fix: update ovn chart close to upstream (#2023)
Reviewed-by: Mohammed Naser <mnaser@vexxhost.com>
diff --git a/.charts.yml b/.charts.yml
index bdb8155..3cc5376 100644
--- a/.charts.yml
+++ b/.charts.yml
@@ -175,6 +175,10 @@
version: 0.1.13
repository: *openstack_helm_infra_repository
dependencies: *openstack_helm_dependencies
+ patches:
+ gerrit:
+ review.opendev.org:
+ - 933333
- name: placement
version: 0.3.9
repository: *openstack_helm_repository
diff --git a/charts/ovn/templates/bin/_ovn-controller-init.sh.tpl b/charts/ovn/templates/bin/_ovn-controller-init.sh.tpl
index b196021..1d303c8 100644
--- a/charts/ovn/templates/bin/_ovn-controller-init.sh.tpl
+++ b/charts/ovn/templates/bin/_ovn-controller-init.sh.tpl
@@ -144,7 +144,13 @@
ovs-vsctl set open . external-ids:ovn-encap-type="{{ .Values.conf.ovn_encap_type }}"
ovs-vsctl set open . external-ids:ovn-bridge="{{ .Values.conf.ovn_bridge }}"
ovs-vsctl set open . external-ids:ovn-bridge-mappings="{{ .Values.conf.ovn_bridge_mappings }}"
-ovs-vsctl set open . external-ids:ovn-cms-options="${OVN_CMS_OPTIONS}"
+
+GW_ENABLED=$(cat /tmp/gw-enabled/gw-enabled)
+if [[ ${GW_ENABLED} == {{ .Values.labels.ovn_controller_gw.node_selector_value }} ]]; then
+ ovs-vsctl set open . external-ids:ovn-cms-options={{ .Values.conf.ovn_cms_options_gw_enabled }}
+else
+ ovs-vsctl set open . external-ids:ovn-cms-options={{ .Values.conf.ovn_cms_options }}
+fi
{{ if .Values.conf.ovn_bridge_datapath_type -}}
ovs-vsctl set open . external-ids:ovn-bridge-datapath-type="{{ .Values.conf.ovn_bridge_datapath_type }}"
diff --git a/charts/ovn/templates/daemonset-controller-gw.yaml b/charts/ovn/templates/daemonset-controller-gw.yaml
deleted file mode 100644
index fa71635..0000000
--- a/charts/ovn/templates/daemonset-controller-gw.yaml
+++ /dev/null
@@ -1,190 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "controllerGatewayReadinessProbeTemplate" }}
-exec:
- command:
- - /usr/bin/ovn-kube-util
- - readiness-probe
- - -t
- - ovn-controller
-{{- end }}
-
-{{- if .Values.manifests.daemonset_ovn_controller_gw }}
-{{- $envAll := . }}
-
-{{- $configMapName := "ovn-etc" }}
-{{- $serviceAccountName := "ovn-controller-gw" }}
-{{ tuple $envAll "ovn_controller_gw" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-kind: DaemonSet
-apiVersion: apps/v1
-metadata:
- name: ovn-controller-gw
- annotations:
- {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
- configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
- labels:
-{{ tuple $envAll "ovn" "ovn_controller_gw" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-spec:
- selector:
- matchLabels:
-{{ tuple $envAll "ovn" "ovn_controller_gw" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
- template:
- metadata:
- labels:
-{{ tuple $envAll "ovn" "ovn_controller_gw" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- annotations:
-{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
- configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
- configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- hostNetwork: true
- dnsPolicy: {{ .Values.pod.dns_policy }}
- nodeSelector:
- {{ .Values.labels.ovn_controller_gw.node_selector_key }}: {{ .Values.labels.ovn_controller_gw.node_selector_value }}
- initContainers:
-{{- tuple $envAll "ovn_controller_gw" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- - name: controller-init
-{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
-{{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "controller_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
- command:
- - /tmp/ovn-controller-init.sh
- env:
- - name: OVN_CMS_OPTIONS
- value: {{ .Values.conf.ovn_cms_options_gw_enabled | quote }}
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- volumeMounts:
- - name: ovn-bin
- mountPath: /tmp/ovn-controller-init.sh
- subPath: ovn-controller-init.sh
- readOnly: true
- - name: run-openvswitch
- mountPath: /run/openvswitch
- - name: ovn-etc
- mountPath: /tmp/auto_bridge_add
- subPath: auto_bridge_add
- readOnly: true
- containers:
- - name: controller
- command:
- - /root/ovnkube.sh
- - ovn-controller
-{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
-{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-{{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "controller" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
-{{ dict "envAll" . "component" "ovn_controller_gw" "container" "controller" "type" "readiness" "probeTemplate" (include "controllerGatewayReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
- env:
- - name: OVN_DAEMONSET_VERSION
- value: "3"
- - name: OVN_LOGLEVEL_CONTROLLER
- value: "-vconsole:info -vfile:info"
- - name: OVN_KUBERNETES_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: OVN_KUBERNETES_NB_STATEFULSET
- value: ovn-ovsdb-nb
- - name: OVN_KUBERNETES_SB_STATEFULSET
- value: ovn-ovsdb-sb
- - name: OVN_SSL_ENABLE
- value: "no"
- volumeMounts:
- - name: run-openvswitch
- mountPath: /var/run/ovn
- - name: run-openvswitch
- mountPath: /var/run/openvswitch
- - name: logs
- mountPath: /var/log/ovn
- {{- if .Values.pod.sidecars.vector }}
