feat(ovn): enable ha for OVN control plane
This is a really big refactor which implements and adds OVN HA for the control plane which can enable production deployments. Depends-On: https://review.opendev.org/c/openstack/openstack-helm-images/+/889181 Change-Id: Idce896148b33a87467cd5656918c5c7377a29504
This commit is contained in:
parent
4ee839a6e4
commit
ec29020b32
@ -15,7 +15,7 @@ apiVersion: v1
|
|||||||
appVersion: v23.3.0
|
appVersion: v23.3.0
|
||||||
description: OpenStack-Helm OVN
|
description: OpenStack-Helm OVN
|
||||||
name: ovn
|
name: ovn
|
||||||
version: 0.1.3
|
version: 0.1.4
|
||||||
home: https://www.ovn.org
|
home: https://www.ovn.org
|
||||||
icon: https://www.ovn.org/images/ovn-logo.png
|
icon: https://www.ovn.org/images/ovn-logo.png
|
||||||
sources:
|
sources:
|
||||||
|
89
ovn/templates/bin/_ovn-controller-init.sh.tpl
Normal file
89
ovn/templates/bin/_ovn-controller-init.sh.tpl
Normal file
@ -0,0 +1,89 @@
|
|||||||
|
#!/bin/bash -xe
|
||||||
|
|
||||||
|
# Copyright 2023 VEXXHOST, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
function get_ip_address_from_interface {
|
||||||
|
local interface=$1
|
||||||
|
local ip=$(ip -4 -o addr s "${interface}" | awk '{ print $4; exit }' | awk -F '/' '{print $1}')
|
||||||
|
if [ -z "${ip}" ] ; then
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
echo ${ip}
|
||||||
|
}
|
||||||
|
|
||||||
|
# Detect tunnel interface
|
||||||
|
tunnel_interface="{{- .Values.network.interface.tunnel -}}"
|
||||||
|
if [ -z "${tunnel_interface}" ] ; then
|
||||||
|
# search for interface with tunnel network routing
|
||||||
|
tunnel_network_cidr="{{- .Values.network.interface.tunnel_network_cidr -}}"
|
||||||
|
if [ -z "${tunnel_network_cidr}" ] ; then
|
||||||
|
tunnel_network_cidr="0/0"
|
||||||
|
fi
|
||||||
|
# If there is not tunnel network gateway, exit
|
||||||
|
tunnel_interface=$(ip -4 route list ${tunnel_network_cidr} | awk -F 'dev' '{ print $2; exit }' \
|
||||||
|
| awk '{ print $1 }') || exit 1
|
||||||
|
fi
|
||||||
|
ovs-vsctl set open . external_ids:ovn-encap-ip="$(get_ip_address_from_interface ${tunnel_interface})"
|
||||||
|
|
||||||
|
# Configure system ID
|
||||||
|
set +e
|
||||||
|
ovs-vsctl get open . external-ids:system-id
|
||||||
|
if [ $? -eq 1 ]; then
|
||||||
|
ovs-vsctl set open . external-ids:system-id="$(uuidgen)"
|
||||||
|
fi
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# Configure OVN remote
|
||||||
|
{{- if empty .Values.conf.ovn_remote -}}
|
||||||
|
{{- $sb_svc_name := "ovn-ovsdb-sb" -}}
|
||||||
|
{{- $sb_svc := (tuple $sb_svc_name "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup") -}}
|
||||||
|
{{- $sb_port := (tuple "ovn-ovsdb-sb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup") -}}
|
||||||
|
{{- $sb_service_list := list -}}
|
||||||
|
{{- range $i := until (.Values.pod.replicas.ovn_ovsdb_sb | int) -}}
|
||||||
|
{{- $sb_service_list = printf "tcp:%s-%d.%s:%s" $sb_svc_name $i $sb_svc $sb_port | append $sb_service_list -}}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
ovs-vsctl set open . external-ids:ovn-remote="{{ include "helm-toolkit.utils.joinListWithComma" $sb_service_list }}"
|
||||||
|
{{- else -}}
|
||||||
|
ovs-vsctl set open . external-ids:ovn-remote="{{ .Values.conf.ovn_remote }}"
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
# Configure OVN values
|
||||||
|
ovs-vsctl set open . external-ids:rundir="/var/run/openvswitch"
|
||||||
|
ovs-vsctl set open . external-ids:ovn-encap-type="{{ .Values.conf.ovn_encap_type }}"
|
||||||
|
ovs-vsctl set open . external-ids:ovn-bridge="{{ .Values.conf.ovn_bridge }}"
|
||||||
|
ovs-vsctl set open . external-ids:ovn-bridge-mappings="{{ .Values.conf.ovn_bridge_mappings }}"
|
||||||
|
ovs-vsctl set open . external-ids:ovn-cms-options="{{ .Values.conf.ovn_cms_options }}"
|
||||||
|
|
||||||
|
# Configure hostname
|
||||||
|
{{- if .Values.conf.use_fqdn.compute }}
|
||||||
|
ovs-vsctl set open . external-ids:hostname="$(hostname -f)"
|
||||||
|
{{- else }}
|
||||||
|
ovs-vsctl set open . external-ids:hostname="$(hostname)"
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
# Create bridges and create ports
|
||||||
|
# handle any bridge mappings
|
||||||
|
# /tmp/auto_bridge_add is one line json file: {"br-ex1":"eth1","br-ex2":"eth2"}
|
||||||
|
for bmap in `sed 's/[{}"]//g' /tmp/auto_bridge_add | tr "," "\n"`
|
||||||
|
do
|
||||||
|
bridge=${bmap%:*}
|
||||||
|
iface=${bmap#*:}
|
||||||
|
ovs-vsctl --may-exist add-br $bridge -- set bridge $bridge protocols=OpenFlow13
|
||||||
|
if [ -n "$iface" ] && [ "$iface" != "null" ]
|
||||||
|
then
|
||||||
|
ovs-vsctl --may-exist add-port $bridge $iface
|
||||||
|
fi
|
||||||
|
done
|
39
ovn/templates/bin/_ovn-controller.sh.tpl
Normal file
39
ovn/templates/bin/_ovn-controller.sh.tpl
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
#!/bin/bash -xe
|
||||||
|
|
||||||
|
# Copyright 2023 VEXXHOST, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
COMMAND="${@:-start}"
|
||||||
|
|
||||||
|
function start () {
|
||||||
|
/usr/share/ovn/scripts/ovn-ctl start_controller \
|
||||||
|
--ovn-manage-ovsdb=no
|
||||||
|
|
||||||
|
tail --follow=name /var/log/ovn/ovn-controller.log
|
||||||
|
}
|
||||||
|
|
||||||
|
function stop () {
|
||||||
|
/usr/share/ovn/scripts/ovn-ctl stop_controller
