }}
14 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/userspace/node/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: setting OVS_SOCKDIR
7 | lineinfile:
8 | path: "{{ _kubernetes_env_file }}"
9 | regexp: "^OVS_SOCKDIR=.*"
10 | line: "OVS_SOCKDIR=/var/run/openvswitch/"
11 | notify:
12 | - enable and restart kubelet
13 | become: yes
14 |
--------------------------------------------------------------------------------
/roles/kubernetes/istio/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: check istio deployments
7 | check_k8s_object:
8 | kind: deployment
9 | name: "{{ item }}"
10 | namespace: istio-system
11 | with_items:
12 | - istio-ingressgateway
13 | - istiod
14 | - kiali
15 | - smi-adapter-istio
16 |
17 |
--------------------------------------------------------------------------------
/roles/kubernetes/kubevirt/controlplane/templates/kustomization.yml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | resources:
7 | - {{ item }}-operator.yaml
8 |
9 | patchesJson6902:
10 | - target:
11 | group: apps
12 | version: v1
13 | kind: Deployment
14 | name: {{ item }}-operator
15 | path: add_cmk_toleration.yml
16 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/node/templates/configs/corenetwork/exec.conf.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | LoadPlugin exec
5 |
6 |
7 | Exec "collectd_exec" "/opt/collectd/etc/collectd.conf.d/ovs_pmd_stats.sh"
8 | NotificationExec "collectd_exec" "/opt/collectd/etc/collectd.conf.d/write_notification.sh"
9 |
10 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/node/templates/configs/smartcity/exec.conf.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | LoadPlugin exec
5 |
6 |
7 | Exec "collectd_exec" "/opt/collectd/etc/collectd.conf.d/ovs_pmd_stats.sh"
8 | NotificationExec "collectd_exec" "/opt/collectd/etc/collectd.conf.d/write_notification.sh"
9 |
10 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/kubeovn/common/templates/config.cfg.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | dpdk-socket-mem="{{ kubeovn_dpdk_socket_mem }}"
5 | dpdk-init="{{ kubeovn_dpdk }}"
6 | pmd-cpu-mask="{{ kubeovn_dpdk_pmd_cpu_mask }}"
7 | dpdk-lcore-mask="{{ kubeovn_dpdk_lcore_mask }}"
8 | dpdk-hugepage-dir=/dev/hugepages
9 | dpdk-extra="--iova-mode=pa"
10 |
--------------------------------------------------------------------------------
/roles/telemetry/grafana/templates/default-dashboards-providers.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | apiVersion: 1
7 |
8 | providers:
9 | - name: 'default'
10 | orgId: 1
11 | folder: ''
12 | type: file
13 | disableDeletion: true
14 | updateIntervalSeconds: 60
15 | options:
16 | path: "{{ _grafana_dashboards_conf }}"
17 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | kubernetes_cnis: []
7 |
8 | # List of CNIs that user can use
9 | _available_kubernetes_cnis:
10 | - kubeovn
11 | - weavenet
12 | - sriov
13 | - flannel
14 | - calico
15 | - userspace
16 | - ovn4nfv
17 |
18 | _cni_offline_path:
19 | - ./roles
20 | - ./ceek/roles
21 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/multus/controlplane/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: check if host is controller
7 | debug:
8 | msg: "Multus is only for controller/k8s master host"
9 | when: "'controller_group' not in group_names"
10 |
11 | - include_tasks: multus.yml
12 | when: "'controller_group' in group_names"
13 |
--------------------------------------------------------------------------------
/roles/kubernetes/qat_dev_plugin/controller/charts/intel-qat-plugin/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | {{/*
2 | SPDX-License-Identifier: Apache-2.0
3 | Copyright (c) 2020 Intel Corporation
4 | */}}
5 |
6 | Thank you for installing {{ .Chart.Name }}.
7 |
8 | Your release is named {{ .Release.Name }}.
9 |
10 | To learn more about the release, try:
11 |
12 | $ helm status {{ .Release.Name }}
13 | $ helm get {{ .Release.Name }}
14 |
--------------------------------------------------------------------------------
/roles/kubernetes/device_plugins/tasks/download.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: clone intel-device-plugins-for-kubernetes repo
7 | git:
8 | repo: "{{ _device_plugins.url }}"
9 | dest: "{{ _device_plugins.download_dir }}"
10 | clone: yes
11 | update: no
12 | version: "{{ _device_plugins.commit }}"
13 | become: yes
14 |
--------------------------------------------------------------------------------
/roles/kubernetes/qat_dev_plugin/controller/charts/intel-qat-plugin/Chart.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | apiVersion: v1
5 | description: Intel® QuickAssist Technology (QAT) device plugin for Kubernetes
6 | name: intel-qat-plugin
7 | version: 0.17.0
8 | sources:
9 | - https://github.com/intel/intel-device-plugins-for-kubernetes.git
10 | appVersion: 0.17.0
11 |
--------------------------------------------------------------------------------
/roles/kubernetes/rmd/common/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | - name: include common vars
6 | include_vars: ../defaults/main.yml
7 |
8 | - name: delete the RMD temporary directory
9 | file:
10 | name: "{{ item }}"
11 | state: absent
12 | with_items:
13 | - "{{ _rmd_main_dir }}"
14 | ignore_errors: yes
15 | become: yes
16 |
--------------------------------------------------------------------------------
/roles/telemetry/tas/files/configure-scheduler.sh.patch:
--------------------------------------------------------------------------------
1 | --- configure-scheduler.sh 2020-07-07 15:01:41.280000000 +0200
2 | +++ configure-scheduler_new.sh 2020-07-07 15:01:27.786000000 +0200
3 | @@ -26,3 +26,5 @@
4 | sed -e "/spec/a\\
5 | dnsPolicy: ClusterFirstWithHostNet" $MANIFEST_FILE -i
6 |
7 | +perl -i -p0e "s/(name: NO_PROXY\n.*)/\1,$1/gm" $MANIFEST_FILE
8 | +perl -i -p0e "s/(name: no_proxy\n.*)/\1,$1/gm" $MANIFEST_FILE
9 |
--------------------------------------------------------------------------------
/tasks/settings_check_common.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: fail if more than 1 controller
7 | fail:
8 | msg: "Only one controller is supported"
9 | when:
10 | - groups['controller_group'] is defined
11 | - (groups['controller_group']|length>1)
12 |
13 | - name: validate hostname
14 | include_tasks: precheck_hostname.yml
15 |
--------------------------------------------------------------------------------
/roles/infrastructure/docker/templates/config.json.j2:
--------------------------------------------------------------------------------
1 | {
2 | "proxies": {
3 | "default": {
4 | {% if proxy_http is defined and proxy_http|length %}
5 | "httpProxy": "{{ proxy_http }}",
6 | {% endif %}
7 | {% if proxy_https is defined and proxy_https|length %}
8 | "httpsProxy": "{{ proxy_https }}",
9 | {% endif %}
10 | "noProxy": "{{ ansible_host }},{{ proxy_noproxy }}"
11 | }
12 | }
13 | }
14 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/ovn4nfv/controlplane/templates/attach-network-ovn.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | apiVersion: k8s.cni.cncf.io/v1
6 | kind: NetworkAttachmentDefinition
7 | metadata:
8 | name: ovn-networkobj
9 | spec:
10 | config: '{
11 | "cniVersion": "0.3.1",
12 | "name": "ovn4nfv-k8s-plugin",
13 | "type": "ovn4nfvk8s-cni"
14 | }'
15 |
--------------------------------------------------------------------------------
/roles/kubernetes/hddl/network_edge/controlplane/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | - name: create kustomization files for daemonSet yaml from templates
6 | template:
7 | src: "{{ item }}.j2"
8 | dest: "{{ _hddldaemon_container.download_dir }}/VCAC-A/script/{{ item }}"
9 | with_items:
10 | - setup_hddl_daemonset.yaml
11 | become: yes
12 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/sriov/controlplane/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: verify sriov daemonsets
7 | check_k8s_object:
8 | name: "{{ item }}"
9 | namespace: kube-system
10 | kind: daemonset
11 | with_items:
12 | - sriov-release-kube-sriov-device-plugin-amd64
13 | - sriov-release-kube-sriov-cni-ds-amd64
14 |
15 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/userspace/common/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _userspace:
7 | repository: "https://github.com/intel/userspace-cni-network-plugin"
8 | tag: "d904df8"
9 | download_dir: "/tmp/_userspace-cni-network-plugin"
10 | bridgeName: "br-userspace"
11 | logFile: "/var/log/userspace-openness.log"
12 | logLevel: "info"
13 |
--------------------------------------------------------------------------------
/roles/kubernetes/hddl/vca_setup/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _vca_hddl_yaml: "https://raw.githubusercontent.com/OpenVisualCloud/Dockerfiles/7e104aaf613de644d173cae5debabb7ddcaec2b5/VCAC-A/script/setup_hddl_daemonset.yaml"
7 | _vca_hddl_retries_num: 100
8 | _vca_hddl_retries_delay: 20
9 | _vca_hddl_vputaspolicy_yaml_dir: /tmp/vpu_taspolicy
10 |
--------------------------------------------------------------------------------
/flavors/cdn-caching/all.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | # Network Edge's Kubernetes CNIs
5 | # sriov CNI for CDN Content Delivery
6 | kubernetes_cnis:
7 | - kubeovn
8 | - sriov
9 |
10 | # Kubernetes Topology Manager policy - possible values: none (disabled), best-effort (default), restricted, single-numa-node
11 | topology_manager:
12 | policy: "single-numa-node"
13 |
--------------------------------------------------------------------------------
/roles/kubernetes/cmk/controlplane/templates/helm_values.yml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | image:
7 | repository: {{ _registry_ip_address }}:{{ _registry_port }}/intel/cmk
8 | tag: {{ _cmk_tag }}
9 |
10 | hosts:
11 | list: {{ cmk_host_list }}
12 |
13 | numSharedCores: {{ cmk_num_shared_cores }}
14 | numExclusiveCores: {{ cmk_num_exclusive_cores }}
15 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/calico/controlplane/files/kustomization_ebpf.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | resources:
7 | - calico.yml
8 |
9 | patchesStrategicMerge:
10 | - change_cidr.yml
11 |
12 | patchesJson6902:
13 | - target:
14 | group: apps
15 | version: v1
16 | kind: DaemonSet
17 | name: calico-node
18 | path: customize_calico_container.yml
19 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/controlplane/files/rdt_gcc_version.patch:
--------------------------------------------------------------------------------
1 | diff --git a/Makefile b/Makefile
2 | index ea97b3e..fc81200 100644
3 | --- a/Makefile
4 | +++ b/Makefile
5 | @@ -53,7 +53,7 @@ all:
6 | $(MAKE) -C lib
7 | $(MAKE) -C pqos
8 | $(MAKE) -C rdtset
9 | - $(MAKE) -C tools/membw
10 | + #$(MAKE) -C tools/membw
11 | $(MAKE) -C examples/c/CAT_MBA
12 | $(MAKE) -C examples/c/CMT_MBM
13 | $(MAKE) -C examples/c/PSEUDO_LOCK
14 |
--------------------------------------------------------------------------------
/roles/infrastructure/os_setup/tasks/disable_fingerprint.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: install authconfig
7 | yum:
8 | name: authconfig
9 | state: present
10 | become: yes
11 |
12 | - name: disable fingerprint to avoid ssh timeout issues
13 | command: authconfig --disablefingerprint --update
14 | changed_when: false
15 | become: yes
16 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/calico/controlplane/templates/change_cidr.yml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | apiVersion: apps/v1
5 | kind: DaemonSet
6 | metadata:
7 | name: calico-node
8 | spec:
9 | template:
10 | spec:
11 | containers:
12 | - name: calico-node
13 | env:
14 | - name: CALICO_IPV4POOL_CIDR
15 | value: "{{ calico_cidr }}"
16 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/flannel/controlplane/files/kustomization.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | resources:
7 | - kube-flannel.yml
8 |
9 | patchesStrategicMerge:
10 | - flannel_change_cidr.yml
11 |
12 | patchesJson6902:
13 | - target:
14 | group: apps
15 | version: v1
16 | kind: DaemonSet
17 | name: kube-flannel-ds
18 | path: customize_flannel_conf.yml
19 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/weavenet/controlplane/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: delete WeaveNet via the addon
7 | command: "kubectl delete -f {{ _weavenet_yaml }}"
8 | changed_when: true
9 | ignore_errors: yes
10 |
11 | - name: delete WeaveNet binaries
12 | command: rm -rf /opt/cni/bin/weave-*
13 | changed_when: true
14 | ignore_errors: yes
15 |
--------------------------------------------------------------------------------
/roles/applications/emco/controlplane/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _emco:
7 | repo: "https://github.com/smart-edge-open/EMCO"
8 | commit: "{{ emco_commitID }}"
9 | dest: /opt/openness/emco
10 | registryPrefix: "{{ _registry_host }}:{{ _registry_port }}/intel/"
11 | buildCause: DEV_TEST
12 | emcoSrvRelease: latest
13 | release_name: emco-services
14 |
--------------------------------------------------------------------------------
/roles/infrastructure/os_setup/tasks/remove_yum_excludes.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | - name: Remove excludes (rpm packages) from /etc/yum.conf
6 | lineinfile:
7 | dest: /etc/yum.conf
8 | regexp: "^exclude=.*"
9 | state: absent
10 | when:
11 | - _os_yum_exclude_rpm_packages is defined
12 | - _os_yum_exclude_rpm_packages|length > 0
13 | become: yes
14 |
--------------------------------------------------------------------------------
/roles/kubernetes/nfd/files/worker.yml.patch:
--------------------------------------------------------------------------------
1 | --- worker.yml 2020-05-20 13:06:23.616000000 +0200
2 | +++ worker.yml.new 2020-05-20 13:08:09.309000000 +0200
3 | @@ -18,6 +18,10 @@
4 | spec:
5 | hostNetwork: true
6 | dnsPolicy: ClusterFirstWithHostNet
7 | + tolerations:
8 | + - effect: NoSchedule
9 | + key: cmk
10 | + operator: Exists
11 | containers:
12 | - env:
13 | - name: NODE_NAME
14 |
--------------------------------------------------------------------------------
/roles/kubernetes/node/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: node should be ready
7 | command: kubectl get node {{ ansible_nodename | lower }} -o jsonpath="{@.status.conditions[?(@.type=='Ready')].status}"
8 | register: this
9 | delegate_to: "{{ groups['controller_group'][0] }}"
10 | failed_when: "'True' not in this.stdout"
11 | changed_when: false
12 |
--------------------------------------------------------------------------------
/roles/telemetry/tas/files/kustomization_scheduler.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | apiVersion: kustomize.config.k8s.io/v1beta1
7 | kind: Kustomization
8 | namespace: kube-system
9 | resources:
10 | - kube-scheduler.yaml
11 |
12 | patchesJson6902:
13 | - target:
14 | version: v1
15 | kind: Pod
16 | name: kube-scheduler
17 | path: extend_scheduler.yml
18 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/flannel/controlplane/templates/flannel_change_cidr.yml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | kind: ConfigMap
7 | apiVersion: v1
8 | metadata:
9 | name: kube-flannel-cfg
10 | namespace: kube-system
11 | data:
12 | net-conf.json: |
13 | {
14 | "Network": "{{ flannel_cidr }}",
15 | "Backend": {
16 | "Type": "vxlan"
17 | }
18 | }
19 |
--------------------------------------------------------------------------------
/roles/infrastructure/docker/tasks/prune.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: check if docker is installed
7 | shell: command -v docker >/dev/null 2>&1
8 | register: docker_exec
9 | ignore_errors: yes
10 | changed_when: false
11 |
12 | - name: prune everything
13 | command: docker system prune --all --force
14 | when: docker_exec.rc == 0
15 | ignore_errors: yes
16 |
--------------------------------------------------------------------------------
/roles/infrastructure/git_repo/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | - name: Remove old repository folder
6 | file:
7 | path: "{{ _git_repo_dest }}"
8 | state: absent
9 |
10 | - name: clean git http proxy
11 | git_config:
12 | name: http.proxy
13 | scope: global
14 | state: absent
15 | when: proxy_enable|bool and git_http_proxy
16 | ignore_errors: yes
17 |
--------------------------------------------------------------------------------
/roles/infrastructure/grub/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | hugepage_size: "2M" # Or 1G
7 | hugepage_amount: "5000"
8 |
9 | default_grub_params: "default_hugepagesz={{ hugepage_size }} hugepagesz={{ hugepage_size }} hugepages={{ hugepage_amount }} intel_iommu=on iommu=pt"
10 |
11 | # Place for additional GRUB parameters, e.g. for CMK
12 | additional_grub_params: ""
13 |
--------------------------------------------------------------------------------
/roles/infrastructure/os_setup/tasks/add_yum_excludes.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | - name: Add excludes (rpm packages) to yum.conf
6 | lineinfile:
7 | dest: /etc/yum.conf
8 | line: "{{ _os_yum_exclude_rpm_packages }}"
9 | insertafter: EOF
10 | when:
11 | - _os_yum_exclude_rpm_packages is defined
12 | - _os_yum_exclude_rpm_packages|length > 0
13 | become: yes
14 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/calico/controlplane/files/kustomization.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | resources:
7 | - calico.yml
8 |
9 | patchesStrategicMerge:
10 | - change_cidr.yml
11 | - customize_calico_conf.yml
12 |
13 | patchesJson6902:
14 | - target:
15 | group: apps
16 | version: v1
17 | kind: DaemonSet
18 | name: calico-node
19 | path: customize_calico_container.yml
20 |
--------------------------------------------------------------------------------
/roles/kubernetes/istio/tasks/policy.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: create Istio PeerAuthentication policy file
7 | template:
8 | src: authentication.yaml.j2
9 | dest: "{{ _istio_main_dir }}/authentication.yaml"
10 |
11 | - name: enforce mutual TLS for Istio traffic
12 | command: "kubectl apply -f {{ _istio_main_dir }}/authentication.yaml"
13 | changed_when: true
14 |
--------------------------------------------------------------------------------
/roles/telemetry/grafana/templates/volume.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | kind: PersistentVolume
7 | apiVersion: v1
8 | metadata:
9 | name: "{{ item }}"
10 | spec:
11 | storageClassName: grafana
12 | capacity:
13 | storage: 10Gi
14 | persistentVolumeReclaimPolicy: Recycle
15 | accessModes:
16 | - ReadWriteOnce
17 | hostPath:
18 | path: "{{ _pv_dir }}/{{ item }}"
19 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/calico/controlplane/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: verify calico deployments
7 | check_k8s_object:
8 | name: calico-kube-controllers
9 | namespace: kube-system
10 | kind: deployment
11 |
12 | - name: verify calico daemonsets
13 | check_k8s_object:
14 | name: calico-node
15 | namespace: kube-system
16 | kind: daemonset
17 |
--------------------------------------------------------------------------------
/roles/kubernetes/harbor_registry/node/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: load docker-registry variables
7 | include_vars: ../../controlplane/defaults/main.yml
8 |
9 | - name: cert should be present
10 | stat:
11 | path: /etc/docker/certs.d/{{ _registry_ip_address }}:{{ _registry_port }}/harbor.crt
12 | register: this
13 | failed_when: not this.stat.exists
14 |
--------------------------------------------------------------------------------
/roles/telemetry/opentelemetry/node/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: include certs variables
7 | include_vars: ../../../certs/defaults/main.yml
8 |
9 | - name: remove otel collector certificates
10 | file:
11 | path: "{{ _telemetry_certs_dest }}/{{ item }}"
12 | state: absent
13 | with_items:
14 | - otel_collector
15 | - otel-collector.telemetry.svc
16 |
--------------------------------------------------------------------------------
/scripts/task_log_file.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | # SPDX-License-Identifier: Apache-2.0
3 | # Copyright (c) 2019-2020 Intel Corporation
4 |
5 | set -euxo pipefail
6 |
7 | BASE_PATH="$( cd "$(dirname "$0")" ; pwd -P )"
8 |
9 | [ -d "${BASE_PATH}/logs" ] || mkdir "${BASE_PATH}/logs"
10 | FILENAME=$(date +%Y-%m-%d_%H-%M-%S_ansible.log)
11 |
12 | # Comment out below export to disable console logs saving to files.
