add kamaji flavor

CODEOWNERS

@@ -1 +1,4 @@
-*   @metal-stack/mini-lab-maintainers
+*   @metal-stack/mini-lab-maintainers
+
+**/kamaji @metal-stack/mini-lab-kamaji-maintainers
+**/*kamaji.* @metal-stack/mini-lab-kamaji-maintainers

Makefile

@@ -39,6 +39,9 @@ MINI_LAB_SONIC_IMAGE=r.metal-stack.io/vrnetlab/dell_sonic:$(MINI_LAB_DELL_SONIC_
 else ifeq ($(MINI_LAB_FLAVOR),capms)
 LAB_TOPOLOGY=mini-lab.capms.yaml
 MINI_LAB_SONIC_IMAGE=r.metal-stack.io/vrnetlab/dell_sonic:$(MINI_LAB_DELL_SONIC_VERSION)
+else ifeq ($(MINI_LAB_FLAVOR),kamaji)
+LAB_TOPOLOGY=mini-lab.kamaji.yaml
+KAMAJI_ENABLED=true
 else ifeq ($(MINI_LAB_FLAVOR),gardener)
 GARDENER_ENABLED=true
 # usually gardener restricts the maximum version for k8s:
@@ -165,6 +168,7 @@ cleanup-partition:
 	sudo --preserve-env $(CONTAINERLAB) destroy --topo mini-lab.dell_sonic.yaml
 	sudo --preserve-env $(CONTAINERLAB) destroy --topo mini-lab.sonic.yaml
 	sudo --preserve-env $(CONTAINERLAB) destroy --topo mini-lab.capms.yaml
+	sudo --preserve-env $(CONTAINERLAB) destroy --topo mini-lab.kamaji.yaml
 	docker network rm --force mini_lab_ext
 
 .PHONY: _privatenet

README.md

@@ -192,11 +192,12 @@ make power-<on,reset,off>-<machine name>
 
 ## Flavors
 
-There are four flavors of the mini-lab environment:
+All available mini-lab flavors are listed below:
 
 - `sonic`: runs two Community SONiC switches
 - `dell_sonic`: runs two Enterprise SONiC switches with a [locally built vrnetlab image](https://github.com/srl-labs/vrnetlab/tree/master/dell/dell_sonic)
 - `capms`: runs the `dell_sonic` flavor but with four instead of two machines (this is used for [cluster-provider-metal-stack](https://github.com/metal-stack/cluster-api-provider-metal-stack) in order to have dedicated hosts for control plane / worker / firewall)
+- `kamaji`: runs a variation of the `sonic` flavor. The working example is available at the [cluster-provider-metal-stack](https://github.com/metal-stack/cluster-api-provider-metal-stack)'s `capi-lab`.
 - `gardener`: runs the `sonic` flavor and installs the [Gardener](https://gardener.cloud) in the mini-lab
 
 In order to start specific flavor, you can define the flavor as follows:

compose.yaml

@@ -21,6 +21,7 @@ services:
       - DOCKER_HUB_USER=${DOCKER_HUB_USER}
       - DOCKER_HUB_TOKEN=${DOCKER_HUB_TOKEN}
       - GARDENER_ENABLED=${GARDENER_ENABLED:-}
+      - KAMAJI_ENABLED=${KAMAJI_ENABLED:-}
       - MONITORING_ENABLED=${MONITORING_ENABLED:-}
     network_mode: host
     working_dir: /mini-lab

deploy_control_plane.yaml

@@ -40,4 +40,8 @@
 
 - name: deploy gardener
   import_playbook: deploy_gardener.yaml
-  when: gardener_enabled
+  when: gardener_enabled and not kamaji_enabled
+
+- name: deploy kamaji
+  import_playbook: deploy_kamaji.yaml
+  when: kamaji_enabled and not gardener_enabled

deploy_kamaji.yaml

@@ -0,0 +1,11 @@
+---
+- name: deploy kamaji
+  hosts: control_plane
+  connection: local
+  gather_facts: false
+
+  roles:
+    - name: ansible-common
+      tags: always
+    - name: kamaji
+      tags: kamaji

inventories/group_vars/control_plane/kamaji.yaml

@@ -0,0 +1,2 @@
+---
+kamaji_enabled: "{{ lookup('env', 'KAMAJI_ENABLED') | default('', false) }}"

mini-lab.kamaji.yaml

@@ -0,0 +1,74 @@
+# flavor for mini-lab kamaji with cluster-api-provider-metal-stack
+name: mini-lab
+prefix: ""
+
+mgmt:
+  network: mini_lab_ext
+
+topology:
+  defaults:
+    kind: linux
+  nodes:
+    # make metal-control-plane accessible via mini_lab_ext
+    metal-control-plane-control-plane:
+      kind: ext-container
+      exec:
+        - ip route add 203.0.113.128/25 via 203.0.113.128 dev eth0
+    exit:
+      image: quay.io/frrouting/frr:10.3.0
+      network-mode: none
+      binds:
+        - files/exit/daemons:/etc/frr/daemons
+        - files/exit/frr.conf:/etc/frr/frr.conf
+        - files/exit/vtysh.conf:/etc/frr/vtysh.conf
+        - files/exit/network.sh:/root/network.sh
+      exec:
+        - sh /root/network.sh
+    external_service:
+      image: docker.io/library/nginx:alpine-slim
+      network-mode: none
+      binds:
+        - files/external_service/network.sh:/root/network.sh
+      exec:
+        - sh /root/network.sh
+    mini_lab_ext:
+      kind: bridge
+    leaf01:
+      group: leaves
+      image: ${MINI_LAB_SONIC_IMAGE}
+      binds:
+        - files/ssh/id_ed25519.pub:/authorized_keys
+      env:
+        QEMU_MEMORY: 4096
+    leaf02:
+      group: leaves
+      image: ${MINI_LAB_SONIC_IMAGE}
+      binds:
+        - files/ssh/id_ed25519.pub:/authorized_keys
+      env:
+        QEMU_MEMORY: 4096
+    machine01:
+      group: machines
+      image: ${MINI_LAB_VM_IMAGE}
+      env:
+        UUID: 00000000-0000-0000-0000-000000000001
+        QEMU_CPU_CORES: 2
+        QEMU_DISK_SIZE: 20G
+    machine02:
+      group: machines
+      image: ${MINI_LAB_VM_IMAGE}
+      env:
+        UUID: 00000000-0000-0000-0000-000000000002
+        QEMU_CPU_CORES: 2
+        QEMU_DISK_SIZE: 20G
+  links:
+    - endpoints: ["exit:mini_lab_ext", "mini_lab_ext:exit"]
+      mtu: 9000
+    - endpoints: ["external_service:mini_lab_ext", "mini_lab_ext:external_service"]
+      mtu: 9000
+    - endpoints: ["leaf01:Ethernet0", "machine01:lan0"]
+    - endpoints: ["leaf02:Ethernet0", "machine01:lan1"]
+    - endpoints: ["leaf01:Ethernet1", "machine02:lan0"]
+    - endpoints: ["leaf02:Ethernet1", "machine02:lan1"]
+    - endpoints: ["leaf01:Ethernet120", "exit:eth1"]
+    - endpoints: ["leaf02:Ethernet120", "exit:eth2"]

roles/kamaji/tasks/main.yaml

@@ -0,0 +1,45 @@
+---
+- name: Deploy cert manager
+  kubernetes.core.helm:
+    chart_ref: cert-manager
+    chart_repo_url: https://charts.jetstack.io
+    name: cert-manager
+    release_namespace: cert-manager
+    create_namespace: true
+    wait: true
+    set_values:
+      - value: installCRDs=true
+
+- name: Deploy metallb
+  kubernetes.core.helm:
+    chart_ref: metallb
+    chart_repo_url: https://metallb.github.io/metallb
+    name: metallb
+    release_namespace: metallb-system
+    create_namespace: true
+    wait: true
+
+- name: Apply MetalLB IP address pool
+  kubernetes.core.k8s:
+    state: present
+    template: metallb-kind-ip-pool.yaml
+
+- name: Deploy kamaji
+  kubernetes.core.helm:
+    chart_ref: kamaji
+    chart_repo_url: https://clastix.github.io/charts
+    chart_version: 0.0.0+latest
+    name: kamaji
+    release_namespace: kamaji-system
+    create_namespace: true
+    wait: true
+    set_values:
+      - value: image.tag=latest
+      - value: resources=null
+
+- name: Create kamaji tenant cluster namespace
+  kubernetes.core.k8s:
+    name: kamaji-tenants
+    api_version: v1
+    kind: Namespace
+    state: present

roles/kamaji/templates/metallb-kind-ip-pool.yaml

@@ -0,0 +1,15 @@
+---
+apiVersion: metallb.io/v1beta1
+kind: IPAddressPool
+metadata:
+  name: kind-ip-pool
+  namespace: metallb-system
+spec:
+  addresses:
+    - 172.18.255.200-172.18.255.250
+---
+apiVersion: metallb.io/v1beta1
+kind: L2Advertisement
+metadata:
+  name: empty
+  namespace: metallb-system