- - name: vector
-{{ tuple $envAll "vector" | include "helm-toolkit.snippets.image" | indent 10 }}
-{{ tuple $envAll $envAll.Values.pod.resources.ovn_controller_gw.vector | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-{{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "vector" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
- command:
- - vector
- - --config
- - /etc/vector/vector.toml
- volumeMounts:
- - name: vector-config
- mountPath: /etc/vector
- - name: logs
- mountPath: /logs
- - name: vector-data
- mountPath: /var/lib/vector
- {{- end }}
- {{- if .Values.pod.sidecars.ovn_logging_parser }}
- - name: log-parser
-{{ tuple $envAll "ovn_logging_parser" | include "helm-toolkit.snippets.image" | indent 10 }}
-{{ tuple $envAll $envAll.Values.pod.resources.ovn_controller_gw.ovn_logging_parser | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-{{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "ovn_logging_parser" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
- command:
- - /tmp/ovn-network-logging-parser.sh
- - start
- env:
- - name: VECTOR_HTTP_ENDPOINT
- value: http://localhost:5001
- ports:
- - name: http
- containerPort: {{ tuple "ovn_logging_parser" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
- protocol: TCP
- volumeMounts:
- - name: neutron-etc
- mountPath: /etc/neutron/neutron.conf
- subPath: neutron.conf
- readOnly: true
- - name: ovn-bin
- mountPath: /tmp/ovn-network-logging-parser.sh
- subPath: ovn-network-logging-parser.sh
- readOnly: true
- - name: ovn-etc
- mountPath: /etc/neutron/neutron-ovn-network-logging-parser-uwsgi.ini
- subPath: neutron-ovn-network-logging-parser-uwsgi.ini
- readOnly: true
- {{- end }}
- volumes:
- - name: ovn-bin
- configMap:
- name: ovn-bin
- defaultMode: 0777
- - name: run-openvswitch
- hostPath:
- path: /run/openvswitch
- type: DirectoryOrCreate
- - name: ovn-etc
- secret:
- secretName: {{ $configMapName }}
- defaultMode: 0444
- - name: logs
- hostPath:
- path: /var/log/ovn
- type: DirectoryOrCreate
- {{- if .Values.pod.sidecars.vector }}
- - name: vector-config
- secret:
- secretName: ovn-vector-config
- - name: vector-data
- emptyDir: {}
- {{- end }}
- {{- if .Values.pod.sidecars.ovn_logging_parser }}
- - name: neutron-etc
- secret:
- secretName: neutron-etc
- defaultMode: 0444
- {{- end }}
-{{- end }}
diff --git a/charts/ovn/templates/daemonset-controller.yaml b/charts/ovn/templates/daemonset-controller.yaml
index a1245d5..82b70f7 100644
--- a/charts/ovn/templates/daemonset-controller.yaml
+++ b/charts/ovn/templates/daemonset-controller.yaml
@@ -26,7 +26,33 @@
{{- $configMapName := "ovn-etc" }}
{{- $serviceAccountName := "ovn-controller" }}
+{{- $serviceAccountNamespace := $envAll.Release.Namespace }}
{{ tuple $envAll "ovn_controller" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ name: ovn-controller-list-nodes-role-{{ $serviceAccountNamespace }}
+rules:
+- apiGroups: [""]
+ resources: ["nodes"]
+ verbs: ["list", "get"]
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: ovn-controller-list-nodes-rolebinding-{{ $serviceAccountNamespace }}
+subjects:
+- kind: ServiceAccount
+ name: {{ $serviceAccountName }}
+ namespace: {{ $serviceAccountNamespace }}
+roleRef:
+ kind: ClusterRole
+ name: ovn-controller-list-nodes-role-{{ $serviceAccountNamespace }}
+ apiGroup: rbac.authorization.k8s.io
+
---
kind: DaemonSet
apiVersion: apps/v1
@@ -36,15 +62,15 @@
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
labels:
-{{ tuple $envAll "ovn" "ovn_controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
+{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
selector:
matchLabels:
-{{ tuple $envAll "ovn" "ovn_controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
+{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
template:
metadata:
labels:
-{{ tuple $envAll "ovn" "ovn_controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
+{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
@@ -59,14 +85,28 @@
{{ .Values.labels.ovn_controller.node_selector_key }}: {{ .Values.labels.ovn_controller.node_selector_value }}
initContainers:
{{- tuple $envAll "ovn_controller" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
+ - name: get-gw-enabled
+{{ tuple $envAll "ovn_controller_kubectl" | include "helm-toolkit.snippets.image" | indent 10 }}
+ command:
+ - /bin/bash
+ - -c
+ - |
+ kubectl get node ${NODENAME} -o jsonpath='{.metadata.labels.{{ .Values.labels.ovn_controller_gw.node_selector_key }}}' > /tmp/gw-enabled/gw-enabled
+ env:
+ - name: NODENAME
+ valueFrom:
+ fieldRef:
+ fieldPath: spec.nodeName
+ volumeMounts:
+ - name: gw-enabled
+ mountPath: /tmp/gw-enabled
+ readOnly: false
- name: controller-init
{{ dict "envAll" $envAll "application" "ovn_controller" "container" "controller_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
command:
- /tmp/ovn-controller-init.sh
env:
- - name: OVN_CMS_OPTIONS
- value: {{ .Values.conf.ovn_cms_options | quote }}
- name: NODE_NAME
valueFrom:
fieldRef:
@@ -82,6 +122,9 @@
mountPath: /tmp/auto_bridge_add
subPath: auto_bridge_add
readOnly: true