13 | export ANSIBLE_LOG_PATH="${BASE_PATH}/logs/${FILENAME}"
14 |
--------------------------------------------------------------------------------
/roles/infrastructure/vca_node_setup/files/shutdown_vca.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # SPDX-License-Identifier: Apache-2.0
3 | # Copyright (c) 2020 Intel Corporation
4 |
5 | NCARDS=$(vcactl status | grep -c Card)
6 | if [ "$NCARDS" -le 0 ];then
7 | echo "No VCAC-A card detected!"
8 | exit 1
9 | fi
10 |
11 | for CARD in $(seq 0 $((NCARDS-1)))
12 | do
13 | vcactl pwrbtn-long "${CARD}" 0
14 | vcactl pwrbtn-short "${CARD}" 0
15 | vcactl reset "${CARD}" 0 --force
16 | done
17 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/kubeovn/node/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | - name: load kubeovn common variables
6 | include_vars: ../../common/defaults/main.yml
7 |
8 | - name: cleanup kubeovn common
9 | include_tasks: ../../common/tasks/cleanup.yml
10 |
11 | - name: remove ovn packages
12 | yum:
13 | name: "{{ _ovs_packages_to_remove }}"
14 | state: absent
15 | become: yes
16 |
--------------------------------------------------------------------------------
/roles/infrastructure/os_setup/tasks/disable_selinux.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | - name: Set SELinux to permissive mode (till next reboot) (1/2)
6 | command: setenforce 0
7 | ignore_errors: true
8 | changed_when: false
9 | become: yes
10 |
11 | - name: Set SELinux to permissive mode permanently (2/2)
12 | selinux:
13 | policy: targeted
14 | state: permissive
15 | become: yes
16 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/kubeovn/common/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: remove ovs/ovn scripts
7 | file:
8 | path: "{{ _kubeovn_scripts_dest }}/{{ item }}"
9 | state: absent
10 | with_items: "{{ _kubeovn_scripts }}"
11 |
12 | - name: remove ovs/ovn config
13 | file:
14 | path: "{{ _kubeovn_ovs_config_path }}"
15 | state: absent
16 | become: true
17 |
18 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/multus/controlplane/files/multus-cni/templates/crb.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | kind: ClusterRoleBinding
7 | apiVersion: rbac.authorization.k8s.io/v1
8 | metadata:
9 | name: multus
10 | roleRef:
11 | apiGroup: rbac.authorization.k8s.io
12 | kind: ClusterRole
13 | name: multus
14 | subjects:
15 | - kind: ServiceAccount
16 | name: multus
17 | namespace: kube-system
18 |
--------------------------------------------------------------------------------
/roles/telemetry/tas/templates/use_local_docker_registry.yml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - op: replace
7 | path: /spec/template/spec/containers/0/image
8 | value: {{ _registry_ip_address }}:{{ _registry_port }}/intel/tas-controller:latest
9 | - op: replace
10 | path: /spec/template/spec/containers/1/image
11 | value: {{ _registry_ip_address }}:{{ _registry_port }}/intel/tas-extender:latest
12 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/calico/controlplane/templates/customize_calico_conf.yml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | apiVersion: apps/v1
7 | kind: DaemonSet
8 | metadata:
9 | name: calico-node
10 | spec:
11 | template:
12 | spec:
13 | initContainers:
14 | - name: install-cni
15 | env:
16 | - name: CNI_CONF_NAME
17 | value: "{{ cni_weight }}-calico.conflist"
18 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/multus/controlplane/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: verify multus daemonset
7 | check_k8s_object:
8 | name: kube-multus-ds-amd64
9 | namespace: kube-system
10 | kind: daemonset
11 |
12 | - name: 00-multus.conf should be present
13 | stat:
14 | path: /etc/cni/net.d/00-multus.conf
15 | register: this
16 | failed_when: not this.stat.exists
17 |
--------------------------------------------------------------------------------
/roles/applications/openness/node/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 | - name: remove generated files
6 | file:
7 | path: "{{ item }}"
8 | state: absent
9 | with_items:
10 | - "{{ openness_dir }}"
11 | - /etc/logrotate.d/edgeservices
12 | become: yes
13 |
14 | # built executables are removed during git_repo's role cleanup
15 | # built Docker images are removed during docker's role cleanup
16 |
--------------------------------------------------------------------------------
/roles/kubernetes/dashboard/templates/values.yml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | service:
7 | type: NodePort
8 | externalPort: 443
9 | nodePort: {{ _dashboard_port }}
10 |
11 | nodeSelector: {"node-role.kubernetes.io/master":""}
12 |
13 | tolerations:
14 | - key: "node-role.kubernetes.io/master"
15 | operator: "Exists"
16 | effect: "NoSchedule"
17 |
18 | protocolHttp: {{ disable_dashboard_tls }}
19 |
--------------------------------------------------------------------------------
/roles/telemetry/prometheus/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: verify prometheus-server deployment
7 | check_k8s_object:
8 | name: prometheus-server
9 | namespace: telemetry
10 | kind: deployment
11 |
12 | - name: verify prometheus-node-exporter daemonsets
13 | check_k8s_object:
14 | name: prometheus-node-exporter
15 | namespace: telemetry
16 | kind: daemonset
17 |
--------------------------------------------------------------------------------
/roles/telemetry/tas/files/custom-metrics-apiservice.yaml.patch:
--------------------------------------------------------------------------------
1 | --- custom-metrics-apiservice.yaml 2020-06-17 16:47:05.932000000 +0200
2 | +++ custom-metrics-apiservice.yaml.new 2020-06-19 11:58:45.829000000 +0200
3 | @@ -5,7 +5,7 @@
4 | spec:
5 | service:
6 | name: custom-metrics-apiserver
7 | - namespace: custom-metrics
8 | + namespace: {{ .Values.apiServiceNamespace }}
9 | group: custom.metrics.k8s.io
10 | version: v1beta1
11 | insecureSkipTLSVerify: true
12 |
--------------------------------------------------------------------------------
/Pipfile:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | [[source]]
5 | url = "https://pypi.python.org/simple"
6 | verify_ssl = true
7 | name = "pypi"
8 |
9 | [packages]
10 | ansible = "==2.9.20"
11 | ansible-lint = "==4.2.0"
12 | jinja2 = "==2.11.3"
13 | pylint = "==2.7.2"
14 | netaddr = "==0.7.18"
15 | sh = "==1.14.1"
16 | # Force 3.2 due to security vulnabilities in 3.4.6
17 | cryptography = "==3.3.2"
18 |
19 | [requires]
20 | python_version = "3.6"
21 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/calico/controlplane/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | _calico_version: "v3.17"
6 | _calico_manifest: "{{ 'calico-bpf.yaml' if calico_ebpf_enabled else 'calico.yaml' }}"
7 | _calico_url: https://docs.projectcalico.org/{{ _calico_version }}/manifests/{{ _calico_manifest }}
8 | calico_ipam_type: "{{ 'calico-ipam' if calico_ebpf_enabled else 'host-local' }}"
9 |
10 | calico_cidr: "10.245.0.0/16"
11 |
--------------------------------------------------------------------------------
/roles/applications/kafka/templates/volume.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | kind: PersistentVolume
7 | apiVersion: v1
8 | metadata:
9 | name: "{{ item }}"
10 | labels:
11 | name: "{{ item }}"
12 | spec:
13 | storageClassName:
14 | capacity:
15 | storage: 10Gi
16 | persistentVolumeReclaimPolicy: Recycle
17 | accessModes:
18 | - ReadWriteOnce
19 | hostPath:
20 | path: "{{ _kafka_pv_dir }}/{{ item }}"
21 |
--------------------------------------------------------------------------------
/roles/kubernetes/qat_dev_plugin/controller/charts/intel-qat-plugin/templates/qat_plugin_configmap.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | apiVersion: v1
6 | kind: ConfigMap
7 | metadata:
8 | name: "{{ .Release.Name }}-config"
9 | data:
10 | DPDK_DRIVER: "{{ .Values.drivers.dpdk }}"
11 | KERNEL_VF_DRIVERS: "{{ .Values.drivers.kernel }}"
12 | MAX_NUM_DEVICES: "{{ .Values.maxNumDevices }}"
13 | DEBUG: "{{ .Values.debug }}"
14 |
--------------------------------------------------------------------------------
/roles/telemetry/certs/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: include certs variables
7 | include_vars: ../defaults/main.yml
8 |
9 | - name: delete telemetry namespace
10 | command: kubectl delete namespace telemetry
11 | changed_when: true
12 | ignore_errors: yes
13 |
14 | - name: delete telemetry certificate directory
15 | file:
16 | name: "{{ _telemetry_certs_dest }}"
17 | state: absent
18 |
--------------------------------------------------------------------------------
/roles/infrastructure/qemu/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | _qemu_version: "5.2.0"
7 | _qemu_targets: "x86_64-softmmu"
8 |
9 | _qemu_name: "qemu-{{ _qemu_version }}"
10 | _qemu_download_url: "https://download.qemu.org/{{ _qemu_name }}.tar.xz"
11 | _qemu_download_dest: "/tmp/{{ _qemu_name }}.tar.xz"
12 | _qemu_install_dir: "/opt/{{ _qemu_name }}"
13 |
14 | _qemu_download_retries: 20
15 | _qemu_download_interval: 30
16 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/sriov/controlplane/files/sriov/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *.orig
18 | *~
19 | # Various IDEs
20 | .project
21 | .idea/
22 | *.tmproj
23 | .vscode/
24 |
--------------------------------------------------------------------------------
/roles/telemetry/grafana/files/_pod.tpl.patch:
--------------------------------------------------------------------------------
1 | --- _pod.tpl 2020-06-26 13:57:01.803000000 +0200
2 | +++ _pod.tpl.new 2020-06-26 13:59:30.809000000 +0200
3 | @@ -340,7 +340,9 @@
4 | {{- end -}}
5 | {{- if .Values.sidecar.dashboards.enabled }}
6 | - name: sc-dashboard-volume
7 | - emptyDir: {}
8 | + hostPath:
9 | + path: {{ .Values.dashboardsDir }}
10 | + type: DirectoryOrCreate
11 | {{- if .Values.sidecar.dashboards.SCProvider }}
12 | - name: sc-dashboard-provider
13 | configMap:
14 |
--------------------------------------------------------------------------------
/roles/infrastructure/git_repo/tasks/gitconfig_remove.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 | - name: remove temporary gitconfig
6 | file:
7 | path: "{{ openness_dir }}/.openness_gitconfig"
8 | state: absent
9 |
10 | - name: remove include in gitconfig
11 | blockinfile:
12 | path: "{{ ansible_env.HOME }}/.gitconfig"
13 | state: absent
14 | block: |
15 | [include]
16 | path = {{ openness_dir }}/.openness_gitconfig
17 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/multus/controlplane/files/multus-cni/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *.orig
18 | *~
19 | # Various IDEs
20 | .project
21 | .idea/
22 | *.tmproj
23 | .vscode/
24 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/sriov/controlplane/files/sriov/values.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | registry_ip: ""
7 | registry_port: ""
8 |
9 | sriov_kubevirt_enable: false
10 | fpga_sriov_userspace_enable: false
11 | acc100_sriov_userspace_enable: false
12 |
13 | #sriov dev plugin values:
14 | namespace: kube-system
15 | image:
16 | repository: nfvpe/sriov-device-plugin
17 | tag: latest
18 | pullPolicy: IfNotPresent
19 | log:
20 | level: 10
21 |
--------------------------------------------------------------------------------
/roles/infrastructure/grub/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: get current kernel params
7 | command: cat /proc/cmdline
8 | register: kernel_params
9 | changed_when: false
10 |
11 | - name: print grub params
12 | debug:
13 | msg:
14 | - "current: '{{ kernel_params.stdout }}'"
15 | - "default_grub_params: '{{ default_grub_params }}'"
16 | - "additional_grub_params: '{{ additional_grub_params }}'"
17 |
18 |
--------------------------------------------------------------------------------
/roles/kubernetes/node/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | _kubernetes_env_file: "/etc/sysconfig/kubelet"
7 | _kubernetes_config_file: "/usr/lib/systemd/system/kubelet.service.d/kubelet_config.yml"
8 |
9 | cpu:
10 | policy: "static" # Options: none (disabled), static (default)
11 | reserved_cpus: 1
12 |
13 | topology_manager:
14 | policy: "best-effort" # Options: none (disabled), best-effort (default), restricted, single-numa-node
15 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/multus/controlplane/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: remove multus-cni release if exist
7 | block:
8 | - name: check if multus-cni release exists
9 | command: helm status multus-release
10 | ignore_errors: yes
11 | register: get_release_multus
12 | - name: remove multus-cni release
13 | command: helm uninstall multus-release
14 | when: get_release_multus.rc == 0
15 | changed_when: true
16 |
--------------------------------------------------------------------------------
/roles/telemetry/cadvisor/controlplane/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: include cAdvisor variables
7 | include_vars: ../defaults/main.yml
8 |
9 | - name: remove cAdvisor chart template directory
10 | file:
11 | path: "{{ _cadvisor_chart_dir }}"
12 | state: absent
13 |
14 | - name: uninstall cAdvisor using Helm
15 | command: "helm uninstall cadvisor --namespace telemetry"
16 | changed_when: true
17 | ignore_errors: yes
18 |
--------------------------------------------------------------------------------
/roles/applications/openness/common/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | - name: enable or disable certificate signer/requester
6 | set_fact:
7 | cert_enabled: "{{ (eaa_enable or dns_enable or ('kubeovn' in kubernetes_cnis)) | bool }}"
8 | _gitconfig_bootstrap_path: "{{ role_path }}/../../../infrastructure/git_repo/tasks/gitconfig_bootstrap.yml"
9 | _gitconfig_remove_path: "{{ role_path }}/../../../infrastructure/git_repo/tasks/gitconfig_remove.yml"
10 |
--------------------------------------------------------------------------------
/roles/infrastructure/os_setup/tasks/disable_swap.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | - name: Disable SWAP (current session) (1/2)
6 | command: swapoff -a
7 | changed_when: true
8 | become: yes
9 |
10 | - name: Disable SWAP (in /etc/fstab) (2/2)
11 | replace:
12 | path: /etc/fstab
13 | # Cannot use \b or \s to delimit 'swap' word, since they would match newlines
14 | regexp: '^([^#\n]*[ \t]swap[ \t].*)$'
15 | replace: '# \1'
16 | become: yes
17 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/kubeovn/controlplane/templates/crd_local.yml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | {% for item in groups['edgenode_group'] %}
5 | ---
6 | apiVersion: kubeovn.io/v1
7 | kind: Subnet
8 | metadata:
9 | name: "{{ item }}-local"
10 | spec:
11 | protocol: IPv4
12 | default: false
13 | cidrBlock: "192.168.{{ loop.index0 + 1 }}.0/24"
14 | gateway: "192.168.{{ loop.index0 + 1 }}.1"
15 | excludeIps:
16 | - "192.168.{{ loop.index0 + 1 }}.1"
17 | {% endfor %}
18 |
--------------------------------------------------------------------------------
/roles/kubernetes/custom_namespace/tasks/create_ns.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: Check if namespace '{{ item }}' already exists
7 | command: kubectl get namespace {{ item }}
8 | register: get_custom_ns
9 | changed_when: false
10 | failed_when:
11 | - get_custom_ns.rc != 0
12 | - get_custom_ns.rc != 1
13 |
14 | - name: Create namespace '{{ item }}'
15 | command: kubectl create namespace {{ item }}
16 | when: get_custom_ns.rc == 1
17 |
--------------------------------------------------------------------------------
/roles/kubernetes/custom_namespace/tasks/delete_ns.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: Check if namespace '{{ item }}' still exists
7 | command: kubectl get namespace {{ item }}
8 | register: get_custom_ns
9 | changed_when: false
10 | failed_when:
11 | - get_custom_ns.rc != 0
12 | - get_custom_ns.rc != 1
13 |
14 | - name: Delete namespace '{{ item }}'
15 | command: kubectl delete namespace {{ item }}
16 | when: get_custom_ns.rc == 0
17 |
--------------------------------------------------------------------------------
/roles/applications/video_analytics_services/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: include variables
7 | include_vars: ../defaults/main.yml
8 |
9 | - name: remove VAS chart directory
10 | file:
11 | path: "{{ ne_helm_charts_default_dir }}/{{ _vas_helmReleaseName }}"
12 | state: absent
13 |
14 | - name: uninstall if an older version
15 | command: helm uninstall {{ _vas_helmReleaseName }}
16 | changed_when: true
17 | ignore_errors: yes
18 |
--------------------------------------------------------------------------------
/roles/infrastructure/os_setup/tasks/proxy_os_env_remove.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | - name: Remove proxy from /etc/environment
6 | lineinfile:
7 | dest: /etc/environment
8 | regexp: "^{{ item }}=.*"
9 | state: absent
10 | with_items:
11 | - http_proxy
12 | - https_proxy
13 | - HTTPS_PROXY
14 | - HTTP_PROXY
15 | - FTP_PROXY
16 | - ftp_proxy
17 | - no_proxy
18 | - NO_PROXY
19 | when: proxy_remove_old
20 | become: yes
21 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/multus/controlplane/files/multus-cni/templates/cr.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | kind: ClusterRole
7 | apiVersion: rbac.authorization.k8s.io/v1
8 | metadata:
9 | name: multus
10 | rules:
11 | - apiGroups: ["k8s.cni.cncf.io"]
12 | resources:
13 | - '*'
14 | verbs:
15 | - '*'
16 | - apiGroups:
17 | - ""
18 | resources:
19 | - pods
20 | - pods/status
21 | verbs:
22 | - get
23 | - update
24 |
--------------------------------------------------------------------------------
/roles/kubernetes/common/templates/http-proxy.conf.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | [Service]
5 | {% if proxy_http is defined and proxy_http|length %}
6 | Environment="HTTP_PROXY={{ proxy_http }}"
7 | {% endif %}
8 | {% if proxy_https is defined and proxy_https|length %}
9 | Environment="HTTPS_PROXY={{ proxy_https }}"
10 | {% endif %}
11 | {% if proxy_noproxy is defined and proxy_noproxy|length %}
12 | Environment="NO_PROXY={{ ansible_host }},{{ proxy_noproxy }}"
13 | {% endif %}
14 |
--------------------------------------------------------------------------------
/roles/kubernetes/rmd/controlplane/templates/rmdNetworkPolicy.yaml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 | #
4 |
5 | apiVersion: networking.k8s.io/v1
6 | kind: NetworkPolicy
7 | metadata:
8 | name: rmd-policy
9 | namespace: default
10 | spec:
11 | ingress:
12 | - from:
13 | - ipBlock:
14 | cidr: {{ _base_noproxy.split(',')[8] }} # primary continer network
15 | ports:
16 | - port: 8081
17 | protocol: TCP
18 | podSelector: {}
19 | policyTypes:
20 | - Ingress
21 |
--------------------------------------------------------------------------------
/roles/infrastructure/docker/templates/http-proxy.conf.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | [Service]
5 | {% if proxy_http is defined and proxy_http|length %}
6 | Environment="HTTP_PROXY={{ proxy_http }}"
7 | {% endif %}
8 | {% if proxy_https is defined and proxy_https|length %}
9 | Environment="HTTPS_PROXY={{ proxy_https }}"
10 | {% endif %}
11 | {% if proxy_noproxy is defined and proxy_noproxy|length %}
12 | Environment="NO_PROXY={{ ansible_host }},{{ proxy_noproxy }}"
13 | {% endif %}
14 |
--------------------------------------------------------------------------------
/roles/kubernetes/harbor_registry/node/tasks/node_cert.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | - name: create directory for copying certificate
6 | file:
7 | path: /etc/docker/certs.d/{{ _registry_ip_address }}:{{ _registry_port }}
8 | state: directory
9 | mode: '0755'
10 | become: yes
11 |
12 | - name: copy docker registry cert to VCA node
13 | command: "scp -r /etc/docker/certs.d {{ vca_node_ip }}:/etc/docker/"
14 | when: vca_node_ip is defined
15 | become: yes
16 |
--------------------------------------------------------------------------------
/roles/kubernetes/hddl/network_edge/common/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: download Dockerfile
7 | git:
8 | repo: "{{ _hddldaemon_container.url }}"
9 | dest: "{{ _hddldaemon_container.download_dir }}"
10 | clone: yes
11 | update: no
12 | version: "{{ _hddldaemon_container.commit }}"
13 | register: result
14 | retries: "{{ number_of_retries }}"
15 | until: result is succeeded
16 | delay: "{{ retry_delay }}"
17 | become: yes
18 |
--------------------------------------------------------------------------------
/roles/kubernetes/rmd/common/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | _rmd_main_dir: "/tmp/rmd"
6 |
7 | _rmd_src_dir: "{{ _rmd_main_dir }}/src"
8 | _rmd_repo: "https://github.com/intel/rmd"
9 | _rmd_tag: "v0.3.1"
10 |
11 | _rmd_operator_dir: "{{ _rmd_main_dir }}/operator"
12 | _rmd_operator_repo: "https://github.com/intel/rmd-operator"
13 | _rmd_operator_tag: "v0.3"
14 |
15 | _pqos_dir: "{{ _rmd_main_dir }}/pqos"
16 | _pqos_repo: "https://github.com/intel/intel-cmt-cat"
17 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/controlplane/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: include collectd variables
7 | include_vars: ../defaults/main.yml
8 |
9 | - name: remove collectd chart template directory
10 | file:
11 | path: "{{ ne_helm_charts_default_dir }}/collectd"
12 | state: absent
13 |
14 | - name: uninstall collectd using Helm
15 | command: "helm uninstall collectd --namespace telemetry"
16 | changed_when: true
17 | ignore_errors: yes
18 |
--------------------------------------------------------------------------------
/roles/applications/openness/node/tasks/prebuild/certificate_dirs.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: create openness certificate directories
7 | file:
8 | path: "{{ item.dir }}"
9 | state: directory
10 | owner: "{{ item.owner }}"
11 | group: 1001
12 | with_items:
13 | - {dir: "{{ _certs_dest }}/eaa", owner: 1005}
14 | - {dir: "{{ _certs_dest }}/edgedns", owner: 1006}
15 | - {dir: "{{ _certs_dest }}/interfaceservice", owner: 1007}
16 | become: yes
17 |
--------------------------------------------------------------------------------
/roles/kubernetes/istio/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: check if host is controller
7 | debug:
8 | msg: "istio is only for controller/k8s master host"
9 | when: "'controller_group' not in group_names"
10 |
11 | - include_tasks: istio.yml
12 | when: "'controller_group' in group_names"
13 |
14 | - include_tasks: smi.yml
15 | when: "'controller_group' in group_names"
16 |
17 | - include_tasks: policy.yml
18 | when: "'controller_group' in group_names"
19 |
--------------------------------------------------------------------------------
/roles/telemetry/pcm/controlplane/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: remove grafana dashboards config folder
7 | file:
8 | path: "{{ _grafana_dashboards_conf }}"
9 | state: absent
10 |
11 | - name: remove grafana dashboards provisioning folder
12 | file:
13 | path: "{{ _grafana_dashboards_prov }}"
14 | state: absent
15 |
16 | - name: unistall pcm
17 | command: helm uninstall pcm --namespace telemetry
18 | ignore_errors: yes
19 | changed_when: true
20 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/flannel/controlplane/templates/flannel_network_definition.yml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | apiVersion: "k8s.cni.cncf.io/v1"
7 | kind: NetworkAttachmentDefinition
8 | metadata:
9 | name: openness-flannel
10 | spec:
11 | config: '{
12 | "cniVersion": "0.3.1",
13 | "name": "openness-flannel",
14 | "type": "flannel",
15 | "mtu": 1440,
16 | "ipam": {
17 | "type": "host-local",
18 | "routes": [{"dst": "{{ flannel_cidr }}"}]
19 | }
20 | }'
21 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/sriov/node/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | # since the pod is part of DaemonSet it will be recreated after deletion
7 | - name: recreate SR-IOV device plugin pod if already exists
8 | shell: >
9 | kubectl delete -n kube-system $(kubectl get pods -n kube-system
10 | --field-selector spec.nodeName={{ node_name }} -o=NAME
11 | | grep device-plugin )
12 | delegate_to: "{{ groups['controller_group'][0] }}"
13 | ignore_errors: yes
14 | changed_when: true
15 |
--------------------------------------------------------------------------------
/roles/kubernetes/qat_dev_plugin/controller/templates/values.yml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | image:
6 | repository: {{ _qat_dp.image }}
7 | tag: {{ _qat_dp.version }}
8 | pullPolicy: IfNotPresent
9 |
10 | drivers:
11 | dpdk: {{ _qat_dp.dpdk_drivers }}
12 | kernel: {{ _qat_dp.kernel_drivers }}
13 |
14 | maxNumDevices: {{ _qat_dp.max_num_devices }}
15 |
16 | debug: {{ _qat_dp.debug | default("false") }}
17 |
18 | apparmor:
19 | profile: {{ _qat_dp.apparmor_profile | default("unconfined") }}
20 |
--------------------------------------------------------------------------------
/roles/telemetry/opentelemetry/controlplane/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: include otel collector variables
7 | include_vars: ../defaults/main.yml
8 |
9 | - name: remove otel collector chart template directory
10 | file:
11 | path: "{{ _otel_collector_chart_dir }}"
12 | state: absent
13 |
14 | - name: uninstall otel collector using Helm
15 | command: "helm uninstall otel-collector --namespace telemetry"
16 | changed_when: true
17 | ignore_errors: yes
--------------------------------------------------------------------------------
/roles/telemetry/prometheus/files/server-service-tls.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | apiVersion: v1
7 | kind: Service
8 | metadata:
9 | name: {{ .Values.proxy.service.name }}
10 | namespace: telemetry
11 | spec:
12 | clusterIP: {{ .Values.server.service.clusterIP }}
13 | selector: {{- include "prometheus.server.matchLabels" . | nindent 4 }}
14 | ports:
15 | - name: https
16 | protocol: TCP
17 | port: {{ .Values.proxy.apiPort }}
18 | targetPort: {{ .Values.proxy.apiPort }}
19 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/multus/controlplane/files/multus-cni/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | {{/*
2 | SPDX-License-Identifier: Apache-2.0
3 | Copyright (c) 2020 Intel Corporation
4 | */}}
5 |
6 | Chart {{ .Chart.Name }} was successfully installed
7 |
8 | Multus image was saved in local Harobr registry
9 | Image name: {{ .Values.registry_ip }}:{{ .Values.registry_port }}/intel/multus:{{ .Values.image_tag }}
10 |
11 | Your release is named {{ .Release.Name }}.
12 |
13 | To learn more about the release, try:
14 |
15 | $ helm status {{ .Release.Name }}
16 | $ helm get all {{ .Release.Name }}
17 |
--------------------------------------------------------------------------------
/roles/applications/kafka/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: check kafka deployments
7 | check_k8s_object:
8 | kind: deployment
9 | name: "{{ item }}"
10 | namespace: kafka
11 | with_items:
12 | - strimzi-cluster-operator
13 | - cluster-entity-operator
14 |
15 | - name: check kafka statefulsets
16 | check_k8s_object:
17 | kind: statefulset
18 | name: "{{ item }}"
19 | namespace: kafka
20 | with_items:
21 | - cluster-kafka
22 | - cluster-zookeeper
23 |
24 |
--------------------------------------------------------------------------------
/roles/kubernetes/kubevirt/controlplane/files/cdiNetworkPolicy.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | apiVersion: networking.k8s.io/v1
5 | kind: NetworkPolicy
6 | metadata:
7 | name: cdi-upload-proxy-policy
8 | namespace: default
9 | spec:
10 | ingress:
11 | - from:
12 | - namespaceSelector:
13 | matchLabels:
14 | ns: cdi
15 | ports:
16 | - port: 8443
17 | protocol: TCP
18 | podSelector:
19 | matchLabels:
20 | app: containerized-data-importer
21 | policyTypes:
22 | - Ingress
23 |
--------------------------------------------------------------------------------
/roles/telemetry/tas/files/descheduler_policy.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | apiVersion: v1
6 | kind: ConfigMap
7 | metadata:
8 | name: descheduler-policy-configmap
9 | namespace: kube-system
10 | data:
11 | policy.yaml: |
12 | apiVersion: "descheduler/v1alpha1"
13 | kind: "DeschedulerPolicy"
14 | strategies:
15 | "RemovePodsViolatingNodeAffinity":
16 | enabled: true
17 | params:
18 | nodeAffinityType:
19 | - "requiredDuringSchedulingIgnoredDuringExecution"
20 |
--------------------------------------------------------------------------------
/roles/infrastructure/ptp/common/tasks/verify_ptp_status.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: Check if ptp4l and pch2sys processes exist
7 | shell: ps -d | grep {{ item }}
8 | with_items:
9 | - ptp4l
10 | - phc2sys
11 | register: ps_results
12 | changed_when: true
13 | ignore_errors: true
14 | become: yes
15 |
16 | - name: Verify ps output
17 | set_fact:
18 | _ptp4l_phc2sys_on: true
19 | when: item.stdout_lines | length > 0
20 | with_items: "{{ ps_results.results }}"
21 | changed_when: true
22 |
--------------------------------------------------------------------------------
/flavors/media-analytics-vca/all.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | # Network Edge's Kubernetes CNIs
5 | # WeaveNet CNI for VCAC-A
6 | kubernetes_cnis:
7 | - weavenet
8 |
9 | # VCA's CIDR (will be included automatically to noproxy when weavenet is included in kubernetes_cnis)
10 | vca_cidr: "172.32.1.0/12"
11 |
12 | # Kubernetes device plugins
13 | k8s_device_plugins_enable: true
14 |
15 | # Deploy Video Analytics services
16 | video_analytics_services_enable: false
17 |
18 | # VCA system image force build
19 | force_build_enable: true
20 |
--------------------------------------------------------------------------------
/roles/kubernetes/nfd/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: load nfd vars
7 | include_vars: ../defaults/main.yml
8 |
9 | - name: check nfd controlplane deployment
10 | check_k8s_object:
11 | name: "{{ _nfd_release_name }}-node-feature-discovery-master"
12 | namespace: openness
13 | kind: deployment
14 |
15 | - name: check nfd daemonset workers
16 | check_k8s_object:
17 | name: "{{ _nfd_release_name }}-node-feature-discovery-worker"
18 | namespace: openness
19 | kind: daemonset
20 |
--------------------------------------------------------------------------------
/roles/telemetry/tas/files/extend_scheduler.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - op: add
7 | path: /spec/containers/0/command/-
8 | value: --config=/etc/kubernetes/scheduler-config.yml
9 | - op: add
10 | path: /spec/volumes/-
11 | value:
12 | hostPath:
13 | path: /etc/kubernetes/scheduler-config.yml
14 | type: File
15 | name: config
16 | - op: add
17 | path: /spec/containers/0/volumeMounts/-
18 | value:
19 | mountPath: /etc/kubernetes/scheduler-config.yml
20 | name: config
21 | readOnly: true
22 |
--------------------------------------------------------------------------------
/roles/applications/kafka/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | _kafka_pv_dir: "{{ openness_dir }}/pv/kafka"
6 | _kafka_pv_names:
7 | - kafka-volume
8 | - zookeeper-volume
9 |
10 | _strimzi_chart_dir: "{{ ne_helm_charts_default_dir }}/strimzi"
11 | _strimzi_chart_dest: "{{ _strimzi_chart_dir }}/strimzi-chart.tgz"
12 | _strimzi_chart_url: "https://github.com/strimzi/strimzi-kafka-operator/releases/download/0.19.0/strimzi-kafka-operator-helm-3-chart-0.19.0.tgz"
13 | _strimzi_tar_name: "strimzi-kafka-operator-helm-3-chart-0.19.0.tgz"
14 |
--------------------------------------------------------------------------------
/roles/kubernetes/qat_dev_plugin/controller/charts/intel-qat-plugin/.helmignore:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | # Patterns to ignore when building packages.
5 | # This supports shell glob matching, relative path matching, and
6 | # negation (prefixed with !). Only one pattern per line.
7 | .DS_Store
8 | # Common VCS dirs
9 | .git/
10 | .gitignore
11 | .bzr/
12 | .bzrignore
13 | .hg/
14 | .hgignore
15 | .svn/
16 | # Common backup files
17 | *.swp
18 | *.bak
19 | *.tmp
20 | *~
21 | # Various IDEs
22 | .project
23 | .idea/
24 | *.tmproj
25 | .vscode/
26 |
--------------------------------------------------------------------------------
/roles/infrastructure/golang/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 |
6 | - name: remove Go files
7 | file:
8 | path: "{{ item }}"
9 | state: absent
10 | with_items:
11 | - /usr/local/go
12 | - /root/go
13 | become: yes
14 |
15 | - name: remove exports from /etc/profile
16 | lineinfile:
17 | state: absent
18 | dest: /etc/profile
19 | line: "{{ item }}"
20 | with_items:
21 | - "export GOROOT=/usr/local/go"
22 | - "export GOPATH=~/go"
23 | - "export PATH=$GOPATH/bin:$GOROOT/bin:$PATH"
24 | become: yes
25 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/flannel/node/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | - name: open flannel firewall rules
6 | ignore_errors: yes
7 | firewalld:
8 | port: 8472/udp
9 | permanent: yes
10 | state: enabled
11 | immediate: yes
12 | become: yes
13 |
14 | - name: patch node's Pod CIDR
15 | command: kubectl patch node "{{ node_name }}" -p '{ "spec":{ "podCIDR":"{{ flannel_cidr | ipsubnet(24, groups['all'].index(inventory_hostname)) }}" }}'
16 | delegate_to: "{{ groups['controller_group'][0] }}"
17 | changed_when: true
18 |
--------------------------------------------------------------------------------
/roles/telemetry/tas/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _tas_repo:
7 | url: "https://github.com/intel/telemetry-aware-scheduling.git"
8 | commit: "a13708825e854da919c6fdf05d50753113d04831"
9 |
10 | _prometheus_svc_url: "https://prometheus:9099/"
11 |
12 | _tas_svc_domain: "tas-service.telemetry.svc.cluster.local"
13 | _tas_svc_url: "https://tas-service.telemetry.svc.cluster.local:9001/"
14 |
15 | _descheduler_deployment_files:
16 | - descheduler_rbac.yaml
17 | - descheduler_policy.yaml
18 | - descheduler_cronjob.yaml
19 |
--------------------------------------------------------------------------------
/inventory/default/host_vars/controller/10-default.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | # ptp_port keeps the host's interface(s) that are connected to:
7 | # - a PTP MASTER node - in this case it should keep only one interface name, e.g.:
8 | # ptp_port: enp134s0f1
9 | # - or PTP SLAVE(S) - then it should store a list of interfaces connected to slaves, e.g.:
10 | # ptp_port:
11 | # - enp134s0f1
12 | ptp_port:
13 |
14 | # ptp_port_gm is the host's interface connected to a Grand Master, e.g.:
15 | # ptp_port_gm: enp134s0f0
16 | ptp_port_gm:
17 |
18 |
--------------------------------------------------------------------------------
/roles/kubernetes/common/tasks/proxy.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 | - name: create http-proxy.conf for kubelet service
6 | block:
7 | - name: create kubelet system config directory
8 | file:
9 | name: /usr/lib/systemd/system/kubelet.service.d/
10 | state: directory
11 | - name: create http-proxy.conf from template
12 | template:
13 | src: http-proxy.conf.j2
14 | dest: /usr/lib/systemd/system/kubelet.service.d/http-proxy.conf
15 | notify:
16 | - enable and restart kubelet
17 | become: yes
18 |
--------------------------------------------------------------------------------
/roles/telemetry/opentelemetry/controlplane/charts/.helmignore:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | # Patterns to ignore when building packages.
5 | # This supports shell glob matching, relative path matching, and
6 | # negation (prefixed with !). Only one pattern per line.
