Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NP-607: update microshift ovnk manifests #1589

Merged
merged 1 commit into from Nov 3, 2022
Merged

NP-607: update microshift ovnk manifests #1589

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
8 changes: 0 additions & 8 deletions bindata/network/ovn-kubernetes/microshift/clusterrole.yaml
View file
Open in desktop
Expand Up @@ -71,14 +71,6 @@ rules:
- apiGroups: ['authorization.k8s.io']
resources: ['subjectaccessreviews']
verbs: ['create']
- apiGroups: [certificates.k8s.io]
resources: ['certificatesigningrequests']
verbs:
- create
- get
- delete
- update
- list

---
apiVersion: rbac.authorization.k8s.io/v1
Expand Down
2 changes: 1 addition & 1 deletion bindata/network/ovn-kubernetes/microshift/configmap.yaml
View file
Open in desktop
Expand Up @@ -27,7 +27,7 @@ data:
enable-egress-qos=false

[gateway]
mode=shared
mode=local
nodeport=true

[masterha]
Expand Down
32 changes: 18 additions & 14 deletions bindata/network/ovn-kubernetes/microshift/master/daemonset.yaml
View file
Open in desktop
Expand Up @@ -44,7 +44,7 @@ spec:
containers:
# ovn-northd: convert network objects in nbdb to flows in sbdb
- name: northd
image: {{ .ReleaseImage.ovn_kubernetes }}
image: {{ .ReleaseImage.ovn_kubernetes_microshift }}
command:
- /bin/bash
- -c
Expand Down Expand Up @@ -95,9 +95,9 @@ spec:
memory: 10Mi
terminationMessagePolicy: FallbackToLogsOnError

# nbdb: the northbound, or logical network object DB. In standalone mode
# nbdb: the northbound, or logical network object DB. In raft mode
- name: nbdb
image: {{ .ReleaseImage.ovn_kubernetes }}
image: {{ .ReleaseImage.ovn_kubernetes_microshift }}
command:
- /bin/bash
- -c
Expand Down Expand Up @@ -199,16 +199,14 @@ spec:
echo "$(date -Iseconds) - nbdb stopped"
rm -f /var/run/ovn/ovnnb_db.pid
readinessProbe:
timeoutSeconds: 10
periodSeconds: 600
timeoutSeconds: 5
exec:
command:
- /bin/bash
- -c
- |
set -xeo pipefail
/usr/bin/ovn-appctl -t /var/run/ovn/ovnnb_db.ctl --timeout=5 ovsdb-server/memory-trim-on-compaction on 2>/dev/null
/usr/bin/ovn-appctl -t /var/run/ovn/ovnnb_db.ctl --timeout=5 ovsdb-server/compact 2>/dev/null

env:
- name: OVN_LOG_LEVEL
Expand All @@ -228,9 +226,9 @@ spec:
memory: 10Mi
terminationMessagePolicy: FallbackToLogsOnError

# sbdb: The southbound, or flow DB. In standalone mode
# sbdb: The southbound, or flow DB. In raft mode
- name: sbdb
image: {{ .ReleaseImage.ovn_kubernetes }}
image: {{ .ReleaseImage.ovn_kubernetes_microshift }}
command:
- /bin/bash
- -c
Expand Down Expand Up @@ -301,17 +299,14 @@ spec:
echo "$(date -Iseconds) - sbdb stopped"
rm -f /var/run/ovn/ovnsb_db.pid
readinessProbe:
timeoutSeconds: 10
periodSeconds: 600
timeoutSeconds: 5
exec:
command:
- /bin/bash
- -c
- |
set -xeo pipefail
/usr/bin/ovn-appctl -t /var/run/ovn/ovnsb_db.ctl --timeout=5 ovsdb-server/memory-trim-on-compaction on 2>/dev/null
/usr/bin/ovn-appctl -t /var/run/ovn/ovnsb_db.ctl --timeout=5 ovsdb-server/compact 2>/dev/null

env:
- name: OVN_LOG_LEVEL
value: info
Expand All @@ -330,7 +325,7 @@ spec:

# ovnkube master: convert kubernetes objects in to nbdb logical network components
- name: ovnkube-master
image: {{ .ReleaseImage.ovn_kubernetes }}
image: {{ .ReleaseImage.ovn_kubernetes_microshift }}
command:
- /bin/bash
- -c
Expand All @@ -355,7 +350,15 @@ spec:
ip6tables -t raw -A OUTPUT -p udp --dport 6081 -j NOTRACK
echo "I$(date "+%m%d %H:%M:%S.%N") - starting ovnkube-node"

gateway_mode_flags="--gateway-mode shared --gateway-interface br-ex"
gateway_mode_flags="--gateway-mode local --gateway-interface br-ex"

gw_interface_flag=
# if br-ex1 is configured on the node, we want to use it for external gateway traffic
if [ -d /sys/class/net/br-ex1 ]; then
gw_interface_flag="--exgw-interface=br-ex1"
# the functionality depends on ip_forwarding being enabled
sysctl net.ipv4.ip_forward=1
fi

echo "I$(date "+%m%d %H:%M:%S.%N") - ovnkube-master - start ovnkube --init-master ${K8S_NODE} --init-node ${K8S_NODE}"
exec /usr/bin/ovnkube \
Expand All @@ -364,6 +367,7 @@ spec:
--config-file=/run/ovnkube-config/ovnkube.conf \
--loglevel "${OVN_KUBE_LOG_LEVEL}" \
${gateway_mode_flags} \
${gw_interface_flag} \
--inactivity-probe="180000" \
--nb-address "" \
--sb-address "" \
Expand Down
10 changes: 8 additions & 2 deletions bindata/network/ovn-kubernetes/microshift/node/daemonset.yaml
View file
Open in desktop
Expand Up @@ -40,7 +40,7 @@ spec:
containers:
# ovn-controller: programs the vswitch with flows from the sbdb
- name: ovn-controller
image: {{ .ReleaseImage.ovn_kubernetes }}
image: {{ .ReleaseImage.ovn_kubernetes_microshift }}
command:
- /bin/bash
- -c
Expand All @@ -52,7 +52,9 @@ spec:
set +o allexport
fi

echo "$(date -Iseconds) - starting ovn-controller"
# K8S_NODE_IP triggers reconcilation of this daemon when node IP changes
echo "$(date -Iseconds) - starting ovn-controller, Node: ${K8S_NODE} IP: ${K8S_NODE_IP}"

exec ovn-controller unix:/var/run/openvswitch/db.sock -vfile:off \
--no-chdir --pidfile=/var/run/ovn/ovn-controller.pid \
--syslog-method="null" \
Expand All @@ -71,6 +73,10 @@ spec:
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: K8S_NODE_IP
valueFrom:
fieldRef:
fieldPath: status.hostIP
volumeMounts:
- mountPath: /run/openvswitch
name: run-openvswitch
Expand Down
8 changes: 8 additions & 0 deletions bindata/network/ovn-kubernetes/microshift/role.yaml
View file
Open in desktop
Expand Up @@ -12,6 +12,14 @@ rules:
- get
- list
- watch
- apiGroups: [certificates.k8s.io]
resources: ['certificatesigningrequests']
verbs:
- create
- get
- delete
- update
- list

---
apiVersion: rbac.authorization.k8s.io/v1
Expand Down