ci: add full-node tests (#920)
diff --git a/charts/ovn/templates/bin/_ovn-controller.sh.tpl b/charts/ovn/templates/bin/_ovn-controller.sh.tpl
deleted file mode 100644
index ecb659d..0000000
--- a/charts/ovn/templates/bin/_ovn-controller.sh.tpl
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/bin/bash -xe
-
-# Copyright 2023 VEXXHOST, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-COMMAND="${@:-start}"
-
-function start () {
- /usr/share/ovn/scripts/ovn-ctl start_controller \
- --ovn-manage-ovsdb=no
-
- tail --follow=name /var/log/ovn/ovn-controller.log
-}
-
-function stop () {
- /usr/share/ovn/scripts/ovn-ctl stop_controller
- pkill tail
-}
-
-function liveness () {
- ovs-appctl -t /var/run/ovn/ovn-controller.$(cat /var/run/ovn/ovn-controller.pid).ctl status
-}
-
-function readiness () {
- ovs-appctl -t /var/run/ovn/ovn-controller.$(cat /var/run/ovn/ovn-controller.pid).ctl status
-}
-
-$COMMAND
diff --git a/charts/ovn/templates/bin/_ovn-northd.sh.tpl b/charts/ovn/templates/bin/_ovn-northd.sh.tpl
deleted file mode 100644
index fefd793..0000000
--- a/charts/ovn/templates/bin/_ovn-northd.sh.tpl
+++ /dev/null
@@ -1,57 +0,0 @@
-#!/bin/bash -xe
-
-# Copyright 2023 VEXXHOST, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-COMMAND="${@:-start}"
-
-{{- $nb_svc_name := "ovn-ovsdb-nb" -}}
-{{- $nb_svc := (tuple $nb_svc_name "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup") -}}
-{{- $nb_port := (tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup") -}}
-{{- $nb_service_list := list -}}
-{{- range $i := until (.Values.pod.replicas.ovn_ovsdb_nb | int) -}}
- {{- $nb_service_list = printf "tcp:%s-%d.%s:%s" $nb_svc_name $i $nb_svc $nb_port | append $nb_service_list -}}
-{{- end -}}
-
-{{- $sb_svc_name := "ovn-ovsdb-sb" -}}
-{{- $sb_svc := (tuple $sb_svc_name "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup") -}}
-{{- $sb_port := (tuple "ovn-ovsdb-sb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup") -}}
-{{- $sb_service_list := list -}}
-{{- range $i := until (.Values.pod.replicas.ovn_ovsdb_sb | int) -}}
- {{- $sb_service_list = printf "tcp:%s-%d.%s:%s" $sb_svc_name $i $sb_svc $sb_port | append $sb_service_list -}}
-{{- end }}
-
-function start () {
- /usr/share/ovn/scripts/ovn-ctl start_northd \
- --ovn-manage-ovsdb=no \
- --ovn-northd-nb-db={{ include "helm-toolkit.utils.joinListWithComma" $nb_service_list }} \
- --ovn-northd-sb-db={{ include "helm-toolkit.utils.joinListWithComma" $sb_service_list }}
-
- tail --follow=name /var/log/ovn/ovn-northd.log
-}
-
-function stop () {
- /usr/share/ovn/scripts/ovn-ctl stop_northd
- pkill tail
-}
-
-function liveness () {
- ovs-appctl -t /var/run/ovn/ovn-northd.$(cat /var/run/ovn/ovn-northd.pid).ctl status
-}
-
-function readiness () {
- ovs-appctl -t /var/run/ovn/ovn-northd.$(cat /var/run/ovn/ovn-northd.pid).ctl status
