fix: add back the leader check

Previous patch doesn't change the readiness prob interval which may leader two probs run in the same period and always steal the lock from ovn-northd. Increase the interval and add back the leader check.
kubeovn · Dec 13, 2021 · 178cf7b · 178cf7b
1 parent db9d8b8
commit 178cf7b
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 6 deletions.
diff --git a/dist/images/install.sh b/dist/images/install.sh
@@ -1153,15 +1153,15 @@ spec:
               command:
                 - bash
                 - /kube-ovn/ovn-is-leader.sh
-            periodSeconds: 3
+            periodSeconds: 15
             timeoutSeconds: 45
           livenessProbe:
             exec:
               command:
                 - bash
                 - /kube-ovn/ovn-healthcheck.sh
             initialDelaySeconds: 30
-            periodSeconds: 7
+            periodSeconds: 15
             failureThreshold: 5
             timeoutSeconds: 45
       nodeSelector:
@@ -1636,15 +1636,15 @@ spec:
               command:
                 - bash
                 - /kube-ovn/ovn-is-leader.sh
-            periodSeconds: 3
+            periodSeconds: 15
             timeoutSeconds: 45
           livenessProbe:
             exec:
               command:
                 - bash
                 - /kube-ovn/ovn-healthcheck.sh
             initialDelaySeconds: 30
-            periodSeconds: 7
+            periodSeconds: 15
             failureThreshold: 5
             timeoutSeconds: 45
       nodeSelector:

diff --git a/dist/images/ovn-is-leader.sh b/dist/images/ovn-is-leader.sh
@@ -42,6 +42,22 @@ fi
 if [[ $sb_leader =~ "true" ]]
 then
    kubectl label --overwrite pod "$POD_NAME" -n "$POD_NAMESPACE" ovn-sb-leader=true
+   set +e
+   northd_svc=$(kubectl get svc -n kube-system | grep ovn-northd)
+   if [ -z "$northd_svc" ]; then
+    echo "ovn-northd svc not exist"
+   else
+    northd_leader=$(kubectl get ep -n kube-system ovn-northd -o jsonpath={.subsets\[0\].addresses\[0\].ip})
+    if [ "$northd_leader" == "" ]; then
+       # no available northd leader try to release the lock
+       if [[ "$ENABLE_SSL" == "false" ]]; then
+         ovsdb-client -v -t 1 steal tcp:127.0.0.1:6642  ovn_northd
+       else
+         ovsdb-client -v -t 1 -p /var/run/tls/key -c /var/run/tls/cert -C /var/run/tls/cacert steal ssl:127.0.0.1:6642  ovn_northd
+       fi
+     fi
+   fi
+   set -e
 else
   kubectl label pod "$POD_NAME" -n "$POD_NAMESPACE" ovn-sb-leader-
 fi

diff --git a/yamls/ovn.yaml b/yamls/ovn.yaml
@@ -284,15 +284,15 @@ spec:
               command:
                 - bash
                 - /kube-ovn/ovn-is-leader.sh
-            periodSeconds: 3
+            periodSeconds: 15
             timeoutSeconds: 45
           livenessProbe:
             exec:
               command:
                 - bash
                 - /kube-ovn/ovn-healthcheck.sh
             initialDelaySeconds: 30
-            periodSeconds: 7
+            periodSeconds: 15
             failureThreshold: 5
             timeoutSeconds: 45
       nodeSelector: