Merge branch 'master' into add_multus_egress_router

Dockerfile.rhel7

@@ -1,12 +1,12 @@
-FROM registry.svc.ci.openshift.org/ocp/builder:rhel-8-golang-1.15-openshift-4.6 AS builder
+FROM registry.svc.ci.openshift.org/ocp/builder:rhel-8-golang-1.15-openshift-4.7 AS builder
 WORKDIR /go/src/github.com/openshift/cluster-network-operator
 COPY . .
 RUN hack/build-go.sh; \
     mkdir -p /tmp/build; \
     cp /go/src/github.com/openshift/cluster-network-operator/_output/linux/$(go env GOARCH)/cluster-network-operator /tmp/build/; \
     cp /go/src/github.com/openshift/cluster-network-operator/_output/linux/$(go env GOARCH)/cluster-network-renderer /tmp/build/
 
-FROM registry.svc.ci.openshift.org/ocp/4.6:base
+FROM registry.svc.ci.openshift.org/ocp/4.7:base
 COPY --from=builder /tmp/build/cluster-network-operator /usr/bin/
 COPY --from=builder /tmp/build/cluster-network-renderer /usr/bin/
 COPY manifests /manifests

README.md

@@ -173,6 +173,27 @@ spec:
       useExternalOpenvswitch: false
 ```
 
+Additionally, you can configure per-node verbosity for openshift-sdn. This is useful
+if you want to debug an issue, and can reproduce it on a single node. To do this,
+create a special ConfigMap with keys based on the Node's name:
+
+```yaml
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: env-overrides
+  namespace: openshift-sdn
+data:
+  # to set the node processes on a single node to verbose
+  # replace this with the node's name (from oc get nodes)
+  ip-10-0-135-96.us-east-2.compute.internal: |
+    OPENSHIFT_SDN_LOG_LEVEL=5
+  # to enable verbose logging in the sdn controller, use
+  # the special node name of _master
+  _master: |
+    OPENSHIFT_SDN_LOG_LEVEL=5
+```
+
 ### Configuring OVNKubernetes
 OVNKubernetes supports the following configuration options, all of which are optional and once set at cluster creation, they can't be changed:
 * `MTU`: The MTU to use for the geneve overlay. The default is the MTU of the node that the cluster-network-operator is first run on, minus 100 bytes for geneve overhead. If the nodes in your cluster don't all have the same MTU then you may need to set this explicitly.
@@ -191,7 +212,7 @@ spec:
       genevePort: 6081
 ```
 
-Additionally, you can configure per-node verbosity for openshift-sdn and ovn-kubernetes. This is useful
+Additionally, you can configure per-node verbosity for ovn-kubernetes. This is useful
 if you want to debug an issue, and can reproduce it on a single node. To do this,
 create a special ConfigMap with keys based on the Node's name:
 