|
||||||
|
pkill tail
|
||||||
|
}
|
||||||
|
|
||||||
|
function liveness () {
|
||||||
|
ovs-appctl -t /var/run/ovn/ovn-controller.$(cat /var/run/ovn/ovn-controller.pid).ctl status
|
||||||
|
}
|
||||||
|
|
||||||
|
function readiness () {
|
||||||
|
ovs-appctl -t /var/run/ovn/ovn-controller.$(cat /var/run/ovn/ovn-controller.pid).ctl status
|
||||||
|
}
|
||||||
|
|
||||||
|
$COMMAND
|
57
ovn/templates/bin/_ovn-northd.sh.tpl
Normal file
57
ovn/templates/bin/_ovn-northd.sh.tpl
Normal file
@ -0,0 +1,57 @@
|
|||||||
|
#!/bin/bash -xe
|
||||||
|
|
||||||
|
# Copyright 2023 VEXXHOST, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
COMMAND="${@:-start}"
|
||||||
|
|
||||||
|
{{- $nb_svc_name := "ovn-ovsdb-nb" -}}
|
||||||
|
{{- $nb_svc := (tuple $nb_svc_name "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup") -}}
|
||||||
|
{{- $nb_port := (tuple "ovn-ovsdb-nb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup") -}}
|
||||||
|
{{- $nb_service_list := list -}}
|
||||||
|
{{- range $i := until (.Values.pod.replicas.ovn_ovsdb_nb | int) -}}
|
||||||
|
{{- $nb_service_list = printf "tcp:%s-%d.%s:%s" $nb_svc_name $i $nb_svc $nb_port | append $nb_service_list -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- $sb_svc_name := "ovn-ovsdb-sb" -}}
|
||||||
|
{{- $sb_svc := (tuple $sb_svc_name "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup") -}}
|
||||||
|
{{- $sb_port := (tuple "ovn-ovsdb-sb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup") -}}
|
||||||
|
{{- $sb_service_list := list -}}
|
||||||
|
{{- range $i := until (.Values.pod.replicas.ovn_ovsdb_sb | int) -}}
|
||||||
|
{{- $sb_service_list = printf "tcp:%s-%d.%s:%s" $sb_svc_name $i $sb_svc $sb_port | append $sb_service_list -}}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
function start () {
|
||||||
|
/usr/share/ovn/scripts/ovn-ctl start_northd \
|
||||||
|
--ovn-manage-ovsdb=no \
|
||||||
|
--ovn-northd-nb-db={{ include "helm-toolkit.utils.joinListWithComma" $nb_service_list }} \
|
||||||
|
--ovn-northd-sb-db={{ include "helm-toolkit.utils.joinListWithComma" $sb_service_list }}
|
||||||
|
|
||||||
|
tail --follow=name /var/log/ovn/ovn-northd.log
|
||||||
|
}
|
||||||
|
|
||||||
|
function stop () {
|
||||||
|
/usr/share/ovn/scripts/ovn-ctl stop_northd
|
||||||
|
pkill tail
|
||||||
|
}
|
||||||
|
|
||||||
|
function liveness () {
|
||||||
|
ovs-appctl -t /var/run/ovn/ovn-northd.$(cat /var/run/ovn/ovn-northd.pid).ctl status
|
||||||
|
}
|
||||||
|
|
||||||
|
function readiness () {
|
||||||
|
ovs-appctl -t /var/run/ovn/ovn-northd.$(cat /var/run/ovn/ovn-northd.pid).ctl status
|
||||||
|
}
|
||||||
|
|
||||||
|
$COMMAND
|
@ -1,29 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
you may not use this file except in compliance with the License.
|
|
||||||
You may obtain a copy of the License at
|
|
||||||
|
|
||||||
http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
|
|
||||||
Unless required by applicable law or agreed to in writing, software
|
|
||||||
distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
See the License for the specific language governing permissions and
|
|
||||||
limitations under the License.
|
|
||||||
*/}}
|
|
||||||
set -ex
|
|
||||||
|
|
||||||
# handle any bridge mappings
|
|
||||||
# /tmp/auto_bridge_add is one line json file: {"br-ex1":"eth1","br-ex2":"eth2"}
|
|
||||||
for bmap in `sed 's/[{}"]//g' /tmp/auto_bridge_add | tr "," "\n"`
|
|
||||||
do
|
|
||||||
bridge=${bmap%:*}
|
|
||||||
iface=${bmap#*:}
|
|
||||||
ovs-vsctl --may-exist add-br $bridge -- set bridge $bridge protocols=OpenFlow13
|
|
||||||
if [ -n "$iface" ] && [ "$iface" != "null" ]
|
|
||||||
then
|
|
||||||
ovs-vsctl --may-exist add-port $bridge $iface
|
|
||||||
fi
|
|
||||||
done
|
|
File diff suppressed because it is too large
Load Diff
72
ovn/templates/bin/_ovsdb-server.sh.tpl
Normal file
72
ovn/templates/bin/_ovsdb-server.sh.tpl
Normal file
@ -0,0 +1,72 @@
|
|||||||
|
#!/bin/bash -xe
|
||||||
|
|
||||||
|
# Copyright 2023 VEXXHOST, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
COMMAND="${@:-start}"
|
||||||
|
|
||||||
|
OVSDB_HOST=$(hostname -f)
|
||||||
|
ARGS=(
|
||||||
|
--db-${OVS_DATABASE}-create-insecure-remote=yes
|
||||||
|
--db-${OVS_DATABASE}-cluster-local-proto=tcp
|
||||||
|
--db-${OVS_DATABASE}-cluster-local-addr=$(hostname -f)
|
||||||
|
)
|
||||||
|
|
||||||
|
if [[ ! $HOSTNAME == *-0 && $OVSDB_HOST =~ (.+)-([0-9]+)\. ]]; then
|
||||||
|
OVSDB_BOOTSTRAP_HOST="${BASH_REMATCH[1]}-0.${OVSDB_HOST#*.}"
|
||||||
|
|
||||||
|
ARGS+=(
|
||||||
|
--db-${OVS_DATABASE}-cluster-remote-proto=tcp
|
||||||
|
--db-${OVS_DATABASE}-cluster-remote-addr=${OVSDB_BOOTSTRAP_HOST}
|
||||||
|
)
|
||||||
|
fi
|
||||||
|
|
||||||
|
function start () {
|
||||||
|
/usr/share/ovn/scripts/ovn-ctl start_${OVS_DATABASE}_ovsdb ${ARGS[@]}
|
||||||
|
|
||||||
|
tail --follow=name /var/log/ovn/ovsdb-server-${OVS_DATABASE}.log
|
||||||
|
}
|
||||||
|
|
||||||
|
function stop () {
|
||||||
|
/usr/share/ovn/scripts/ovn-ctl stop_${OVS_DATABASE}_ovsdb
|
||||||
|
pkill tail
|
||||||
|
}
|
||||||
|
|
||||||
|
function liveness () {
|
||||||
|
if [[ $OVS_DATABASE == "nb" ]]; then
|
||||||
|
OVN_DATABASE="Northbound"
|
||||||
|
elif [[ $OVS_DATABASE == "sb" ]]; then
|
||||||
|
OVN_DATABASE="Southbound"
|