7 | .DS_Store
8 | # Common VCS dirs
9 | .git/
10 | .gitignore
11 | .bzr/
12 | .bzrignore
13 | .hg/
14 | .hgignore
15 | .svn/
16 | # Common backup files
17 | *.swp
18 | *.bak
19 | *.tmp
20 | *.orig
21 | *~
22 | # Various IDEs
23 | .project
24 | .idea/
25 | *.tmproj
26 | .vscode/
27 |
--------------------------------------------------------------------------------
/roles/telemetry/tas/templates/scheduler-config.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | apiVersion: kubescheduler.config.k8s.io/v1beta1
7 | kind: KubeSchedulerConfiguration
8 | clientConnection:
9 | kubeconfig: /etc/kubernetes/scheduler.conf
10 | extenders:
11 | - urlPrefix: "{{ _tas_svc_url }}"
12 | prioritizeVerb: "scheduler/prioritize"
13 | filterVerb: "scheduler/filter"
14 | weight: 1
15 | enableHTTPS: true
16 | managedResources:
17 | - name: "telemetry/scheduling"
18 | ignoredByScheduler: true
19 | ignorable: true
20 |
--------------------------------------------------------------------------------
/tasks/print_vars.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: print hostvars
7 | debug:
8 | var: hostvars[inventory_hostname]
9 |
10 | - name: print vars about environment
11 | debug:
12 | msg: |
13 | ansible ver: {{ ansible_version.string }}
14 | distro: {{ ansible_distribution }} {{ ansible_distribution_version }}
15 | hostname: {{ ansible_nodename }}
16 | cmdline: {{ ansible_proc_cmdline }}
17 | interfaces: {{ ansible_interfaces }}
18 | memory: {{ ansible_memory_mb }}
19 | cpu: {{ ansible_processor }}
20 |
--------------------------------------------------------------------------------
/.ansible-lint:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | skip_list:
6 | - '701'
7 |
8 | exclude_paths:
9 | - roles/telemetry/certs/files/
10 | - roles/telemetry/collectd/controlplane/files/
11 | - roles/telemetry/collectd/node/files/
12 | - roles/telemetry/prometheus/files/
13 | - roles/telemetry/pcm/controlplane/charts/
14 | - roles/telemetry/tas/files/
15 | - roles/nfd/files/
16 | - roles/kubernetes/cni/sriov/controlplane/files
17 | - roles/telemetry/opentelemetry/controlplane/charts
18 | - roles/bb_config/charts
19 | - cloud
20 | - inventory.yml
21 |
--------------------------------------------------------------------------------
/roles/infrastructure/ptp/controlplane/files/default_config.patch:
--------------------------------------------------------------------------------
1 | diff --git a/configs/default.cfg b/configs/default.cfg
2 | index c5a8b57..4bfedcb 100644
3 | --- a/configs/default.cfg
4 | +++ b/configs/default.cfg
5 | @@ -15,13 +15,13 @@ free_running 0
6 | freq_est_interval 1
7 | dscp_event 0
8 | dscp_general 0
9 | -dataset_comparison ieee1588
10 | +dataset_comparison G.8275.x
11 | G.8275.defaultDS.localPriority 128
12 | #
13 | # Port Data Set
14 | #
15 | logAnnounceInterval 1
16 | -logSyncInterval 0
17 | +logSyncInterval -4
18 | logMinDelayReqInterval 0
19 | logMinPdelayReqInterval 0
20 | announceReceiptTimeout 3
21 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | DISCONTINUATION OF PROJECT.
2 |
3 | This project will no longer be maintained by Intel.
4 |
5 | This project has been identified as having known security escapes.
6 |
7 | Intel has ceased development and contributions including, but not limited to, maintenance, bug fixes, new releases, or updates, to this project.
8 |
9 | Intel no longer accepts patches to this project.
10 | ```text
11 | SPDX-License-Identifier: Apache-2.0
12 | Copyright (c) 2019 Intel Corporation
13 | ```
14 |
15 | For documentation please refer to https://github.com/smart-edge-open/specs/blob/master/doc/getting-started/converged-edge-experience-kits.md
16 |
--------------------------------------------------------------------------------
/roles/applications/openness/controlplane/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: check eaa deployment
7 | check_k8s_object:
8 | kind: deployment
9 | name: eaa
10 | namespace: openness
11 |
12 | - name: check edgedns daemonsets
13 | check_k8s_object:
14 | kind: daemonset
15 | name: edgedns
16 | namespace: openness
17 |
18 | - name: check interfaceservice daemonsets
19 | check_k8s_object:
20 | kind: daemonset
21 | name: interfaceservice
22 | namespace: openness
23 | when: "'kubeovn' in kubernetes_cnis"
24 |
25 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/kubeovn/controlplane/templates/kustomization_kube_ovn.yaml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | resources:
7 | - kube-ovn.yaml
8 |
9 |
10 | images:
11 | - name: index.alauda.cn/alaudak8s/kube-ovn-controller
12 | newName: kubeovn/kube-ovn-controller
13 | newTag: {{ _kubeovn_version }}
14 | - name: index.alauda.cn/alaudak8s/kube-ovn-cni
15 | newName: kubeovn/kube-ovn-cni
16 | newTag: {{ _kubeovn_version }}
17 | - name: index.alauda.cn/alaudak8s/kube-ovn-pinger
18 | newName: kubeovn/kube-ovn-pinger
19 | newTag: {{ _kubeovn_version }}
20 |
21 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/kubeovn/controlplane/templates/kustomization_ovn.yaml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | resources:
7 | - ovn.yaml
8 |
9 | patchesJson6902:
10 | - target:
11 | group: apps
12 | version: v1
13 | kind: Deployment
14 | name: ovn-central
15 | path: ovn_central.yaml
16 |
17 | images:
18 | - name: index.alauda.cn/alaudak8s/kube-ovn-db
19 | newName: kubeovn/kube-ovn-db
20 | newTag: {{ _kubeovn_version }}
21 | - name: index.alauda.cn/alaudak8s/kube-ovn-node
22 | newName: kubeovn/kube-ovn-node
23 | newTag: {{ _kubeovn_version }}
24 |
--------------------------------------------------------------------------------
/roles/kubernetes/device_plugins/templates/vpu_values.yaml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | # image specifies vpu plugin image repository address and related tag.
6 | # default repository is openness local Harbor registry.
7 | image:
8 | repository: {{ _registry_ip_address }}:{{ _registry_port }}/intel/intel-vpu-plugin
9 | tag: {{ _vpu_plugin.tag }}
10 |
11 | # pullPolicy secifies the pulling policy.
12 | pullPolicy: IfNotPresent
13 |
14 | # nodeSelector specifies the nodeSelector for vpu plugin: default is vcac-zone.
15 | nodeSelector: {{ _vpu_plugin.nodeSelector }}
16 |
--------------------------------------------------------------------------------
/roles/kubernetes/kubevirt/controlplane/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: verify kubevirt deployments
7 | check_k8s_object:
8 | name: "{{ item }}"
9 | namespace: kubevirt
10 | kind: deployment
11 | with_items:
12 | - virt-api
13 | - virt-controller
14 | - virt-operator
15 |
16 | - name: verify cdi deployments
17 | check_k8s_object:
18 | name: "{{ item }}"
19 | namespace: cdi
20 | kind: deployment
21 | with_items:
22 | - cdi-apiserver
23 | - cdi-deployment
24 | - cdi-operator
25 | - cdi-uploadproxy
26 |
--------------------------------------------------------------------------------
/scripts/parse_args.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | # SPDX-License-Identifier: Apache-2.0
3 | # Copyright (c) 2020 Intel Corporation
4 |
5 | set -euxo pipefail
6 |
7 | # Check first parameter given to script and sets Ansible's --limit accordingly.
8 | # If it starts with 'c' ('c', 'controller', 'ctrl', etc.), then '--limit controller_group' is used.
9 | # If it starts with 'n' ('n', 'node', 'nodes', etc.), then '--limit edgenode_group' is used.
10 | get_limit() {
11 | local arg=${1:-}
12 | case "$arg" in
13 | c*) echo "--limit controller_group";;
14 | n*) echo "--limit edgenode_group";;
15 | *) echo ""
16 | esac
17 | }
18 |
--------------------------------------------------------------------------------
/roles/infrastructure/golang/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | _golang_version: "1.16"
7 | _golang_download_checksum: "013a489ebb3e24ef3d915abe5b94c3286c070dfe0818d5bca8108f1d6e8440d2"
8 |
9 | _golang_download_name: "go{{ _golang_version }}.linux-amd64.tar.gz"
10 | _golang_download_url: "https://dl.google.com/go/{{ _golang_download_name }}"
11 | _golang_download_dest: "/tmp/{{ _golang_download_name }}"
12 |
13 | _offline_gomod_url: "https://{{ hostvars[groups['controller_group'][0]]['ansible_host'] }}/gomod.tar.gz"
14 | _offline_gomod_dest: "~/go/pkg/"
15 |
--------------------------------------------------------------------------------
/roles/kubernetes/common/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | _kubernetes_version: "1.20.0"
6 |
7 | _kubernetes_packages: "kubelet-{{ _kubernetes_version }},kubeadm-{{ _kubernetes_version }},kubectl-{{ _kubernetes_version }}"
8 |
9 | _kubernetes_repository_url: "https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64"
10 | _kubernetes_repository_key:
11 | - https://packages.cloud.google.com/yum/doc/yum-key.gpg
12 | - https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
13 |
14 | _kubernetes_packages_to_remove: "kubelet,kubeadm,kubectl"
15 |
--------------------------------------------------------------------------------
/roles/kubernetes/device_plugins/templates/gpu_values.yaml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | # image specifies gpu plugin image repository address and related tag.
7 | # default repository is openness local Harbor registry.
8 | image:
9 | repository: {{ _registry_ip_address }}:{{ _registry_port }}/intel/intel-gpu-plugin
10 | tag: {{ _gpu_plugin.tag }}
11 |
12 | # pullPolicy secifies the pulling policy.
13 | pullPolicy: IfNotPresent
14 |
15 | # nodeSelector specifies the nodeSelector for gpu plugin: default is vcac-zone.
16 | nodeSelector: {{ _gpu_plugin.nodeSelector }}
17 |
--------------------------------------------------------------------------------
/roles/kubernetes/qat_dev_plugin/controller/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | _qat_dp:
7 | git_url: "https://github.com/intel/intel-device-plugins-for-kubernetes.git"
8 | git_ref: "v0.17.0"
9 | version: "0.17.0"
10 | dir: "{{ openness_dir }}/qat-device-plugin"
11 | image: "{{ _registry_ip_address }}:{{ _registry_port }}/intel/intel-qat-plugin"
12 | namespace: "kube-system"
13 | dpdk_drivers: "vfio-pci"
14 | kernel_drivers: "dh895xccvf,c6xxvf,c3xxxvf,d15xxvf"
15 | max_num_devices: 50
16 | debug: "false"
17 | apparmor_profile: "unconfined"
18 |
--------------------------------------------------------------------------------
/roles/telemetry/pcm/controlplane/charts/templates/pcm_service.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | apiVersion: v1
5 | kind: Service
6 | metadata:
7 | name: {{ .Values.service.name }}
8 | namespace: {{ .Values.namespace }}
9 | annotations:
10 | prometheus.io/scrape: 'true'
11 | prometheus.io/port: '3000'
12 | spec:
13 | selector:
14 | app: {{ .Values.service.name }}
15 | type: {{ .Values.service.type }}
16 | ports:
17 | - port: {{ .Values.service.port }}
18 | targetPort: {{ .Values.service.targetPort }}
19 | nodePort: {{ .Values.service.nodePort }}
20 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/controlplane/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | _collectd_chart_dir: "{{ ne_helm_charts_default_dir }}/collectd"
6 | _opae_local_path_stp: "{{ role_path }}/../../../../opae_fpga/OPAE_SDK_1.3.7-5_el7.zip"
7 | _collectd_local_path: "Dockerfile"
8 | _collectd_patch_path: "fpga_telemetry_plugin.patch"
9 | _collectd_rdt_patch_path: "rdt_gcc_version.patch"
10 | _collectd_check_module_script_path: "check_if_modules_loaded.sh"
11 | _collectd_install_path: "/opt/openness/collectd_opae"
12 | _collectd_image:
13 | name: "collectd_fpga_plugin"
14 | tag: "0.1.0"
15 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/weavenet/node/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: permit WeaveNet ports in firewall
7 | ignore_errors: yes
8 | firewalld:
9 | port: "{{ item }}"
10 | permanent: yes
11 | state: enabled
12 | immediate: yes
13 | with_items:
14 | - 6783/tcp
15 | - 6784/tcp
16 | - 6783/udp
17 | - 6784/udp
18 | become: yes
19 |
20 | - name: patch node's Pod CIDR
21 | command: kubectl patch node "{{ node_name }}" -p '{ "spec":{ "podCIDR":"{{ weavenet_cidr }}" }}'
22 | delegate_to: "{{ groups['controller_group'][0] }}"
23 | changed_when: true
24 |
--------------------------------------------------------------------------------
/roles/infrastructure/vca_node_setup/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _vca_dest: "/home/vca"
7 | _vca_vcad_image: "vca_disk48_k4.19_ubuntu18.04_1.0.1.vcad"
8 | _vca_img_pswd: "vista1"
9 | _vca_node_docker_packages_url:
10 | - "https://download.docker.com/linux/ubuntu/dists/xenial/pool/stable/amd64/containerd.io_1.4.3-1_amd64.deb"
11 | - "https://download.docker.com/linux/ubuntu/dists/xenial/pool/stable/amd64/docker-ce-cli_20.10.2~3-0~ubuntu-xenial_amd64.deb"
12 | - "https://download.docker.com/linux/ubuntu/dists/xenial/pool/stable/amd64/docker-ce_20.10.2~3-0~ubuntu-xenial_amd64.deb"
13 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/ovn4nfv/controlplane/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: remove ovs/ovn related files
7 | file:
8 | path: "{{ item }}"
9 | state: absent
10 | with_items: "{{ _ovn4nfv_cleanup_paths }}"
11 | - name: remove patch utility
12 | yum:
13 | name: patch
14 | state: absent
15 |
16 | - name: close firewall ports
17 | ignore_errors: yes
18 | firewalld:
19 | port: "{{ item }}"
20 | permanent: yes
21 | state: disabled
22 | immediate: yes
23 | with_items:
24 | - 6641/tcp
25 | - 6642/tcp
26 | - 6081/udp
27 | become: yes
28 |
29 |
--------------------------------------------------------------------------------
/roles/kubernetes/device_plugins/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _device_plugins:
7 | url: "https://github.com/intel/intel-device-plugins-for-kubernetes"
8 | download_dir : "/opt/intel_device_plugins"
9 | commit: "v0.17.0"
10 |
11 | _gpu_plugin:
12 | image: "intel-gpu-plugin"
13 | tag: 0.17.0
14 | nodeSelector: "vcac-zone"
15 | helmChartVersion: 0.1.0
16 | helmReleaseName: "intel-gpu-plugin"
17 |
18 | _vpu_plugin:
19 | image: "intel-vpu-plugin"
20 | tag: 0.17.0
21 | nodeSelector: "vcac-zone"
22 | helmChartVersion: 0.1.0
23 | helmReleaseName: "intel-vpu-plugin"
24 |
--------------------------------------------------------------------------------
/roles/kubernetes/controlplane/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: check if kubeadm is installed
7 | shell: command -v kubeadm >/dev/null 2>&1
8 | register: kubeadm_exec
9 | ignore_errors: yes
10 | changed_when: false
11 |
12 | - name: reset kubeadm
13 | command: kubeadm reset --force
14 | when: kubeadm_exec.rc == 0
15 | become: yes
16 |
17 | - name: remove kubeconfig
18 | file:
19 | path: /root/.kube/
20 | state: absent
21 |
22 | - name: remove kubernetes artifacts
23 | file:
24 | path: /etc/kubernetes
25 | state: absent
26 | ignore_errors: yes
27 |
--------------------------------------------------------------------------------
/roles/kubernetes/bb_config/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 | ---
4 |
5 | - name: remove BB config release if exist
6 | block:
7 | - name: check if release exists
8 | command: helm status intel-bb-cfg-fpga
9 | ignore_errors: yes
10 | register: get_release_bb_cfg
11 | - name: remove BB config release
12 | command: helm uninstall intel-bb-cfg-fpga
13 | when: get_release_bb_cfg.rc == 0
14 | changed_when: true
15 |
16 | - name: remove BB config helm charts
17 | file:
18 | name: "{{ item }}"
19 | state: absent
20 | with_items:
21 | - "{{ ne_helm_charts_default_dir }}/bb_config"
22 |
--------------------------------------------------------------------------------
/roles/kubernetes/istio/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _istio_main_dir: "/opt/openness/istio"
7 |
8 | _istio_version: "1.6.8"
9 | _istio_base_url: "https://istio.io/downloadIstio"
10 | _istio_dest_dir: "{{ _istio_main_dir }}/istio-{{ _istio_version }}"
11 |
12 | smi_commit: "e1a19b01845b7c41302018080511a9973be74e7c"
13 | _smi_crds_yaml: "https://raw.githubusercontent.com/servicemeshinterface/smi-adapter-istio/{{ smi_commit }}/deploy/crds/crds.yaml"
14 | _smi_operator_yaml: "https://raw.githubusercontent.com/servicemeshinterface/smi-adapter-istio/{{ smi_commit }}/deploy/operator-and-rbac.yaml"
15 |
--------------------------------------------------------------------------------
/roles/infrastructure/sriov_device_init/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2021 Intel Corporation
3 |
4 | ---
5 |
6 | fpga_userspace_vf:
7 | enabled: false
8 | vendor_id: "8086"
9 | vf_device_id: "0d90"
10 | pf_device_id: "0d8f"
11 | vf_number: "2"
12 | vf_driver: "vfio-pci"
13 |
14 | acc100_userspace_vf:
15 | enabled: false
16 | vendor_id: "8086"
17 | vf_device_id: "0d5d"
18 | pf_device_id: "0d5c"
19 | vf_number: "2"
20 | vf_driver: "vfio-pci"
21 |
22 | sriov:
23 | network_interfaces: {}
24 | interface_subnets: []
25 | interface_ips: []
26 | network_name: []
27 | vm_vf_ports: 0
28 |
--------------------------------------------------------------------------------
/roles/kubernetes/dashboard/files/clusterrolebinding.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | apiVersion: rbac.authorization.k8s.io/v1
7 | kind: ClusterRoleBinding
8 | metadata:
9 | name: {{ template "kubernetes-dashboard.fullname" . }}-openness
10 | labels:
11 | {{ include "kubernetes-dashboard.labels" . | indent 4 }}
12 | subjects:
13 | - name: {{ template "kubernetes-dashboard.serviceAccountName" . }}
14 | namespace: {{ .Release.Namespace }}
15 | kind: ServiceAccount
16 | roleRef:
17 | name: {{ template "kubernetes-dashboard.fullname" . }}-openness
18 | apiGroup: rbac.authorization.k8s.io
19 | kind: ClusterRole
20 |
--------------------------------------------------------------------------------
/roles/kubernetes/hddl/network_edge/controlplane/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | - name: include common vars
6 | include_vars: ../../common/defaults/main.yml
7 |
8 | - name: Delete HDDL DaemonSet
9 | command: kubectl delete -f setup_hddl_daemonset.yaml
10 | args:
11 | chdir: "{{ _hddldaemon_container.download_dir }}/VCAC-A/script"
12 | changed_when: true
13 | ignore_errors: yes
14 |
15 | - name: remove downloaded all ovc dockerfile
16 | file:
17 | name: "{{ item }}"
18 | state: absent
19 | with_items:
20 | - "{{ _hddldaemon_container.download_dir }}"
21 | ignore_errors: yes
22 | become: yes
23 |
--------------------------------------------------------------------------------
/roles/kubernetes/nfd/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: remove Node Feature Discovery release if exist
7 | block:
8 | - name: check if NFD release exists
9 | command: helm status {{ _nfd_release_name }} --namespace=openness
10 | ignore_errors: yes
11 | register: get_release_nfd
12 | - name: remove NFD release
13 | command: helm uninstall {{ _nfd_release_name }} --namespace=openness
14 | when: get_release_nfd.rc == 0
15 | changed_when: true
16 |
17 | - name: remove Node Feature Discovery directories and files
18 | file:
19 | path: "{{ _nfd_chart_dir }}"
20 | state: absent
21 |
--------------------------------------------------------------------------------
/roles/telemetry/tas/templates/tls-config.yml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | apiVersion: v1
7 | clusters:
8 | - cluster:
9 | insecure-skip-tls-verify: False
10 | server: {{ _prometheus_svc_url }}
11 | certificate-authority: /opt/CA/cert.pem
12 | name: openness
13 | contexts:
14 | - context:
15 | cluster: openness
16 | namespace: telemetry
17 | user: tls
18 | name: openness.context
19 | current-context: openness.context
20 | kind: Config
21 | preferences: {}
22 | users:
23 | - name: tls
24 | user:
25 | client-certificate: /var/run/serving-cert/tls.crt
26 | client-key: /var/run/serving-cert/tls.key
27 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/sriov/controlplane/files/sriov/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | {{/*
2 | SPDX-License-Identifier: Apache-2.0
3 | Copyright (c) 2020 Intel Corporation
4 | */}}
5 |
6 | Chart {{ .Chart.Name }} was successfully installed
7 |
8 | SR-IOV CNI and SR-IOV device plugin images were saved in local Harbor registry
9 | Image name: {{ .Values.registry_ip }}:{{ .Values.registry_port }}/intel/sriov-cni:{{ .Values.image_tag }}
10 | Image name: {{ .Values.registry_ip }}:{{ .Values.registry_port }}/intel/sriov-device-plugin:latest
11 |
12 | Your release is named {{ .Release.Name }}.