@@ -203,21 +224,19 @@ metadata:
   namespace: openshift-ovn-kubernetes
   annotations:
 data:
-# to set the node processes on a single node to verbose
-# replace this with the node's name (from oc get nodes)
+  # to set the node processes on a single node to verbose
+  # replace this with the node's name (from oc get nodes)
   ip-10-0-135-96.us-east-2.compute.internal: |
     OVN_KUBE_LOG_LEVEL=5
     OVN_LOG_LEVEL=dbg
     OVS_LOG_LEVEL=dbg
-# To adjust master log levels, use _master
+  # to adjust master log levels, use _master
   _master: |
     OVN_KUBE_LOG_LEVEL=5
     OVN_LOG_LEVEL=dbg
 ```
 
-(For openshift-sdn, use `namespace: openshift-sdn` and, eg, `OPENSHIFT_SDN_LOG_LEVEL=5`.)
-
-### Configuring OVNKubernetes On a Hybrid Cluster
+#### Configuring OVNKubernetes On a Hybrid Cluster
 OVNKubernetes supports a hybrid cluster of both Linux and Windows nodes on x86_64 hosts. The ovn configuration is done as described above. In addition the `hybridOverlayConfig` can be included as follows:
 
 Add the following to the `spec:` section

bindata/network/ovn-kubernetes/ovnkube-master.yaml

@@ -27,6 +27,7 @@ spec:
   selector:
     matchLabels:
       app: ovnkube-master
+      ovn-db-pod: "true"
   strategy:
     type: RollingUpdate
     rollingUpdate:
@@ -38,6 +39,7 @@ spec:
     metadata:
       labels:
         app: ovnkube-master
+        ovn-db-pod: "true"
         component: network
         type: infra
         openshift.io/component: network
@@ -986,7 +988,6 @@ spec:
       - name: ovn-cert
         secret:
           secretName: ovn-cert
-          optional: true
       - name: ovn-master-metrics-cert
         secret:
           secretName: ovn-master-metrics-cert

bindata/network/ovn-kubernetes/ovnkube-node.yaml

@@ -349,7 +349,6 @@ spec:
       - name: ovn-cert
         secret:
           secretName: ovn-cert
-          optional: true
       - name: ovn-node-metrics-cert
         secret:
           secretName: ovn-node-metrics-cert

vendor/github.com/operator-framework/operator-sdk/pkg/k8sutil/k8sutil.go → cmd/cluster-network-operator/k8sutil.go

@@ -12,12 +12,13 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package k8sutil
+package main
 
 import (
 	"context"
 	"fmt"
 	"io/ioutil"
+	"log"
 	"os"
 	"strings"
 
@@ -26,7 +27,6 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	discovery "k8s.io/client-go/discovery"
 	crclient "sigs.k8s.io/controller-runtime/pkg/client"
-	logf "sigs.k8s.io/controller-runtime/pkg/log"
 )
 
 // ForceRunModeEnv indicates if the operator should be forced to run in either local
@@ -38,10 +38,20 @@ type RunModeType string
 const (
 	LocalRunMode   RunModeType = "local"
 	ClusterRunMode RunModeType = "cluster"
+	// WatchNamespaceEnvVar is the constant for env variable WATCH_NAMESPACE
+	// which is the namespace where the watch activity happens.
+	// this value is empty if the operator is running with clusterScope.
+	WatchNamespaceEnvVar = "WATCH_NAMESPACE"
+
+	// OperatorNameEnvVar is the constant for env variable OPERATOR_NAME
+	// which is the name of the current operator
+	OperatorNameEnvVar = "OPERATOR_NAME"
+
+	// PodNameEnvVar is the constant for env variable POD_NAME
+	// which is the name of the current pod.
+	PodNameEnvVar = "POD_NAME"
 )
 
-var log = logf.Log.WithName("k8sutil")
-
 // GetWatchNamespace returns the namespace the operator should be watching for changes
 func GetWatchNamespace() (string, error) {
 	ns, found := os.LookupEnv(WatchNamespaceEnvVar)
@@ -72,7 +82,7 @@ func GetOperatorNamespace() (string, error) {
 		return "", err
 	}
 	ns := strings.TrimSpace(string(nsBytes))
-	log.V(1).Info("Found namespace", "Namespace", ns)
+	log.Printf("Found namespace. Namespace: %v", ns)
 	return ns, nil
 }
 
@@ -119,14 +129,13 @@ func GetPod(ctx context.Context, client crclient.Client, ns string) (*corev1.Pod
 	if podName == "" {
 		return nil, fmt.Errorf("required env %s not set, please configure downward API", PodNameEnvVar)
 	}
-
-	log.V(1).Info("Found podname", "Pod.Name", podName)
+	log.Printf("Found podname. Pod.Name: %v", podName)
 
 	pod := &corev1.Pod{}
 	key := crclient.ObjectKey{Namespace: ns, Name: podName}
 	err := client.Get(ctx, key, pod)
 	if err != nil {
-		log.Error(err, "Failed to get Pod", "Pod.Namespace", ns, "Pod.Name", podName)
+		log.Printf("Failed to get Pod. Pod.Namespace: %v. Pod.Name: %v", ns, podName)
 		return nil, err
 	}
 
@@ -135,7 +144,7 @@ func GetPod(ctx context.Context, client crclient.Client, ns string) (*corev1.Pod
 	pod.TypeMeta.APIVersion = "v1"
 	pod.TypeMeta.Kind = "Pod"
 
-	log.V(1).Info("Found Pod", "Pod.Namespace", ns, "Pod.Name", pod.Name)
+	log.Printf("Found Pod. Pod.Namespace: %v. Pod.Name: %v", ns, pod.Name)
 
 	return pod, nil
 }

vendor/github.com/operator-framework/operator-sdk/pkg/leader/leader.go → cmd/cluster-network-operator/leader.go

@@ -12,43 +12,39 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package leader
+package main
 
 import (
 	"context"
+	"log"
 	"time"
 
-	"github.com/operator-framework/operator-sdk/pkg/k8sutil"
-
 	corev1 "k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/wait"
