After instantiating the network function for the STS card, download and deploy the STS helm charts on the workload cluster.
Prerequisites
Download the helm charts for Silicom's Tsyncd:
Add the helm repository from github.io:
$ helm repo add sts-charts https://silicom-ltd.github.io/STS_HelmCharts/ "sts-charts" has been added to your repositories
Verify that STS charts are present in the repository:
$ helm search repo sts-charts NAME CHART VERSION APP VERSION DESCRIPTION sts-charts/sts-silicom 0.0.8 1.0.0 Silicom STS PTP tsync deployment $
Download the STS charts package as a tar archive:
$ helm pull sts-charts/sts-silicom WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /home/capv/.kube/config WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /home/capv/.kube/config $
Un-tar the package:
$ tar -xvzf sts-silicom-0.0.8.tgz sts-silicom/Chart.yaml sts-silicom/values.yaml sts-silicom/templates/_helpers.tpl sts-silicom/templates/configmaps.yaml sts-silicom/templates/daemonsets.yaml sts-silicom/templates/rbac.yaml sts-silicom/templates/services.yaml $
Procedure
- Run Tsyncd in the Grand Master mode and overwrite the defaults in Tsyncd helm charts by preparing a yaml file, for example, gm.yaml.
In this example, profileID: 2 is used for GM mode. Tsyncd and grpc-tsyncd versions 2.1.2.8 are used.
$ cat gm.yaml NodeSelectors: telco.vmware.com.node-restriction.kubernetes.io/sts-silicom: true Images: Tsyncd: quay.io/silicom/tsyncd:2.1.2.8 GrpcTsyncd: quay.io/silicom/grpc-tsyncd:2.1.2.8 Spec: profileID: 2 ports: - ethName: sts-eth1 ql: 4 portSpeed: 10000 ethPort: 1 - ethName: sts-eth2 ql: 4 portSpeed: 10000 ethPort: 2 - ethName: sts-eth3 ql: 4 portSpeed: 10000 ethPort: 3 - ethName: sts-eth4 ql: 4 portSpeed: 10000 ethPort: 4 - ethName: sts-eth5 ql: 4 portSpeed: 10000 ethPort: 5 - ethName: sts-eth6 ql: 4 portSpeed: 10000 ethPort: 6 - ethName: sts-eth7 ql: 4 portSpeed: 10000 ethPort: 7 - ethName: sts-eth8 ql: 4 portSpeed: 10000 ethPort: 8 masterPortMask_GM: 0xfff syncePortMask_GM: 0xfff domainNum_8275_1: 24 forwardable: 1 twoStep: 0 $ - Install Tsyncd in the Kubernetes namespace (for example, 'tca-system') using helm.
$ helm install -f gm.yaml --debug sts-gm --namespace tca-system ./sts-silicom WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /home/capv/.kube/config WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /home/capv/.kube/config install.go:173: [debug] Original chart version: "" install.go:190: [debug] CHART PATH: /home/capv/sts-silicom client.go:122: [debug] creating 3 resource(s) NAME: sts-gm LAST DEPLOYED: Tue Oct 11 22:22:56 2022 NAMESPACE: tca-system STATUS: deployed REVISION: 1 TEST SUITE: None USER-SUPPLIED VALUES: Images: GrpcTsyncd: quay.io/silicom/grpc-tsyncd:2.1.2.8 Tsyncd: quay.io/silicom/tsyncd:2.1.2.8 NodeSelectors: telco.vmware.com.node-restriction.kubernetes.io/sts-silicom: true Spec: ports: - ethName: sts-eth1 ethPort: 1 portSpeed: 10000 ql: 4 - ethName: sts-eth2 ethPort: 2 portSpeed: 10000 ql: 4 - ethName: sts-eth3 ethPort: 3 portSpeed: 10000 ql: 4 - ethName: sts-eth4 ethPort: 4 portSpeed: 10000 ql: 4 - ethName: sts-eth5 ethPort: 5 portSpeed: 10000 