13 |
14 | To learn more about the release, try:
15 |
16 | $ helm status {{ .Release.Name }}
17 | $ helm get all {{ .Release.Name }}
18 |
--------------------------------------------------------------------------------
/roles/infrastructure/ptp/common/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _kernel_ptp_config_vars:
7 | - 'CONFIG_PPS'
8 | - 'CONFIG_NETWORK_PHY_TIMESTAMPING'
9 | - 'PTP_1588_CLOCK'
10 |
11 | _hw_timestamp_on: true
12 | _kernel_ptp_on: false
13 |
14 | _linuxptp_git_repo:
15 | dir: http://git.code.sf.net/p/linuxptp/code
16 | download_dir: "{{ openness_dir }}/linuxptp/"
17 | branch: v2.0
18 |
19 | _controller_name: "{{ groups['controller_group'][0] }}"
20 | _config_slave_patch: default_slave.patch
21 |
22 | _port_type: "{{ 'SLAVE' if (inventory_hostname in groups['ptp_slave_group']) else 'MASTER' }}"
23 |
24 | async_time: 2592000
25 |
26 |
--------------------------------------------------------------------------------
/roles/telemetry/prometheus/files/node-exporter-configmap.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | # Config map for version 1.0.0-rc.0.
7 | # In case of update please check https://github.com/prometheus/node_exporter/tree/master/https
8 | # for new config keys.
9 |
10 | apiVersion: v1
11 | kind: ConfigMap
12 | metadata:
13 | name: node-exporter-cm
14 | labels:
15 | name: node-exporter-cm
16 | data:
17 | web-config.yml: |-
18 | tlsConfig:
19 | tlsCertPath: "/opt/certs/node_exporter/cert.pem"
20 | tlsKeyPath: "/opt/certs/node_exporter/key.pem"
21 | clientAuth: "RequireAndVerifyClientCert"
22 | clientCAs: "/opt/CA/cert.pem"
23 |
--------------------------------------------------------------------------------
/roles/kubernetes/hddl/network_edge/common/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | _hddldaemon_container:
6 | url: "https://github.com/OpenVisualCloud/Dockerfiles"
7 | download_dir : "/opt/ovc_dockerfiles"
8 | commit: "4a07dbe08b27c7f3c744ed4f9c9dbac2546b6b89"
9 |
10 | _openvino:
11 | url: "https://registrationcenter-download.intel.com/akdlm/irc_nas/17062/l_openvino_toolkit_p_2021.1.110.tgz"
12 | download_dir: "/tmp/openvino_download"
13 | install_dir: "/opt/intel/openvino_2021.1.110"
14 | version: "2021.1.110"
15 | hddl_kernel_devel: "http://linuxsoft.cern.ch/cern/centos/7.9.2009/os/x86_64/Packages/kernel-devel-3.10.0-1160.el7.x86_64.rpm"
16 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/userspace/controlplane/templates/openness-userspace-crd.yml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | apiVersion: "k8s.cni.cncf.io/v1"
5 | kind: NetworkAttachmentDefinition
6 | metadata:
7 | name: userspace-openness
8 | spec:
9 | config: '{
10 | "cniVersion": "0.3.1",
11 | "type": "userspace",
12 | "kubeconfig": "/etc/cni/net.d/multus.d/multus.kubeconfig",
13 | "logFile": "{{ _userspace.logFile }}",
14 | "logLevel": "{{ _userspace.logLevel }}",
15 | "host": {
16 | "engine": "ovs-dpdk",
17 | "iftype": "vhostuser",
18 | "bridge": {
19 | "bridgeName": "{{ _userspace.bridgeName }}"
20 | }
21 | }
22 | }'
23 |
--------------------------------------------------------------------------------
/roles/kubernetes/harbor_registry/controlplane/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: check harbor deployments
7 | check_k8s_object:
8 | kind: deployment
9 | name: "harbor-app-harbor-{{ item }}"
10 | namespace: harbor
11 | with_items:
12 | - chartmuseum
13 | - clair
14 | - core
15 | - jobservice
16 | - nginx
17 | - notary-server
18 | - notary-signer
19 | - portal
20 | - registry
21 |
22 | - name: check harbor statefulsets
23 | check_k8s_object:
24 | kind: statefulset
25 | name: "harbor-app-harbor-{{ item }}"
26 | namespace: harbor
27 | with_items:
28 | - database
29 | - redis
30 | - trivy
31 |
--------------------------------------------------------------------------------
/roles/telemetry/cadvisor/controlplane/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: check if cadvisor already exists
7 | command: helm status cadvisor -n telemetry
8 | ignore_errors: yes
9 | changed_when: False
10 | register: get_cadvisor
11 |
12 | - name: copy Helm chart to Controller node
13 | block:
14 | - name: copy Helm chart to the master node
15 | copy:
16 | src: "{{ role_path }}/charts/"
17 | dest: "{{ _cadvisor_chart_dir }}"
18 |
19 | - name: install cadvisor using Helm
20 | command: "helm install cadvisor --namespace telemetry {{ _cadvisor_chart_dir }}"
21 | changed_when: true
22 | when: get_cadvisor.rc != 0
23 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/node/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | - name: remove collectd certificates
6 | file:
7 | path: "{{ openness_dir }}/certs/telemetry/collectd"
8 | state: absent
9 |
10 | - name: remove collectd config files
11 | file:
12 | path: "{{ item }}"
13 | state: absent
14 | with_items:
15 | - "{{ openness_dir }}/collectd"
16 | - "{{ openness_dir }}/collectd/configs"
17 | - "{{ openness_dir }}/collectd/pmd"
18 |
19 | - name: close collectd port
20 | ignore_errors: yes
21 | firewalld:
22 | port: 9103/tcp
23 | permanent: yes
24 | state: disabled
25 | immediate: yes
26 | become: yes
27 |
--------------------------------------------------------------------------------
/roles/telemetry/prometheus/templates/volume.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | kind: PersistentVolume
7 | apiVersion: v1
8 | metadata:
9 | name: "{{ item }}"
10 | spec:
11 | storageClassName: prometheus
12 | capacity:
13 | storage: 10Gi
14 | persistentVolumeReclaimPolicy: Recycle
15 | accessModes:
16 | - ReadWriteOnce
17 | hostPath:
18 | path: "{{ _pv_dir }}/{{ item }}"
19 |
20 | ---
21 |
22 | kind: PersistentVolumeClaim
23 | apiVersion: v1
24 | metadata:
25 | name: "{{ item }}-claim"
26 | spec:
27 | storageClassName: prometheus
28 | accessModes:
29 | - ReadWriteOnce
30 | resources:
31 | requests:
32 | storage: 10Gi
33 |
--------------------------------------------------------------------------------
/roles/kubernetes/common/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: get kubelet info
7 | systemd:
8 | name: kubelet
9 | register: kubelet_status
10 |
11 | - name: get process run time
12 | command: ps -p {{ kubelet_status.status.MainPID }} -o etimes=
13 | register: kubelet_run_time
14 | changed_when: false
15 |
16 | - name: kubelet service should be running
17 | assert:
18 | that:
19 | - "'running' in kubelet_status.status.SubState"
20 | - kubelet_run_time.stdout | int > 60
21 | success_msg: "kubelet service is OK"
22 | fail_msg: "kubelet service is either not running or its running time is less than 60 seconds"
23 |
--------------------------------------------------------------------------------
/roles/telemetry/tas/files/kustomization.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | apiVersion: kustomize.config.k8s.io/v1beta1
7 | kind: Kustomization
8 | namespace: telemetry
9 | resources:
10 | - service.yaml
11 | - tas-deployment.yaml
12 | - tas-rbac-accounts.yaml
13 | - tas-policy-crd.yaml
14 |
15 | patchesJson6902:
16 | - target:
17 | group: apps
18 | version: v1
19 | kind: Deployment
20 | name: telemetry-aware-scheduling
21 | path: add_cmk_toleration.yml
22 | - target:
23 | group: apps
24 | version: v1
25 | kind: Deployment
26 | name: telemetry-aware-scheduling
27 | path: use_local_docker_registry.yml
28 |
--------------------------------------------------------------------------------
/roles/infrastructure/os_setup/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | os_remove_yum_plugins: false
6 | # Note: currently the RMD network policy relies on the order of elements in the
7 | # two lines below, do not change
8 | _base_noproxy: "localhost,virt-api,.svc,.svc.cluster.local,cdi-api,127.0.0.1"
9 | _kubernetes_default_cidr: "10.96.0.0/12,10.32.0.0/12"
10 |
11 | _openssl_version: "1.1.1i"
12 | _openssl_package_name: "openssl-{{ _openssl_version }}"
13 | _openssl_url: "https://www.openssl.org/source/{{ _openssl_package_name }}.tar.gz"
14 | _openssl_checksum_sha256: "e8be6a35fe41d10603c3cc635e93289ed00bf34b79671a3a4de64fcee00d5242"
15 |
16 | _pip_version: "20.2.4"
17 |
--------------------------------------------------------------------------------
/roles/applications/openness/controlplane/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | _certs_dest: "{{ openness_dir }}/certs"
6 | _configs_dest: "{{ openness_dir }}/configs"
7 |
8 | _openness_yamls:
9 | - "{{ _git_repo_dest }}/network-edge/openness-rbac.yaml"
10 | - "{{ _git_repo_dest }}/network-edge/openness.yaml"
11 | - "{{ _git_repo_dest }}/network-edge/default_network_policy.yaml"
12 |
13 | _kubeovn_openness_yamls:
14 | - "{{ _git_repo_dest }}/network-edge/kube-ovn/interfaceservice-rbac.yaml"
15 | - "{{ _git_repo_dest }}/network-edge/kube-ovn/interfaceservice.yaml"
16 |
17 | _opcdownload_edgeservices_dest: "/opt/opcdownloads/github/edgeservices/edgecontroller"
18 |
--------------------------------------------------------------------------------
/roles/infrastructure/configure_tuned/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | # If true, tuned role will be skipped even if is included
6 | # Can be overridden in host_vars if host shouldn't have customized tuned
7 | tuned_skip: false
8 |
9 | tuned_repo_addr: "{{ hostvars[groups['controller_group'][0]]['ansible_host'] if offline_enable else 'linuxsoft.cern.ch/scientific/7x/x86_64/os/Packages' }}"
10 |
11 | tuned_packages:
12 | - tuned-2.11.0-9.el7
13 | - http://ftp.scientificlinux.org/linux/scientific/7.9/x86_64/os/Packages/tuned-profiles-realtime-2.11.0-9.el7.noarch.rpm
14 |
15 | tuned_profile: realtime
16 | tuned_vars: |
17 | isolated_cores=2-3
18 | nohz=on
19 | nohz_full=2-3
20 |
--------------------------------------------------------------------------------
/flavors/media-analytics/all.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ## Network Edge's Kubernetes CNIs
5 | kubernetes_cnis:
6 | - calico
7 |
8 | # Deploy Video Analytics services
9 | video_analytics_services_enable: true
10 | video_analytics_services_multiinstances: false
11 |
12 | # Istio Service Mesh
13 | ne_istio_enable: false
14 | # Istio deployment profile possible values: default, demo, minimal, remote
15 | istio_deployment_profile: "default"
16 | # Istio is deployed to "default" namespace in the cluster
17 | istio_deployment_namespace: "default"
18 |
19 | # Kiali
20 | istio_kiali_username: "admin"
21 | istio_kiali_password: "{{ lookup('password', '/dev/null length=16') }}"
22 | istio_kiali_nodeport: 30001
23 |
--------------------------------------------------------------------------------
/roles/kubernetes/qat_dev_plugin/controller/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: uninstall Intel QAT Plugin Helm chart
7 | command: >
8 | helm uninstall intel-qat-plugin
9 | --namespace {{ _qat_dp.namespace }}
10 | changed_when: true
11 | failed_when: false
12 | become: true
13 |
14 | - name: remove Intel QAT Device Plugin image from local registry
15 | command: docker rmi {{ _qat_dp.image }}:{{ _qat_dp.version }}
16 | become: true
17 | changed_when: true
18 | failed_when: false
19 |
20 | - name: remove Intel Device Plugins repository
21 | file:
22 | path: "{{ _qat_dp.dir }}"
23 | state: absent
24 | force: yes
25 | failed_when: false
26 |
--------------------------------------------------------------------------------
/roles/infrastructure/dpdk/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | _dpdk_version: "19.11.1"
7 | _dpdk_checksum: "43b691f830e47a84b20c716ccc7aff40"
8 |
9 | _dpdk_name: "dpdk-{{ _dpdk_version }}"
10 | _dpdk_install_dir: "{{ openness_dir }}/{{ _dpdk_name }}"
11 |
12 | _dpdk_download_url: "http://fast.dpdk.org/rel/{{ _dpdk_name }}.tar.xz"
13 | _dpdk_download_dest: "/tmp/{{ _dpdk_name }}.tar.xz"
14 |
15 | # URL or package name providing kernel-devel package when role `custom_kernel` is disabled (commented) or skipped for specific host (`customize_kernel_skip` variable)
16 | dpdk_kernel_devel: "http://linuxsoft.cern.ch/cern/centos/7.9.2009/os/x86_64/Packages/kernel-devel-3.10.0-1160.el7.x86_64.rpm"
17 |
--------------------------------------------------------------------------------
/roles/kubernetes/device_plugins/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | - name: uninstall gpu plugin
6 | command: helm uninstall {{ _gpu_plugin.helmReleaseName }}
7 | changed_when: true
8 | ignore_errors: yes
9 |
10 | - name: delete gpu-plugin kustomization
11 | command: helm uninstall {{ _vpu_plugin.helmReleaseName }}
12 | changed_when: true
13 | ignore_errors: yes
14 |
15 | - name: remove the downloaded intel-device-plugins and relevent helm charts
16 | file:
17 | name: "{{ item }}"
18 | state: absent
19 | with_items:
20 | - "{{ _device_plugins.download_dir }}"
21 | - "{{ ne_helm_charts_default_dir }}/gpu-plugin"
22 | - "{{ ne_helm_charts_default_dir }}/vpu-plugin"
23 | become: yes
24 |
--------------------------------------------------------------------------------
/roles/kubernetes/istio/templates/kiali_def.yaml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | apiVersion: v1
6 | kind: Secret
7 | metadata:
8 | name: kiali
9 | namespace: istio-system
10 | labels:
11 | app: kiali
12 | type: Opaque
13 | data:
14 | username: {{ istio_kiali_username | b64encode }}
15 | passphrase: {{ istio_kiali_password | b64encode }}
16 | ---
17 | apiVersion: v1
18 | kind: Service
19 | metadata:
20 | name: kiali-nodeport
21 | namespace: istio-system
22 | spec:
23 | ports:
24 | - name: kialinodeport
25 | port: 20001
26 | protocol: TCP
27 | targetPort: 20001
28 | nodePort: {{ istio_kiali_nodeport }}
29 | selector:
30 | app: kiali
31 | sessionAffinity: None
32 | type: NodePort
33 |
--------------------------------------------------------------------------------
/roles/kubernetes/hddl/vca_setup/files/vca-tas-policy.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | apiVersion: telemetry.intel.com/v1alpha1
5 | kind: TASPolicy
6 | metadata:
7 | name: vca-vpu-policy
8 | namespace: default
9 | spec:
10 | strategies:
11 | deschedule:
12 | rules:
13 | - metricname: vpu_device_thermal
14 | operator: GreaterThan
15 | target: 80
16 | dontschedule:
17 | rules:
18 | - metricname: vpu_device_memory
19 | operator: GreaterThan
20 | target: 50
21 | - metricname: vpu_device_utilization
22 | operator: GreaterThan
23 | target: 50
24 | scheduleonmetric:
25 | rules:
26 | - metricname: vpu_device_utilization
27 | operator: LessThan
28 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/calico/controlplane/templates/calico_net_attach_def.yml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | apiVersion: "k8s.cni.cncf.io/v1"
7 | kind: NetworkAttachmentDefinition
8 | metadata:
9 | name: openness-calico
