Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / 952f54e5c07efd5b51469e594a091992b07ec6ee / . / charts / ovn / templates / daemonset-controller.yaml
blob: a0543381d2f0aa0e532752bc6562e9f353d1b831 [file] [log] [blame]
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "controllerReadinessProbeTemplate" }}
exec:
command:
- /usr/bin/ovn-kube-util
- readiness-probe
- -t
- ovn-controller
{{- end }}
{{- if .Values.manifests.daemonset_ovn_controller }}
{{- $envAll := . }}
{{- $configMapName := "ovn-etc" }}
{{- $serviceAccountName := "ovn-controller" }}
{{ tuple $envAll "ovn_controller" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: ovn-controller
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
labels:
{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
selector:
matchLabels:
{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
template:
metadata:
labels:
{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
serviceAccountName: {{ $serviceAccountName }}
hostNetwork: true
hostPID: true
hostIPC: true
dnsPolicy: {{ .Values.pod.dns_policy }}
nodeSelector:
{{ .Values.labels.ovn_controller.node_selector_key }}: {{ .Values.labels.ovn_controller.node_selector_value }}
initContainers:
{{- tuple $envAll "ovn_controller" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- name: get-gw-enabled
{{ tuple $envAll "ovn_controller_kubectl" | include "helm-toolkit.snippets.image" | indent 10 }}
command:
- /bin/bash
- -c
- |
kubectl get node ${NODENAME} -o jsonpath='{.metadata.labels.{{ .Values.labels.ovn_controller_gw.node_selector_key }}}' > /tmp/gw-enabled/gw-enabled
env:
- name: NODENAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
volumeMounts:
- name: gw-enabled
mountPath: /tmp/gw-enabled
readOnly: false
- name: controller-init
{{ dict "envAll" $envAll "application" "ovn_controller" "container" "controller_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
command:
- /tmp/ovn-controller-init.sh
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
volumeMounts:
- name: ovn-bin
mountPath: /tmp/ovn-controller-init.sh
subPath: ovn-controller-init.sh
readOnly: true
- name: run-openvswitch
mountPath: /run/openvswitch
- name: ovn-etc
mountPath: /tmp/auto_bridge_add
subPath: auto_bridge_add
readOnly: true
- name: gw-enabled
mountPath: /tmp/gw-enabled
readOnly: true
containers:
- name: controller
{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.ovn_controller | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "ovn_controller" "container" "controller" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
command:
- /root/ovnkube.sh
- ovn-controller
{{ dict "envAll" . "component" "ovn_controller" "container" "controller" "type" "readiness" "probeTemplate" (include "controllerReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
env:
- name: OVN_DAEMONSET_VERSION
value: "3"
- name: OVN_LOGLEVEL_CONTROLLER
value: "-vconsole:info -vfile:info"
- name: OVN_KUBERNETES_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: OVN_KUBERNETES_NB_STATEFULSET
value: ovn-ovsdb-nb
- name: OVN_KUBERNETES_SB_STATEFULSET
value: ovn-ovsdb-sb
- name: OVN_SSL_ENABLE
value: "no"
volumeMounts:
- name: run-openvswitch
mountPath: /run/openvswitch
- name: logs
mountPath: /var/log/ovn
- name: run-openvswitch
mountPath: /run/ovn
{{- if .Values.pod.sidecars.vector }}
- name: vector
{{ tuple $envAll "vector" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.vector | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "ovn_controller" "container" "vector" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
command:
- vector
- --config
- /etc/vector/vector.toml
volumeMounts:
- name: vector-config
mountPath: /etc/vector
- name: logs
mountPath: /logs
- name: vector-data
mountPath: /var/lib/vector
{{- end }}
{{- if .Values.pod.sidecars.ovn_logging_parser }}
- name: log-parser
{{ tuple $envAll "ovn_logging_parser" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.ovn_logging_parser | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "ovn_controller" "container" "ovn_logging_parser" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
command:
- /tmp/ovn-network-logging-parser.sh
- start
env:
- name: VECTOR_HTTP_ENDPOINT
value: http://localhost:5001
ports:
- name: http
containerPort: {{ tuple "ovn_logging_parser" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
protocol: TCP
volumeMounts:
- name: neutron-etc
mountPath: /etc/neutron/neutron.conf
subPath: neutron.conf
readOnly: true
- name: ovn-bin
mountPath: /tmp/ovn-network-logging-parser.sh
subPath: ovn-network-logging-parser.sh
readOnly: true
- name: ovn-etc
mountPath: /etc/neutron/neutron-ovn-network-logging-parser-uwsgi.ini
subPath: neutron-ovn-network-logging-parser-uwsgi.ini
readOnly: true
{{- end }}
volumes:
- name: ovn-bin
configMap:
name: ovn-bin
defaultMode: 0777
- name: run-openvswitch
hostPath:
path: /run/openvswitch
type: DirectoryOrCreate
- name: ovn-etc
secret:
secretName: {{ $configMapName }}
defaultMode: 0444
- name: logs
hostPath:
path: /var/log/ovn
type: DirectoryOrCreate
- name: run-ovn
hostPath:
path: /run/ovn
type: DirectoryOrCreate
- name: gw-enabled
emptyDir: {}
{{- if .Values.pod.sidecars.vector }}
- name: vector-config
secret:
secretName: ovn-vector-config
- name: vector-data
emptyDir: {}
{{- end }}
{{- if .Values.pod.sidecars.ovn_logging_parser }}
- name: neutron-etc
secret:
secretName: neutron-etc
defaultMode: 0444
{{- end }}
{{- end }}