+ - name: gw-enabled
+ mountPath: /tmp/gw-enabled
+ readOnly: true
containers:
- name: controller
{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
@@ -108,13 +151,57 @@
value: "no"
volumeMounts:
- name: run-openvswitch
- mountPath: /var/run/ovn
- - name: run-openvswitch
- mountPath: /var/run/openvswitch
+ mountPath: /run/openvswitch
- name: logs
mountPath: /var/log/ovn
- - name: run-ovn
+ - name: run-openvswitch
mountPath: /run/ovn
+ {{- if .Values.pod.sidecars.vector }}
+ - name: vector
+{{ tuple $envAll "vector" | include "helm-toolkit.snippets.image" | indent 10 }}
+{{ tuple $envAll $envAll.Values.pod.resources.vector | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+{{ dict "envAll" $envAll "application" "ovn_controller" "container" "vector" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
+ command:
+ - vector
+ - --config
+ - /etc/vector/vector.toml
+ volumeMounts:
+ - name: vector-config
+ mountPath: /etc/vector
+ - name: logs
+ mountPath: /logs
+ - name: vector-data
+ mountPath: /var/lib/vector
+ {{- end }}
+ {{- if .Values.pod.sidecars.ovn_logging_parser }}
+ - name: log-parser
+{{ tuple $envAll "ovn_logging_parser" | include "helm-toolkit.snippets.image" | indent 10 }}
+{{ tuple $envAll $envAll.Values.pod.resources.ovn_logging_parser | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+{{ dict "envAll" $envAll "application" "ovn_controller" "container" "ovn_logging_parser" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
+ command:
+ - /tmp/ovn-network-logging-parser.sh
+ - start
+ env:
+ - name: VECTOR_HTTP_ENDPOINT
+ value: http://localhost:5001
+ ports:
+ - name: http
+ containerPort: {{ tuple "ovn_logging_parser" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+ protocol: TCP
+ volumeMounts:
+ - name: neutron-etc
+ mountPath: /etc/neutron/neutron.conf
+ subPath: neutron.conf
+ readOnly: true
+ - name: ovn-bin
+ mountPath: /tmp/ovn-network-logging-parser.sh
+ subPath: ovn-network-logging-parser.sh
+ readOnly: true
+ - name: ovn-etc
+ mountPath: /etc/neutron/neutron-ovn-network-logging-parser-uwsgi.ini
+ subPath: neutron-ovn-network-logging-parser-uwsgi.ini
+ readOnly: true
+ {{- end }}
volumes:
- name: ovn-bin
configMap:
@@ -136,4 +223,19 @@
hostPath:
path: /run/ovn
type: DirectoryOrCreate
+ - name: gw-enabled
+ emptyDir: {}
+ {{- if .Values.pod.sidecars.vector }}
+ - name: vector-config
+ secret:
+ secretName: ovn-vector-config
+ - name: vector-data
+ emptyDir: {}
+ {{- end }}
+ {{- if .Values.pod.sidecars.ovn_logging_parser }}
+ - name: neutron-etc
+ secret:
+ secretName: neutron-etc
+ defaultMode: 0444
+ {{- end }}
{{- end }}
diff --git a/charts/ovn/values.yaml b/charts/ovn/values.yaml
index b70e886..8c99d50 100644
--- a/charts/ovn/values.yaml
+++ b/charts/ovn/values.yaml
@@ -24,6 +24,7 @@
ovn_ovsdb_sb: docker.io/openstackhelm/ovn:ubuntu_focal
ovn_northd: docker.io/openstackhelm/ovn:ubuntu_focal
ovn_controller: docker.io/openstackhelm/ovn:ubuntu_focal
+ ovn_controller_kubectl: docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy
dep_check: quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal
image_repo_sync: docker.io/library/docker:17.07.0
vector: docker.io/timberio/vector:0.39.0-debian
@@ -49,7 +50,7 @@
node_selector_key: openvswitch
node_selector_value: enabled
ovn_controller_gw:
- node_selector_key: openstack-control-plane
+ node_selector_key: l3-agent
node_selector_value: enabled
volume:
@@ -121,14 +122,6 @@
controller:
readOnlyRootFilesystem: true
privileged: true
- ovn_controller_gw:
- container:
- controller_init:
- readOnlyRootFilesystem: true
- privileged: true
- controller:
- readOnlyRootFilesystem: true
- privileged: true
ovn_logging_parser:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
@@ -144,8 +137,6 @@
enabled: false
ovn_controller:
enabled: false
- ovn_controller_gw:
- enabled: false
affinity:
anti:
type:
@@ -221,10 +212,6 @@
enabled: true
min_ready_seconds: 0
max_unavailable: 1
- ovn_controller_gw:
- enabled: true
- min_ready_seconds: 0
- max_unavailable: 1
resources:
enabled: false
ovs:
@@ -256,28 +243,20 @@
limits:
memory: "1024Mi"
cpu: "2000m"
- ovn_controller_gw:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
- ovn_controller_gw:
- ovn_logging_parser:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "256Mi"
- cpu: "500m"
- vector:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "256Mi"
- cpu: "500m"
+ ovn_logging_parser:
+ requests:
+ memory: "128Mi"
+ cpu: "100m"
+ limits:
+ memory: "256Mi"
+ cpu: "500m"
+ vector:
+ requests:
+ memory: "128Mi"
+ cpu: "100m"
+ limits:
+ memory: "256Mi"
+ cpu: "500m"
jobs:
image_repo_sync:
requests:
@@ -385,9 +364,6 @@
ovn_controller:
ingress:
- {}
- ovn_controller_gw:
- ingress:
- - {}
egress:
- {}
@@ -413,10 +389,6 @@
services:
- endpoint: internal
service: ovn-ovsdb-sb
- ovn_controller_gw:
- services:
- - endpoint: internal
- service: ovn-ovsdb-sb
pod:
- requireSameNode: true
labels:
@@ -437,6 +409,5 @@
statefulset_ovn_ovsdb_sb: true
deployment_ovn_northd: true
daemonset_ovn_controller: true
- daemonset_ovn_controller_gw: true
job_image_repo_sync: true
...
diff --git a/charts/patches/ovn/0000-upstream-893739.patch b/charts/patches/ovn/0000-upstream-893739.patch
deleted file mode 100644
index 248da7e..0000000
--- a/charts/patches/ovn/0000-upstream-893739.patch
+++ /dev/null
@@ -1,398 +0,0 @@
-From d44a05f9adf485697ba0aa9189ec72495ac62e69 Mon Sep 17 00:00:00 2001
-From: root <okozachenko1203@gmail.com>
-Date: Wed, 06 Sep 2023 00:10:39 +1000
-Subject: [PATCH] Distinguish ovn controller and gateway
-
-Change-Id: If98d28b540c59c2632a6eda259c04c3cef128af3
----
-
-diff --git a/ovn/templates/bin/_ovn-controller-init.sh.tpl b/ovn/templates/bin/_ovn-controller-init.sh.tpl
-index 55cc2ec..e64413e 100644
---- a/ovn/templates/bin/_ovn-controller-init.sh.tpl
-+++ b/ovn/templates/bin/_ovn-controller-init.sh.tpl
-@@ -117,13 +117,7 @@
- ovs-vsctl set open . external-ids:ovn-encap-type="{{ .Values.conf.ovn_encap_type }}"
- ovs-vsctl set open . external-ids:ovn-bridge="{{ .Values.conf.ovn_bridge }}"
- ovs-vsctl set open . external-ids:ovn-bridge-mappings="{{ .Values.conf.ovn_bridge_mappings }}"
--
--GW_ENABLED=$(cat /tmp/gw-enabled/gw-enabled)
--if [[ ${GW_ENABLED} == enabled ]]; then
-- ovs-vsctl set open . external-ids:ovn-cms-options={{ .Values.conf.ovn_cms_options_gw_enabled }}
--else
-- ovs-vsctl set open . external-ids:ovn-cms-options={{ .Values.conf.ovn_cms_options }}
--fi
-+ovs-vsctl set open . external-ids:ovn-cms-options="${OVN_CMS_OPTIONS}"
-
- # Configure hostname
- {{- if .Values.pod.use_fqdn.compute }}
-diff --git a/ovn/templates/daemonset-controller-gw.yaml b/ovn/templates/daemonset-controller-gw.yaml
-new file mode 100644
-index 0000000..383451f
---- /dev/null
-+++ b/ovn/templates/daemonset-controller-gw.yaml
-@@ -0,0 +1,116 @@
-+{{/*
-+Licensed under the Apache License, Version 2.0 (the "License");
-+you may not use this file except in compliance with the License.
-+You may obtain a copy of the License at
-+
-+ http://www.apache.org/licenses/LICENSE-2.0
-+
-+Unless required by applicable law or agreed to in writing, software
-+distributed under the License is distributed on an "AS IS" BASIS,
-+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-+See the License for the specific language governing permissions and
-+limitations under the License.
-+*/}}
-+
-+{{- if .Values.manifests.daemonset_ovn_controller_gw }}
-+{{- $envAll := . }}
-+
-+{{- $configMapName := "ovn-etc" }}
-+{{- $serviceAccountName := "ovn-controller-gw" }}
-+{{ tuple $envAll "ovn_controller_gw" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
-+---
-+kind: DaemonSet
-+apiVersion: apps/v1
-+metadata:
-+ name: ovn-controller-gw
-+ annotations:
-+ {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
-+ configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
-+ labels:
-+{{ tuple $envAll "ovn" "ovn_controller_gw" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-+spec:
-+ selector:
-+ matchLabels:
-+{{ tuple $envAll "ovn" "ovn_controller_gw" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
-+ template:
-+ metadata:
-+ labels:
-+{{ tuple $envAll "ovn" "ovn_controller_gw" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-+ annotations:
-+{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
-+ configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
-+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
-+ spec:
-+ serviceAccountName: {{ $serviceAccountName }}
-+ hostNetwork: true
-+ dnsPolicy: {{ .Values.pod.dns_policy }}
-+ nodeSelector:
-+ {{ .Values.labels.ovn_controller_gw.node_selector_key }}: {{ .Values.labels.ovn_controller_gw.node_selector_value }}
-+ initContainers:
-+{{- tuple $envAll "ovn_controller_gw" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
-+ - name: controller-init
-+{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
-+{{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "controller_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
-+ command:
-+ - /tmp/ovn-controller-init.sh
-+ env:
-+ - name: OVN_CMS_OPTIONS
-+ value: {{ .Values.conf.ovn_cms_options_gw_enabled | quote }}
-+ volumeMounts:
-+ - name: ovn-bin
-+ mountPath: /tmp/ovn-controller-init.sh
-+ subPath: ovn-controller-init.sh
-+ readOnly: true
-+ - name: run-openvswitch
-+ mountPath: /run/openvswitch
-+ - name: ovn-etc
-+ mountPath: /tmp/auto_bridge_add
-+ subPath: auto_bridge_add
-+ readOnly: true
-+ containers:
-+ - name: controller
-+{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