||||||
|
else
|
||||||
|
echo "OVS_DATABASE must be nb or sb"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
ovs-appctl -t /var/run/ovn/ovn${OVS_DATABASE}_db.ctl cluster/status OVN_${OVN_DATABASE}
|
||||||
|
}
|
||||||
|
|
||||||
|
function readiness () {
|
||||||
|
if [[ $OVS_DATABASE == "nb" ]]; then
|
||||||
|
OVN_DATABASE="Northbound"
|
||||||
|
elif [[ $OVS_DATABASE == "sb" ]]; then
|
||||||
|
OVN_DATABASE="Southbound"
|
||||||
|
else
|
||||||
|
echo "OVS_DATABASE must be nb or sb"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
ovs-appctl -t /var/run/ovn/ovn${OVS_DATABASE}_db.ctl cluster/status OVN_${OVN_DATABASE}
|
||||||
|
}
|
||||||
|
|
||||||
|
$COMMAND
|
@ -24,8 +24,12 @@ data:
|
|||||||
image-repo-sync.sh: |
|
image-repo-sync.sh: |
|
||||||
{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }}
|
{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
ovn.sh: |
|
ovsdb-server.sh: |
|
||||||
{{ tuple "bin/_ovn.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
{{ tuple "bin/_ovsdb-server.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
ovn-setup-bridges-init.sh: |
|
ovn-northd.sh: |
|
||||||
{{ tuple "bin/_ovn-setup-bridges-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
{{ tuple "bin/_ovn-northd.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
ovn-controller-init.sh: |
|
||||||
|
{{ tuple "bin/_ovn-controller-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
ovn-controller.sh: |
|
||||||
|
{{ tuple "bin/_ovn-controller.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -38,20 +38,22 @@ spec:
|
|||||||
{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
annotations:
|
annotations:
|
||||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
|
||||||
|
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||||
|
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||||
spec:
|
spec:
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
nodeSelector:
|
nodeSelector:
|
||||||
{{ .Values.labels.ovn_controller.node_selector_key }}: {{ .Values.labels.ovn_controller.node_selector_value }}
|
{{ .Values.labels.ovn_controller.node_selector_key }}: {{ .Values.labels.ovn_controller.node_selector_value }}
|
||||||
initContainers:
|
initContainers:
|
||||||
{{- tuple $envAll "ovn_controller" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
{{- tuple $envAll "ovn_controller" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
- name: ovn-setup-bridge
|
- name: controller-init
|
||||||
{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
|
{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||||
command:
|
command:
|
||||||
- /tmp/ovn-setup-bridges-init.sh
|
- /tmp/ovn-controller-init.sh
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: ovn-bin
|
- name: ovn-bin
|
||||||
mountPath: /tmp/ovn-setup-bridges-init.sh
|
mountPath: /tmp/ovn-controller-init.sh
|
||||||
subPath: ovn-setup-bridges-init.sh
|
subPath: ovn-controller-init.sh
|
||||||
readOnly: true
|
readOnly: true
|
||||||
- name: run-openvswitch
|
- name: run-openvswitch
|
||||||
mountPath: /run/openvswitch
|
mountPath: /run/openvswitch
|
||||||
@ -60,25 +62,23 @@ spec:
|
|||||||
subPath: auto_bridge_add
|
subPath: auto_bridge_add
|
||||||
readOnly: true
|
readOnly: true
|
||||||
containers:
|
containers:
|
||||||
- name: ovn-controller
|
- name: controller
|
||||||
{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
|
{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||||
command:
|
|
||||||
- /tmp/start.sh
|
|
||||||
- ovn-controller
|
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
env:
|
{{ dict "envAll" $envAll "application" "ovn_controller" "container" "controller" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
||||||
- name: K8S_NODE
|
command:
|
||||||
valueFrom:
|
- /tmp/ovn-controller.sh
|
||||||
fieldRef:
|
- start
|
||||||
fieldPath: spec.nodeName
|
lifecycle:
|
||||||
- name: OVN_ENCAP_IP
|
preStop:
|
||||||
valueFrom:
|
exec:
|
||||||
fieldRef:
|
command:
|
||||||
fieldPath: status.hostIP
|
- /tmp/ovn-controller.sh
|
||||||
|
- stop
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: ovn-bin
|
- name: ovn-bin
|
||||||
mountPath: /tmp/start.sh
|
mountPath: /tmp/ovn-controller.sh
|
||||||
subPath: ovn.sh
|
subPath: ovn-controller.sh
|
||||||
readOnly: true
|
readOnly: true
|
||||||
- name: run-openvswitch
|
- name: run-openvswitch
|
||||||
mountPath: /run/openvswitch
|
mountPath: /run/openvswitch
|
||||||
|
@ -12,6 +12,20 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/}}
|
*/}}
|
||||||
|
|
||||||
|
{{- define "livenessProbeTemplate" }}
|
||||||
|
exec:
|
||||||
|
command:
|
||||||
|
- /tmp/ovn-northd.sh
|
||||||
|
- liveness
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- define "readinessProbeTemplate" }}
|
||||||
|
exec:
|
||||||
|
command:
|
||||||
|
- /tmp/ovn-northd.sh
|
||||||
|
- readiness
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
{{- if .Values.manifests.deployment_northd }}
|
{{- if .Values.manifests.deployment_northd }}
|
||||||
{{- $envAll := . }}
|
{{- $envAll := . }}
|
||||||
|
|
||||||
@ -24,13 +38,10 @@ metadata:
|
|||||||
name: ovn-northd
|
name: ovn-northd
|
||||||
annotations:
|
annotations:
|
||||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
||||||
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
|
|