ql: 4 - ethName: sts-eth6 ethPort: 6 portSpeed: 10000 ql: 4 - ethName: sts-eth7 ethPort: 7 portSpeed: 10000 ql: 4 - ethName: sts-eth8 ethPort: 8 portSpeed: 10000 ql: 4 profileID: 2 domainNum_8275_1: 24 forwardable: 1 masterPortMask_GM: 4095 syncePortMask_GM: 4095 twoStep: 0 COMPUTED VALUES: EnableGPS: true GpsSvcPort: 2947 GrpcCfgPort: 50053 GrpcEvntPort: 50052 GrpcStatPort: 50054 GrpcSvcPort: 50051 GrpcTimingMgr: 50055 Images: Gpsd: quay.io/silicom/gpsd:3.23.1 GrpcTsyncd: quay.io/silicom/grpc-tsyncd:2.1.2.8 Phc2Sys: quay.io/silicom/phc2sys:3.1.1 TsyncExtts: quay.io/silicom/tsync_extts:1.0.0 Tsyncd: quay.io/silicom/tsyncd:2.1.2.8 InstallRbac: false NodeSelectors: telco.vmware.com.node-restriction.kubernetes.io/sts-silicom: true ServiceAccount: silicom Spec: IPCServer: 1 aprLevel: 0 debugAPI: 0 domainNum_8265_2: 4 domainNum_8275_1: 24 domainNum_8275_2: 44 dumpMode: 0 esmcMode: 2 eventMask: 3 forwardable: 1 freerunSQ: 0 freqCat: 3 getRawTs: 0 gnssAntSet: 2 gnssCableDelay: 50 gnssClockOutEn: 0 gnssCwTh: 50 gnssDutyLockTP1: 10 gnssDutyLockTP2: 50 gnssDutyTP1: 0 gnssDutyTP2: 0 gnssFreqLockTP1: 1 gnssFreqLockTP2: 10000000 gnssFreqTP1: 1 gnssFreqTP2: 10000000 gnssIntfDetect: 1 gnssLockMode: 1 gnssLockTh: 100 gnssMinElev: 5 gnssMinSatSig: 9 gnssMsgNmeaUsb: 7 gnssMsgUbxUsb: 0 gnssPulseDef: 1 gnssPulseLenDef: 0 gnssRecvTMode: 1 gnssSigBDSB1En: 1 gnssSigBDSB2En: 1 gnssSigBDSEn: 1 gnssSigGLOEn: 1 gnssSigGLOL1En: 1 gnssSigGLOL2En: 1 gnssSigGalE1En: 1 gnssSigGalE5BEn: 1 gnssSigGalEn: 1 gnssSigGpsEn: 1 gnssSigGpsL1CAEn: 1 gnssSigGpsL2CEn: 1 gnssSigQZSSEn: 1 gnssSigQZSSL1CAEn: 1 gnssSigQZSSL1SEn: 0 gnssSigQZSSL2CEn: 1 gnssSigSBASEn: 1 gnssSigSBASL1CAEn: 0 gnssSvinAccLimit: 100000 gnssSvinMinDur: 120 gnssTP1En: 0 gnssTP2En: 0 gnssUseLockTP1: 1 gnssUseLockTP2: 1 gpsdDbgLevel: 2 hoSpecDuration: 14400 inbandMode: 1 ipv6PortMask: 0 masterPortMask_BC: 4095 masterPortMask_GM: 4095 mode10MHz: 2 modePPS: 2 phaseOfstEn_GM: 0 phaseOfstVal_GM: 1948960 phyLedsCtl: 0 ports: - ethName: sts-eth1 ethPort: 1 portSpeed: 10000 ql: 4 - ethName: sts-eth2 ethPort: 2 portSpeed: 10000 ql: 4 - ethName: sts-eth3 ethPort: 3 portSpeed: 10000 ql: 4 - ethName: sts-eth4 ethPort: 4 portSpeed: 10000 ql: 4 priority2: 128 profileID: 2 slavePortMask_BC: 4095 slavePortMask_TSC: 4095 src10MHz: 1 srcPPS: 1 ssmMode: 1 stsCpu: 10 swTimestamp: 0 syncOption: 1 synceHoldOff: 500 syncePortMask_BC: 4095 syncePortMask_GM: 4095 syncePortMask_TSC: 4095 synceRecClkMode: 2 synceRecClkPort: 0 taccLogEn: 0 traceLevel: 0 traceModule: 23 tracePtpMsg: -1 twoStep: 0 whenWriteLog: 0 domainNum_8275_1: 24 forwardable: 1 masterPortMask_GM: 4095 syncePortMask_GM: 4095 twoStep: 0 HOOKS: MANIFEST: --- # Source: sts-silicom/templates/configmaps.yaml apiVersion: v1 kind: ConfigMap metadata: name: "sts-gm-cfg" namespace: tca-system data: tsyncd.conf: | profileID = 2 port1 = sts-eth1 portSpeed1 = 10000 ql1 = 4 port2 = sts-eth2 portSpeed2 = 10000 ql2 = 4 port3 = sts-eth3 portSpeed3 = 10000 ql3 = 4 port4 = sts-eth4 portSpeed4 = 10000 ql4 = 4 port4 = sts-eth5 portSpeed5 = 10000 ql4 = 4 port4 = sts-eth6 portSpeed6 = 10000 ql4 = 4 port4 = sts-eth7 portSpeed7 = 