-+{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-+{{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "controller" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
-+ command:
-+ - /tmp/ovn-controller.sh
-+ - start
-+ lifecycle:
-+ preStop:
-+ exec:
-+ command:
-+ - /tmp/ovn-controller.sh
-+ - stop
-+ volumeMounts:
-+ - name: ovn-bin
-+ mountPath: /tmp/ovn-controller.sh
-+ subPath: ovn-controller.sh
-+ readOnly: true
-+ - name: run-openvswitch
-+ mountPath: /run/openvswitch
-+ - name: logs
-+ mountPath: /var/log/ovn
-+ - name: run-ovn
-+ mountPath: /run/ovn
-+ volumes:
-+ - name: ovn-bin
-+ configMap:
-+ name: ovn-bin
-+ defaultMode: 0777
-+ - name: run-openvswitch
-+ hostPath:
-+ path: /run/openvswitch
-+ type: DirectoryOrCreate
-+ - name: ovn-etc
-+ secret:
-+ secretName: {{ $configMapName }}
-+ defaultMode: 0444
-+ - name: logs
-+ hostPath:
-+ path: /var/log/ovn
-+ type: DirectoryOrCreate
-+ - name: run-ovn
-+ hostPath:
-+ path: /run/ovn
-+ type: DirectoryOrCreate
-+{{- end }}
-diff --git a/ovn/templates/daemonset-controller.yaml b/ovn/templates/daemonset-controller.yaml
-index f27903f..ada19c9 100644
---- a/ovn/templates/daemonset-controller.yaml
-+++ b/ovn/templates/daemonset-controller.yaml
-@@ -12,38 +12,12 @@
- limitations under the License.
- */}}
-
--{{- if .Values.manifests.daemonset_controller }}
-+{{- if .Values.manifests.daemonset_ovn_controller }}
- {{- $envAll := . }}
-
- {{- $configMapName := "ovn-etc" }}
- {{- $serviceAccountName := "ovn-controller" }}
--{{- $serviceAccountNamespace := $envAll.Release.Namespace }}
- {{ tuple $envAll "ovn_controller" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
--
-----
--apiVersion: rbac.authorization.k8s.io/v1
--kind: ClusterRole
--metadata:
-- name: ovn-controller-list-nodes-role-{{ $serviceAccountNamespace }}
--rules:
--- apiGroups: [""]
-- resources: ["nodes"]
-- verbs: ["list", "get"]
--
-----
--apiVersion: rbac.authorization.k8s.io/v1
--kind: ClusterRoleBinding
--metadata:
-- name: ovn-controller-list-nodes-rolebinding-{{ $serviceAccountNamespace }}
--subjects:
--- kind: ServiceAccount
-- name: {{ $serviceAccountName }}
-- namespace: {{ $serviceAccountNamespace }}
--roleRef:
-- kind: ClusterRole
-- name: ovn-controller-list-nodes-role-{{ $serviceAccountNamespace }}
-- apiGroup: rbac.authorization.k8s.io
--
- ---
- kind: DaemonSet
- apiVersion: apps/v1
-@@ -53,15 +27,15 @@
- {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
- configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
- labels:
--{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-+{{ tuple $envAll "ovn" "ovn_controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
- spec:
- selector:
- matchLabels:
--{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
-+{{ tuple $envAll "ovn" "ovn_controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
- template:
- metadata:
- labels:
--{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-+{{ tuple $envAll "ovn" "ovn_controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- annotations:
- {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
- configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
-@@ -71,32 +45,19 @@
- hostNetwork: true
- hostPID: true
- hostIPC: true
-- dnsPolicy: ClusterFirstWithHostNet
-+ dnsPolicy: {{ .Values.pod.dns_policy }}
- nodeSelector:
- {{ .Values.labels.ovn_controller.node_selector_key }}: {{ .Values.labels.ovn_controller.node_selector_value }}
- initContainers:
- {{- tuple $envAll "ovn_controller" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
-- - name: get-gw-enabled
--{{ tuple $envAll "ovn_controller_kubectl" | include "helm-toolkit.snippets.image" | indent 10 }}
-- command:
-- - /bin/bash
-- - -c
-- - |
-- kubectl get node ${NODENAME} -o jsonpath='{.metadata.labels.l3-agent}' > /tmp/gw-enabled/gw-enabled
-- env:
-- - name: NODENAME
-- valueFrom:
-- fieldRef:
-- fieldPath: spec.nodeName
-- volumeMounts:
-- - name: gw-enabled
-- mountPath: /tmp/gw-enabled
-- readOnly: false
- - name: controller-init
- {{ dict "envAll" $envAll "application" "ovn_controller" "container" "controller_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
- {{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
- command:
- - /tmp/ovn-controller-init.sh
-+ env:
-+ - name: OVN_CMS_OPTIONS
-+ value: {{ .Values.conf.ovn_cms_options | quote }}
- volumeMounts:
- - name: ovn-bin
- mountPath: /tmp/ovn-controller-init.sh
-@@ -108,9 +69,6 @@
- mountPath: /tmp/auto_bridge_add