-}
-
-$COMMAND
diff --git a/charts/ovn/templates/bin/_ovsdb-server.sh.tpl b/charts/ovn/templates/bin/_ovsdb-server.sh.tpl
deleted file mode 100644
index e023505..0000000
--- a/charts/ovn/templates/bin/_ovsdb-server.sh.tpl
+++ /dev/null
@@ -1,72 +0,0 @@
-#!/bin/bash -xe
-
-# Copyright 2023 VEXXHOST, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-COMMAND="${@:-start}"
-
-OVSDB_HOST=$(hostname -f)
-ARGS=(
- --db-${OVS_DATABASE}-create-insecure-remote=yes
- --db-${OVS_DATABASE}-cluster-local-proto=tcp
- --db-${OVS_DATABASE}-cluster-local-addr=$(hostname -f)
-)
-
-if [[ ! $HOSTNAME == *-0 && $OVSDB_HOST =~ (.+)-([0-9]+)\. ]]; then
- OVSDB_BOOTSTRAP_HOST="${BASH_REMATCH[1]}-0.${OVSDB_HOST#*.}"
-
- ARGS+=(
- --db-${OVS_DATABASE}-cluster-remote-proto=tcp
- --db-${OVS_DATABASE}-cluster-remote-addr=${OVSDB_BOOTSTRAP_HOST}
- )
-fi
-
-function start () {
- /usr/share/ovn/scripts/ovn-ctl start_${OVS_DATABASE}_ovsdb ${ARGS[@]}
-
- tail --follow=name /var/log/ovn/ovsdb-server-${OVS_DATABASE}.log
-}
-
-function stop () {
- /usr/share/ovn/scripts/ovn-ctl stop_${OVS_DATABASE}_ovsdb
- pkill tail
-}
-
-function liveness () {
- if [[ $OVS_DATABASE == "nb" ]]; then
- OVN_DATABASE="Northbound"
- elif [[ $OVS_DATABASE == "sb" ]]; then
- OVN_DATABASE="Southbound"
- else
- echo "OVS_DATABASE must be nb or sb"
- exit 1
- fi
-
- ovs-appctl -t /var/run/ovn/ovn${OVS_DATABASE}_db.ctl cluster/status OVN_${OVN_DATABASE}
-}
-
-function readiness () {
- if [[ $OVS_DATABASE == "nb" ]]; then
- OVN_DATABASE="Northbound"
- elif [[ $OVS_DATABASE == "sb" ]]; then
- OVN_DATABASE="Southbound"
- else
- echo "OVS_DATABASE must be nb or sb"
- exit 1
- fi
-
- ovs-appctl -t /var/run/ovn/ovn${OVS_DATABASE}_db.ctl cluster/status OVN_${OVN_DATABASE}
-}
-
-$COMMAND
diff --git a/charts/ovn/templates/configmap-bin.yaml b/charts/ovn/templates/configmap-bin.yaml
index a849dd8..82001f9 100644
--- a/charts/ovn/templates/configmap-bin.yaml
+++ b/charts/ovn/templates/configmap-bin.yaml
@@ -24,12 +24,6 @@
image-repo-sync.sh: |
{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }}
{{- end }}
- ovsdb-server.sh: |
-{{ tuple "bin/_ovsdb-server.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
- ovn-northd.sh: |
-{{ tuple "bin/_ovn-northd.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
ovn-controller-init.sh: |
{{ tuple "bin/_ovn-controller-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
- ovn-controller.sh: |
-{{ tuple "bin/_ovn-controller.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}
diff --git a/charts/ovn/templates/daemonset-controller-gw.yaml b/charts/ovn/templates/daemonset-controller-gw.yaml
index 5701a87..eb309c5 100644
--- a/charts/ovn/templates/daemonset-controller-gw.yaml
+++ b/charts/ovn/templates/daemonset-controller-gw.yaml
@@ -12,6 +12,15 @@
limitations under the License.