||||||
labels:
|
labels:
|
||||||
{{ tuple $envAll "ovn" "ovn-northd" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
{{ tuple $envAll "ovn" "ovn-northd" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||||
spec:
|
spec:
|
||||||
replicas: 1
|
replicas: {{ .Values.pod.replicas.ovn_northd }}
|
||||||
strategy:
|
|
||||||
type: Recreate
|
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
{{ tuple $envAll "ovn" "ovn-northd" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
|
{{ tuple $envAll "ovn" "ovn-northd" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
|
||||||
@ -40,6 +51,7 @@ spec:
|
|||||||
{{ tuple $envAll "ovn" "ovn-northd" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
{{ tuple $envAll "ovn" "ovn-northd" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
annotations:
|
annotations:
|
||||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
|
||||||
|
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||||
spec:
|
spec:
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
nodeSelector:
|
nodeSelector:
|
||||||
@ -47,16 +59,25 @@ spec:
|
|||||||
initContainers:
|
initContainers:
|
||||||
{{- tuple $envAll "ovn_northd" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
{{- tuple $envAll "ovn_northd" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
containers:
|
containers:
|
||||||
- name: ovn-northd
|
- name: northd
|
||||||
{{ tuple $envAll "ovn_northd" | include "helm-toolkit.snippets.image" | indent 10 }}
|
{{ tuple $envAll "ovn_northd" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||||
command:
|
|
||||||
- /tmp/start.sh
|
|
||||||
- run-ovn-northd
|
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
{{ dict "envAll" $envAll "application" "ovn_northd" "container" "northd" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
||||||
|
{{ dict "envAll" . "component" "ovn_northd" "container" "northd" "type" "liveness" "probeTemplate" (include "livenessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
|
||||||
|
{{ dict "envAll" . "component" "ovn_northd" "container" "northd" "type" "readiness" "probeTemplate" (include "readinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
|
||||||
|
command:
|
||||||
|
- /tmp/ovn-northd.sh
|
||||||
|
- start
|
||||||
|
lifecycle:
|
||||||
|
preStop:
|
||||||
|
exec:
|
||||||
|
command:
|
||||||
|
- /tmp/ovn-northd.sh
|
||||||
|
- stop
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: ovn-bin
|
- name: ovn-bin
|
||||||
mountPath: /tmp/start.sh
|
mountPath: /tmp/ovn-northd.sh
|
||||||
subPath: ovn.sh
|
subPath: ovn-northd.sh
|
||||||
readOnly: true
|
readOnly: true
|
||||||
volumes:
|
volumes:
|
||||||
- name: ovn-bin
|
- name: ovn-bin
|
||||||
|
@ -12,17 +12,19 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/}}
|
*/}}
|
||||||
|
|
||||||
{{- if .Values.manifests.service_ovn_nb_db }}
|
{{- if .Values.manifests.service_ovn_ovsdb_nb }}
|
||||||
{{- $envAll := . }}
|
{{- $envAll := . }}
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ tuple "ovn-nb-db" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
name: {{ tuple "ovn-ovsdb-nb" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||||
spec:
|
spec:
|
||||||
ports:
|
ports:
|
||||||
- name: ovn-nb-db
|
- name: ovsdb
|
||||||
port: {{ tuple "ovn-nb-db" "internal" "db" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
port: {{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||||
|
- name: raft
|
||||||
|
port: {{ tuple "ovn-ovsdb-nb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||||
selector:
|
selector:
|
||||||
{{ tuple $envAll "ovn" "ovn-nb-db" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
{{ tuple $envAll "ovn" "ovn-ovsdb-nb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
@ -12,17 +12,19 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/}}
|
*/}}
|
||||||
|
|
||||||
{{- if .Values.manifests.service_ovn_sb_db }}
|
{{- if .Values.manifests.service_ovn_ovsdb_sb }}
|
||||||
{{- $envAll := . }}
|
{{- $envAll := . }}
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ tuple "ovn-sb-db" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
name: {{ tuple "ovn-ovsdb-sb" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||||
spec:
|
spec:
|
||||||
ports:
|
ports:
|
||||||
- name: ovn-sb-db
|
- name: ovsdb
|
||||||
port: {{ tuple "ovn-sb-db" "internal" "db" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
port: {{ tuple "ovn-ovsdb-sb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||||
|
- name: raft
|
||||||
|
port: {{ tuple "ovn-ovsdb-sb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||||
selector:
|
selector:
|
||||||
{{ tuple $envAll "ovn" "ovn-sb-db" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
{{ tuple $envAll "ovn" "ovn-ovsdb-sb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
@ -1,85 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
you may not use this file except in compliance with the License.
|
|
||||||
You may obtain a copy of the License at
|
|
||||||
|
|
||||||
http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
|
|
||||||
Unless required by applicable law or agreed to in writing, software
|
|
||||||
distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
See the License for the specific language governing permissions and
|
|
||||||
limitations under the License.
