Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
…master into master
  • Loading branch information
SchSeba committed Jul 2, 2024
2 parents 2bcb0d1 + 50d436d commit 96441ea
Show file tree
Hide file tree
Showing 7 changed files with 99 additions and 23 deletions.
6 changes: 6 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -183,6 +183,12 @@ skopeo:
fakechroot:
if ! which fakechroot; then if [ -f /etc/redhat-release ]; then dnf -y install fakechroot; elif [ -f /etc/lsb-release ]; then sudo apt-get -y update; sudo apt-get -y install fakechroot; fi; fi

$(BIN_DIR)/helm helm:
mkdir -p $(BIN_DIR)
curl -fsSL -o $(BIN_DIR)/get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
chmod 700 $(BIN_DIR)/get_helm.sh
HELM_INSTALL_DIR=$(BIN_DIR) $(BIN_DIR)/get_helm.sh

deploy-setup: export ADMISSION_CONTROLLERS_ENABLED?=false
deploy-setup: skopeo install
hack/deploy-setup.sh $(NAMESPACE)
Expand Down
4 changes: 4 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -249,6 +249,10 @@ VF groups** (when #-notation is used in pfName field) are merged, otherwise only
the highest priority policy is applied. In case of same-priority policies and
overlapping VF groups, only the last processed policy is applied.

When using #-notation to define VF group, no actions are taken on virtual functions that
are not mentioned in any policy (e.g. if a policy defines a `vfio-pci` device group for a device, when
it is deleted the VF are not reset to the default driver).

#### Externally Manage virtual functions

When `ExternallyManage` is request on a policy the operator will only skip the virtual function creation.
Expand Down
8 changes: 0 additions & 8 deletions api/v1/helper.go
Original file line number Diff line number Diff line change
Expand Up @@ -280,10 +280,8 @@ func NeedToUpdateSriov(ifaceSpec *Interface, ifaceStatus *InterfaceExt) bool {

if ifaceSpec.NumVfs > 0 {
for _, vfStatus := range ifaceStatus.VFs {
ingroup := false
for _, groupSpec := range ifaceSpec.VfGroups {
if IndexInRange(vfStatus.VfID, groupSpec.VfRange) {
ingroup = true
if vfStatus.Driver == "" {
log.V(2).Info("NeedToUpdateSriov(): Driver needs update - has no driver",
"desired", groupSpec.DeviceType)
Expand Down Expand Up @@ -332,12 +330,6 @@ func NeedToUpdateSriov(ifaceSpec *Interface, ifaceStatus *InterfaceExt) bool {
break
}
}
if !ingroup && (StringInArray(vfStatus.Driver, vars.DpdkDrivers) || vfStatus.VdpaType != "") {
// need to reset VF if it is not a part of a group and:
// a. has DPDK driver loaded
// b. has VDPA device
return true
}
}
}
return false
Expand Down
68 changes: 68 additions & 0 deletions api/v1/helper_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -1054,3 +1054,71 @@ func TestSriovNetworkPoolConfig_MaxUnavailable(t *testing.T) {
})
}
}

func TestNeedToUpdateSriov(t *testing.T) {
type args struct {
ifaceSpec *v1.Interface
ifaceStatus *v1.InterfaceExt
}
tests := []struct {
name string
args args
want bool
}{
{
name: "number of VFs changed",
args: args{
ifaceSpec: &v1.Interface{NumVfs: 1},
ifaceStatus: &v1.InterfaceExt{NumVfs: 0},
},
want: true,
},
{
name: "no update",
args: args{
ifaceSpec: &v1.Interface{NumVfs: 1},
ifaceStatus: &v1.InterfaceExt{NumVfs: 1},
},
want: false,
},
{
name: "vfio-pci VF is not configured for any group",
args: args{
ifaceSpec: &v1.Interface{
NumVfs: 3,
VfGroups: []v1.VfGroup{
{
VfRange: "1-2",
DeviceType: consts.DeviceTypeNetDevice,
},
},
},
ifaceStatus: &v1.InterfaceExt{
NumVfs: 3,
VFs: []v1.VirtualFunction{
{
VfID: 0,
Driver: "vfio-pci",
},
{
VfID: 1,
Driver: "iavf",
},
{
VfID: 2,
Driver: "iavf",
},
},
},
},
want: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if got := v1.NeedToUpdateSriov(tt.args.ifaceSpec, tt.args.ifaceStatus); got != tt.want {
t.Errorf("NeedToUpdateSriov() = %v, want %v", got, tt.want)
}
})
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ spec:
- name: METRICS_EXPORTER_SECRET_NAME
value: {{ .Values.operator.admissionControllers.certificates.secretNames.metricsExporter }}
- name: METRICS_EXPORTER_PORT
value: {{ .Values.operator.metricsExporter.port }}
value: "{{ .Values.operator.metricsExporter.port }}"
- name: METRICS_EXPORTER_SECRET_NAME
value: {{ .Values.operator.metricsExporter.certificates.secretName }}
- name: METRICS_EXPORTER_KUBE_RBAC_PROXY_IMAGE
Expand Down
30 changes: 20 additions & 10 deletions hack/run-e2e-conformance-virtual-cluster.sh
Original file line number Diff line number Diff line change
Expand Up @@ -365,19 +365,35 @@ do
done