10 | spec:
11 | config: '{
12 | "cniVersion": "0.3.1",
13 | "name": "openness-calico",
14 | "type": "calico",
15 | "log_level": "info",
16 | "datastore_type": "kubernetes",
17 | "mtu": 1440,
18 | "ipam": {
19 | "type": "{{ calico_ipam_type }}",
20 | "subnet": "{{ calico_cidr }}",
21 | "routes": [{"dst": "{{ calico_cidr }}"}]
22 | },
23 | "policy": {
24 | "type": "k8s"
25 | },
26 | "kubernetes": {
27 | "kubeconfig": "/etc/cni/net.d/calico-kubeconfig"
28 | }
29 | }'
30 |
--------------------------------------------------------------------------------
/roles/infrastructure/vca_node_setup/templates/install_docker.sh.j2:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # SPDX-License-Identifier: Apache-2.0
3 | # Copyright (c) 2020 Intel Corporation
4 |
5 | {% for item in _vca_node_docker_packages_url %}
6 | wget -c --no-check-certificate {{ item }}
7 | {% endfor %}
8 |
9 | if [ $? -ne 0 ]; then
10 | echo "get docker pakcages failed"
11 | exit 1
12 | fi
13 |
14 |
15 | apt-get install libseccomp2 iptables -y
16 |
17 |
18 | dpkg -i *.deb
19 | if [ $? -ne 0 ]; then
20 | echo "install docker failed"
21 | exit 1
22 | fi
23 |
24 | mkdir -p /etc/systemd/system/docker.service.d/
25 | cp -f /root/http-proxy.conf /etc/systemd/system/docker.service.d/
26 | mkdir -p ~/.docker
27 | cp -f /root/config.json /root/.docker/
28 |
29 | systemctl enable docker --now
30 | systemctl daemon-reload
31 | systemctl restart docker
32 |
--------------------------------------------------------------------------------
/roles/kubernetes/controlplane/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: cluster-info
7 | command: kubectl cluster-info
8 | changed_when: false
9 |
10 | - name: get livez
11 | uri:
12 | url: https://localhost:6443/livez?verbose
13 | return_content: yes
14 | validate_certs: no
15 | changed_when: false
16 |
17 | - name: get readyz
18 | uri:
19 | url: https://localhost:6443/readyz?verbose
20 | return_content: yes
21 | validate_certs: no
22 | changed_when: false
23 |
24 | - name: controlplane should be ready
25 | command: kubectl get node {{ ansible_nodename | lower }} -o jsonpath="{@.status.conditions[?(@.type=='Ready')].status}"
26 | register: this
27 | failed_when: "'True' not in this.stdout"
28 | changed_when: false
29 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/sriov/controlplane/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: remove SR-IOV CNI and device plugin release if exist
7 | block:
8 | - name: check if SR-IOV CNI and device plugin release exists
9 | command: helm status sriov-release
10 | ignore_errors: yes
11 | register: get_release_sriov
12 | - name: remove SR-IOV CNI and device plugin release
13 | command: helm uninstall sriov-release
14 | when: get_release_sriov.rc == 0
15 | changed_when: true
16 |
17 | - name: remove downloaded artifacts
18 | file:
19 | name: "{{ item }}"
20 | state: absent
21 | with_items:
22 | - "{{ _sriov_cni.download_dir }}"
23 | - "{{ _sriov_dev_plugin.download_dir }}"
24 |
25 | # Docker images are removed during Docker's cleanup
26 |
--------------------------------------------------------------------------------
/roles/kubernetes/istio/templates/default.yaml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | apiVersion: install.istio.io/v1alpha1
5 | kind: IstioOperator
6 | metadata:
7 | namespace: istio-system
8 | name: openness-istiocontrolplane
9 | spec:
10 | profile: {{ istio_deployment_profile }}
11 | addonComponents:
12 | grafana:
13 | enabled: false
14 | prometheus:
15 | enabled: false
16 | kiali:
17 | enabled: true
18 | meshConfig:
19 | enablePrometheusMerge: false
20 | values:
21 | kiali:
22 | dashboard:
23 | grafanaURL:
24 | grafanaInClusterURL: "http://{{ hostvars[groups['controller_group'][0]]['ansible_host'] }}:32000"
25 | prometheusNamespace: telemetry
26 | prometheusAddr: "http://{{ hostvars[groups['controller_group'][0]]['ansible_host'] }}:30000"
27 |
--------------------------------------------------------------------------------
/roles/telemetry/pcm/controlplane/charts/values.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | #Common values
5 | namespace: telemetry
6 | pullPolicy: IfNotPresent
7 | component: pcm
8 |
9 | #Pcm Values
10 | pcm:
11 | image: opcm/pcm
12 | replicas: 1
13 | name: pcm
14 | app: pcm
15 | pullPolicy: Always
16 |
17 | #Proxy Values
18 | proxy:
19 | metricsPcmPort: 9739
20 | internalPcmPort: 9738
21 | serverName: pcm
22 | name: pcm-proxy
23 | certsDest: /root/certs/pcm
24 | image: nginx:alpine
25 | pathToNginxCfg: /etc/nginx/nginx.conf
26 | configMap: pcm-proxy-config
27 |
28 | #Certs Values
29 | certs:
30 | image: emberstack/openssl:latest
31 | name: openssl
32 |
33 | #Service Values
34 | service:
35 | name: pcm
36 | type: NodePort
37 | port: 3000
38 | targetPort: 9739
39 | nodePort: 32100
40 |
--------------------------------------------------------------------------------
/roles/infrastructure/conditional_reboot/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: reboot if requested
7 | block:
8 | - name: display reboot requesters
9 | debug:
10 | msg: "Performing reboot requested by: {{ perform_reboot }}"
11 | - name: reboot the machine
12 | reboot:
13 | become: yes
14 | when: perform_reboot is defined
15 |
16 | - name: get current kernel version and cmdline string after reboot
17 | block:
18 | - name: refresh ansible_kernel
19 | setup:
20 | filter: ansible_kernel
21 | - name: get current cmdline
22 | command: cat /proc/cmdline
23 | register: cmdline
24 | - name: print current kernel and cmdline
25 | debug:
26 | msg:
27 | - "Current kernel: {{ ansible_kernel }}"
28 | - "/proc/cmdline: {{ cmdline.stdout }}"
29 |
--------------------------------------------------------------------------------
/roles/kubernetes/opae_fpga/controlplane/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: download modules for RSU kubectl plugin
7 | shell: source /etc/profile && go mod download
8 | args:
9 | chdir: "{{ _git_repo_dest }}/fpga/kube-rsu/"
10 | register: result
11 | retries: "{{ number_of_retries }}"
12 | until: result is succeeded
13 | delay: "{{ retry_delay }}"
14 | changed_when: true
15 |
16 | - name: build RSU kubectl plugin
17 | shell: source /etc/profile && go build -o kubectl-rsu
18 | args:
19 | chdir: "{{ _git_repo_dest }}/fpga/kube-rsu/"
20 | changed_when: true
21 |
22 | - name: install RSU kubectl plugin
23 | command: mv kubectl-rsu "{{ _rsu_plugin_dest }}"
24 | args:
25 | chdir: "{{ _git_repo_dest }}/fpga/kube-rsu/"
26 | changed_when: true
27 | become: yes
28 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/kubeovn/controlplane/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: load kubeovn common variables
7 | include_vars: ../../common/defaults/main.yml
8 |
9 | - name: kube-ovn cleanup
10 | block:
11 | - name: download kube-ovn cleanup script
12 | get_url:
13 | url: "{{ _kubeovn_cleanup_url }}"
14 | dest: "{{ _kubeovn_cleanup_dest }}"
15 | mode: 0755
16 | - name: change hardcoded tag
17 | replace:
18 | path: "{{ _kubeovn_cleanup_dest }}"
19 | regexp: "kube-ovn/controlplane"
20 | replace: "kube-ovn/{{ _kubeovn_version }}"
21 | - name: execute kube-ovn cleanup script
22 | command: "timeout 120 {{ _kubeovn_cleanup_dest }}"
23 | ignore_errors: yes
24 |
25 | - name: cleanup kubeovn common
26 | include_tasks: ../../common/tasks/cleanup.yml
27 |
--------------------------------------------------------------------------------
/roles/infrastructure/ptp/common/files/default_slave.patch:
--------------------------------------------------------------------------------
1 | --- configs/default_slave.cfg 2020-05-15 16:56:52.848147116 +0100
2 | +++ configs/default_slave.cfg 2020-05-15 16:56:20.108545081 +0100
3 | @@ -3,25 +3,25 @@
4 | # Default Data Set
5 | #
6 | twoStepFlag 1
7 | -slaveOnly 0
8 | +slaveOnly 1
9 | priority1 128
10 | -priority2 128
11 | +priority2 255
12 | domainNumber 0
13 | #utc_offset 37
14 | -clockClass 248
15 | +clockClass 255
16 | clockAccuracy 0xFE
17 | offsetScaledLogVariance 0xFFFF
18 | free_running 0
19 | freq_est_interval 1
20 | dscp_event 0
21 | dscp_general 0
22 | -dataset_comparison ieee1588
23 | +dataset_comparison G.8275.x
24 | G.8275.defaultDS.localPriority 128
25 | #
26 | # Port Data Set
27 | #
28 | logAnnounceInterval 1
29 | -logSyncInterval 0
30 | +logSyncInterval -4
31 | logMinDelayReqInterval 0
32 | logMinPdelayReqInterval 0
33 | announceReceiptTimeout 3
34 |
--------------------------------------------------------------------------------
/roles/infrastructure/custom_kernel/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | # If true, role will be skipped despite being included
7 | # Can be overridden in host_vars if shouldn't have customized kernel
8 | kernel_skip: false
9 |
10 | kernel_repo_url: http://linuxsoft.cern.ch/cern/centos/7.9.2009/rt/CentOS-RT.repo
11 | kernel_repo_key: http://linuxsoft.cern.ch/cern/centos/7.9.2009/os/x86_64/RPM-GPG-KEY-cern
12 | kernel_package: kernel-rt-kvm
13 | kernel_devel_package: kernel-rt-devel
14 | kernel_version: 3.10.0-1160.11.1.rt56.1145.el7.x86_64
15 |
16 | # list of URLs to RPMs
17 | kernel_dependencies_urls: []
18 |
19 | # list of packages in the repositories
20 | kernel_dependencies_packages: []
21 |
22 | # ---
23 |
24 | _kernel_repo_dest: "{{ '/etc/yum.repos.d/elrepo.repo' if calico_ebpf_enabled else '/etc/yum.repos.d/CentOS-RT.repo' }}"
25 |
--------------------------------------------------------------------------------
/roles/infrastructure/docker/templates/daemon.json.j2:
--------------------------------------------------------------------------------
1 | {
2 | "exec-opts": [
3 | {% if cgroupfs_enable is not defined or not cgroupfs_enable %}
4 | "native.cgroupdriver=systemd"
5 | {% endif %}
6 | {% if cgroupfs_enable is defined and cgroupfs_enable %}
7 | "native.cgroupdriver=cgroupfs"
8 | {% endif %}
9 | ],
10 |
11 | {% if docker_registry_mirrors is defined and docker_registry_mirrors %}
12 | "registry-mirrors": {{ docker_registry_mirrors | to_json }},
13 | {% endif %}
14 | {% if docker_insecure_registries is defined and docker_insecure_registries %}
15 | "insecure-registries": {{ docker_insecure_registries | to_json}},
16 | {% endif %}
17 |
18 | "default-ulimits": {
19 | "nofile": {
20 | "Name": "nofile",
21 | "Hard": 65535,
22 | "Soft": 65535
23 | },
24 | "nproc": {
25 | "Name": "nproc",
26 | "Hard": 4096,
27 | "Soft": 4096
28 | }
29 | }
30 | }
31 |
--------------------------------------------------------------------------------
/roles/kubernetes/cmk/node/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: check if CMK release already exists
7 | command: helm status cmk-release -n cmk-namespace
8 | ignore_errors: yes
9 | register: get_release_cmk
10 | delegate_to: "{{ groups['controller_group'][0] }}"
11 | changed_when: false
12 |
13 | - name: include Harbor registry vars
14 | include_vars: ../../../harbor_registry/controlplane/defaults/main.yml
15 |
16 | # CMK deployment is called on Controller after node is ready
17 | - name: deploy CMK with Helm chart
18 | command: >
19 | helm install cmk-release -f {{ ne_helm_charts_default_dir }}/cmk-values.yml {{ _cmk_chart_dir }}
20 | --namespace=cmk-namespace
21 | delegate_to: "{{ groups['controller_group'][0] }}"
22 | run_once: true
23 | changed_when: true
24 | when: get_release_cmk.rc != 0
25 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/multus/controlplane/files/multus-cni/templates/crd.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | apiVersion: apiextensions.k8s.io/v1
7 | kind: CustomResourceDefinition
8 | metadata:
9 | name: network-attachment-definitions.k8s.cni.cncf.io
10 | spec:
11 | group: k8s.cni.cncf.io
12 | scope: Namespaced
13 | names:
14 | plural: network-attachment-definitions
15 | singular: network-attachment-definition
16 | kind: NetworkAttachmentDefinition
17 | shortNames:
18 | - net-attach-def
19 | versions:
20 | - name: v1
21 | served: true
22 | storage: true
23 | schema:
24 | openAPIV3Schema:
25 | type: object
26 | properties:
27 | spec:
28 | type: object
29 | properties:
30 | config:
31 | type: string
32 |
--------------------------------------------------------------------------------
/roles/telemetry/cadvisor/node/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | - name: create directory for certificates
6 | file:
7 | path: "{{ openness_dir }}/certs/telemetry/cadvisor"
8 | state: directory
9 |
10 | - name: get number of VCA nodes
11 | shell: set -o pipefail && vcactl status | grep Card | wc -l
12 | register: num_vca
13 | changed_when: true
14 | when: inventory_hostname in groups['edgenode_vca_group']
15 | become: yes
16 |
17 | - name: create directory for certificates on VCA node
18 | command: "ssh {{ vca_node_ip }} mkdir -p {{ openness_dir }}/certs/telemetry/cadvisor"
19 | vars:
20 | vca_node_ip: "172.32.{{ vca_idx }}.1"
21 | loop_control:
22 | loop_var: vca_idx
23 | with_sequence: count="{{ num_vca.stdout | int }}"
24 | when: inventory_hostname in groups['edgenode_vca_group']
25 | become: yes
26 |
--------------------------------------------------------------------------------
/roles/infrastructure/dpdk/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: remove binaries
7 | file:
8 | path: "{{ _dpdk_install_dir }}"
9 | state: absent
10 |
11 | - name: remove download folder
12 | file:
13 | path: "{{ _dpdk_download_dest }}"
14 | state: absent
15 |
16 | - name: remove ansible fact file
17 | file:
18 | path: /etc/ansible/facts.d/dpdk.fact
19 | state: absent
20 |
21 | - name: unload modules
22 | modprobe:
23 | name: "{{ item }}"
24 | state: absent
25 | with_items:
26 | - "igb_uio"
27 | - "rte_kni"
28 | - "uio"
29 |
30 | - name: remove dpdk kernel modules file
31 | file:
32 | path: /etc/modules-load.d/dpdk.conf
33 | state: absent
34 |
35 | - name: remove dpdk kni kernel modules file
36 | file:
37 | path: /etc/modprobe.d/dpdk0kni.conf
38 | state: absent
39 |
--------------------------------------------------------------------------------
/roles/infrastructure/os_setup/tasks/reinstall_python_requests_if_needed.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | # cloud-init enabled machines has yum-installed python-requests library.
7 | # RPM installation conflicts with pip-managed packages and has to be removed.
8 |
9 | - name: remove python-requests
10 | yum:
11 | name: python-requests
12 | state: absent
13 | become: yes
14 | register: python_requests_removed
15 |
16 | # ansible lint E503: https://ansible-lint.readthedocs.io/en/latest/default_rules.html#tasks-that-run-when-changed-should-likely-be-handlers
17 | # This task is a workaround for cloud-init systems, and it won't be reused anywhere in the code.