- subPath: auto_bridge_add
- readOnly: true
-- - name: gw-enabled
-- mountPath: /tmp/gw-enabled
-- readOnly: true
- containers:
- - name: controller
- {{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
-@@ -157,6 +115,4 @@
- hostPath:
- path: /run/ovn
- type: DirectoryOrCreate
-- - name: gw-enabled
-- emptyDir: {}
- {{- end }}
-diff --git a/ovn/templates/statefulset-ovsdb-nb.yaml b/ovn/templates/statefulset-ovsdb-nb.yaml
-index 95a33b1..0495816 100644
---- a/ovn/templates/statefulset-ovsdb-nb.yaml
-+++ b/ovn/templates/statefulset-ovsdb-nb.yaml
-@@ -58,7 +58,7 @@
- - name: OVS_DATABASE
- value: nb
- - name: OVS_PORT
-- value: "{{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}"
-+ value: {{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
- command:
- - /tmp/ovsdb-server.sh
- - start
-diff --git a/ovn/templates/statefulset-ovsdb-sb.yaml b/ovn/templates/statefulset-ovsdb-sb.yaml
-index d300d3f..9e7b667 100644
---- a/ovn/templates/statefulset-ovsdb-sb.yaml
-+++ b/ovn/templates/statefulset-ovsdb-sb.yaml
-@@ -58,7 +58,7 @@
- - name: OVS_DATABASE
- value: sb
- - name: OVS_PORT
-- value: "{{ tuple "ovn-ovsdb-sb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}"
-+ value: {{ tuple "ovn-ovsdb-sb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
- command:
- - /tmp/ovsdb-server.sh
- - start
-diff --git a/ovn/values.yaml b/ovn/values.yaml
-index 8c3dc5a..7d342ad 100644
---- a/ovn/values.yaml
-+++ b/ovn/values.yaml
-@@ -24,7 +24,6 @@
- ovn_ovsdb_sb: docker.io/openstackhelm/ovn:ubuntu_focal
- ovn_northd: docker.io/openstackhelm/ovn:ubuntu_focal
- ovn_controller: docker.io/openstackhelm/ovn:ubuntu_focal
-- ovn_controller_kubectl: docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy
- dep_check: quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal
- image_repo_sync: docker.io/library/docker:17.07.0
- pull_policy: "IfNotPresent"
-@@ -47,6 +46,9 @@
- ovn_controller:
- node_selector_key: openvswitch
- node_selector_value: enabled
-+ ovn_controller_gw:
-+ node_selector_key: openstack-control-plane
-+ node_selector_value: enabled
-
- volume:
- ovn_ovsdb_nb:
-@@ -99,6 +101,14 @@
- controller:
- readOnlyRootFilesystem: true
- privileged: true
-+ ovn_controller_gw:
-+ container:
-+ controller_init:
-+ readOnlyRootFilesystem: true
-+ privileged: true
-+ controller:
-+ readOnlyRootFilesystem: true
-+ privileged: true
- tolerations:
- ovn_ovsdb_nb:
- enabled: false
-@@ -108,6 +118,8 @@
- enabled: false
- ovn_controller:
- enabled: false
-+ ovn_controller_gw:
-+ enabled: false
- affinity:
- anti:
- type:
-@@ -155,6 +167,10 @@
- enabled: true
- min_ready_seconds: 0
- max_unavailable: 1
-+ ovn_controller_gw:
-+ enabled: true
-+ min_ready_seconds: 0
-+ max_unavailable: 1
- resources:
- enabled: false
- ovs:
-@@ -186,6 +202,13 @@
- limits:
- memory: "1024Mi"
- cpu: "2000m"
-+ ovn_controller_gw:
-+ requests:
-+ memory: "128Mi"
-+ cpu: "100m"
-+ limits:
-+ memory: "1024Mi"
-+ cpu: "2000m"
- jobs:
- image_repo_sync:
- requests:
-@@ -273,6 +296,9 @@
- ovn_controller:
- ingress:
- - {}
-+ ovn_controller_gw:
-+ ingress:
-+ - {}
- egress:
- - {}
-
-@@ -298,6 +324,10 @@
- services:
- - endpoint: internal
- service: ovn-ovsdb-sb
-+ ovn_controller_gw:
-+ services:
-+ - endpoint: internal
-+ service: ovn-ovsdb-sb
- pod:
- - requireSameNode: true
- labels:
-@@ -312,12 +342,12 @@
- configmap_bin: true
- configmap_etc: true
- deployment_northd: true
-- daemonset_controller: true
- service_ovn_ovsdb_nb: true
- service_ovn_ovsdb_sb: true
- statefulset_ovn_ovsdb_nb: true
- statefulset_ovn_ovsdb_sb: true
- deployment_ovn_northd: true
- daemonset_ovn_controller: true
-+ daemonset_ovn_controller_gw: true
- job_image_repo_sync: true
- ...
diff --git a/charts/patches/ovn/0001-switch-to-ovn-kubernetes.patch b/charts/patches/ovn/0001-switch-to-ovn-kubernetes.patch
index 149542c..35719dd 100644
--- a/charts/patches/ovn/0001-switch-to-ovn-kubernetes.patch
+++ b/charts/patches/ovn/0001-switch-to-ovn-kubernetes.patch
@@ -130,98 +130,6 @@
- ovn-controller.sh: |
-{{ tuple "bin/_ovn-controller.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}
-diff --git a/ovn/templates/daemonset-controller-gw.yaml b/ovn/templates/daemonset-controller-gw.yaml
-index 8255f6a4..a0da8b0b 100644
---- a/ovn/templates/daemonset-controller-gw.yaml
-+++ b/ovn/templates/daemonset-controller-gw.yaml
-@@ -12,6 +12,15 @@ See the License for the specific language governing permissions and
- limitations under the License.
