Reference Architecture 24.01

New Components/Features:
- Support 5th Gen Intel® Xeon® Scalable processor for the Edge/IoT
- Support Intel® Edge AI Box 4.0 on 12th Gen Intel® Core™ desktop processors, 12th Gen Intel® Core™ processor for IoT Edge, and Intel® Core™ Ultra Processor for Edge Deployments
- Support Intel® In-Band Manageability framework software to enable an administrator to perform critical device management operations for Intel® Edge AI box
- Support Intel® Workload Services Framework version of the Istio* Envoy* workload
- Support VMs provision via KubeVirt* (v1.1.0)
- Support external access to services via Ingress controller for Kubernetes using NGINX* as a reverse proxy and load balancer (ngress-nginx v4.8.3)
- Support automated detection and coniguration of SR-IOV and Intel® QuickAssist Technology (Intel® QAT) devices for VMRA

Updates/Changes:
- Versions upgraded for the vast majority of RA components (See Section 4.1 for all supported versions)
- Notable updates:
    FlexRAN™ to v23.11 [under NDA]
    Kubernetes* to v1.28.3
    Rancher to 2.7.9
    Data Plane Development Kit (DPDK) to v23.11
    Open vSwitch with DPDK to 3.2.1
    Intel® Multi-Buffer Crypto for IPsec library to v1.5
    Intel® QuickAssist Technology Engine for OpenSSL* (Intel® QAT Engine for OpenSSL*) to v1.4
    OpenSSL* to 3.1.4
    Intel® Power Manager to v2.3.1
    SR-IOV FEC Operator to v2.8
    OpenVINO™ v2023.1
    FFmpeg to v2023q3
    Intel® Deep Learning Streamer (Intel® DL Streamer) 2023.0
    OpenCV 4.8.0
    VPP to 23.10
    Intel® Dynamic Load Balancer (Intel® DLB) software release v8.7.0
    Intel® Data Streaming Accelerator (Intel® DSA) software release v4.14
    Istio 1.20.1
    Intel® Node Feature Discovery (NFD) to 0.14.3
    Linux overlay kernel 6.3.0-x
    Intel® Core™ Ultra processor GPU driver and X11/Wayland* UI framework
    Intel® AI Boost driver for Intel® Core™ Ultra processor [under NDA]
    Intel® Core™ Ultra processor audio firmware and topology [under NDA]

Updates/Changes made for the Reference System 23.10.1 minor release:
- Support Intel® Core™ Ultra processor with NDA packages
- Update Base Container components supported by On Prem Edge AI Box Configuration Profile

New Hardware (Platforms/CPUs/GPUs/Accelerators):
- Intel® Core™ Ultra processor for Edge Deployments
- 5th Gen Intel® Xeon® Scalable processor for the Edge/IoT

Removed Support:
- Officially discontinued support for 3rd Gen Intel® Xeon® Scalable processors

Known Limitations/Restrictions:
- CPU Control Plane Plugin for Kubernetes* is only supported on Ubuntu OS with single node deployment
- MinIO* is supported only with CRI-O runtime
- Only in-tree Intel® QuickAssist Technology (Intel® QAT) drivers supported on RHEL 9.2 and Rocky 9.2
- UserSpace CNI with VPP is not supported
- Intel® Trust Domain Extensions (Intel® TDX) on VMRA does not support Intel® Dynamic Load Balancer (Intel® DLB), Intel® DSA, Intel® QAT, or network adapter device passthrough due to Intel® TDX driver security concerns
- Intel® Ethernet Operator DDP update feature might not work in rare cases; Legacy DDP update feature does not work
- KubeVirt and GPU_DP do not support Docker runtime
- Intel® Media Transport Library v23.08 only supports ICE versions between 1.9.11 and 1.11.14
- OneAPI ITEX sample does not support the GPU path on RHEL 9.2

Co-authored-by: Alek Du <[email protected]>
Co-authored-by: Benedikt, Jan <[email protected]>
Co-authored-by: Fiala, Jiri <[email protected]>
Co-authored-by: Hu, Hao <[email protected]>
Co-authored-by: Jiang, Renzhi <[email protected]>
Co-authored-by: Kasanic, Denis <[email protected]>
Co-authored-by: Liu, GuangyuX <[email protected]>
Co-authored-by: Liu, Rachel A <[email protected]>
Co-authored-by: Long, Zhifang <[email protected]>
Co-authored-by: Pedersen, Michael <[email protected]>
Co-authored-by: Prokes, Jiri <[email protected]>
Co-authored-by: Ren, Shu <[email protected]>
Co-authored-by: Vrana, Roman <[email protected]>
Co-authored-by: Xu, Guoshu <[email protected]>
Co-authored-by: Zenov, Mykyta <[email protected]>