|
|
||||||
*/}}
|
|
||||||
|
|
||||||
{{- if .Values.manifests.statefulset_ovn_nb_db }}
|
|
||||||
{{- $envAll := . }}
|
|
||||||
|
|
||||||
{{- $serviceAccountName := "ovn-nb-db" }}
|
|
||||||
{{ tuple $envAll "ovn_nb_db" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
|
||||||
---
|
|
||||||
apiVersion: apps/v1
|
|
||||||
kind: StatefulSet
|
|
||||||
metadata:
|
|
||||||
name: ovn-nb-db
|
|
||||||
annotations:
|
|
||||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
|
||||||
labels:
|
|
||||||
{{ tuple $envAll "ovn" "ovn-nb-db" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
|
||||||
spec:
|
|
||||||
serviceName: {{ tuple "ovn-nb-db" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
|
||||||
replicas: 1
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
{{ tuple $envAll "ovn" "ovn-nb-db" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
{{ tuple $envAll "ovn" "ovn-nb-db" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
|
||||||
annotations:
|
|
||||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
|
|
||||||
spec:
|
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
|
||||||
affinity:
|
|
||||||
{{- tuple $envAll "ovn" "ovn-nb-db" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
|
||||||
nodeSelector:
|
|
||||||
{{ .Values.labels.ovn_nb_db.node_selector_key }}: {{ .Values.labels.ovn_nb_db.node_selector_value }}
|
|
||||||
initContainers:
|
|
||||||
{{- tuple $envAll "ovn_nb_db" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
||||||
containers:
|
|
||||||
- name: ovn-nb-db
|
|
||||||
{{ tuple $envAll "ovn_nb_db" | include "helm-toolkit.snippets.image" | indent 10 }}
|
|
||||||
ports:
|
|
||||||
- containerPort: {{ tuple "ovn-nb-db" "internal" "db" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
|
||||||
command:
|
|
||||||
- /tmp/start.sh
|
|
||||||
- nb-ovsdb
|
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
||||||
volumeMounts:
|
|
||||||
- name: ovn-bin
|
|
||||||
mountPath: /tmp/start.sh
|
|
||||||
subPath: ovn.sh
|
|
||||||
readOnly: true
|
|
||||||
- name: ovn-nb-db-data
|
|
||||||
mountPath: /var/lib/ovn
|
|
||||||
volumes:
|
|
||||||
- name: ovn-bin
|
|
||||||
configMap:
|
|
||||||
name: ovn-bin
|
|
||||||
defaultMode: 0555
|
|
||||||
{{- if not .Values.volume.ovn_nb_db.enabled }}
|
|
||||||
- name: ovn-nb-db-data
|
|
||||||
emptyDir: {}
|
|
||||||
{{- else }}
|
|
||||||
volumeClaimTemplates:
|
|
||||||
- metadata:
|
|
||||||
name: ovn-nb-db-data
|
|
||||||
spec:
|
|
||||||
accessModes: ["ReadWriteOnce"]
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
storage: {{ $envAll.Values.volume.ovn_nb_db.size }}
|
|
||||||
storageClassName: {{ $envAll.Values.volume.ovn_nb_db.class_name }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- end }}
|
|
102
ovn/templates/statefulset-ovsdb-nb.yaml
Normal file
102
ovn/templates/statefulset-ovsdb-nb.yaml
Normal file
@ -0,0 +1,102 @@
|
|||||||
|
{{/*
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if .Values.manifests.statefulset_ovn_ovsdb_nb }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
|
||||||
|
{{- $serviceAccountName := "ovn-ovsdb-nb" }}
|
||||||
|
{{ tuple $envAll "ovn_ovsdb_nb" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||||
|
---
|
||||||
|
apiVersion: apps/v1
|
||||||
|
kind: StatefulSet
|
||||||
|
metadata:
|
||||||
|
name: ovn-ovsdb-nb
|
||||||
|
annotations:
|
||||||
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "ovn" "ovn-ovsdb-nb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||||
|
spec:
|
||||||
|
serviceName: {{ tuple "ovn-ovsdb-nb" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||||
|
replicas: {{ .Values.pod.replicas.ovn_ovsdb_nb }}
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
{{ tuple $envAll "ovn" "ovn-ovsdb-nb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "ovn" "ovn-ovsdb-nb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
annotations:
|
||||||
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
|
||||||
|
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||||
|
spec:
|
||||||
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
|
affinity:
|
||||||
|
{{- tuple $envAll "ovn" "ovn-ovsdb-nb" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
||||||
|
nodeSelector:
|
||||||
|
{{ .Values.labels.ovn_ovsdb_nb.node_selector_key }}: {{ .Values.labels.ovn_ovsdb_nb.node_selector_value }}
|
||||||
|
initContainers:
|
||||||
|
{{- tuple $envAll "ovn_ovsdb_nb" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
containers:
|
||||||
|
- name: ovsdb
|
||||||
|
{{ tuple $envAll "ovn_ovsdb_nb" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
ports:
|
||||||
|
- containerPort: {{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||||
|
- containerPort: {{ tuple "ovn-ovsdb-nb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||||
|
env:
|
||||||
|
- name: OVS_DATABASE
|
||||||
|
value: nb
|
||||||
|
- name: OVS_PORT
|
||||||
|
value: "{{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}"
|
||||||
|
command:
|
||||||
|
- /tmp/ovsdb-server.sh
|
||||||
|
- start
|
||||||
|
lifecycle:
|
||||||
|
preStop:
|
||||||
|
exec:
|
||||||
|
command:
|
||||||
|
- /tmp/ovsdb-server.sh
|
||||||
|
- stop
|
||||||
|
volumeMounts:
|
||||||
|
- name: ovn-bin
|
||||||
|
mountPath: /tmp/ovsdb-server.sh
|
||||||
|
subPath: ovsdb-server.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: run-openvswitch
|
||||||
|
mountPath: /run/openvswitch
|
||||||
|
- name: data
|
||||||
|
mountPath: /var/lib/ovn
|
||||||
|
volumes:
|
||||||
|
