Kuryr: Copy CNI plugins as DaemonSet initContainer

Starting from 3.10 there's no way for SDN plugins to do Ansible
operations on the node. Kuryr was using that mechanism to install CNI
plugins binaries and disable kube-proxy. The latter seems to be
unnecessary now.

As for CNI plugins this commit moves copying them to Kuryr CNI DaemonSet
initContainer. The init container is running openshfit-node image which
includes binaries in /opt/cni/bin. The entrypoint will copy the binaries
to the correct directory on the node.

I'm also removing orphaned node.yaml from Kuryr role.

roles/kuryr/tasks/node.yaml

@@ -1,48 +0,0 @@
----
-- name: Create CNI bin directory
-  file:
-    state: directory
-    path: "{{ cni_bin_dir }}"
-    mode: 0755
-    owner: root
-    group: root
-    recurse: yes
-
-- name: Create CNI extraction tempdir
-  command: mktemp -d
-  register: cni_tmpdir
-
-- name: Download CNI
-  get_url:
-    url: "{{ cni_bin_url }}"
-    checksum: "sha1:{{ cni_bin_checksum }}"
-    mode: 0644
-    dest: "{{ cni_tmpdir.stdout }}"
-  register: downloaded_tarball
-
-- name: Extract CNI
-  become: yes
-  unarchive:
-    remote_src: True
-    src: "{{ downloaded_tarball.dest }}"
-    dest: "{{ cni_bin_dir }}"
-  when: downloaded_tarball.changed
-
-- name: Ensure CNI net.d exists
-  file:
-    path: /etc/cni/net.d
-    recurse: yes
-    state: directory
-
-- name: Configure OpenShift node with disabled service proxy
-  lineinfile:
-    dest: "/etc/sysconfig/{{ openshift_service_type }}-node"
-    regexp: '^OPTIONS="?(.*?)"?$'
-    backrefs: yes
-    backup: yes
-    line: 'OPTIONS="\1 --disable proxy"'
-
-- name: force node restart to disable the proxy
-  service:
-    name: "{{ openshift_service_type }}-node"
-    state: restarted

roles/kuryr/templates/cni-daemonset.yaml.j2

@@ -8,6 +8,11 @@ metadata:
   labels:
     tier: node
     app: kuryr
+  annotations:
+    image.openshift.io/triggers: |
+      [
+        {"from":{"kind":"ImageStreamTag","name":"node:v3.10"},"fieldPath":"spec.template.spec.initContainers[?(@.name==\"install-cni-plugins\")].image"}
+      ]
 spec:
   template:
     metadata:
@@ -21,6 +26,23 @@ spec:
         operator: Exists
         effect: NoSchedule
       serviceAccountName: kuryr-controller
+      initContainers:
+      - name: install-cni-plugins
+        image: " "
+        command:
+        - /bin/bash
+        - -c
+        - |
+          #!/bin/bash
+          set -ex
+          # Take over network functions on the node
+          rm -Rf /host-cni-bin/*
+          cp -Rf /opt/cni/bin/* /host-cni-bin/
+        volumeMounts:
+        - name: bin
+          mountPath: /host-cni-bin
+        securityContext:
+          privileged: true
       containers:
       - name: kuryr-cni
         image: {{ openshift_openstack_kuryr_cni_image }}