ormergi/buid-passt-binding-cni-image.sh

## buid-passt-binding-cni-image.sh
# Author: Or Mergi
#
# This script build basic container image to deploy Kubevirt passt binding CNI.
#
#
#!/bin/bash
curl -LO https://github.com/kubevirt/kubevirt/releases/download/v1.2.0/kubevirt-passt-binding
chmod +x kubevirt-passt-binding

cat <<EOF > Containerfile
FROM alpine:3.14
ADD kubevirt-passt-binding /cni/network-passt-binding
EOF

registry=quay.io/kubevirt

podman build -f ./Containerfile -t ${registry}/kubevirt-passt-binding-cni:v1.2.0
podman push ${registry}/kubevirt-passt-binding-cni:v1.2.0

## passt-binding-cni-ds-ocp.yaml
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: passt-binding-cni
  namespace: kube-system
---
apiVersion: security.openshift.io/v1
kind: SecurityContextConstraints
metadata:
  name: passt-binding-cni
allowPrivilegedContainer: true
allowHostDirVolumePlugin: true
allowHostIPC: false
allowHostNetwork: false
allowHostPID: false
allowHostPorts: false
readOnlyRootFilesystem: false
runAsUser:
  type: RunAsAny
seLinuxContext:
  type: RunAsAny
users:
- system:serviceaccount:kube-system:passt-binding-cni
volumes:
- "*"
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: passt-binding-cni
  namespace: kube-system
  labels:
    app: passt-binding-cni
spec:
  selector:
    matchLabels:
      name: passt-binding-cni
  template:
    metadata:
      labels:
        name: passt-binding-cni
        app: passt-binding-cni
    spec:
      serviceAccountName: passt-binding-cni
      nodeSelector:
        kubernetes.io/os: linux
      containers:
      - name: installer
        resources:
          requests:
            cpu: "100m"
            memory: "50Mi"
          limits:
            cpu: "100m"
            memory: "50Mi"
        securityContext:
          privileged: true
        image: quay.io/kubevirt/network-passt-binding:v1.2.0
        command: [ "/bin/sh", "-cex" ]
        args:
        - |
          ls -la "/cni/network-passt-binding"
          cp -f  "/cni/network-passt-binding" "/opt/cni/bin"
          echo "passt binding CNI plugin installation complete"
          sleep infinity
        volumeMounts:
        - name: cnibin
          mountPath: /opt/cni/bin
      volumes:
      - name: cnibin
        hostPath:
          path: /opt/cni/bin

## passt-binding-cni-ds.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: passt-binding-cni
  namespace: kube-system
  labels:
    app: passt-binding-cni
spec:
  selector:
    matchLabels:
      name: passt-binding-cni
  template:
    metadata:
      labels:
        name: passt-binding-cni
        app: passt-binding-cni
    spec:
      nodeSelector:
        kubernetes.io/os: linux
      containers:
      - name: installer
        resources:
          requests:
            cpu: "100m"
            memory: "50Mi"
          limits:
            cpu: "100m"
            memory: "50Mi"
        securityContext:
          privileged: true
        image: quay.io/kubevirt/network-passt-binding:v1.2.0
        command: [ "/bin/sh", "-cex" ]
        args:
        - |
          ls -la "/cni/network-passt-binding"
          cp -f  "/cni/network-passt-binding" "/opt/cni/bin"
          echo "passt binding CNI plugin installation complete"
          sleep infinity
        volumeMounts:
        - name: cnibin
          mountPath: /opt/cni/bin
      volumes:
      - name: cnibin
        hostPath:
          path: /opt/cni/bin
	# Author: Or Mergi
	#
	# This script build basic container image to deploy Kubevirt passt binding CNI.
	#
	#
	#!/bin/bash
	curl -LO https://github.com/kubevirt/kubevirt/releases/download/v1.2.0/kubevirt-passt-binding
	chmod +x kubevirt-passt-binding

	cat <<EOF > Containerfile
	FROM alpine:3.14
	ADD kubevirt-passt-binding /cni/network-passt-binding
	EOF

	registry=quay.io/kubevirt

	podman build -f ./Containerfile -t ${registry}/kubevirt-passt-binding-cni:v1.2.0
	podman push ${registry}/kubevirt-passt-binding-cni:v1.2.0
	---
	apiVersion: v1
	kind: ServiceAccount
	metadata:
	name: passt-binding-cni
	namespace: kube-system
	---
	apiVersion: security.openshift.io/v1
	kind: SecurityContextConstraints
	metadata:
	name: passt-binding-cni
	allowPrivilegedContainer: true
	allowHostDirVolumePlugin: true
	allowHostIPC: false
	allowHostNetwork: false
	allowHostPID: false
	allowHostPorts: false
	readOnlyRootFilesystem: false
	runAsUser:
	type: RunAsAny
	seLinuxContext:
	type: RunAsAny
	users:
	- system:serviceaccount:kube-system:passt-binding-cni
	volumes:
	- "*"
	---
	apiVersion: apps/v1
	kind: DaemonSet
	metadata:
	name: passt-binding-cni
	namespace: kube-system
	labels:
	app: passt-binding-cni
	spec:
	selector:
	matchLabels:
	name: passt-binding-cni
	template:
	metadata:
	labels:
	name: passt-binding-cni
	app: passt-binding-cni
	spec:
	serviceAccountName: passt-binding-cni
	nodeSelector:
	kubernetes.io/os: linux
	containers:
	- name: installer
	resources:
	requests:
	cpu: "100m"
	memory: "50Mi"
	limits:
	cpu: "100m"
	memory: "50Mi"
	securityContext:
	privileged: true
	image: quay.io/kubevirt/network-passt-binding:v1.2.0
	command: [ "/bin/sh", "-cex" ]
	args:
	- \|
	ls -la "/cni/network-passt-binding"
	cp -f "/cni/network-passt-binding" "/opt/cni/bin"
	echo "passt binding CNI plugin installation complete"
	sleep infinity
	volumeMounts:
	- name: cnibin
	mountPath: /opt/cni/bin
	volumes:
	- name: cnibin
	hostPath:
	path: /opt/cni/bin