18 | - name: install python-requests from pip
19 | pip:
20 | name: requests
21 | state: present
22 | become: yes
23 | when: python_requests_removed.changed # noqa 503
24 |
--------------------------------------------------------------------------------
/flavors/central_orchestrator/all.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | kubeovn_dpdk: false
5 |
6 | # Kube-virt settings
7 | kubevirt_enable: false
8 |
9 | kubernetes_cnis:
10 | - calico
11 |
12 | ## EMCO
13 | emco_enable: True
14 | emco_single_node_cluster: true
15 | emco_repo_cleanup: false
16 |
17 | emco_db_auth_enable: true
18 | emco_db_password: "{{ lookup('password', '/dev/null length=16 chars=ascii_letters') }}"
19 |
20 | # emco_commitID: "1df72fb4979d5d349af00b7068fb1d3ba926e50c"
21 | emco_commitID: "main"
22 |
23 | eaa_enable: False
24 | dns_enable: False
25 | ne_nfd_enable: False
26 | telemetry_cadvisor_enable: False
27 | telemetry_grafana_enable: False
28 | telemetry_pcm_enable: False
29 | telemetry_prometheus_enable: False
30 | telemetry_opentelemetry_enable: False
31 | telemetry_collectd_enable: False
32 | telemetry_tas_enable: False
33 | openness_enable: False
34 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/ovn4nfv/controlplane/templates/customize_ovn4nfv_container.yml.j2:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | apiVersion: apps/v1
7 | kind: DaemonSet
8 | metadata:
9 | name: ovn4nfv-cni
10 | spec:
11 | template:
12 | spec:
13 | containers:
14 | - name: ovn4nfv
15 | env:
16 | - name: "HTTP_PROXY"
17 | value: {{ proxy_http }}
18 | - name: "HTTPS_PROXY"
19 | value: {{ proxy_https }}
20 | - name: "http_proxy"
21 | value: {{ proxy_http }}
22 | - name: "https_proxy"
23 | value: {{ proxy_https }}
24 | - name: "no_proxy"
25 | value: {{ proxy_noproxy }}
26 | - name: "NO_PROXY"
27 | value: {{ proxy_noproxy }}
28 | - name: "ftp_proxy"
29 | value: {{ proxy_ftp }}
30 | - name: "FTP_PROXY"
31 | value: {{ proxy_ftp }}
32 |
--------------------------------------------------------------------------------
/roles/kubernetes/nfd/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | _nfd_image_name: "quay.io/kubernetes_incubator/node-feature-discovery"
6 | _nfd_tag: "v0.6.0"
7 |
8 | _nfd_chart_dir: "{{ ne_helm_charts_default_dir }}/node-feature-discovery"
9 | _nfd_cek_commit: "df61e6e46beb10ad596206ab25b04dbeb9162663"
10 | _nfd_cek_url:
11 | "https://raw.githubusercontent.com/intel/container-experience-kits/\
12 | {{ _nfd_cek_commit }}/roles/nfd-install/charts/node-feature-discovery"
13 |
14 | _nfd_release_name: "nfd-release"
15 |
16 | _nfd_chart:
17 | - ".helmignore"
18 | - "Chart.yaml"
19 | - "values.yaml"
20 |
21 | _nfd_chart_templates:
22 | - "templates/NOTES.txt"
23 | - "templates/_helpers.tpl"
24 | - "templates/config.yml"
25 | - "templates/master.yml"
26 | - "templates/rbac.yml"
27 | - "templates/service.yml"
28 | - "templates/tls.yml"
29 | - "templates/worker.yml"
30 |
--------------------------------------------------------------------------------
/roles/kubernetes/biosfw/node/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 | - name: Check if not offline
6 | block:
7 | - name: check local syscfg_package.zip
8 | stat:
9 | path: "{{ _syscfg_local_path }}"
10 | connection: local
11 | register: syscfg_local_file
12 |
13 | - name: file not present
14 | debug:
15 | msg: "{{ _syscfg_local_path }} does not exists, BIOSFW won't be set up on the node"
16 | when: not syscfg_local_file.stat.exists
17 |
18 | - name: set up biosfw for the node
19 | block:
20 | - name: copy local syscfg to remote
21 | copy:
22 | src: "{{ _syscfg_local_path }}"
23 | dest: "{{ _syscfg_remote_path }}"
24 | - name: build BIOSFW worker image
25 | command: make biosfw
26 | args:
27 | chdir: "{{ _git_repo_dest }}"
28 | when: syscfg_local_file.stat.exists
29 | when: not offline_enable
30 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/flannel/common/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | # TODO: Remove firewall changes once https://github.com/coreos/flannel/issues/1033 is fixed and released
6 | # To apply the rules in runtime and save them they are run with and without '--permanent' option
7 | - name: "[WORKAROUND] add firewall rule for flannel(Source)"
8 | command: firewall-cmd {{ item }} --direct --add-rule ipv4 filter FORWARD 10 -s {{ flannel_cidr }} -j ACCEPT
9 | become: yes
10 | ignore_errors: yes
11 | changed_when: true
12 | with_items:
13 | - ""
14 | - "--permanent"
15 |
16 | - name: "[WORKAROUND] add firewall rule for flannel(Destination)"
17 | command: firewall-cmd {{ item }} --direct --add-rule ipv4 filter FORWARD 10 -d {{ flannel_cidr }} -j ACCEPT
18 | become: yes
19 | ignore_errors: yes
20 | changed_when: true
21 | with_items:
22 | - ""
23 | - "--permanent"
24 |
--------------------------------------------------------------------------------
/roles/kubernetes/kubevirt/controlplane/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _kubevirt_operator_url: "https://github.com/kubevirt/kubevirt/releases/download/v0.26.0/kubevirt-operator.yaml"
7 | _kubevirt_cr_url: "https://github.com/kubevirt/kubevirt/releases/download/v0.26.0/kubevirt-cr.yaml"
8 |
9 | _cdi_operator_url: "https://github.com/kubevirt/containerized-data-importer/releases/download/v1.13.0/cdi-operator.yaml"
10 | _cdi_cr_url: "https://github.com/kubevirt/containerized-data-importer/releases/download/v1.13.0/cdi-cr.yaml"
11 |
12 | _virtctl_name: "kubectl-virt"
13 | _virtctl_dir: "/usr/bin"
14 | _virtctl_url: "https://github.com/kubevirt/kubectl-virt-plugin/releases/download/v0.32.0/virtctl-linux-amd64.tar.gz"
15 | _virtctl_tar: "virtctl-linux-amd64.tar.gz"
16 |
17 | _storage_class: "local-volume"
18 |
--------------------------------------------------------------------------------
/roles/telemetry/opentelemetry/controlplane/charts/templates/collector-service.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | apiVersion: v1
5 | kind: Service
6 | metadata:
7 | name: {{ .Values.collector.name }}
8 | namespace: {{ .Values.namespace }}
9 | labels:
10 | component: {{ .Values.component }}
11 | spec:
12 | ports:
13 | - name: metrics
14 | port: {{ .Values.proxy.metricPrometheusPort }}
15 | protocol: TCP
16 | targetPort: {{ .Values.proxy.metricPrometheusPort }}
17 | - name: opencensus
18 | port: {{ .Values.proxy.opencensusport }}
19 | protocol: TCP
20 | targetPort: {{ .Values.proxy.opencensusport }}
21 | - name: prometheus
22 | port: {{ .Values.proxy.internalPrometheusPort }}
23 | protocol: TCP
24 | targetPort: {{ .Values.proxy.internalPrometheusPort }}
25 | selector:
26 | component: {{ .Values.component }}
27 |
--------------------------------------------------------------------------------
/roles/kubernetes/istio/tasks/smi.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | # Service Mesh Interface (SMI) operator for Istio
7 | # https://github.com/servicemeshinterface/smi-adapter-istio
8 |
9 | - name: apply SMI crds, operator, and rbac configuration
10 | command: kubectl apply -f "{{ item }}"
11 | register: result
12 | retries: "{{ number_of_retries }}"
13 | until: result is succeeded
14 | delay: "{{ retry_delay }}"
15 | changed_when: true
16 | with_items:
17 | - "{{ _smi_crds_yaml }}"
18 | - "{{ _smi_operator_yaml }}"
19 |
20 | - name: wait for smi-adapter-istio pod to become running
21 | shell: set -o pipefail && kubectl get pods -n istio-system -l name=smi-adapter-istio | awk '$3=="Running"'
22 | register: smi_pod_running
23 | retries: "{{ number_of_retries * 2 }}"
24 | delay: "{{ retry_delay }}"
25 | until: "'smi-adapter-istio' in smi_pod_running.stdout"
26 | changed_when: true
27 |
--------------------------------------------------------------------------------
/roles/kubernetes/harbor_registry/node/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: delete certificate from node
7 | file:
8 | path: "/etc/docker/certs.d/{{ _registry_ip_address }}:{{ _registry_port }}"
9 | state: absent
10 | ignore_errors: yes
11 |
12 | - name: get number of VCA nodes
13 | shell: set -o pipefail && vcactl status | grep Card | wc -l
14 | register: num_vca
15 | changed_when: true
16 | when: inventory_hostname in groups['edgenode_vca_group']
17 | become: yes
18 |
19 | - name: delete certificate from VCA node
20 | command: "ssh {{ vca_node_ip }} 'rm -rf /etc/docker/certs.d/{{ _registry_ip_address }}:{{ _registry_port }}'"
21 | vars:
22 | vca_node_ip: "172.32.{{ vca_idx }}.1"
23 | loop_control:
24 | loop_var: vca_idx
25 | with_sequence: count="{{ num_vca.stdout | int }}"
26 | when: inventory_hostname in groups['edgenode_vca_group']
27 | become: yes
28 |
--------------------------------------------------------------------------------
/roles/infrastructure/docker/files/requirements.txt:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | backports.ssl-match-hostname==3.5.0.1
5 | bcrypt==3.1.7
6 | cached-property==1.5.2
7 | certifi==2020.6.20
8 | cffi==1.14.3
9 | chardet==3.0.4
10 | configobj==4.7.2
11 | cryptography==3.3.2
12 | decorator==3.4.0
13 | docker==4.3.1
14 | docker-compose==1.26.2
15 | dockerpty==0.4.1
16 | docopt==0.6.2
17 | enum34==1.0.4
18 | functools32==3.2.3.post2
19 | idna==2.10
20 | iniparse==0.4
21 | ipaddress==1.0.16
22 | jsonschema==3.2.0
23 | paramiko==2.7.2
24 | perf==0.1
25 | pycparser==2.14
26 | pycurl==7.19.0
27 | pygobject==3.22.0
28 | pygpgme==0.3
29 | pyliblzma==0.5.3
30 | PyNaCl==1.4.0
31 | pyrsistent==0.16.1
32 | python-linux-procfs==0.4.9
33 | pyudev==0.15
34 | pyxattr==0.5.1
35 | requests==2.24.0
36 | schedutils==0.4
37 | six==1.9.0
38 | texttable==1.6.3
39 | urlgrabber==3.10
40 | urllib3==1.26.5
41 | websocket-client==0.56.0
42 | yum-metadata-parser==1.1.4
43 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/kubeovn/controlplane/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: check if socket exists
7 | stat:
8 | path: /run/openvswitch/db.sock
9 | register: this
10 | failed_when: not this.stat.exists
11 | changed_when: false
12 |
13 | - block:
14 | - name: verify kubeovn deployments
15 | check_k8s_object:
16 | kind: deployment
17 | name: "{{ item }}"
18 | namespace: kube-system
19 | with_items:
20 | - ovn-central
21 | - kube-ovn-controller
22 |
23 | - name: verify kubeovn daemonsets
24 | check_k8s_object:
25 | kind: daemonset
26 | name: "{{ item }}"
27 | namespace: kube-system
28 | with_items:
29 | - kube-ovn-cni
30 | - ovs-ovn
31 |
32 | rescue:
33 | - name: run kubeovn diagnose tool
34 | command: kubectl ko diagnose all
35 | changed_when: false
36 | - name: fail
37 | fail:
38 | msg: "kubeovn not ready"
39 |
--------------------------------------------------------------------------------
/roles/kubernetes/node/tasks/vca_node_cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: "[k8s master] drain the VCA node"
7 | command: kubectl drain {{ vca_node_name }} --ignore-daemonsets --timeout=60s
8 | delegate_to: "{{ groups['controller_group'][0] }}"
9 | ignore_errors: yes
10 | changed_when: true
11 | become: yes
12 |
13 | - name: "[k8s master] delete the VCA node"
14 | command: kubectl delete node {{ vca_node_name }}
15 | delegate_to: "{{ groups['controller_group'][0] }}"
16 | ignore_errors: yes
17 | changed_when: true
18 | become: yes
19 |
20 | - name: check if kubeadm is installed
21 | shell: ssh {{ vca_node_name }} command -v kubeadm >/dev/null 2>&1
22 | register: kubeadm_exec
23 | ignore_errors: yes
24 | changed_when: false
25 | become: yes
26 |
27 | - name: reset kubeadm on VCA node
28 | command: ssh {{ vca_node_name }} kubeadm reset --force
29 | when: kubeadm_exec.rc == 0
30 | become: yes
31 |
--------------------------------------------------------------------------------
/roles/applications/video_analytics_services/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | _video_analytics_serving:
7 | repo: "https://github.com/intel/video-analytics-serving"
8 | commit: "v0.3.1.1-alpha"
9 | dest: "/opt/openness/video-analytics-serving"
10 |
11 | _va_serving:
12 | image: "video-analytics-serving"
13 | tag: latest
14 | port: 8080
15 |
16 | _vas_sidecar:
17 | name: "vas-sidecar"
18 | image: "vas-sidecar"
19 | tag: latest
20 |
21 | _vas_helmReleaseName: "video-analytics-services"
22 | _vas_helmChartVersion: 0.1.0
23 |
24 | _frameworks:
25 | - { name: ffmpeg, image: "openvisualcloud/xeon-ubuntu1804-analytics-ffmpeg:20.10" }
26 | - { name: gstreamer, image: "openvisualcloud/xeon-ubuntu1804-analytics-gst:20.10" }
27 |
28 | # instances names for vas multiinstances
29 | _instances:
30 | - { name: "instance1", weight: 50 }
31 | - { name: "instance2", weight: 30 }
32 | - { name: "instance3", weight: 20 }
33 |
--------------------------------------------------------------------------------
/roles/telemetry/opentelemetry/controlplane/charts/templates/collector-configmap.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | apiVersion: v1
5 | kind: ConfigMap
6 | metadata:
7 | name: {{ .Values.collector.configMap }}
8 | namespace: {{ .Values.namespace }}
9 | labels:
10 | component: {{ .Values.collector.configMap }}
11 | data:
12 | otel-collector-config.yaml: |
13 | receivers:
14 | opencensus:
15 | endpoint: {{ .Values.collector.opencensus.endpoint }}
16 | exporters:
17 | prometheus:
18 | endpoint: {{ .Values.collector.prometheus.endpoint }}
19 | namespace: {{.Values.collector.prometheus.namespace }}
20 | const_labels:
21 | label1: {{.Values.collector.prometheus.const_labels.label1 }}
22 | service:
23 | pipelines:
24 | metrics:
25 | receivers: [{{ .Values.collector.receivers }}]
26 | exporters: [{{ .Values.collector.exporters }}]
27 |
--------------------------------------------------------------------------------
/roles/kubernetes/hddl/vca_setup/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | - include_tasks: delete_taspolicy_hddldaemonset.yml
6 |
7 | - name: get number of VCA nodes
8 | shell: set -o pipefail && vcactl status | grep Card | wc -l
9 | register: num_vca
10 | changed_when: true
11 | become: yes
12 |
13 | - name: clean up vpu metrics and hddl daemon for each vca node.
14 | include_tasks: cleanup_vcanode.yml
15 | vars:
16 | vca_node_ip: "172.32.{{ vca_idx }}.1"
17 | loop_control:
18 | loop_var: vca_idx
19 | with_sequence: count="{{ num_vca.stdout | int }}"
20 |
21 | - include_tasks: deploy_hddldaemonset.yml
22 |
23 | - name: bringup vpu metrics for each vca node.