*/}}
+{{- define "controllerGatewayReadinessProbeTemplate" }}
+exec:
+ command:
+ - /usr/bin/ovn-kube-util
+ - readiness-probe
+ - -t
+ - ovn-controller
+{{- end }}
+
{{- if .Values.manifests.daemonset_ovn_controller_gw }}
{{- $envAll := . }}
@@ -76,25 +85,33 @@
readOnly: true
containers:
- name: controller
+ command:
+ - /root/ovnkube.sh
+ - ovn-controller
{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "controller" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
- command:
- - /tmp/ovn-controller.sh
- - start
- lifecycle:
- preStop:
- exec:
- command:
- - /tmp/ovn-controller.sh
- - stop
+{{ dict "envAll" . "component" "ovn_controller_gw" "container" "controller" "type" "readiness" "probeTemplate" (include "controllerGatewayReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
+ env:
+ - name: OVN_DAEMONSET_VERSION
+ value: "3"
+ - name: OVN_LOGLEVEL_CONTROLLER
+ value: "-vconsole:info -vfile:info"
+ - name: OVN_KUBERNETES_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: OVN_KUBERNETES_NB_STATEFULSET
+ value: ovn-ovsdb-nb
+ - name: OVN_KUBERNETES_SB_STATEFULSET
+ value: ovn-ovsdb-sb
+ - name: OVN_SSL_ENABLE
+ value: "no"
volumeMounts:
- - name: ovn-bin
- mountPath: /tmp/ovn-controller.sh
- subPath: ovn-controller.sh
- readOnly: true
- name: run-openvswitch
- mountPath: /run/openvswitch
+ mountPath: /var/run/ovn
+ - name: run-openvswitch
+ mountPath: /var/run/openvswitch
volumes:
- name: ovn-bin
configMap:
diff --git a/charts/ovn/templates/daemonset-controller.yaml b/charts/ovn/templates/daemonset-controller.yaml
index 580d5ae..b6b0b04 100644
--- a/charts/ovn/templates/daemonset-controller.yaml
+++ b/charts/ovn/templates/daemonset-controller.yaml
@@ -12,6 +12,15 @@
limitations under the License.
*/}}
+{{- define "controllerReadinessProbeTemplate" }}
+exec:
+ command:
+ - /usr/bin/ovn-kube-util
+ - readiness-probe
+ - -t
+ - ovn-controller
+{{- end }}
+
{{- if .Values.manifests.daemonset_ovn_controller }}
{{- $envAll := . }}
@@ -76,25 +85,33 @@
readOnly: true
containers:
- name: controller
+ command:
+ - /root/ovnkube.sh
+ - ovn-controller
{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "ovn_controller" "container" "controller" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
- command:
- - /tmp/ovn-controller.sh
- - start
- lifecycle:
- preStop:
- exec:
- command:
- - /tmp/ovn-controller.sh
- - stop
+{{ dict "envAll" . "component" "ovn_controller" "container" "controller" "type" "readiness" "probeTemplate" (include "controllerReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
+ env:
+ - name: OVN_DAEMONSET_VERSION
+ value: "3"
+ - name: OVN_LOGLEVEL_CONTROLLER
+ value: "-vconsole:info -vfile:info"
+ - name: OVN_KUBERNETES_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: OVN_KUBERNETES_NB_STATEFULSET
+ value: ovn-ovsdb-nb
+ - name: OVN_KUBERNETES_SB_STATEFULSET
+ value: ovn-ovsdb-sb
+ - name: OVN_SSL_ENABLE
+ value: "no"
volumeMounts:
- - name: ovn-bin
- mountPath: /tmp/ovn-controller.sh
- subPath: ovn-controller.sh
- readOnly: true
- name: run-openvswitch
- mountPath: /run/openvswitch
+ mountPath: /var/run/ovn
+ - name: run-openvswitch
+ mountPath: /var/run/openvswitch
volumes:
- name: ovn-bin
configMap:
diff --git a/charts/ovn/templates/deployment-northd.yaml b/charts/ovn/templates/deployment-northd.yaml
index e3afdd0..ae31b35 100644
--- a/charts/ovn/templates/deployment-northd.yaml
+++ b/charts/ovn/templates/deployment-northd.yaml
@@ -12,18 +12,13 @@
limitations under the License.