source hack/env.sh

export ADMISSION_CONTROLLERS_ENABLED=true
export ADMISSION_CONTROLLERS_CERTIFICATES_CERT_MANAGER_ENABLED=true
export SKIP_VAR_SET=""
export NAMESPACE="sriov-network-operator"
export OPERATOR_NAMESPACE="sriov-network-operator"
export CNI_BIN_PATH=/opt/cni/bin
export OPERATOR_EXEC=kubectl
export CLUSTER_TYPE=kubernetes
export DEV_MODE=TRUE
export CLUSTER_HAS_EMULATED_PF=TRUE

echo "## deploy namespace"
envsubst< $root/deploy/namespace.yaml | ${OPERATOR_EXEC} apply -f -

HELM_VALUES_OPTS="\
--set images.operator=${SRIOV_NETWORK_OPERATOR_IMAGE} \
--set images.sriovConfigDaemon=${SRIOV_NETWORK_CONFIG_DAEMON_IMAGE} \
--set images.sriovCni=${SRIOV_CNI_IMAGE} \
--set images.sriovDevicePlugin=${SRIOV_DEVICE_PLUGIN_IMAGE} \
--set images.resourcesInjector=${NETWORK_RESOURCES_INJECTOR_IMAGE} \
--set images.webhook=${SRIOV_NETWORK_WEBHOOK_IMAGE} \
--set operator.admissionControllers.enabled=${ADMISSION_CONTROLLERS_ENABLED} \
--set operator.admissionControllers.certificates.certManager.enabled=${ADMISSION_CONTROLLERS_CERTIFICATES_CERT_MANAGER_ENABLED} \
--set sriovOperatorConfig.deploy=true"

PATH=$PATH:${root}/bin
make helm
helm install -n ${NAMESPACE} --create-namespace \
$HELM_VALUES_OPTS \
--wait sriov-network-operator ./deployment/sriov-network-operator-chart


echo "## create certificates for webhook"
cat <<EOF | kubectl apply -f -
Expand Down Expand Up @@ -437,12 +453,6 @@ spec:
EOF


echo "## apply CRDs"
kubectl apply -k $root/config/crd

echo "## deploying SRIOV Network Operator"
hack/deploy-setup.sh $NAMESPACE

function cluster_info {
if [[ -v TEST_REPORT_PATH ]]; then
kubectl cluster-info dump --namespaces ${NAMESPACE},${MULTUS_NAMESPACE} --output-directory "${root}/${TEST_REPORT_PATH}/cluster-info"
Expand Down
4 changes: 0 additions & 4 deletions pkg/webhook/validate.go
Original file line number Diff line number Diff line change
Expand Up @@ -213,10 +213,6 @@ func staticValidateSriovNetworkNodePolicy(cr *sriovnetworkv1.SriovNetworkNodePol
if cr.Spec.DeviceType == consts.DeviceTypeVfioPci && cr.Spec.IsRdma {
return false, fmt.Errorf("'deviceType: vfio-pci' conflicts with 'isRdma: true'; Set 'deviceType' to (string)'netdevice' Or Set 'isRdma' to (bool)'false'")
}
if strings.EqualFold(cr.Spec.LinkType, consts.LinkTypeIB) && !cr.Spec.IsRdma {
return false, fmt.Errorf("'linkType: ib or IB' requires 'isRdma: true'; Set 'isRdma' to (bool)'true'")
}

// vdpa: deviceType must be set to 'netdevice'
if cr.Spec.DeviceType != consts.DeviceTypeNetDevice && (cr.Spec.VdpaType == consts.VdpaTypeVirtio || cr.Spec.VdpaType == consts.VdpaTypeVhost) {
return false, fmt.Errorf("'deviceType: %s' conflicts with '%s'; Set 'deviceType' to (string)'netdevice' Or Remove 'vdpaType'", cr.Spec.DeviceType, cr.Spec.VdpaType)
Expand Down

0 comments on commit 96441ea

Please sign in to comment.