Makefile

@@ -1,14 +1,16 @@
 CEK_DIRECTORIES_WITH_SHELL_FILES ?= roles/ examples/ playbooks/infra/ playbooks/intel/
-ARCH ?= 'icx'
+ARCH ?= 'spr'
 NIC ?= 'cvl'
 MIRRORS ?= false
 PLAYBOOKS_DIRS = playbooks playbooks/infra playbooks/intel
-PLAYBOOK_NAMES = access basic full_nfv on_prem on_prem_vss on_prem_sw_defined_factory on_prem_aibox regional_dc remote_fp build_your_own
+PLAYBOOK_NAMES = access basic base_video_analytics full_nfv on_prem on_prem_vss on_prem_sw_defined_factory on_prem_aibox regional_dc remote_fp build_your_own
+
+USERNAME = 'root'
 
 # set default target available with simple 'make' command
 .DEFAULT_GOAL := examples
 
-.PHONY: shellcheck ansible-lint all-profiles clean clean-playbooks help k8s-profiles vm-profiles cloud-profiles
+.PHONY: shellcheck ansible-lint all-profiles clean clean-playbooks help k8s-profile vm-profile cloud-profile auto-k8s-profile auto-vm-profile auto-cloud-profile
 
 shellcheck:
 	find $(CEK_DIRECTORIES_WITH_SHELL_FILES) -type f \( -name '*.sh' -o -name '*.bash' -o -name '*.ksh' -o -name '*.bashrc' -o -name '*.bash_profile' -o -name '*.bash_login' -o -name '*.bash_logout' \) \
@@ -17,20 +19,34 @@ shellcheck:
 ansible-lint:
 	ansible-lint playbooks/* roles/* -c .ansible-lint
 
-# make sure PROFILE is set to an 'all_examples' string for 'examples' and empty target
-ifeq ($(MAKECMDGOALS), $(filter $(MAKECMDGOALS),examples ''))
+# make sure PROFILE is set to an 'all_examples' string for 'examples', 'auto-examples' and empty target
+ifeq ($(MAKECMDGOALS), $(filter $(MAKECMDGOALS),examples auto-examples ''))
 override PROFILE = 'all_examples'
 endif
 
 # make sure PROFILE is defined for mode-related targets
 ifndef PROFILE
-ifeq ($(MAKECMDGOALS), $(filter $(MAKECMDGOALS),k8s-profile vm-profile cloud-profile))
+ifeq ($(MAKECMDGOALS), $(filter $(MAKECMDGOALS),k8s-profile vm-profile cloud-profile auto-k8s-profile auto-vm-profile auto-cloud-profile))
 $(error please specify which profile should be generated, e.g. PROFILE=basic. Run 'make help' for more information.)
 endif
 endif
 
+ifdef MAKECMDGOALS
+ifeq ($(MAKECMDGOALS), $(filter $(MAKECMDGOALS),auto-k8s-profile auto-vm-profile auto-cloud-profile auto-examples))
+ifndef HOSTS
+$(error please set machines IPs for auto-detection, e.g. HOSTS=a.a.a.a,b.b.b.b. Run 'make help' for more information.)
+endif
+RESULT = $(shell python3 ./scripts/autodetect_arch_and_nic_type.py -m $(HOSTS) -u $(USERNAME) || { echo >&2 "Unable to auto-detect ARCH and NIC. Exiting."; kill $$PPID; })
+ARCH = $(word 1,$(subst ;, ,$(RESULT)))
+NIC = $(word 2,$(subst ;, ,$(RESULT)))
+$(info Autodetected ARCH=$(ARCH) NIC=$(NIC))
+endif
+endif
+
 examples: k8s-profile vm-profile cloud-profile
 
+auto-examples: auto-k8s-profile auto-vm-profile auto-cloud-profile
+
 k8s-profile: clean-playbooks
 	python3 generate/render.py \
 	--config generate/profiles_templates/k8s/profiles.yml \
@@ -44,6 +60,8 @@ k8s-profile: clean-playbooks
 	-n ${NIC} \
 	-m ${MIRRORS}
 