*/}}
-{{- define "livenessProbeTemplate" }}
+{{- define "northdReadinessProbeTemplate" }}
exec:
command:
- - /tmp/ovn-northd.sh
- - liveness
-{{- end }}
-
-{{- define "readinessProbeTemplate" }}
-exec:
- command:
- - /tmp/ovn-northd.sh
- - readiness
+ - /usr/bin/ovn-kube-util
+ - readiness-probe
+ - -t
+ - ovn-northd
{{- end }}
{{- if .Values.manifests.deployment_northd }}
@@ -60,28 +55,26 @@
{{- tuple $envAll "ovn_northd" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: northd
+ command:
+ - /root/ovnkube.sh
+ - run-ovn-northd
{{ tuple $envAll "ovn_northd" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "ovn_northd" "container" "northd" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
-{{ dict "envAll" . "component" "ovn_northd" "container" "northd" "type" "liveness" "probeTemplate" (include "livenessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
-{{ dict "envAll" . "component" "ovn_northd" "container" "northd" "type" "readiness" "probeTemplate" (include "readinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
- command:
- - /tmp/ovn-northd.sh
- - start
- lifecycle:
- preStop:
- exec:
- command:
- - /tmp/ovn-northd.sh
- - stop
- volumeMounts:
- - name: ovn-bin
- mountPath: /tmp/ovn-northd.sh
- subPath: ovn-northd.sh
- readOnly: true
- volumes:
- - name: ovn-bin
- configMap:
- name: ovn-bin
- defaultMode: 0555
+{{ dict "envAll" . "component" "ovn_northd" "container" "northd" "type" "readiness" "probeTemplate" (include "northdReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
+ env:
+ - name: OVN_DAEMONSET_VERSION
+ value: "3"
+ - name: OVN_LOGLEVEL_NORTHD
+ value: "-vconsole:info -vfile:info"
+ - name: OVN_KUBERNETES_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: OVN_KUBERNETES_NB_STATEFULSET
+ value: ovn-ovsdb-nb
+ - name: OVN_KUBERNETES_SB_STATEFULSET
+ value: ovn-ovsdb-sb
+ - name: OVN_SSL_ENABLE
+ value: "no"
{{- end }}
diff --git a/charts/ovn/templates/role-controller.yaml b/charts/ovn/templates/role-controller.yaml
new file mode 100644
index 0000000..de3cfa6
--- /dev/null
+++ b/charts/ovn/templates/role-controller.yaml
@@ -0,0 +1,11 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: ovn-controller
+rules:
+- apiGroups:
+ - discovery.k8s.io
+ resources:
+ - endpointslices
+ verbs:
+ - list
diff --git a/charts/ovn/templates/role-northd.yaml b/charts/ovn/templates/role-northd.yaml
new file mode 100644
index 0000000..ca02fae
--- /dev/null
+++ b/charts/ovn/templates/role-northd.yaml
@@ -0,0 +1,11 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: ovn-northd
+rules:
+- apiGroups:
+ - discovery.k8s.io
+ resources:
+ - endpointslices
+ verbs:
+ - list
diff --git a/charts/ovn/templates/role-ovsdb.yaml b/charts/ovn/templates/role-ovsdb.yaml
new file mode 100644
index 0000000..10e0e23
--- /dev/null
+++ b/charts/ovn/templates/role-ovsdb.yaml
@@ -0,0 +1,19 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: ovn-ovsdb
+rules:
+- apiGroups:
+ - "apps"
+ resources:
+ - statefulsets
+ verbs:
+ - get
+- apiGroups:
+ - ""
+ resources:
+ - pods
+ - endpoints
+ verbs:
+ - list
+ - get
diff --git a/charts/ovn/templates/rolebinding-controller.yaml b/charts/ovn/templates/rolebinding-controller.yaml
new file mode 100644
