[ATMOSPHERE-493] chart: bump ovn chart version and add liveness check for northd (#2010)
because required the upstream patch rebased and also new versions include some fixes, i updated ovn chart version first and added liveness check in the patch for introducing kube-ovn
Reviewed-by: Mohammed Naser <mnaser@vexxhost.com>
Reviewed-by: Oleksandr K.
diff --git a/.charts.yml b/.charts.yml
index 852f7ac..65475cb 100644
--- a/.charts.yml
+++ b/.charts.yml
@@ -172,14 +172,13 @@
repository: *openstack_helm_infra_repository
dependencies: *openstack_helm_dependencies
- name: ovn
- version: 0.1.4
+ version: 0.1.13
repository: *openstack_helm_infra_repository
dependencies: *openstack_helm_dependencies
patches:
gerrit:
review.opendev.org:
- 893739
- - 914807
- name: placement
version: 0.3.9
repository: *openstack_helm_repository
diff --git a/charts/ovn/Chart.yaml b/charts/ovn/Chart.yaml
index 8ac48b4..00f498b 100644
--- a/charts/ovn/Chart.yaml
+++ b/charts/ovn/Chart.yaml
@@ -9,4 +9,4 @@
sources:
- https://github.com/ovn-org/ovn
- https://opendev.org/openstack/openstack-helm
-version: 0.1.4
+version: 0.1.13
diff --git a/charts/ovn/templates/bin/_ovn-controller-init.sh.tpl b/charts/ovn/templates/bin/_ovn-controller-init.sh.tpl
index 77e1e68..b196021 100644
--- a/charts/ovn/templates/bin/_ovn-controller-init.sh.tpl
+++ b/charts/ovn/templates/bin/_ovn-controller-init.sh.tpl
@@ -18,7 +18,7 @@
function get_ip_address_from_interface {
local interface=$1
- local ip=$(ip -4 -o addr s "${interface}" | awk '{ print $4; exit }' | awk -F '/' '{print $1}')
+ local ip=$(ip -4 -o addr s "${interface}" | awk '{ print $4; exit }' | awk -F '/' 'NR==1 {print $1}')
if [ -z "${ip}" ] ; then
exit 1
fi
@@ -27,7 +27,7 @@
function get_ip_prefix_from_interface {
local interface=$1
- local prefix=$(ip -4 -o addr s "${interface}" | awk '{ print $4; exit }' | awk -F '/' '{print $2}')
+ local prefix=$(ip -4 -o addr s "${interface}" | awk '{ print $4; exit }' | awk -F '/' 'NR==1 {print $2}')
if [ -z "${prefix}" ] ; then
exit 1
fi
@@ -70,7 +70,7 @@
elif [[ -z "${bridge_ip}" && -z "${ip}" ]]; then
echo "Interface and bridge have no ips configured. Leaving as is."
else
- echo "Interface ${name} has invalid IP address. IP:[${ip}]; Prefix:[${prefix}]..."
+ echo "Interface ${src_nic} has invalid IP address. IP:[${ip}]; Prefix:[${prefix}]..."
exit 1
fi
@@ -145,12 +145,13 @@
ovs-vsctl set open . external-ids:ovn-bridge="{{ .Values.conf.ovn_bridge }}"
ovs-vsctl set open . external-ids:ovn-bridge-mappings="{{ .Values.conf.ovn_bridge_mappings }}"
ovs-vsctl set open . external-ids:ovn-cms-options="${OVN_CMS_OPTIONS}"
+
{{ if .Values.conf.ovn_bridge_datapath_type -}}
ovs-vsctl set open . external-ids:ovn-bridge-datapath-type="{{ .Values.conf.ovn_bridge_datapath_type }}"
{{- end }}
# Configure hostname
-{{- if .Values.conf.use_fqdn.compute }}
+{{- if .Values.pod.use_fqdn.compute }}
ovs-vsctl set open . external-ids:hostname="$(hostname -f)"
{{- else }}
ovs-vsctl set open . external-ids:hostname="$(hostname)"
@@ -164,7 +165,7 @@
bridge=${bmap%:*}
iface=${bmap#*:}
ovs-vsctl --may-exist add-br $bridge -- set bridge $bridge protocols=OpenFlow13
- if [ -n "$iface" ] && [ "$iface" != "null" ]
+ if [ -n "$iface" ] && [ "$iface" != "null" ] && ( ip link show $iface 1>/dev/null 2>&1 );
then
ovs-vsctl --may-exist add-port $bridge $iface
migrate_ip_from_nic $iface $bridge
diff --git a/charts/ovn/templates/daemonset-controller-gw.yaml b/charts/ovn/templates/daemonset-controller-gw.yaml
index 3ecd81d..4acd11b 100644
--- a/charts/ovn/templates/daemonset-controller-gw.yaml
+++ b/charts/ovn/templates/daemonset-controller-gw.yaml
@@ -36,18 +36,15 @@
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
labels:
-{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
- type: gw
+{{ tuple $envAll "ovn" "ovn_controller_gw" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
selector:
matchLabels:
-{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
- type: gw
+{{ tuple $envAll "ovn" "ovn_controller_gw" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
template:
metadata:
labels:
-{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- type: gw
+{{ tuple $envAll "ovn" "ovn_controller_gw" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
@@ -67,7 +64,7 @@
- /tmp/ovn-controller-init.sh
env:
- name: OVN_CMS_OPTIONS
- value: {{ .Values.conf.gw_ovn_cms_options | quote }}
+ value: {{ .Values.conf.ovn_cms_options_gw_enabled | quote }}
- name: NODE_NAME
valueFrom:
fieldRef:
diff --git a/charts/ovn/templates/daemonset-controller.yaml b/charts/ovn/templates/daemonset-controller.yaml
index b6b0b04..d208b08 100644
--- a/charts/ovn/templates/daemonset-controller.yaml
+++ b/charts/ovn/templates/daemonset-controller.yaml
@@ -36,18 +36,15 @@
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