- name: run-openvswitch
|
||||||
|
emptyDir: {}
|
||||||
|
- name: ovn-bin
|
||||||
|
configMap:
|
||||||
|
name: ovn-bin
|
||||||
|
defaultMode: 0555
|
||||||
|
{{- if not .Values.volume.ovn_ovsdb_nb.enabled }}
|
||||||
|
- name: data
|
||||||
|
emptyDir: {}
|
||||||
|
{{- else }}
|
||||||
|
volumeClaimTemplates:
|
||||||
|
- metadata:
|
||||||
|
name: data
|
||||||
|
spec:
|
||||||
|
accessModes: ["ReadWriteOnce"]
|
||||||
|
storageClassName: {{ $envAll.Values.volume.ovn_ovsdb_nb.class_name }}
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: {{ $envAll.Values.volume.ovn_ovsdb_nb.size }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- end }}
|
102
ovn/templates/statefulset-ovsdb-sb.yaml
Normal file
102
ovn/templates/statefulset-ovsdb-sb.yaml
Normal file
@ -0,0 +1,102 @@
|
|||||||
|
{{/*
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if .Values.manifests.statefulset_ovn_ovsdb_sb }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
|
||||||
|
{{- $serviceAccountName := "ovn-ovsdb-sb" }}
|
||||||
|
{{ tuple $envAll "ovn_ovsdb_sb" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||||
|
---
|
||||||
|
apiVersion: apps/v1
|
||||||
|
kind: StatefulSet
|
||||||
|
metadata:
|
||||||
|
name: ovn-ovsdb-sb
|
||||||
|
annotations:
|
||||||
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "ovn" "ovn-ovsdb-sb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||||
|
spec:
|
||||||
|
serviceName: {{ tuple "ovn-ovsdb-sb" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||||
|
replicas: {{ .Values.pod.replicas.ovn_ovsdb_sb }}
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
{{ tuple $envAll "ovn" "ovn-ovsdb-sb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "ovn" "ovn-ovsdb-sb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
annotations:
|
||||||
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
|
||||||
|
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||||
|
spec:
|
||||||
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
|
affinity:
|
||||||
|
{{- tuple $envAll "ovn" "ovn-ovsdb-sb" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
||||||
|
nodeSelector:
|
||||||
|
{{ .Values.labels.ovn_ovsdb_sb.node_selector_key }}: {{ .Values.labels.ovn_ovsdb_sb.node_selector_value }}
|
||||||
|
initContainers:
|
||||||
|
{{- tuple $envAll "ovn_ovsdb_sb" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
containers:
|
||||||
|
- name: ovsdb
|
||||||
|
{{ tuple $envAll "ovn_ovsdb_sb" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
ports:
|
||||||
|
- containerPort: {{ tuple "ovn-ovsdb-sb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||||
|
- containerPort: {{ tuple "ovn-ovsdb-sb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||||
|
env:
|
||||||
|
- name: OVS_DATABASE
|
||||||
|
value: sb
|
||||||
|
- name: OVS_PORT
|
||||||
|
value: "{{ tuple "ovn-ovsdb-sb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}"
|
||||||
|
command:
|
||||||
|
- /tmp/ovsdb-server.sh
|
||||||
|
- start
|
||||||
|
lifecycle:
|
||||||
|
preStop:
|
||||||
|
exec:
|
||||||
|
command:
|
||||||
|
- /tmp/ovsdb-server.sh
|
||||||
|
- stop
|
||||||
|
volumeMounts:
|
||||||
|
- name: ovn-bin
|
||||||
|
mountPath: /tmp/ovsdb-server.sh
|
||||||
|
subPath: ovsdb-server.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: run-openvswitch
|
||||||
|
mountPath: /run/openvswitch
|
||||||
|
- name: data
|
||||||
|
mountPath: /var/lib/ovn
|
||||||
|
volumes:
|
||||||
|
- name: run-openvswitch
|
||||||
|
emptyDir: {}
|
||||||
|
- name: ovn-bin
|
||||||
|
configMap:
|
||||||
|
name: ovn-bin
|
||||||
|
defaultMode: 0555
|
||||||
|
{{- if not .Values.volume.ovn_ovsdb_sb.enabled }}
|
||||||
|
- name: data
|
||||||
|
emptyDir: {}
|
||||||
|
{{- else }}
|
||||||
|
volumeClaimTemplates:
|
||||||
|
- metadata:
|
||||||
|
name: data
|
||||||
|
spec:
|
||||||
|
accessModes: ["ReadWriteOnce"]
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: {{ $envAll.Values.volume.ovn_ovsdb_sb.size }}
|
||||||
|
storageClassName: {{ $envAll.Values.volume.ovn_ovsdb_sb.class_name }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- end }}
|
@ -1,85 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
you may not use this file except in compliance with the License.
|
|
||||||
You may obtain a copy of the License at
|
|
||||||
|
|
||||||
http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
|
|
||||||
Unless required by applicable law or agreed to in writing, software
|
|
||||||
distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
See the License for the specific language governing permissions and
|
|
||||||
limitations under the License.
|
|
||||||
*/}}
|
|
||||||
|
|
||||||
{{- if .Values.manifests.statefulset_ovn_sb_db }}
|
|
||||||
{{- $envAll := . }}
|
|
||||||
|
|
||||||
{{- $serviceAccountName := "ovn-sb-db" }}
|
|
||||||
{{ tuple $envAll "ovn_sb_db" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
|
||||||
---
|
|
||||||
apiVersion: apps/v1
|
|
||||||
kind: StatefulSet
|
|
||||||
metadata:
|
|
||||||
name: ovn-sb-db
|
|
||||||
annotations:
|
|
||||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
|
||||||
labels:
|
|
||||||
{{ tuple $envAll "ovn" "ovn-sb-db" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
|
||||||
spec:
|
|
||||||
serviceName: {{ tuple "ovn-sb-db" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
|
||||||
replicas: 1
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
{{ tuple $envAll "ovn" "ovn-sb-db" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