index 0000000..7973c7e
--- /dev/null
+++ b/charts/ovn/templates/rolebinding-controller.yaml
@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ name: ovn-controller
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: ovn-controller
+subjects:
+- kind: ServiceAccount
+ name: ovn-controller
+- kind: ServiceAccount
+ name: ovn-controller-gw
diff --git a/charts/ovn/templates/rolebinding-northd.yaml b/charts/ovn/templates/rolebinding-northd.yaml
new file mode 100644
index 0000000..428a470
--- /dev/null
+++ b/charts/ovn/templates/rolebinding-northd.yaml
@@ -0,0 +1,11 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ name: ovn-northd
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: ovn-northd
+subjects:
+- kind: ServiceAccount
+ name: ovn-northd
diff --git a/charts/ovn/templates/rolebinding-ovsdb.yaml b/charts/ovn/templates/rolebinding-ovsdb.yaml
new file mode 100644
index 0000000..f32382b
--- /dev/null
+++ b/charts/ovn/templates/rolebinding-ovsdb.yaml
@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ name: ovn-ovsdb
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: ovn-ovsdb
+subjects:
+- kind: ServiceAccount
+ name: ovn-ovsdb-nb
+- kind: ServiceAccount
+ name: ovn-ovsdb-sb
diff --git a/charts/ovn/templates/service-ovsdb-nb.yaml b/charts/ovn/templates/service-ovsdb-nb.yaml
index b93da9b..56f7cd0 100644
--- a/charts/ovn/templates/service-ovsdb-nb.yaml
+++ b/charts/ovn/templates/service-ovsdb-nb.yaml
@@ -20,6 +20,7 @@
metadata:
name: {{ tuple "ovn-ovsdb-nb" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
+ publishNotReadyAddresses: true
ports:
- name: ovsdb
port: {{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
diff --git a/charts/ovn/templates/service-ovsdb-sb.yaml b/charts/ovn/templates/service-ovsdb-sb.yaml
index 70f62c6..4a6b586 100644
--- a/charts/ovn/templates/service-ovsdb-sb.yaml
+++ b/charts/ovn/templates/service-ovsdb-sb.yaml
@@ -20,6 +20,7 @@
metadata:
name: {{ tuple "ovn-ovsdb-sb" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
+ publishNotReadyAddresses: true
ports:
- name: ovsdb
port: {{ tuple "ovn-ovsdb-sb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
diff --git a/charts/ovn/templates/statefulset-ovsdb-nb.yaml b/charts/ovn/templates/statefulset-ovsdb-nb.yaml
index 9380515..8955d30 100644
--- a/charts/ovn/templates/statefulset-ovsdb-nb.yaml
+++ b/charts/ovn/templates/statefulset-ovsdb-nb.yaml
@@ -12,6 +12,19 @@
limitations under the License.
*/}}
+{{- define "ovnnbReadinessProbeTemplate" }}
+exec:
+ command:
+ - /usr/bin/ovn-kube-util
+ - readiness-probe
+ - -t
+{{- if gt (int .Values.pod.replicas.ovn_ovsdb_nb) 1 }}
+ - ovnnb-db-raft
+{{- else }}
+ - ovnnb-db
+{{- end }}
+{{- end }}
+
{{- if .Values.manifests.statefulset_ovn_ovsdb_nb }}
{{- $envAll := . }}
@@ -28,6 +41,7 @@
{{ tuple $envAll "ovn" "ovn-ovsdb-nb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
serviceName: {{ tuple "ovn-ovsdb-nb" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ podManagementPolicy: Parallel
replicas: {{ .Values.pod.replicas.ovn_ovsdb_nb }}
selector:
matchLabels:
@@ -49,41 +63,54 @@
{{- tuple $envAll "ovn_ovsdb_nb" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: ovsdb
+ command:
+ - /root/ovnkube.sh
+{{- if gt (int .Values.pod.replicas.ovn_ovsdb_nb) 1 }}
+ - nb-ovsdb-raft
+{{- else }}
+ - nb-ovsdb
+{{- end }}
{{ tuple $envAll "ovn_ovsdb_nb" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+{{ dict "envAll" . "component" "ovn_ovsdb_nb" "container" "ovsdb" "type" "readiness" "probeTemplate" (include "ovnnbReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
ports:
- containerPort: {{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
- containerPort: {{ tuple "ovn-ovsdb-nb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
env:
- - name: OVS_DATABASE
- value: nb
- - name: OVS_PORT
+ - name: OVN_DAEMONSET_VERSION
+ value: "3"
+ - name: OVN_LOGLEVEL_NB
+ value: "-vconsole:info -vfile:info"
+ - name: OVN_KUBERNETES_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: OVN_KUBERNETES_STATEFULSET
+ value: ovn-ovsdb-nb
+ - name: POD_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.name
+ - name: OVN_SSL_ENABLE
+ value: "no"
+ - name: ENABLE_IPSEC
+ value: "false"
+ - name: OVN_NB_RAFT_ELECTION_TIMER
+ value: "1000"
+ - name: OVN_NB_PORT
value: {{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
- command:
- - /tmp/ovsdb-server.sh
- - start
- lifecycle:
- preStop:
- exec:
- command:
- - /tmp/ovsdb-server.sh
- - stop
+ - name: OVN_NB_RAFT_PORT
+ value: {{ tuple "ovn-ovsdb-nb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
volumeMounts:
- - name: ovn-bin
- mountPath: /tmp/ovsdb-server.sh
- subPath: ovsdb-server.sh
- readOnly: true
- name: run-openvswitch
- mountPath: /run/openvswitch
+ mountPath: /var/run/openvswitch
+ - name: run-openvswitch
+ mountPath: /var/run/ovn
- name: data
mountPath: /var/lib/ovn
volumes:
- name: run-openvswitch
emptyDir: {}
- - name: ovn-bin
- configMap:
- name: ovn-bin
- defaultMode: 0555
{{- if not .Values.volume.ovn_ovsdb_nb.enabled }}
- name: data
emptyDir: {}
diff --git a/charts/ovn/templates/statefulset-ovsdb-sb.yaml b/charts/ovn/templates/statefulset-ovsdb-sb.yaml
index 400b127..ab571c2 100644
--- a/charts/ovn/templates/statefulset-ovsdb-sb.yaml
+++ b/charts/ovn/templates/statefulset-ovsdb-sb.yaml
@@ -12,6 +12,19 @@
limitations under the License.
*/}}
+{{- define "ovnsbReadinessProbeTemplate" }}
+exec:
+ command:
+ - /usr/bin/ovn-kube-util
+ - readiness-probe
+ - -t
+{{- if gt (int .Values.pod.replicas.ovn_ovsdb_sb) 1 }}
+ - ovnsb-db-raft
+{{- else }}
+ - ovnsb-db
+{{- end }}
+{{- end }}
+
{{- if .Values.manifests.statefulset_ovn_ovsdb_sb }}
{{- $envAll := . }}
@@ -28,6 +41,7 @@
{{ tuple $envAll "ovn" "ovn-ovsdb-sb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
serviceName: {{ tuple "ovn-ovsdb-sb" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ podManagementPolicy: Parallel
replicas: {{ .Values.pod.replicas.ovn_ovsdb_sb }}
selector:
matchLabels:
@@ -49,41 +63,54 @@
{{- tuple $envAll "ovn_ovsdb_sb" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: ovsdb
+ command:
+ - /root/ovnkube.sh
+{{- if gt (int .Values.pod.replicas.ovn_ovsdb_sb) 1 }}
+ - sb-ovsdb-raft
+{{- else }}
+ - sb-ovsdb
+{{- end }}
{{ tuple $envAll "ovn_ovsdb_sb" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+{{ dict "envAll" . "component" "ovn_ovsdb_sb" "container" "ovsdb" "type" "readiness" "probeTemplate" (include "ovnsbReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