10000 ql4 = 4 port4 = sts-eth8 portSpeed8 = 10000 ql4 = 4 synceHoldOff = 500 masterPortMask_GM = 0xfff syncePortMask_GM = 0xfff phyLedsCtl = 0 domainNum_8275_1 = 24 domainNum_8275_2 = 44 domainNum_8265_2 = 4 forwardable = 1 twoStep = 0 freerunSQ = 0 priority2 = 128 modePPS = 2 srcPPS = 1 src10MHz = 1 mode10MHz = 2 freqCat = 3 hoSpecDuration = 14400 synceRecClkPort = 0 syncOption = 1 stsCpu = 10 phaseOfstEn_GM = 0 phaseOfstVal_GM = 1948960 ipv6PortMask = 0 swTimestamp = 0 inbandMode = 1 dumpMode = 0 getRawTs = 0 aprLevel = 0 traceModule = 23 traceLevel = 0 tracePtpMsg = -1 esmcMode = 2 ssmMode = 1 whenWriteLog = 0 debugAPI = 0 IPCServer = 1 gnssSigGpsEn = 1 gnssSigGpsL1CAEn = 1 gnssSigGpsL2CEn = 1 gnssSigSBASEn = 1 gnssSigSBASL1CAEn = 0 gnssSigGalEn = 1 gnssSigGalE1En = 1 gnssSigGalE5BEn = 1 gnssSigBDSEn = 1 gnssSigBDSB1En = 1 gnssSigBDSB2En = 1 gnssSigQZSSEn = 1 gnssSigQZSSL1CAEn = 1 gnssSigQZSSL1SEn = 0 gnssSigQZSSL2CEn = 1 gnssSigGLOEn = 1 gnssSigGLOL1En = 1 gnssSigGLOL2En = 1 gnssCableDelay = 50 gnssPulseDef = 1 gnssPulseLenDef = 0 gnssTP1En = 0 gnssFreqTP1 = 1 gnssFreqLockTP1 = 1 gnssUseLockTP1 = 1 gnssDutyTP1 = 0 gnssDutyLockTP1 = 10 gnssTP2En = 0 gnssFreqTP2 = 10000000 gnssFreqLockTP2 = 10000000 gnssUseLockTP2 = 1 gnssDutyTP2 = 0 gnssDutyLockTP2 = 50 gnssMinElev = 5 gnssMinSatSig = 9 gnssMsgNmeaUsb = 7 gnssMsgUbxUsb = 0 gnssIntfDetect = 1 gnssAntSet = 2 gnssCwTh = 50 gnssRecvTMode = 1 gnssSvinMinDur = 120 gnssSvinAccLimit = 100000 gnssLockMode = 1 gnssLockTh = 100 gnssClockOutEn = 0 tsyncd_grpc.json: | { "Tsynctl": ":50051", "TsyncEvents": ":50052", "TsyncConfig": ":50053", "TsyncStatus": ":50054", "TimingMgr": ":50055", "LogLevel": "info" } --- # Source: sts-silicom/templates/services.yaml apiVersion: v1 kind: Service metadata: name: "sts-gm-gps" namespace: tca-system labels: sts.silicom.com/svc: gpsd spec: type: ClusterIP selector: app: "sts-gm-gps" ports: - protocol: TCP port: 2947 targetPort: 2947--- apiVersion: v1 kind: Service metadata: name: "sts-gm-grp" namespace: tca-system labels: sts.silicom.com/svc: tsyncd spec: type: ClusterIP selector: app: grpc_tsyncd ports: - protocol: TCP port: 50051 targetPort: 50051 name: "sts-gm-grp" - protocol: TCP port: 50052 targetPort: 50052 name: "sts-gm-evt" - protocol: TCP port: 50053 targetPort: 50053 name: "sts-gm-cfg" - protocol: TCP port: 50054 targetPort: 50054 name: "sts-gm-stt" - protocol: TCP port: 50055 targetPort: 50055 name: "sts-gm-mgr" --- # Source: sts-silicom/templates/daemonsets.yaml apiVersion: apps/v1 kind: DaemonSet metadata: name: "sts-gm-tsy" namespace: tca-system labels: app: grpc_tsyncd spec: selector: matchLabels: app: grpc_tsyncd template: metadata: labels: app: grpc_tsyncd spec: shareProcessNamespace: true nodeSelector: telco.vmware.com.node-restriction.kubernetes.io/sts-silicom: "true" dnsPolicy: ClusterFirstWithHostNet hostNetwork: true containers: - image: quay.io/silicom/tsync_extts:1.0.0 name: "sts-gm-ext" imagePullPolicy: Always volumeMounts: - name: devfs mountPath: /dev env: - name: WAIT_FOR_GPS value: "true" - name: STS_Cpu value: "10" - name: GM_MODE value: "-g" - name: GPS_SVC_PORT value: "2947" securityContext: privileged: true - image: quay.io/silicom/gpsd:3.23.1 imagePullPolicy: Always name: "sts-gm-gps" ports: - containerPort: 2947 name: "sts-gm-gps" env: - name: GPS_SVC_PORT value: "2947" - name: STS_Cpu value: "10" volumeMounts: - name: devfs mountPath: /dev securityContext: privileged: true - image: quay.io/silicom/grpc-tsyncd:2.1.2.8 imagePullPolicy: Always name: "sts-gm-grp" ports: - containerPort: 50051 name: "sts-gm-grp" - containerPort: 50052 name: "sts-gm-evt" - containerPort: 50053 name: "sts-gm-cfg" - containerPort: 50054 name: "sts-gm-stt" - containerPort: 50055 name: "sts-gm-mgr" env: - name: STS_Cpu value: "10" volumeMounts: - name: logs mountPath: /var/log - name: "sts-gm-cfg" mountPath: /etc/tsyncd/tsyncd_grpc.json subPath: tsyncd_grpc.json securityContext: privileged: true readOnlyRootFilesystem: false capabilities: add: - CAP_SYS_ADMIN - image: quay.io/silicom/tsyncd:2.1.2.8 imagePullPolicy: Always name: "sts-gm-tsy" env: - name: WAIT_FOR_GPS value: "true" - name: GPS_SVC_PORT value: "2947" - name: STS_Cpu value: "10" args: - --zap-log-level=10 volumeMounts: - name: devfs mountPath: /dev - name: "sts-gm-cfg" mountPath: /etc/tsyncd/tsyncd.conf subPath: tsyncd.conf - name: logs mountPath: /var/log securityContext: privileged: true - image: quay.io/silicom/phc2sys:3.1.1 name: "sts-gm-phc" imagePullPolicy: Always env: - name: WAIT_FOR_GPS value: "true" - name: GPS_SVC_PORT value: "2947" - name: STS_Cpu value: "10" volumeMounts: - name: devfs mountPath: /dev securityContext: privileged: true readOnlyRootFilesystem: false capabilities: add: - CAP_SYS_TIME volumes: - name: devfs hostPath: path: /dev - name: "sts-gm-cfg" configMap: defaultMode: 0777 name: "sts-gm-cfg" - name: logs emptyDir: {} $ - Verify that the Tsycnd daemonSet is deployed with 4 pods, 1 configmap, and 1 service.
$ kubectl get ds -n tca-system NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE nodeconfig-daemon 2 2 2 2 2 <none> 26d nodeconfig-daemon-control-plane 1 1 1 1 1 node-role.kubernetes.io/master= 26d sts-gm-tsy 1 1 1 1 1 telco.vmware.com.node-restriction.kubernetes.io/sts-silicom=true 4m5s $ kubectl get pods -n tca-system NAME READY STATUS RESTARTS AGE nodeconfig-daemon-cnf47 1/1 Running 2 (7d10h ago) 26d nodeconfig-daemon-control-plane-vxsn4 1/1 Running 0 26d nodeconfig-daemon-gprbk 1/1 Running 3 (64m ago) 27h nodeconfig-operator-6c5c896bb5-z4zbj 2/2 Running 0 26d sts-gm-tsy-nzjcc 5/5 Running 0 4m24s $ kubectl get configmap -n tca-system NAME DATA AGE kube-root-ca.crt 1 26d nodeconfig-operator-lock 0 26d sts-gm-cfg 2 4m37s wc-sts2-new-master-control-plane-rcfnd-profile-cm 1 26d wc-sts2-new-np1-766b448bdd-kdngf-profile-cm 1 26d wc-sts2-new-np2-7b5949fc5-79vnk-profile-cm 1 27h $ kubectl get services -n tca-system NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE nfd-master ClusterIP 100.64.159.237 <none> 8080/TCP 26d nodeconfig-operator-metrics ClusterIP 100.70.168.211 <none> 8383/TCP,8686/TCP 26d nodeconfigvalidator ClusterIP 100.69.60.144 <none> 443/TCP 26d sts-gm-grp ClusterIP 100.65.171.168 <none> 50051/TCP,50052/TCP,50053/TCP,50054/TCP,50055/TCP 4m45s $