- */}}
-
-+{{- define "controllerGatewayReadinessProbeTemplate" }}
-+exec:
-+ command:
-+ - /usr/bin/ovn-kube-util
-+ - readiness-probe
-+ - -t
-+ - ovn-controller
-+{{- end }}
-+
- {{- if .Values.manifests.daemonset_ovn_controller_gw }}
- {{- $envAll := . }}
-
-@@ -56,6 +65,10 @@ spec:
- env:
- - name: OVN_CMS_OPTIONS
- value: {{ .Values.conf.ovn_cms_options_gw_enabled | quote }}
-+ - name: NODE_NAME
-+ valueFrom:
-+ fieldRef:
-+ fieldPath: spec.nodeName
- volumeMounts:
- - name: ovn-bin
- mountPath: /tmp/ovn-controller-init.sh
-@@ -69,29 +82,35 @@ spec:
- readOnly: true
- containers:
- - name: controller
-+ command:
-+ - /root/ovnkube.sh
-+ - ovn-controller
- {{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
- {{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- {{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "controller" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
-- command:
-- - /tmp/ovn-controller.sh
-- - start
-- lifecycle:
-- preStop:
-- exec:
-- command:
-- - /tmp/ovn-controller.sh
-- - stop
-+{{ dict "envAll" . "component" "ovn_controller_gw" "container" "controller" "type" "readiness" "probeTemplate" (include "controllerGatewayReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
-+ env:
-+ - name: OVN_DAEMONSET_VERSION
-+ value: "3"
-+ - name: OVN_LOGLEVEL_CONTROLLER
-+ value: "-vconsole:info -vfile:info"
-+ - name: OVN_KUBERNETES_NAMESPACE
-+ valueFrom:
-+ fieldRef:
-+ fieldPath: metadata.namespace
-+ - name: OVN_KUBERNETES_NB_STATEFULSET
-+ value: ovn-ovsdb-nb
-+ - name: OVN_KUBERNETES_SB_STATEFULSET
-+ value: ovn-ovsdb-sb
-+ - name: OVN_SSL_ENABLE
-+ value: "no"
- volumeMounts:
-- - name: ovn-bin
-- mountPath: /tmp/ovn-controller.sh
-- subPath: ovn-controller.sh
-- readOnly: true
- - name: run-openvswitch
-- mountPath: /run/openvswitch
-+ mountPath: /var/run/ovn
-+ - name: run-openvswitch
-+ mountPath: /var/run/openvswitch
- - name: logs
- mountPath: /var/log/ovn
-- - name: run-ovn
-- mountPath: /run/ovn
- volumes:
- - name: ovn-bin
- configMap:
-@@ -109,8 +128,4 @@ spec:
- hostPath:
- path: /var/log/ovn
- type: DirectoryOrCreate
-- - name: run-ovn
-- hostPath:
-- path: /run/ovn
-- type: DirectoryOrCreate
- {{- end }}
diff --git a/ovn/templates/daemonset-controller.yaml b/ovn/templates/daemonset-controller.yaml
index 4cd5d9b2..fae94512 100644
--- a/ovn/templates/daemonset-controller.yaml
@@ -242,10 +150,11 @@
{{- if .Values.manifests.daemonset_ovn_controller }}
{{- $envAll := . }}
-@@ -59,6 +68,10 @@ spec:
- env:
- - name: OVN_CMS_OPTIONS
- value: {{ .Values.conf.ovn_cms_options | quote }}
+@@ -106,6 +106,11 @@ spec:
+ {{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
+ command:
+ - /tmp/ovn-controller-init.sh
++ env:
+ - name: NODE_NAME
+ valueFrom:
+ fieldRef:
@@ -253,7 +162,7 @@
volumeMounts:
- name: ovn-bin
mountPath: /tmp/ovn-controller-init.sh
-@@ -76,21 +89,29 @@ spec:
+@@ -117,17 +122,23 @@ spec:
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "ovn_controller" "container" "controller" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
command:
@@ -289,13 +198,15 @@
- subPath: ovn-controller.sh
- readOnly: true
- name: run-openvswitch
-- mountPath: /run/openvswitch
-+ mountPath: /var/run/ovn
-+ - name: run-openvswitch
-+ mountPath: /var/run/openvswitch
+@@ -154,7 +154,7 @@ spec:
+ mountPath: /run/openvswitch
- name: logs
mountPath: /var/log/ovn
- - name: run-ovn
+- - name: run-ovn
++ - name: run-openvswitch
+ mountPath: /run/ovn
+ {{- if .Values.pod.sidecars.vector }}
+ - name: vector
diff --git a/ovn/templates/deployment-northd.yaml b/ovn/templates/deployment-northd.yaml
index e3afdd05..ae31b357 100644
--- a/ovn/templates/deployment-northd.yaml
diff --git a/charts/patches/ovn/0002-add-logging-parser.patch b/charts/patches/ovn/0002-add-logging-parser.patch
index 8394063..69a74a0 100644
--- a/charts/patches/ovn/0002-add-logging-parser.patch
+++ b/charts/patches/ovn/0002-add-logging-parser.patch
@@ -69,19 +69,19 @@
{{- end }}
{{- end }}
-diff --git a/ovn/templates/daemonset-controller-gw.yaml b/ovn/templates/daemonset-controller-gw.yaml
-index eb309c5e..3ecd81dc 100644
---- a/ovn/templates/daemonset-controller-gw.yaml
-+++ b/ovn/templates/daemonset-controller-gw.yaml
-@@ -111,6 +111,52 @@ spec:
- mountPath: /var/run/openvswitch
- - name: logs
+diff --git a/ovn/templates/daemonset-controller.yaml b/ovn/templates/daemonset-controller.yaml