ports:
- containerPort: {{ tuple "ovn-ovsdb-sb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
- containerPort: {{ tuple "ovn-ovsdb-sb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
env:
- - name: OVS_DATABASE
- value: sb
- - name: OVS_PORT
+ - name: OVN_DAEMONSET_VERSION
+ value: "3"
+ - name: OVN_LOGLEVEL_SB
+ value: "-vconsole:info -vfile:info"
+ - name: OVN_KUBERNETES_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: OVN_KUBERNETES_STATEFULSET
+ value: ovn-ovsdb-sb
+ - name: POD_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.name
+ - name: OVN_SSL_ENABLE
+ value: "no"
+ - name: ENABLE_IPSEC
+ value: "false"
+ - name: OVN_SB_RAFT_ELECTION_TIMER
+ value: "1000"
+ - name: OVN_SB_PORT
value: {{ tuple "ovn-ovsdb-sb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
- command:
- - /tmp/ovsdb-server.sh
- - start
- lifecycle:
- preStop:
- exec:
- command:
- - /tmp/ovsdb-server.sh
- - stop
+ - name: OVN_SB_RAFT_PORT
+ value: {{ tuple "ovn-ovsdb-sb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
volumeMounts:
- - name: ovn-bin
- mountPath: /tmp/ovsdb-server.sh
- subPath: ovsdb-server.sh
- readOnly: true
- name: run-openvswitch
- mountPath: /run/openvswitch
+ mountPath: /var/run/openvswitch
+ - name: run-openvswitch
+ mountPath: /var/run/ovn
- name: data
mountPath: /var/lib/ovn
volumes:
- name: run-openvswitch
emptyDir: {}
- - name: ovn-bin
- configMap:
- name: ovn-bin
- defaultMode: 0555
{{- if not .Values.volume.ovn_ovsdb_sb.enabled }}
- name: data
emptyDir: {}
@@ -93,10 +120,10 @@
name: data
spec:
accessModes: ["ReadWriteOnce"]
+ storageClassName: {{ $envAll.Values.volume.ovn_ovsdb_sb.class_name }}
resources:
requests:
storage: {{ $envAll.Values.volume.ovn_ovsdb_sb.size }}
- storageClassName: {{ $envAll.Values.volume.ovn_ovsdb_sb.class_name }}
{{- end }}
{{- end }}
diff --git a/charts/ovn/values.yaml b/charts/ovn/values.yaml
index cc0eea4..214dd16 100644
--- a/charts/ovn/values.yaml
+++ b/charts/ovn/values.yaml
@@ -138,13 +138,41 @@
readiness:
enabled: true
params:
- initialDelaySeconds: 5
- timeoutSeconds: 10
- liveness:
+ initialDelaySeconds: 30
+ timeoutSeconds: 30
+ periodSeconds: 60
+ ovn_ovsdb_nb:
+ ovsdb:
+ readiness:
enabled: true
params:
- initialDelaySeconds: 5
- timeoutSeconds: 10
+ initialDelaySeconds: 30
+ timeoutSeconds: 30
+ periodSeconds: 60
+ ovn_ovsdb_sb:
+ ovsdb:
+ readiness:
+ enabled: true
+ params:
+ initialDelaySeconds: 30
+ timeoutSeconds: 30
+ periodSeconds: 60
+ ovn_controller:
+ controller:
+ readiness:
+ enabled: true
+ params:
+ initialDelaySeconds: 30
+ timeoutSeconds: 30
+ periodSeconds: 60
+ ovn_controller_gw:
+ controller:
+ readiness:
+ enabled: true
+ params:
+ initialDelaySeconds: 30
+ timeoutSeconds: 30
+ periodSeconds: 60
dns_policy: "ClusterFirstWithHostNet"
replicas:
ovn_ovsdb_nb: 1
@@ -179,18 +207,18 @@
ovs:
ovn_ovsdb_nb:
requests:
- memory: "128Mi"
+ memory: "384Mi"
cpu: "100m"
limits:
memory: "1024Mi"
- cpu: "2000m"
+ cpu: "1000m"
ovn_ovsdb_sb:
requests:
- memory: "128Mi"
+ memory: "384Mi"
cpu: "100m"
limits:
memory: "1024Mi"
- cpu: "2000m"
+ cpu: "1000m"
ovn_northd:
requests:
memory: "128Mi"