+auto-k8s-profile: k8s-profile
+
 vm-profile: clean-playbooks
 	python3 generate/render.py \
 	--config generate/profiles_templates/vm/vm_host_profiles.yml \
@@ -58,6 +76,8 @@ vm-profile: clean-playbooks
 	-n ${NIC} \
 	-m ${MIRRORS}
 
+auto-vm-profile: vm-profile
+
 cloud-profile: clean-playbooks
 	python3 generate/render.py \
 	--config generate/profiles_templates/cloud/profiles.yml \
@@ -71,38 +91,44 @@ cloud-profile: clean-playbooks
 	-n ${NIC} \
 	-m ${MIRRORS}
 
+auto-cloud-profile: cloud-profile
+
 clean: clean-playbooks clean-project-root-dir
 
 clean-backups:
 	rm -rf backups
 
 clean-project-root-dir:
-	rm -rf examples host_vars group_vars inventory.ini
+	rm -rf examples host_vars group_vars inventory.ini .nic-pci-*.yml .qat-pci-*.yml
 
 clean-playbooks:
 	for d in $(PLAYBOOKS_DIRS) ; do for n in $(PLAYBOOK_NAMES) ; do rm -f $$d/$$n.yml ; done done
 
 help:
 	@echo "Cleaning targets:"
-	@echo "    clean                                   - removes examples directory,"
-	@echo "                                              all host_vars and group_vars dirs,"
-	@echo "                                              inventory files and playbooks"
+	@echo "    clean                                       - removes examples directory,"
+	@echo "                                                  all host_vars and group_vars dirs,"
+	@echo "                                                  inventory files and playbooks"
 	@echo ""
-	@echo "    clean-backups                           - clean generated backup files."
+	@echo "    clean-backups                               - clean generated backup files."
 	@echo ""
 	@echo "Genertare example profiles:"
-	@echo "    make, examples                          - generate sample files of all available profiles."
+	@echo "    make, examples                              - generate sample files of all available profiles."
 	@echo ""
 	@echo "Generating k8s profile:"
-	@echo "    k8s-profile PROFILE=<profile_name>      - generate files required for deployment of specific profile in k8s mode."
+	@echo "    k8s-profile PROFILE=<profile_name>          - generate files required for deployment of specific profile in k8s mode."
+	@echo "    auto-k8s-profile PROFILE=<profile_name>"
 	@echo ""
 	@echo "Generating VM profile:"
-	@echo "    vm-profile PROFILE=<profile_name>       - generate files required for deployment of specific profile in vm mode."
+	@echo "    vm-profile PROFILE=<profile_name>           - generate files required for deployment of specific profile in vm mode."
+	@echo "    auto-vm-profile PROFILE=<profile_name>"
 	@echo ""
 	@echo "Generating Cloud profile:"
-	@echo "    cloud-profile PROFILE=<profile_name>    - generate files required for deployment of specific profile in cloud mode."
+	@echo "    cloud-profile PROFILE=<profile_name>        - generate files required for deployment of specific profile in cloud mode."
+	@echo "    auto-cloud-profile PROFILE=<profile_name>"
 	@echo ""
 	@echo "For more information about:"
+	@echo "		- architecture and ethernet network adapter auto-detection"
 	@echo "		- profiles generation"
 	@echo "		- supported architectures"
 	@echo "		- available profiles"

Pipfile

@@ -4,22 +4,22 @@ verify_ssl = true
 name = "pypi"
 
 [packages]
-ansible = "~=7.7.0"
-"ansible-core" = "~=2.14"
+ansible = "~=8.6.1"
+"ansible-core" = "~=2.15"
 cryptography = "~=41.0"
 jinja2 = "~=3.1"
-netaddr = "~=0.8.0"
-pbr = "~=5.11"
+netaddr = "~=0.9.0"
+pbr = "~=6.0"
 jmespath = "~=1.0.1"
-"ruamel.yaml" = "~=0.17.32"
-"ruamel.yaml.clib" = "~=0.2.7"
+"ruamel.yaml" = "~=0.17.40"
+"ruamel.yaml.clib" = "~=0.2.8"
 MarkupSafe = "~=2.1"
-ipaddr = "*"
 
 [dev-packages]
-ansible-lint = "~=6.12.2"
-pylint = "~=2.17.5"
+ansible-lint = "~=6.21.1"
+pylint = "~=3.0.2"
 bandit = "~=1.7.5"
+licenseheaders = "~=0.8.8"
 
 [requires]
 python_version = "3"

README.md

@@ -22,6 +22,12 @@ The software provided here is for reference only and not intended for production
         export PROFILE=access
         ```
 
+    - For **Kubernetes Edge Ready Infrastructure** deployment:
+
+        ```bash
+        export PROFILE=base_video_analytics
+        ```
+
     - For **Kubernetes Regional Data Center Infrastructure** deployment:
 
         ```bash
@@ -99,15 +105,26 @@ The software provided here is for reference only and not intended for production
     ansible-galaxy install -r collections/requirements.yml
     ```
 
-4. Generate example host_vars, group_vars and inventory files for Intel Container Experience Kits profiles.
+4. Copy SSH key to all Kubernetes nodes or VM hosts you are going to use.
+
+    ```bash
+    ssh-copy-id <user>@<host>
+    ```
+
+5. Generate example host_vars, group_vars and inventory files for Intel Container Experience Kits profiles.
 
    > **_NOTE:_** It is **highly recommended** to read [this](docs/generate_profiles.md) file before profiles generation.
 
+    Architecture and Ethernet Network Adapter type can be auto-discovered:
+    ```bash
+    make auto-examples HOSTS=X.X.X.X,X.X.X.X USERNAME=<user>
+    ```
+    or specified manually:
     ```bash
-    make examples ARCH=<atom,core,**icx**,spr,emr,ultra> NIC=<fvl,**cvl**>
+    make examples ARCH=<atom,core,icx,**spr**,emr,gnr,ultra> NIC=<fvl,**cvl**>
     ```
 
-5. Copy example inventory file to the project root dir.
+6. Copy example inventory file to the project root dir.
 
     ```bash
     cp examples/k8s/${PROFILE}/inventory.ini .
@@ -121,7 +138,7 @@ The software provided here is for reference only and not intended for production
 
     > **_NOTE:_** For cloud profiles no inventory.ini file is created, as it will be generated during machine provisioning. As a result, step 6 can be skipped.
 
-6. Update inventory file with your environment details.
+7. Update inventory file with your environment details.
 
     For VM case: update details relevant for vm_host
 
@@ -133,7 +150,7 @@ The software provided here is for reference only and not intended for production
 
     In `all_system_facts.txt` file you will find details about your hardware, operating system and network interfaces, which will help to properly configure Ansible variables in the next steps.
 
-7. Copy group_vars and host_vars directories to the project root dir.
+8. Copy group_vars and host_vars directories to the project root dir.
 
     ```bash
     cp -r examples/k8s/${PROFILE}/group_vars examples/k8s/${PROFILE}/host_vars .
@@ -151,7 +168,7 @@ The software provided here is for reference only and not intended for production
     cp -r examples/cloud/${PROFILE}/group_vars examples/cloud/${PROFILE}/host_vars .
     ```
 
-8. Update group and host vars to match your desired configuration. Refer to [this section](#configuration) for more details.
+9. Update group and host vars to match your desired configuration. Refer to [this section](#configuration) for more details.
 
     > **_NOTE:_** Please pay special attention to the `http_proxy`, `https_proxy` and `additional_no_proxy` vars if you're behind proxy.
 
@@ -165,13 +182,13 @@ The software provided here is for reference only and not intended for production
       Needed details are at least dataplane_interfaces
       For more details see [VM case configuration guide](docs/vm_config_guide.md)
 
-9. **Mandatory:** Apply patch for Kubespray collection.
+10. **Mandatory:** Apply patch for Kubespray collection.
 
     ```bash
     ansible-playbook -i inventory.ini playbooks/k8s/patch_kubespray.yml
     ```
 
-10. Execute `ansible-playbook`.
+11. Execute `ansible-playbook`.
 
     > **_NOTE:_** For Cloud case this step is not used. See the [cloud/](cloud/) directory for more details
     
@@ -194,6 +211,10 @@ The software provided here is for reference only and not intended for production
 
     > **_NOTE:_** VMs are accessible from ansible host via ssh vm-ctrl-1 or ssh vm-work-1
 
+## Cleanup
+
+Refer to the [documentation](docs/redeploy_cleanup.md) to see details about how to cleanup existing deployment or specific feature.
+
 ## Configuration
 
 Refer to the documentation linked below to see configuration details for selected capabilities and deployment profiles.