+index e421794f..843cbeaa 100644
+--- a/ovn/templates/daemonset-controller.yaml
++++ b/ovn/templates/daemonset-controller.yaml
+@@ -156,6 +156,52 @@ spec:
mountPath: /var/log/ovn
+ - name: run-ovn
+ mountPath: /run/ovn
+ {{- if .Values.pod.sidecars.vector }}
+ - name: vector
+{{ tuple $envAll "vector" | include "helm-toolkit.snippets.image" | indent 10 }}
-+{{ tuple $envAll $envAll.Values.pod.resources.ovn_controller_gw.vector | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-+{{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "vector" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
++{{ tuple $envAll $envAll.Values.pod.resources.vector | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
++{{ dict "envAll" $envAll "application" "ovn_controller" "container" "vector" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
+ command:
+ - vector
+ - --config
@@ -97,8 +97,8 @@
+ {{- if .Values.pod.sidecars.ovn_logging_parser }}
+ - name: log-parser
+{{ tuple $envAll "ovn_logging_parser" | include "helm-toolkit.snippets.image" | indent 10 }}
-+{{ tuple $envAll $envAll.Values.pod.resources.ovn_controller_gw.ovn_logging_parser | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-+{{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "ovn_logging_parser" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
++{{ tuple $envAll $envAll.Values.pod.resources.ovn_logging_parser | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
++{{ dict "envAll" $envAll "application" "ovn_controller" "container" "ovn_logging_parser" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
+ command:
+ - /tmp/ovn-network-logging-parser.sh
+ - start
@@ -126,10 +126,10 @@
volumes:
- name: ovn-bin
configMap:
-@@ -128,4 +174,17 @@ spec:
- hostPath:
- path: /var/log/ovn
+@@ -225,4 +225,17 @@
type: DirectoryOrCreate
+ - name: gw-enabled
+ emptyDir: {}
+ {{- if .Values.pod.sidecars.vector }}
+ - name: vector-config
+ secret:
@@ -256,25 +256,24 @@
tolerations:
ovn_ovsdb_nb:
enabled: false
-@@ -237,6 +263,21 @@ pod:
+@@ -237,6 +263,20 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
-+ ovn_controller_gw:
-+ ovn_logging_parser:
-+ requests:
-+ memory: "128Mi"
-+ cpu: "100m"
-+ limits:
-+ memory: "256Mi"
-+ cpu: "500m"
-+ vector:
-+ requests:
-+ memory: "128Mi"
-+ cpu: "100m"
-+ limits:
-+ memory: "256Mi"
-+ cpu: "500m"
++ ovn_logging_parser:
++ requests:
++ memory: "128Mi"
++ cpu: "100m"
++ limits:
++ memory: "256Mi"
++ cpu: "500m"
++ vector:
++ requests:
++ memory: "128Mi"
++ cpu: "100m"
++ limits:
++ memory: "256Mi"
++ cpu: "500m"
jobs:
image_repo_sync:
requests:
diff --git a/molecule/aio/group_vars/all/molecule.yml b/molecule/aio/group_vars/all/molecule.yml
index 898f142..7cb93a8 100644
--- a/molecule/aio/group_vars/all/molecule.yml
+++ b/molecule/aio/group_vars/all/molecule.yml
@@ -125,8 +125,6 @@
ovn_ovsdb_nb: 1
ovn_ovsdb_sb: 1
ovn_northd: 1
- manifests:
- daemonset_ovn_controller: false
coredns_helm_values:
replicaCount: 1
diff --git a/roles/defaults/vars/main.yml b/roles/defaults/vars/main.yml
index 2c48556..6fe507e 100644
--- a/roles/defaults/vars/main.yml
+++ b/roles/defaults/vars/main.yml
@@ -186,6 +186,7 @@
openvswitch_db_server: "registry.atmosphere.dev/library/openvswitch:{{ atmosphere_release }}"
openvswitch_vswitchd: "registry.atmosphere.dev/library/openvswitch:{{ atmosphere_release }}"
ovn_controller: "registry.atmosphere.dev/library/ovn-host:{{ atmosphere_release }}"
+ ovn_controller_kubectl: "registry.atmosphere.dev/library/ovn-host:{{ atmosphere_release }}"
ovn_logging_parser: "registry.atmosphere.dev/library/neutron:{{ atmosphere_release }}"
ovn_northd: "registry.atmosphere.dev/library/ovn-central:{{ atmosphere_release }}"
ovn_ovsdb_nb: "registry.atmosphere.dev/library/ovn-central:{{ atmosphere_release }}"
diff --git a/roles/ovn/vars/main.yml b/roles/ovn/vars/main.yml
index f03bd3b..994894f 100644
--- a/roles/ovn/vars/main.yml
+++ b/roles/ovn/vars/main.yml
@@ -25,8 +25,8 @@
ovn_northd:
node_selector_key: openstack-control-plane
node_selector_value: enabled
- ovn_controller:
- node_selector_key: openstack-compute-node
+ ovn_controller_gw:
+ node_selector_key: openstack-control-plane
node_selector_value: enabled
volume:
ovn_ovsdb_nb:
@@ -34,12 +34,6 @@
ovn_ovsdb_sb:
size: 20Gi
pod:
- labels:
- ovn_controller_gw:
- type: gw
- ovn_controller:
- type: hv
-
replicas:
ovn_ovsdb_nb: 3
ovn_ovsdb_sb: 3