{{ tuple $envAll "ovn" "ovn-sb-db" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
|
||||||
annotations:
|
|
||||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
|
|
||||||
spec:
|
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
|
||||||
affinity:
|
|
||||||
{{- tuple $envAll "ovn" "ovn-sb-db" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
|
||||||
nodeSelector:
|
|
||||||
{{ .Values.labels.ovn_sb_db.node_selector_key }}: {{ .Values.labels.ovn_sb_db.node_selector_value }}
|
|
||||||
initContainers:
|
|
||||||
{{- tuple $envAll "ovn_sb_db" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
||||||
containers:
|
|
||||||
- name: ovn-sb-db
|
|
||||||
{{ tuple $envAll "ovn_sb_db" | include "helm-toolkit.snippets.image" | indent 10 }}
|
|
||||||
ports:
|
|
||||||
- containerPort: {{ tuple "ovn-sb-db" "internal" "db" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
|
||||||
command:
|
|
||||||
- /tmp/start.sh
|
|
||||||
- sb-ovsdb
|
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
||||||
volumeMounts:
|
|
||||||
- name: ovn-bin
|
|
||||||
mountPath: /tmp/start.sh
|
|
||||||
subPath: ovn.sh
|
|
||||||
readOnly: true
|
|
||||||
- name: ovn-sb-db-data
|
|
||||||
mountPath: /var/lib/ovn
|
|
||||||
volumes:
|
|
||||||
- name: ovn-bin
|
|
||||||
configMap:
|
|
||||||
name: ovn-bin
|
|
||||||
defaultMode: 0555
|
|
||||||
{{- if not .Values.volume.ovn_sb_db.enabled }}
|
|
||||||
- name: ovn-sb-db-data
|
|
||||||
emptyDir: {}
|
|
||||||
{{- else }}
|
|
||||||
volumeClaimTemplates:
|
|
||||||
- metadata:
|
|
||||||
name: ovn-sb-db-data
|
|
||||||
spec:
|
|
||||||
accessModes: ["ReadWriteOnce"]
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
storage: {{ $envAll.Values.volume.ovn_sb_db.size }}
|
|
||||||
storageClassName: {{ $envAll.Values.volume.ovn_sb_db.class_name }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- end }}
|
|
124
ovn/values.yaml
124
ovn/values.yaml
@ -20,8 +20,8 @@ release_group: null
|
|||||||
|
|
||||||
images:
|
images:
|
||||||
tags:
|
tags:
|
||||||
ovn_nb_db: docker.io/openstackhelm/ovn:latest-ubuntu_focal
|
ovn_ovsdb_nb: docker.io/openstackhelm/ovn:latest-ubuntu_focal
|
||||||
ovn_sb_db: docker.io/openstackhelm/ovn:latest-ubuntu_focal
|
ovn_ovsdb_sb: docker.io/openstackhelm/ovn:latest-ubuntu_focal
|
||||||
ovn_northd: docker.io/openstackhelm/ovn:latest-ubuntu_focal
|
ovn_northd: docker.io/openstackhelm/ovn:latest-ubuntu_focal
|
||||||
ovn_controller: docker.io/openstackhelm/ovn:latest-ubuntu_focal
|
ovn_controller: docker.io/openstackhelm/ovn:latest-ubuntu_focal
|
||||||
dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
|
dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
|
||||||
@ -34,10 +34,10 @@ images:
|
|||||||
- image_repo_sync
|
- image_repo_sync
|
||||||
|
|
||||||
labels:
|
labels:
|
||||||
ovn_nb_db:
|
ovn_ovsdb_nb:
|
||||||
node_selector_key: openstack-network-node
|
node_selector_key: openstack-network-node
|
||||||
node_selector_value: enabled
|
node_selector_value: enabled
|
||||||
ovn_sb_db:
|
ovn_ovsdb_sb:
|
||||||
node_selector_key: openstack-network-node
|
node_selector_key: openstack-network-node
|
||||||
node_selector_value: enabled
|
node_selector_value: enabled
|
||||||
ovn_northd:
|
ovn_northd:
|
||||||
@ -48,30 +48,28 @@ labels:
|
|||||||
node_selector_value: enabled
|
node_selector_value: enabled
|
||||||
|
|
||||||
volume:
|
volume:
|
||||||
ovn_nb_db:
|
ovn_ovsdb_nb:
|
||||||
use_local_path:
|
|
||||||
enabled: false
|
|
||||||
host_path: /var/lib/rabbitmq
|
|
||||||
chown_on_start: true
|
|
||||||
enabled: true
|
enabled: true
|
||||||
class_name: general
|
class_name: general
|
||||||
size: 5Gi
|
size: 5Gi
|
||||||
ovn_sb_db:
|
ovn_ovsdb_sb:
|
||||||
use_local_path:
|
|
||||||
enabled: false
|
|
||||||
host_path: /var/lib/rabbitmq
|
|
||||||
chown_on_start: true
|
|
||||||
enabled: true
|
enabled: true
|
||||||
class_name: general
|
class_name: general
|
||||||
size: 5Gi
|
size: 5Gi
|
||||||
|
|
||||||
|
network:
|
||||||
|
interface:
|
||||||
|
# Tunnel interface will be used for VXLAN tunneling.
|
||||||
|
tunnel: null
|
||||||
|
# If tunnel is null there is a fallback mechanism to search
|
||||||
|
# for interface with routing using tunnel network cidr.
|
||||||
|
tunnel_network_cidr: "0/0"
|
||||||
|
|
||||||
conf:
|
conf:
|
||||||
ovn_cms_options: "enable-chassis-as-gw,availability-zones=nova"
|
ovn_cms_options: "enable-chassis-as-gw,availability-zones=nova"
|
||||||
ovn_remote: tcp:ovn-sb-db.openstack.svc.cluster.local:6640
|
|
||||||
ovn_encap_type: geneve
|
ovn_encap_type: geneve
|
||||||
ovn_bridge: br-int
|
ovn_bridge: br-int
|
||||||
# ovn_bridge_mappings: "physnet-public:br-public,physnet-private:br-private"
|
ovn_bridge_mappings: external:br-ex
|
||||||
ovn_bridge_mappings: ""
|
|
||||||
|
|
||||||
# auto_bridge_add:
|
# auto_bridge_add:
|
||||||
# br-private: eth0
|
# br-private: eth0
|
||||||
@ -83,10 +81,23 @@ conf:
|
|||||||
compute: true
|
compute: true
|
||||||
|
|
||||||
pod:
|
pod:
|
||||||
|
security_context:
|
||||||
|
ovn_northd:
|
||||||
|
container:
|
||||||
|
northd:
|
||||||
|
capabilities:
|
||||||
|
add:
|
||||||
|
- SYS_NICE
|
||||||
|
ovn_controller:
|
||||||
|
container:
|
||||||
|
controller:
|
||||||
|
capabilities:
|
||||||
|
add:
|
||||||
|
- SYS_NICE
|
||||||
tolerations:
|
tolerations:
|
||||||
ovn_nb_db:
|
ovn_ovsdb_nb:
|
||||||
enabled: false
|
enabled: false
|
||||||
ovn_sb_db:
|
ovn_ovsdb_sb:
|
||||||
enabled: false
|
enabled: false
|
||||||
ovn_northd:
|
ovn_northd:
|
||||||