 	crclient "sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/client/config"
-	logf "sigs.k8s.io/controller-runtime/pkg/log"
 )
 
-var log = logf.Log.WithName("leader")
-
 // maxBackoffInterval defines the maximum amount of time to wait between
 // attempts to become the leader.
 const maxBackoffInterval = time.Second * 16
 
-// Become ensures that the current pod is the leader within its namespace. If
+// BecomeLeader ensures that the current pod is the leader within its namespace. If
 // run outside a cluster, it will skip leader election and return nil. It
 // continuously tries to create a ConfigMap with the provided name and the
 // current pod set as the owner reference. Only one can exist at a time with
 // the same name, so the pod that successfully creates the ConfigMap is the
 // leader. Upon termination of that pod, the garbage collector will delete the
 // ConfigMap, enabling a different pod to become the leader.
-func Become(ctx context.Context, lockName string) error {
-	log.Info("Trying to become the leader.")
+func BecomeLeader(ctx context.Context, lockName string) error {
+	log.Printf("Trying to become the leader.")
 
-	ns, err := k8sutil.GetOperatorNamespace()
+	ns, err := GetOperatorNamespace()
 	if err != nil {
-		if err == k8sutil.ErrNoNamespace || err == k8sutil.ErrRunLocal {
-			log.Info("Skipping leader election; not running in a cluster.")
+		if err == ErrNoNamespace || err == ErrRunLocal {
+			log.Printf("Skipping leader election; not running in a cluster.")
 			return nil
 		}
 		return err
@@ -78,16 +74,16 @@ func Become(ctx context.Context, lockName string) error {
 	case err == nil:
 		for _, existingOwner := range existing.GetOwnerReferences() {
 			if existingOwner.Name == owner.Name {
-				log.Info("Found existing lock with my name. I was likely restarted.")
-				log.Info("Continuing as the leader.")
+				log.Printf("Found existing lock with my name. I was likely restarted.")
+				log.Printf("Continuing as the leader.")
 				return nil
 			}
-			log.Info("Found existing lock", "LockOwner", existingOwner.Name)
+			log.Printf("Found existing lock. LockOwner: %v", existingOwner.Name)
 		}
 	case apierrors.IsNotFound(err):
-		log.Info("No pre-existing lock was found.")
+		log.Printf("No pre-existing lock was found.")
 	default:
-		log.Error(err, "Unknown error trying to get ConfigMap")
+		log.Printf("Unknown error trying to get ConfigMap: %v", err)
 		return err
 	}
 
@@ -105,35 +101,35 @@ func Become(ctx context.Context, lockName string) error {
 		err := client.Create(ctx, cm)
 		switch {
 		case err == nil:
-			log.Info("Became the leader.")
+			log.Printf("Became the leader.")
 			return nil
 		case apierrors.IsAlreadyExists(err):
 			existingOwners := existing.GetOwnerReferences()
 			switch {
 			case len(existingOwners) != 1:
-				log.Info("Leader lock configmap must have exactly one owner reference.", "ConfigMap", existing)
+				log.Printf("Leader lock configmap must have exactly one owner reference. ConfigMap: %v", existing)
 			case existingOwners[0].Kind != "Pod":
-				log.Info("Leader lock configmap owner reference must be a pod.", "OwnerReference", existingOwners[0])
+				log.Printf("Leader lock configmap owner reference must be a pod. OwnerReference: %v", existingOwners[0])
 			default:
 				leaderPod := &corev1.Pod{}
 				key = crclient.ObjectKey{Namespace: ns, Name: existingOwners[0].Name}
 				err = client.Get(ctx, key, leaderPod)
 				switch {
 				case apierrors.IsNotFound(err):
-					log.Info("Leader pod has been deleted, waiting for garbage collection do remove the lock.")
+					log.Printf("Leader pod has been deleted, waiting for garbage collection do remove the lock.")
 				case err != nil:
 					return err
 				case isPodEvicted(*leaderPod) && leaderPod.GetDeletionTimestamp() == nil:
-					log.Info("Operator pod with leader lock has been evicted.", "leader", leaderPod.Name)
-					log.Info("Deleting evicted leader.")
+					log.Printf("Operator pod with leader lock has been evicted. leader: %v", leaderPod.Name)
+					log.Printf("Deleting evicted leader.")
 					// Pod may not delete immediately, continue with backoff
 					err := client.Delete(ctx, leaderPod)
 					if err != nil {
-						log.Error(err, "Leader pod could not be deleted.")
+						log.Printf("Leader pod could not be deleted: %v", err)
 					}
 
 				default:
-					log.Info("Not the leader. Waiting.")
+					log.Printf("Not the leader. Waiting.")
 				}
 			}
 
@@ -147,7 +143,7 @@ func Become(ctx context.Context, lockName string) error {
 				return ctx.Err()
 			}
 		default:
-			log.Error(err, "Unknown error creating ConfigMap")
+			log.Printf("Unknown error creating ConfigMap: %v", err)
 			return err
 		}
 	}
@@ -157,7 +153,7 @@ func Become(ctx context.Context, lockName string) error {
 // this code is currently running.
 // It expects the environment variable POD_NAME to be set by the downwards API
 func myOwnerRef(ctx context.Context, client crclient.Client, ns string) (*metav1.OwnerReference, error) {
-	myPod, err := k8sutil.GetPod(ctx, client, ns)
+	myPod, err := GetPod(ctx, client, ns)
 	if err != nil {
 		return nil, err
 	}