24 | include_tasks: bringup_vpumetrics_vcanode.yml
25 | vars:
26 | vca_node_ip: "172.32.{{ vca_idx }}.1"
27 | loop_control:
28 | loop_var: vca_idx
29 | with_sequence: count="{{ num_vca.stdout | int }}"
30 |
31 | - include_tasks: deploy_vputaspolicy.yml
32 |
--------------------------------------------------------------------------------
/roles/telemetry/cadvisor/controlplane/charts/values.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | #Common values
5 | namespace: telemetry
6 | pullPolicy: IfNotPresent
7 | component: cadvisor
8 |
9 | #cAdvisor Values
10 | cadvisor:
11 | image: gcr.io/cadvisor/cadvisor:v0.37.5
12 | name: cadvisor
13 | resources:
14 | requests:
15 | cpu: "0.1"
16 | limits:
17 | cpu: "1"
18 | memory: "2Gi"
19 | disabledMetrics: "percpu,diskIO,tcp,udp,disk,sched"
20 | storeContainerLabels: false
21 | maxHousekeepingInterval: "30s"
22 | dockerOnly: true
23 |
24 | #Proxy Values
25 | proxy:
26 | metricsCadvisorPort: 9105
27 | internalCadvisorPort: 9106
28 | serverName: cadvisor
29 | name: cadvisor-proxy
30 | certsDest: /root/certs/cadvisor/
31 | image: nginx:alpine
32 | pathToNginxCfg: /etc/nginx/nginx.conf
33 | configMap: cadvisor-proxy-config
34 |
35 | #Certs Values
36 | certs:
37 | image: emberstack/openssl:latest
38 | name: openssl
39 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/weavenet/controlplane/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: permit WeaveNet ports in firewall
7 | ignore_errors: yes
8 | firewalld:
9 | port: "{{ item }}"
10 | permanent: yes
11 | state: enabled
12 | immediate: yes
13 | with_items:
14 | - 6783/tcp
15 | - 6784/tcp
16 | - 6783/udp
17 | - 6784/udp
18 | become: yes
19 |
20 | - name: apply WeaveNet via the addon
21 | shell: set -o pipefail && kubectl apply -f "{{ _weavenet_yaml }}"
22 | register: result
23 | retries: "{{ number_of_retries }}"
24 | until: result is succeeded
25 | delay: "{{ retry_delay }}"
26 | changed_when: true
27 |
28 | - name: wait for weavenet pods become running
29 | shell: set -o pipefail && kubectl get pods -n kube-system -l name=weave-net | awk '$3=="Running"'
30 | register: weavenet_pods_running
31 | retries: 30
32 | delay: 10
33 | until: weavenet_pods_running.rc == 0
34 | changed_when: false
35 |
--------------------------------------------------------------------------------
/roles/kubernetes/cmk/controlplane/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019-2020 Intel Corporation
3 |
4 | ---
5 |
6 | _cmk_main_dir: "/tmp/cmk"
7 |
8 | _cmk_source_dir: "{{ _cmk_main_dir }}/source"
9 | _cmk_tag: "v1.4.1"
10 | _cmk_base_url: "https://github.com/intel/CPU-Manager-for-Kubernetes"
11 |
12 | _cmk_chart_dir: "{{ ne_helm_charts_default_dir }}/cpu-manager-for-kubernetes"
13 |
14 | _cmk_cek_commit: "v1.4.1"
15 | _cmk_cek_url: "https://raw.githubusercontent.com/intel/container-experience-kits/\
16 | {{ _cmk_cek_commit }}/roles/cmk-install/charts/cpu-manager-for-kubernetes"
17 |
18 | _cmk_chart:
19 | - ".helmignore"
20 | - "Chart.yaml"
21 | - "values.yaml"
22 |
23 | _cmk_chart_templates:
24 | - "templates/NOTES.txt"
25 | - "templates/_helpers.tpl"
26 | - "templates/daemonset.yml"
27 | - "templates/rbac.yml"
28 | - "templates/serviceaccount.yml"
29 | - "templates/webhook.yml"
30 |
31 | cmk_num_exclusive_cores: "4"
32 | cmk_num_shared_cores: "1"
33 | cmk_host_list: "node01,node02"
34 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/ovn4nfv/controlplane/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | ovn_control_plane_cpu_request: 500m
6 | ovn_control_plane_memory_request: 300Mi
7 | ovn_controller_cpu_request: 200m
8 | ovn_controller_memory_request: 300Mi
9 | ovn_controller_cpu_limit: 1000m
10 | ovn_controller_memory_limit: 800Mi
11 | ovn4nfv_cni_cpu_request: 100m
12 | ovn4nfv_cni_memory_request: 50Mi
13 | ovn4nfv_cni_cpu_limit: 100m
14 | ovn4nfv_cni_memory_limit: 50Mi
15 | nfn_agent_cpu_request: 100m
16 | nfn_agent_memory_request: 50Mi
17 | nfn_agent_cpu_limit: 100m
18 | nfn_agent_memory_limit: 50Mi
19 |
20 | _ovn4nfv_cleanup_paths:
21 | - /var/run/openvswitch
22 | - /etc/origin/openvswitch/
23 | - /etc/openvswitch
24 | - /etc/cni/net.d/ovn4nfv-k8s.d/
25 |
26 | ovn4nfv_img: "docker.io/integratedcloudnative/ovn4nfv-k8s-plugin"
27 | ovn4nfv_img_ver: "centos-v2.2.0"
28 |
29 | ovn_daemon_img: "docker.io/integratedcloudnative/ovn-images"
30 | ovn_daemon_img_ver: "centos-v2.2.0"
31 |
32 |
--------------------------------------------------------------------------------
/tasks/precheck_hostname.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | ---
5 |
6 | - name: fail if hostname is localhost
7 | fail:
8 | msg: "Hostname cannot be localhost (refer to how-to)"
9 | when: '"localhost" in ansible_nodename'
10 |
11 | - name: check /etc/hosts for ipv4 hostname
12 | shell: grep -E "127\.0\.0\.1.*{{ ansible_nodename }}" /etc/hosts
13 | ignore_errors: yes
14 | register: grep_hosts_4
15 | failed_when: grep_hosts_4.rc == 1
16 | changed_when: False
17 |
18 | - name: check /etc/hosts for ipv6 hostname
19 | shell: grep -E "::1.*{{ ansible_nodename }}" /etc/hosts
20 | ignore_errors: yes
21 | register: grep_hosts_6
22 | failed_when: grep_hosts_6.rc == 1
23 | changed_when: False
24 |
25 | - name: fail if hostname missing in /etc/hosts
26 | fail:
27 | msg: "Hostname should be present in /etc/hosts for both ipv4 and ipv6. Refer to OpenNESS Experience Kits' how-to: section 'Setup static hostname'"
28 | when: grep_hosts_4.rc == 1 or grep_hosts_6.rc == 1
29 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/tasks/common.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: set cni_role_dir variable (path to roles/kubernetes/cni dir)
7 | set_fact:
8 | cni_role_dir: "{{ role_path }}"
9 |
10 | - name: create list of available CNIs roles
11 | # it creates an array with CNI roles, e.g.: [ 'kubeovn/controlplane', 'kubeovn/node', 'calico' ]
12 | # it is used later to call only roles that exists (skip node role if it doesn't exist)
13 | set_fact:
14 | available_cni_roles: "{{ available_cni_roles|default([]) + [item.path] }}"
15 | with_filetree: "{{ cni_role_dir }}"
16 | when:
17 | - item.state == 'directory'
18 | - (item.path.endswith('controlplane')) or (item.path.endswith('node'))
19 | tags:
20 | - skip_ansible_lint
21 |
22 | - name: set role postfix
23 | set_fact:
24 | role_postfix: controlplane
25 | - name: change role postfix for worker
26 | set_fact:
27 | role_postfix: node
28 | when: inventory_hostname not in groups['controller_group']
29 |
--------------------------------------------------------------------------------
/roles/kubernetes/harbor_registry/controlplane/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | harbor_api_version: v2.0
7 | exposeType: nodePort
8 | tlsEnable: true
9 | commonName: "{{ hostvars[groups['controller_group'][0]]['ansible_host'] }}"
10 | externalUrl: "{{ hostvars[groups['controller_group'][0]]['ansible_host'] }}"
11 |
12 | _registry_port: "30003"
13 | _registry_host: "{{ hostvars[groups['controller_group'][0]]['ansible_host'] }}"
14 | _registry_ip_address: "{{ hostvars[groups['controller_group'][0]]['ansible_host'] }}"
15 |
16 | _git_repo_harbor: "https://github.com/goharbor/harbor-helm.git"
17 | _version_harbor: "v1.5.0"
18 | _git_repo_dest_harbor: "{{ openness_dir }}/harbor"
19 | _harbor_pv_dir: "{{ openness_dir }}/harbor_pv_disks"
20 |
21 | harborAdminPassword: Harbor12345
22 | harbor_db_storage: 1Gi
23 | harbor_trivy_storage: 1Gi
24 | harbor_registry_storage: 15Gi
25 | harbor_jobservice_storage: 1Gi
26 | harbor_chartmuseum_storage: 1Gi
27 | harbor_redis_storage: 1Gi
28 |
--------------------------------------------------------------------------------
/roles/kubernetes/cni/kubeovn/common/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: create ovs/ovn scripts
7 | shell:
8 | cmd: |
9 | cat <<'EOF' > "{{ _kubeovn_scripts_dest }}/{{ item }}"
10 | #!/bin/bash
11 | ovsCont=$(docker ps | grep kube-ovn | grep ovs-ovn | grep -v pause | awk '{print $1}')
12 | docker exec $ovsCont {{ item }} $@
13 | EOF
14 | with_items: "{{ _kubeovn_scripts }}"
15 | changed_when: true
16 | become: yes
17 |
18 | - name: change permissions of ovn/ovs scripts
19 | file:
20 | path: "{{ _kubeovn_scripts_dest }}/{{ item }}"
21 | mode: 0755
22 | with_items: "{{ _kubeovn_scripts }}"
23 | become: yes
24 |
25 | - name: create a directory for ovs config
26 | file:
27 | path: "{{ _kubeovn_ovs_config_path }}"
28 | state: directory
29 | become: yes
30 |
31 | - name: prepare ovs config
32 | template:
33 | src: config.cfg.j2
34 | dest: "{{ _kubeovn_ovs_config_path }}/config.cfg"
35 | become: yes
36 |
--------------------------------------------------------------------------------
/tasks/collect_logs.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 | - block:
6 | - name: copy log_collector to the controller
7 | copy:
8 | src: ./scripts/log_collector{{ item.ext }}
9 | dest: "{{ ansible_facts.user_dir }}/log_collector{{ item.ext }}"
10 | mode: "{{ item.mode }}"
11 | with_items:
12 | - { ext: "", mode: "0755"}
13 | - { ext: ".json", mode: "0644"}
14 |
15 | - name: collect logs
16 | command: "{{ ansible_facts.user_dir }}/log_collector --force"
17 | args:
18 | chdir: "{{ ansible_facts.user_dir }}"
19 | become: yes
20 |
21 | - name: create var for filename
22 | set_fact:
23 | log_filename: ./failed_readiness_logs_{{ ansible_date_time.iso8601_basic_short }}.tar.gz
24 |
25 | - name: get logs from remote
26 | fetch:
27 | src: "{{ ansible_facts.user_dir }}/Result.tar.gz"
28 | dest: "{{ log_filename }}"
29 | flat: yes
30 |
31 | delegate_to: "{{ groups['controller_group'][0] }}"
32 | run_once: true
33 |
34 |
--------------------------------------------------------------------------------
/roles/kubernetes/harbor_registry/controlplane/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: cleanup harbor helm
7 | command: helm uninstall harbor-app -n harbor
8 | register: del_result
9 | until: del_result.rc == 0
10 | retries: 3
11 | delay: 5
12 | changed_when: false
13 | ignore_errors: true
14 |
15 | - name: delete harbor PV and PVC
16 | command: kubectl delete -f disks.yaml
17 | args:
18 | chdir: "{{ _git_repo_dest_harbor }}"
19 | changed_when: false
20 | ignore_errors: true
21 |
22 | - name: delete harbor data
23 | file:
24 | path: "{{ _harbor_pv_dir }}"
25 | state: absent
26 | ignore_errors: yes
27 |
28 | - name: delete certificate from controller machine
29 | file:
30 | path: "/etc/docker/certs.d/{{ _registry_ip_address }}:{{ _registry_port }}"
31 | state: absent
32 | ignore_errors: yes
33 |
34 | - name: delete harbor-registry file
35 | file:
36 | path: "{{ _git_repo_dest_harbor }}"
37 | state: absent
38 | ignore_errors: yes
--------------------------------------------------------------------------------
/roles/kubernetes/cni/kubeovn/node/tasks/readiness.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2021 Intel Corporation
3 |
4 | ---
5 |
6 | - name: check if socket exists
7 | stat:
8 | path: /run/openvswitch/db.sock
9 | register: this
10 | failed_when: not this.stat.exists
11 | changed_when: false
12 |
13 | - name: check if br-local exists
14 | command: timeout 15s ovs-vsctl br-exists br-local
15 | changed_when: false
16 |
17 | - name: verify ovn configuration
18 | shell: |
19 | set -o pipefail && ovn-nbctl lrp-list ovn-cluster | grep ovn-cluster-{{ inventory_hostname | lower }}-local
20 | set -o pipefail && ovn-nbctl ls-list | grep {{ inventory_hostname | lower }}-local
21 | set -o pipefail && ovn-nbctl lsp-list {{ inventory_hostname | lower }}-local | grep {{ inventory_hostname | lower }}-local-ovn-cluster
22 | set -o pipefail && ovn-nbctl lsp-list {{ inventory_hostname | lower }}-local | grep {{ inventory_hostname | lower }}-ovs-phy
23 | delegate_to: "{{ groups['controller_group'][0] }}"
24 | changed_when: false
25 |
26 |
--------------------------------------------------------------------------------
/inventory/default/group_vars/edgenode_vca_group/10-default.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | os_yum_base_packages:
6 | "vim-common,curl,yum-utils,device-mapper-persistent-data,lvm2,python2-pip,wget,bridge-utils,\
7 | boost-devel,pcre-devel,zlib-devel,glib2-devel,autoconf,automake,libtool,flex,bison,git,cmake,pciutils,\
8 | python-websocket-client,jsoncpp-devel,fcgi-devel,hiredis-devel,numactl-devel,gcc-c++,psmisc,python-httplib2,pixman-devel,\
9 | moreutils,jq,python-devel,createrepo,psmisc,sshpass,bash-completion,rsync"
10 | _os_yum_exclude_rpm_packages: "exclude=kernel-3* kernel-rt* kernel-rt-kvm* kernel-rt-devel*"
11 | os_remove_yum_plugins: true
12 |
13 | ## URLs to docker images saved with `docker save : | gzip > .tar.gz` that are going to be preloaded after docker setup
14 | docker_images: []
15 |
16 | git_repo_url: https://{{ git_repo_token }}@github.com/smart-edge-open/edgeservices.git
17 | git_repo_branch: smart-edge-open-21.09
18 | _git_repo_dest: "{{ openness_dir }}/edgeservices"
19 |
--------------------------------------------------------------------------------
/roles/kubernetes/dashboard/tasks/cleanup.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 |
6 | - name: include Kubernetes Dashboard variables
7 | include_vars: ../defaults/main.yml
8 |
9 | - name: remove Kubernetes Dashboard release if exist
10 | block:
11 | - name: check if Kubernetes Dashboard release exists
12 | command: "helm status kubernetes-dashboard --namespace {{ _dashboard_namespace }}"
13 | ignore_errors: yes
14 | register: get_release_dashboard
15 | - name: remove Kubernetes Dashboard release
16 | command: "helm uninstall kubernetes-dashboard --namespace {{ _dashboard_namespace }}"
17 | when: get_release_dashboard.rc == 0
18 | changed_when: true
19 |
20 | - name: close port for Kubernetes Dashboard
21 | ignore_errors: yes
22 | firewalld:
23 | port: "{{ _dashboard_port }}/tcp"
24 | permanent: yes
25 | state: disabled
26 | immediate: yes
27 | become: yes
28 |
29 | - name: delete chart dir
30 | file:
31 | path: "{{ _dashboard_chart_dir }}"
32 | state: absent
33 |
--------------------------------------------------------------------------------
/roles/telemetry/collectd/node/files/0001-Remove-whitespace.patch:
--------------------------------------------------------------------------------
1 | From cfcbd5403569c227661456a3e537462c781cda9a Mon Sep 17 00:00:00 2001
2 | From: kamilpoleszczuk
3 | Date: Tue, 26 May 2020 16:19:30 +0200
4 | Subject: [PATCH] Remove whitespace
5 |
6 | ---
7 | 3rd_party/ovs_pmd_stats/ovs_pmd_stats.py | 2 +-
8 | 1 file changed, 1 insertion(+), 1 deletion(-)
9 |
10 | diff --git a/3rd_party/ovs_pmd_stats/ovs_pmd_stats.py b/3rd_party/ovs_pmd_stats/ovs_pmd_stats.py
11 | index fc6045b..d38d689 100755
12 | --- a/3rd_party/ovs_pmd_stats/ovs_pmd_stats.py
13 | +++ b/3rd_party/ovs_pmd_stats/ovs_pmd_stats.py
14 | @@ -101,7 +101,7 @@ for el in array:
15 | plugin_instance = el[:-1].replace(' ', '_')
16 | else:
17 | type_instance = el.split(':')[0].replace(' ', "_")
18 | - value = el.split(':')[1].split(' ')[0]
19 | + value = el.split(':')[1].strip().split(' ')[0]
20 | print('PUTVAL %s/%s-%s/%s-%s N:%s' % (HOSTNAME, PROG_NAME, plugin_instance, TYPE, type_instance, value))
21 |
22 | # close socket
23 | --
24 | 2.22.0
25 |
26 |
--------------------------------------------------------------------------------
/roles/infrastructure/vca_node_setup/files/init_vca.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # SPDX-License-Identifier: Apache-2.0
3 | # Copyright (c) 2020 Intel Corporation
4 |
5 | net_rule=/etc/udev/rules.d/00-net.rules
6 | # detect VCAC-A cards
7 | NCARDS=$(vcactl status | grep -c Card)
8 | if [ "$NCARDS" -le 0 ];then
9 | echo "No VCAC-A card detected!"
10 | exit 1
11 | fi
12 | echo "$NCARDS VCAC-A card(s) detected"
13 |
14 | # add udev roles to prevent vca virtual interface managed by NetworkManager
15 | rm -f $net_rule
16 | CARDS_NUM=$((NCARDS-1))
17 | for CARD in $(seq 0 $CARDS_NUM)
18 | do
19 | echo "ACTION==\"add\", SUBSYSTEM==\"net\", KERNEL==\"eth${CARD}\", ENV{NM_UNMANAGED}=\"1\"" >> $net_rule
20 | done
21 | systemctl restart systemd-udevd
22 |
23 | for CARD in $(seq 0 $CARDS_NUM)
24 | do
25 | vcactl pwrbtn-long "${CARD}" 0
26 | vcactl pwrbtn-short "${CARD}" 0
27 | vcactl reset "${CARD}" 0 --force
28 | done
29 | sleep 10
30 |
31 | for CARD in $(seq 0 $CARDS_NUM)
32 | do
33 | vcactl boot "${CARD}" 0 vcablk0 --force
34 | done
35 | sleep 30
36 |
37 | vcactl status
38 | vcactl network ip
39 |
--------------------------------------------------------------------------------
/roles/kubernetes/bb_config/files/Dockerfile:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | FROM centos:7.9.2009 AS builder
5 |
6 | ENV http_proxy=$http_proxy
7 | ENV https_proxy=$https_proxy
8 | ENV INIH_PATH=/root/inih/extra
9 |
10 | RUN yum install -y git build-essential cmake gcc-c++ make
11 |
12 | WORKDIR /root
13 |
14 | RUN git clone https://github.com/intel/pf-bb-config.git
15 |
16 | RUN git clone -b r47 https://github.com/benhoyt/inih
17 | RUN cd inih/extra && make -f Makefile.static && cp ../ini.h /root/pf-bb-config
18 |
19 | RUN cd pf-bb-config && make
20 |
21 | FROM centos:7.9.2009
22 |
23 | RUN yum install -y sudo
24 |
25 | RUN yum -y upgrade bind-license glib2 openssl-libs
26 |
27 | ARG username=bb_config
28 | ARG user_dir=/home/$username
29 |
30 | RUN useradd -d $user_dir -m -s /bin/bash $username
31 | RUN groupadd sudo
32 | RUN usermod -aG sudo $username
33 | RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
34 |
35 | USER $username
36 | WORKDIR $user_dir
37 |
38 | COPY --from=builder /root/pf-bb-config/pf_bb_config .
39 |
--------------------------------------------------------------------------------
/roles/telemetry/grafana/templates/values.yml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2020 Intel Corporation
3 |
4 | ---
5 | nodeSelector: {"node-role.kubernetes.io/master": ""}
6 |
7 | dashboardsDir: "{{ _grafana_dashboards_conf }}"
8 |
9 | tolerations:
10 | - key: "node-role.kubernetes.io/master"
11 | operator: "Exists"
12 | effect: "NoSchedule"
13 | - key: cmk
14 | operator: Exists
15 | effect: NoSchedule
16 |
17 | service:
18 | type: NodePort
19 | nodePort: 32000
20 | port: 80
21 | targetPort: 3000
22 | annotations: {}
23 | labels: {}
24 | portName: service
25 |
26 | persistence:
27 | type: pvc
28 | enabled: true
29 | storageClassName: grafana
30 | accessModes:
31 | - ReadWriteOnce
32 | size: 10Gi
33 | finalizers:
34 | - kubernetes.io/pvc-protection
35 |
36 | adminUser: admin
37 |
38 | sidecar:
39 | dashboards:
40 | enabled: true
41 | label: grafana_dashboard
42 | searchNamespace: true
43 |
44 | datasources:
45 | enabled: true
46 | label: grafana_datasource
47 | searchNamespace: null
48 |
--------------------------------------------------------------------------------
/roles/kubernetes/bb_config/charts/bb_config/templates/fpga-config.yaml:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: Apache-2.0
2 | # Copyright (c) 2019 Intel Corporation
3 |
4 | {{- if (eq .Values.device "FPGA") }}
5 | apiVersion: v1
6 | kind: ConfigMap
7 | metadata:
8 | name: "{{ .Release.Name }}"
9 | {{- with .Values.fpgaConfig }}
10 | data:
11 | "{{ .configFileName }}": |
12 | [MODE]
13 | pf_mode_en = {{ .pf_mode_en }}
14 |
15 | [UL]
16 | bandwidth = {{ .dbandwidth }}
17 | load_balance = {{ .dload_balance }}
18 | vfqmap = {{ .dvfQueues.vf0 }},{{ .dvfQueues.vf1 }},{{ .dvfQueues.vf2 }},{{ .dvfQueues.vf3 }},{{ .dvfQueues.vf4 }},{{ .dvfQueues.vf5 }},{{ .dvfQueues.vf6 }},{{ .dvfQueues.vf7 }}
19 |
20 | [DL]
21 | bandwidth = {{ .ubandwidth }}
22 | load_balance = {{ .uload_balance }}
23 | vfqmap = {{ .uvfQueues.vf0 }},{{ .uvfQueues.vf1 }},{{ .uvfQueues.vf2 }},{{ .uvfQueues.vf3 }},{{ .uvfQueues.vf4 }},{{ .uvfQueues.vf5 }},{{ .uvfQueues.vf6 }},{{ .uvfQueues.vf7 }}
24 |
25 | [FLR]
26 | flr_time_out = {{ .flr_time_out }}
27 | {{- end}}
28 | {{- end }}
29 |
--------------------------------------------------------------------------------