enabled: false
|
enabled: false
|
||||||
@ -102,17 +113,32 @@ pod:
|
|||||||
default: 10
|
default: 10
|
||||||
|
|
||||||
probes:
|
probes:
|
||||||
# TODO: Add healthchecks
|
ovn_northd:
|
||||||
|
northd:
|
||||||
|
readiness:
|
||||||
|
enabled: true
|
||||||
|
params:
|
||||||
|
initialDelaySeconds: 5
|
||||||
|
timeoutSeconds: 10
|
||||||
|
liveness:
|
||||||
|
enabled: true
|
||||||
|
params:
|
||||||
|
initialDelaySeconds: 5
|
||||||
|
timeoutSeconds: 10
|
||||||
dns_policy: "ClusterFirstWithHostNet"
|
dns_policy: "ClusterFirstWithHostNet"
|
||||||
|
replicas:
|
||||||
|
ovn_ovsdb_nb: 1
|
||||||
|
ovn_ovsdb_sb: 1
|
||||||
|
ovn_northd: 1
|
||||||
lifecycle:
|
lifecycle:
|
||||||
upgrades:
|
upgrades:
|
||||||
daemonsets:
|
daemonsets:
|
||||||
pod_replacement_strategy: RollingUpdate
|
pod_replacement_strategy: RollingUpdate
|
||||||
ovn_nb_db:
|
ovn_ovsdb_nb:
|
||||||
enabled: true
|
enabled: true
|
||||||
min_ready_seconds: 0
|
min_ready_seconds: 0
|
||||||
max_unavailable: 1
|
max_unavailable: 1
|
||||||
ovn_sb_db:
|
ovn_ovsdb_sb:
|
||||||
enabled: true
|
enabled: true
|
||||||
min_ready_seconds: 0
|
min_ready_seconds: 0
|
||||||
max_unavailable: 1
|
max_unavailable: 1
|
||||||
@ -127,14 +153,14 @@ pod:
|
|||||||
resources:
|
resources:
|
||||||
enabled: false
|
enabled: false
|
||||||
ovs:
|
ovs:
|
||||||
ovn_nb_db:
|
ovn_ovsdb_nb:
|
||||||
requests:
|
requests:
|
||||||
memory: "128Mi"
|
memory: "128Mi"
|
||||||
cpu: "100m"
|
cpu: "100m"
|
||||||
limits:
|
limits:
|
||||||
memory: "1024Mi"
|
memory: "1024Mi"
|
||||||
cpu: "2000m"
|
cpu: "2000m"
|
||||||
ovn_sb_db:
|
ovn_ovsdb_sb:
|
||||||
requests:
|
requests:
|
||||||
memory: "128Mi"
|
memory: "128Mi"
|
||||||
cpu: "100m"
|
cpu: "100m"
|
||||||
@ -166,8 +192,8 @@ pod:
|
|||||||
|
|
||||||
secrets:
|
secrets:
|
||||||
oci_image_registry:
|
oci_image_registry:
|
||||||
ovn_nb_db: ovn-nb-db-oci-image-registry-key
|
ovn_ovsdb_nb: ovn-ovsdb-nb-oci-image-registry-key
|
||||||
ovn_sb_db: ovn-sb-db-oci-image-registry-key
|
ovn_ovsdb_sb: ovn-ovsdb-sb-oci-image-registry-key
|
||||||
ovn_northd: ovn-northd-oci-image-registry-key
|
ovn_northd: ovn-northd-oci-image-registry-key
|
||||||
ovn_controller: ovn-controller-oci-image-registry-key
|
ovn_controller: ovn-controller-oci-image-registry-key
|
||||||
|
|
||||||
@ -201,34 +227,38 @@ endpoints:
|
|||||||
port:
|
port:
|
||||||
registry:
|
registry:
|
||||||
default: null
|
default: null
|
||||||
ovn_nb_db:
|
ovn_ovsdb_nb:
|
||||||
name: ovn-nb-db
|
name: ovn-ovsdb-nb
|
||||||
namespace: null
|
namespace: null
|
||||||
hosts:
|
hosts:
|
||||||
default: ovn-nb-db
|
default: ovn-ovsdb-nb
|
||||||
host_fqdn_override:
|
host_fqdn_override:
|
||||||
default: null
|
default: null
|
||||||
port:
|
port:
|
||||||
db:
|
ovsdb:
|
||||||
default: 6640
|
default: 6641
|
||||||
ovn_sb_db:
|
raft:
|
||||||
name: ovn-sb-db
|
default: 6643
|
||||||
|
ovn_ovsdb_sb:
|
||||||
|
name: ovn-ovsdb-sb
|
||||||
namespace: null
|
namespace: null
|
||||||
hosts:
|
hosts:
|
||||||
default: ovn-sb-db
|
default: ovn-ovsdb-sb
|
||||||
host_fqdn_override:
|
host_fqdn_override:
|
||||||
default: null
|
default: null
|
||||||
port:
|
port:
|
||||||
db:
|
ovsdb:
|
||||||
default: 6640
|
default: 6642
|
||||||
|
raft:
|
||||||
|
default: 6644
|
||||||
|
|
||||||
network_policy:
|
network_policy:
|
||||||
ovn_nb_db:
|
ovn_ovsdb_nb:
|
||||||
ingress:
|
ingress:
|
||||||
- {}
|
- {}
|
||||||
egress:
|
egress:
|
||||||
- {}
|
- {}
|
||||||
ovn_sb_db:
|
ovn_ovsdb_sb:
|
||||||
ingress:
|
ingress:
|
||||||
- {}
|
- {}
|
||||||
egress:
|
egress:
|
||||||
@ -254,18 +284,18 @@ dependencies:
|
|||||||
- endpoint: node
|
- endpoint: node
|
||||||
service: local_image_registry
|
service: local_image_registry
|
||||||
static:
|
static:
|
||||||
ovn_nb_db: null
|
ovn_ovsdb_nb: null
|
||||||
ovn_sb_db: null
|
ovn_ovsdb_sb: null
|
||||||
ovn_northd:
|
ovn_northd:
|
||||||
services:
|
services:
|
||||||
- endpoint: internal
|
- endpoint: internal
|
||||||
service: ovn-nb-db
|
service: ovn-ovsdb-nb
|
||||||
- endpoint: internal
|
- endpoint: internal
|
||||||
service: ovn-sb-db
|
service: ovn-ovsdb-sb
|
||||||
ovn_controller:
|
ovn_controller:
|
||||||
services:
|
services:
|
||||||
- endpoint: internal
|
- endpoint: internal
|
||||||
service: ovn-sb-db
|
service: ovn-ovsdb-sb
|
||||||
pod:
|
pod:
|
||||||
- requireSameNode: true
|
- requireSameNode: true
|
||||||
labels:
|
labels:
|
||||||
@ -281,10 +311,10 @@ manifests:
|
|||||||
configmap_etc: true
|
configmap_etc: true
|
||||||
deployment_northd: true
|
deployment_northd: true
|
||||||
daemonset_controller: true
|
daemonset_controller: true
|
||||||
service_ovn_nb_db: true
|
service_ovn_ovsdb_nb: true
|
||||||
service_ovn_sb_db: true
|
service_ovn_ovsdb_sb: true
|
||||||
statefulset_ovn_nb_db: true
|
statefulset_ovn_ovsdb_nb: true
|
||||||
statefulset_ovn_sb_db: true
|
statefulset_ovn_ovsdb_sb: true
|
||||||
deployment_ovn_northd: true
|
deployment_ovn_northd: true
|
||||||
daemonset_ovn_controller: true
|
daemonset_ovn_controller: true
|
||||||
job_image_repo_sync: true
|
job_image_repo_sync: true
|
||||||
|
@ -4,4 +4,5 @@ ovn:
|
|||||||
- 0.1.1 Fix ovn db persistence issue
|
- 0.1.1 Fix ovn db persistence issue
|
||||||
- 0.1.2 Add bridge-mapping configuration
|
- 0.1.2 Add bridge-mapping configuration
|
||||||
- 0.1.3 Fix system-id reuse
|
- 0.1.3 Fix system-id reuse
|
||||||
|
- 0.1.4 Add support for OVN HA + refactor
|
||||||
...
|
...
|
||||||
|
Loading…
x
Reference in New Issue
Block a user