feat: improve install/uninstall

dist/images/cleanup.sh

@@ -11,13 +11,13 @@ kubectl delete sa ovn -n kube-system --ignore-not-found=true
 kubectl delete clusterrole system:ovn --ignore-not-found=true
 kubectl delete clusterrolebinding ovn --ignore-not-found=true
 kubectl delete svc ovn-nb ovn-sb kube-ovn-pinger kube-ovn-controller kube-ovn-cni -n kube-system --ignore-not-found=true
-
+kubectl delete ds kube-ovn-cni -n kube-system --ignore-not-found=true
 kubectl delete deployment ovn-central kube-ovn-controller -n kube-system --ignore-not-found=true
 for ovs in $(kubectl get pod --no-headers -n kube-system -lapp=ovs | awk '{print $1}')
 do
   kubectl exec -n kube-system "$ovs" -- bash /kube-ovn/uninstall.sh
 done
-kubectl delete ds ovs-ovn kube-ovn-cni kube-ovn-pinger -n kube-system --ignore-not-found=true
+kubectl delete ds ovs-ovn kube-ovn-pinger -n kube-system --ignore-not-found=true
 kubectl delete crd ips.kubeovn.io subnets.kubeovn.io vlans.kubeovn.io networks.kubeovn.io --ignore-not-found=true
 
 # Remove annotations/labels in namespaces and nodes

dist/images/install.sh

@@ -11,12 +11,13 @@ LABEL="node-role.kubernetes.io/master" # The node label to deploy OVN DB
 IFACE=""                               # The nic to support container network, if empty will use the nic that the default route use
 NETWORK_TYPE="geneve"                  # geneve or vlan
 VERSION="v1.2.0-pre"
+IMAGE_PULL_POLICY="IfNotPresent"
 
 # VLAN Config only take effect when NETWORK_TYPE is vlan
 PROVIDER_NAME="provider"
 VLAN_INTERFACE_NAME=""
 VLAN_NAME="ovn-vlan"
-VLAN_ID="1"
+VLAN_ID="100"
 VLAN_RANGE="1,4095"
 
 echo "[Step 1] Label kube-ovn-master node"
@@ -339,7 +340,7 @@ spec:
       containers:
         - name: ovn-central
           image: "$REGISTRY/kube-ovn:$VERSION"
-          imagePullPolicy: IfNotPresent
+          imagePullPolicy: $IMAGE_PULL_POLICY
           command: ["/kube-ovn/start-db.sh"]
           securityContext:
             capabilities:
@@ -451,7 +452,7 @@ spec:
       containers:
         - name: openvswitch
           image: "$REGISTRY/kube-ovn:$VERSION"
-          imagePullPolicy: IfNotPresent
+          imagePullPolicy: $IMAGE_PULL_POLICY
           command: ["/kube-ovn/start-ovs.sh"]
           securityContext:
             runAsUser: 0
@@ -581,7 +582,7 @@ spec:
       containers:
         - name: kube-ovn-controller
           image: "$REGISTRY/kube-ovn:$VERSION"
-          imagePullPolicy: IfNotPresent
+          imagePullPolicy: $IMAGE_PULL_POLICY
           command:
           - /kube-ovn/start-controller.sh
           args:
@@ -653,7 +654,7 @@ spec:
       initContainers:
       - name: install-cni
         image: "$REGISTRY/kube-ovn:$VERSION"
-        imagePullPolicy: IfNotPresent
+        imagePullPolicy: $IMAGE_PULL_POLICY
         command: ["/kube-ovn/install-cni.sh"]
         securityContext:
           runAsUser: 0
@@ -666,7 +667,7 @@ spec:
       containers:
       - name: cni-server
         image: "$REGISTRY/kube-ovn:$VERSION"
-        imagePullPolicy: IfNotPresent
+        imagePullPolicy: $IMAGE_PULL_POLICY
         command:
           - sh
           - /kube-ovn/start-cniserver.sh
@@ -767,7 +768,7 @@ spec:
         - name: pinger
           image: "$REGISTRY/kube-ovn:$VERSION"
           command: ["/kube-ovn/kube-ovn-pinger", "--external-address=114.114.114.114"]
-          imagePullPolicy: IfNotPresent
+          imagePullPolicy: $IMAGE_PULL_POLICY
           securityContext:
             runAsUser: 0
             privileged: false

dist/images/uninstall.sh

@@ -2,6 +2,14 @@
 /usr/share/openvswitch/scripts/ovs-ctl stop
 ovs-dpctl del-dp ovs-system
 
+iptables -t nat -D POSTROUTING -m set --match-set ovn40subnets-nat src -m set ! --match-set ovn40subnets dst -j MASQUERADE
+iptables -t nat -D POSTROUTING -m set --match-set ovn40local-pod-ip-nat src -m set ! --match-set ovn40subnets dst -j MASQUERADE
+iptables -t filter -D INPUT -m set --match-set ovn40subnets dst -j ACCEPT
+iptables -t filter -D INPUT -m set --match-set ovn40subnets src -j ACCEPT
+ipset destroy ovn40subnets-nat
+ipset destroy ovn40subnets
+ipset destroy ovn40local-pod-ip-nat
+
 rm -rf /var/run/openvswitch/*
 rm -rf /var/run/ovn/*
 rm -rf /etc/openvswitch/*