feat(ocne): Upgrade to OCNE 1.6 (#480)

* feat(ocne): Upgrade to OCNE 1.6

Signed-off-by: Hussam Qasem <[email protected]>

* Remove Helm dependency

Signed-off-by: Hussam Qasem <[email protected]>

* feat(ocne): Upgrade to OCNE 1.6

Signed-off-by: Hussam Qasem <[email protected]>

* feat(ocne): Upgrade to OCNE 1.6

Signed-off-by: Hussam Qasem <[email protected]>

* Enable SELinux. Run-as vagrant

Signed-off-by: Hussam Qasem <[email protected]>

* Added --remote-time

Signed-off-by: Hussam Qasem <[email protected]>

* allow podman in detached mode to run beyond logout

Signed-off-by: Hussam Qasem <[email protected]>

---------

Signed-off-by: Hussam Qasem <[email protected]>

Author: hussam-qasem

OCNE/.env

@@ -65,25 +65,36 @@
 # OCNE_ENV_NAME="ocne-env"
 # OCNE_CLUSTER_NAME="ocne-cluster"
 
-# Deploy the Helm module?
+# Pod networking technology: flannel, calico, none. Note: flannel is deprecated.
+# POD_NETWORK=calico
+
+# Deploy Calico networking module? Sets POD_NETWORK=none. Place your config file in the current directory named: calico-config.yaml
+# DEPLOY_CALICO=false
+# CALICO_MODULE_NAME="ocne-calico"
+
+# Deploy Multus networking module? Place your config file in the current directory named: multus-config.conf
+# DEPLOY_MULTUS=false
+# MULTUS_MODULE_NAME="ocne-multus"
+
+# Deploy the Helm module? (deprecated)
 # DEPLOY_HELM=false
 # HELM_MODULE_NAME="ocne-helm"
 
-# Deploy the Istio module? Requires the Helm module and will set DEPLOY_HELM to 1 if not set.
+# Deploy the Istio module?
 # DEPLOY_ISTIO=false
 # ISTIO_MODULE_NAME="ocne-istio"
 
-# Deploy the Gluster module? Requires the Helm module and will set DEPLOY_HELM to 1 if not set.
+# Deploy the Gluster module? (deprecated)
 # DEPLOY_GLUSTER=false
 # GLUSTER_MODULE_NAME="ocne-gluster"
 
-# Deploy the MetalLB module? Requires the Helm module and will set DEPLOY_HELM to 1 if not set.
+# Deploy the MetalLB module?
 # DEPLOY_METALLB=false
 # METALLB_MODULE_NAME="ocne-metallb"
 
 # Override number of masters to deploy
 # This should not be changed -- for development purpose
 # NB_MASTERS=1
 
-# Update Base OS
+# Update Base OS (experimental)
 # UPDATE_OS=false

OCNE/README.md

@@ -16,15 +16,17 @@ Environment Platform Agent installed and configured to communicate with the
 Platform API Server on the operator node.
 
 The installation includes the Kubernetes module for Oracle Cloud
-Native Environment which deploys Kubernetes [1.24.8](https://docs.oracle.com/en/operating-systems/olcne/1.5/relnotes/components.html#d672e108) configured to use
-the CRI-O runtime interface. Two runtime engines are installed, runc and
-Kata Containers.
+Native Environment which deploys Kubernetes [1.25.7](https://docs.oracle.com/en/operating-systems/olcne/1.6/relnotes/components.html#components)
+configured to use the CRI-O runtime interface. Two runtime engines are installed,
+[runC](https://docs.oracle.com/en/operating-systems/olcne/1.6/runtimes/runc.html#runc)
+and (now deprecated) [Kata](https://docs.oracle.com/en/operating-systems/olcne/1.6/runtimes/kata.html#kata) Containers.
 
-You may optionally enable the deployment of the Helm, Istio, MetalLB or Gluster
-modules. Note that enabling the Istio, MetalLB or Gluster modules will
-automatically enable the Helm module.
+You may set your cluster networking to Calico (default), Flannel (deprecated) or Multus on top of either Calico or Flannel.
 
-_Note:_ Kata Containers requires Intel hardware virtualization support and
+You may optionally enable the deployment of Istio, MetalLB or Gluster (deprecated)
+modules. Note that Helm is now installed automatically.
+
+_Note:_ Kata Containers (now deprecated) require Intel hardware virtualization support and
 will not work in a VirtualBox guest until nested virtualization support is
 released for Intel CPUs.
 
@@ -126,10 +128,13 @@ At least one worker node is required.
 Kubernetes Dashboard from a browser on your host.
 __Note__: you only need this if you want to expose the kubectl proxy to other
 hosts in your network.
-- `DEPLOY_HELM` (default: `false`): deploys the Helm module.
-- `DEPLOY_ISTIO` (default: `false`): deploys the Istio and Helm modules.
-- `DEPLOY_METALLB` (default: `false`): deploys the MetalLB and Helm modules.
-- `DEPLOY_GLUSTER` (default: `false`): deploys the Gluster and Helm modules.
+- `POD_NETWORK` (default: `calico`): deploys the Calico networking module with default configuration. Can be set to [`calico`, `flannel`, `none`].
+- `DEPLOY_CALICO` (default: `false`): deploys the Calico networking module with custom configuration `calico-config.yaml`.
+- `DEPLOY_MULTUS` (default: `false`): deploys the Multus networking module with custom configuration `multus-config.yaml`.
+- `DEPLOY_HELM` (default: `false`): deploys the Helm module (deprecated).
+- `DEPLOY_ISTIO` (default: `false`): deploys the Istio modules.
+- `DEPLOY_METALLB` (default: `false`): deploys the MetalLB module.
+- `DEPLOY_GLUSTER` (default: `false`): deploys the Gluster module (deprecated).
 __Note__: if `NB_WORKERS` is less than `3`, the `hyperconverged` `storageclass`
 is patched to adjust the number of Gluster replicas accordingly.
 __Note__: This provisioning script also installs Heketi on the operator node.
@@ -186,9 +191,10 @@ vagrant plugin install <name>...
 
 ## Product Documentation
 
-- [Oracle Cloud Native Environment: Getting Started](https://docs.oracle.com/en/operating-systems/olcne/start/index.html)
-- [Oracle Cloud Native Environment: Using Container Orchestration](https://docs.oracle.com/en/operating-systems/olcne/orchestration/index.html)
-- [Oracle Cloud Native Environment: Using Container Runtimes](https://docs.oracle.com/en/operating-systems/olcne/runtimes/index.html)
+- [Oracle Cloud Native Environment: Getting Started](https://docs.oracle.com/en/operating-systems/olcne/1.6/start/)
+- [Oracle Cloud Native Environment: Container Orchestration](https://docs.oracle.com/en/operating-systems/olcne/1.6/orchestration/)
+- [Oracle Cloud Native Environment: Container Runtimes](https://docs.oracle.com/en/operating-systems/olcne/1.6/runtimes/)
+- [Oracle Cloud Native Environment: Platform CLI](https://docs.oracle.com/en/operating-systems/olcne/1.6/olcnectl/)
 
 ## Feedback
 

OCNE/Vagrantfile

@@ -53,14 +53,14 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
 
   # vCPUS and Memory for the VMs
   OPERATOR_CPUS = default_i('OPERATOR_CPUS', 1)
-  OPERATOR_MEMORY = default_i("OPERATOR_MEMORY", 1024)
+  OPERATOR_MEMORY = default_i('OPERATOR_MEMORY', 1024)
   MASTER_CPUS = default_i('MASTER_CPUS', 2)
-  MASTER_MEMORY = default_i("MASTER_MEMORY", 2048)
+  MASTER_MEMORY = default_i('MASTER_MEMORY', 2048)
   WORKER_CPUS = default_i('WORKER_CPUS', 1)
-  WORKER_MEMORY = default_i("WORKER_MEMORY", 1024)
+  WORKER_MEMORY = default_i('WORKER_MEMORY', 1024)
 
   # Group VirtualBox containers
-  VB_GROUP = default_s("VB_GROUP", "OCNE")
+  VB_GROUP = default_s('VB_GROUP', 'OCNE')
 
   # Multi-master setup. Deploy 3 masters in HA mode.
   MULTI_MASTER = default_b('MULTI_MASTER', false)
@@ -106,22 +106,33 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
   # Check the README.md file for more details.
   REGISTRY_OCNE = default_s('REGISTRY_OCNE', 'container-registry.oracle.com/olcne')
 
+  # Deploy Calico networking module?
+  DEPLOY_CALICO = default_b('DEPLOY_CALICO', false)
+  
+  # Deploy Multus networking module?
+  DEPLOY_MULTUS = default_b('DEPLOY_MULTUS', false)
+  
+  # Pod networking technology: flannel, calico, none. Note: flannel is deprecated.
+  if DEPLOY_CALICO
+    POD_NETWORK = 'none'
+  else
+    POD_NETWORK = default_s('POD_NETWORK', 'calico')
+  end
+  
   # Deploy Istio?
   DEPLOY_ISTIO = default_b('DEPLOY_ISTIO', false)
 
   # Deploy MetalLB?
   DEPLOY_METALLB = default_b('DEPLOY_METALLB', false)
 
-  # Deploy Gluster?
+  # Deploy Gluster? (deprecated)
   DEPLOY_GLUSTER = default_b('DEPLOY_GLUSTER', false)
 
-  # Helm is required to deploy Istio, MetalLB or Gluster. Otherwise it's optional
-  if DEPLOY_ISTIO or DEPLOY_METALLB or DEPLOY_GLUSTER
-    DEPLOY_HELM = true
-  else
-    DEPLOY_HELM = default_b('DEPLOY_HELM', false)
-  end
+  # Deploy Helm? (deprecated)
+  DEPLOY_HELM = default_b('DEPLOY_HELM', false)
 
+  CALICO_MODULE_NAME = default_s('CALICO_MODULE_NAME', 'ocne-calico')
+  MULTUS_MODULE_NAME = default_s('MULTUS_MODULE_NAME', 'ocne-multus') 
   HELM_MODULE_NAME = default_s('HELM_MODULE_NAME', 'ocne-helm')
   ISTIO_MODULE_NAME = default_s('ISTIO_MODULE_NAME', 'ocne-istio')
   METALLB_MODULE_NAME = default_s('METALLB_MODULE_NAME', 'ocne-metallb')
@@ -170,6 +181,11 @@ def provision_vm(vm, vm_args)
   args.push("--multi-master") if MULTI_MASTER
   args.push("--repo", YUM_REPO) unless YUM_REPO == ""
   args.push("--ocne-dev") if OCNE_DEV
+  args.push("--pod-network", POD_NETWORK) if POD_NETWORK
+  args.push("--with-calico") if DEPLOY_CALICO
+  args.push("--calico-module-name", CALICO_MODULE_NAME) if DEPLOY_CALICO
+  args.push("--with-multus") if DEPLOY_MULTUS
+  args.push("--multus-module-name", MULTUS_MODULE_NAME) if DEPLOY_MULTUS
   args.push("--with-helm") if DEPLOY_HELM
   args.push("--helm-module-name", HELM_MODULE_NAME) if DEPLOY_HELM
   args.push("--with-istio") if DEPLOY_ISTIO