labels:
-{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
- type: hv
+{{ tuple $envAll "ovn" "ovn_controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
selector:
matchLabels:
-{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
- type: hv
+{{ tuple $envAll "ovn" "ovn_controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
template:
metadata:
labels:
-{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- type: hv
+{{ tuple $envAll "ovn" "ovn_controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
@@ -55,12 +52,15 @@
spec:
serviceAccountName: {{ $serviceAccountName }}
hostNetwork: true
+ hostPID: true
+ hostIPC: true
dnsPolicy: {{ .Values.pod.dns_policy }}
nodeSelector:
{{ .Values.labels.ovn_controller.node_selector_key }}: {{ .Values.labels.ovn_controller.node_selector_value }}
initContainers:
{{- tuple $envAll "ovn_controller" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- name: controller-init
+{{ dict "envAll" $envAll "application" "ovn_controller" "container" "controller_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ dict "envAll" $envAll "application" "ovn_controller" "container" "controller_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
command:
@@ -85,12 +85,12 @@
readOnly: true
containers:
- name: controller
- command:
- - /root/ovnkube.sh
- - ovn-controller
{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "ovn_controller" "container" "controller" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
+ command:
+ - /root/ovnkube.sh
+ - ovn-controller
{{ dict "envAll" . "component" "ovn_controller" "container" "controller" "type" "readiness" "probeTemplate" (include "controllerReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
env:
- name: OVN_DAEMONSET_VERSION
@@ -112,6 +112,10 @@
mountPath: /var/run/ovn
- name: run-openvswitch
mountPath: /var/run/openvswitch
+ - name: logs
+ mountPath: /var/log/ovn
+ - name: run-ovn
+ mountPath: /run/ovn
volumes:
- name: ovn-bin
configMap:
@@ -125,4 +129,12 @@
secret:
secretName: {{ $configMapName }}
defaultMode: 0444
+ - name: logs
+ hostPath:
+ path: /var/log/ovn
+ type: DirectoryOrCreate
+ - name: run-ovn
+ hostPath:
+ path: /run/ovn
+ type: DirectoryOrCreate
{{- end }}
diff --git a/charts/ovn/templates/deployment-northd.yaml b/charts/ovn/templates/deployment-northd.yaml
index ae31b35..f945bb2 100644
--- a/charts/ovn/templates/deployment-northd.yaml
+++ b/charts/ovn/templates/deployment-northd.yaml
@@ -62,6 +62,7 @@
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "ovn_northd" "container" "northd" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
{{ dict "envAll" . "component" "ovn_northd" "container" "northd" "type" "readiness" "probeTemplate" (include "northdReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
+{{ dict "envAll" . "component" "ovn_northd" "container" "northd" "type" "liveness" "probeTemplate" (include "northdReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
env:
- name: OVN_DAEMONSET_VERSION
value: "3"
diff --git a/charts/ovn/templates/statefulset-ovsdb-nb.yaml b/charts/ovn/templates/statefulset-ovsdb-nb.yaml
index 4866074..98e70ad 100644
--- a/charts/ovn/templates/statefulset-ovsdb-nb.yaml
+++ b/charts/ovn/templates/statefulset-ovsdb-nb.yaml
@@ -73,6 +73,7 @@
{{ tuple $envAll "ovn_ovsdb_nb" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" . "component" "ovn_ovsdb_nb" "container" "ovsdb" "type" "readiness" "probeTemplate" (include "ovnnbReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
+
ports:
- containerPort: {{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
- containerPort: {{ tuple "ovn-ovsdb-nb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
@@ -110,7 +111,9 @@
mountPath: /etc/ovn
volumes:
- name: run-openvswitch
- emptyDir: {}
+ hostPath:
+ path: /run/openvswitch
+ type: DirectoryOrCreate
{{- if not .Values.volume.ovn_ovsdb_nb.enabled }}
- name: data
emptyDir: {}
diff --git a/charts/ovn/templates/statefulset-ovsdb-sb.yaml b/charts/ovn/templates/statefulset-ovsdb-sb.yaml
index 92af96d..694348b 100644
--- a/charts/ovn/templates/statefulset-ovsdb-sb.yaml
+++ b/charts/ovn/templates/statefulset-ovsdb-sb.yaml
@@ -110,7 +110,9 @@
mountPath: /etc/ovn
volumes:
- name: run-openvswitch
- emptyDir: {}
+ hostPath:
+ path: /run/openvswitch
+ type: DirectoryOrCreate
{{- if not .Values.volume.ovn_ovsdb_sb.enabled }}
- name: data
emptyDir: {}
diff --git a/charts/ovn/values.yaml b/charts/ovn/values.yaml
index 5c35a2f..b70e886 100644
--- a/charts/ovn/values.yaml
+++ b/charts/ovn/values.yaml
@@ -20,11 +20,11 @@
images:
tags:
- ovn_ovsdb_nb: docker.io/openstackhelm/ovn:latest-ubuntu_focal
- ovn_ovsdb_sb: docker.io/openstackhelm/ovn:latest-ubuntu_focal
- ovn_northd: docker.io/openstackhelm/ovn:latest-ubuntu_focal
- ovn_controller: docker.io/openstackhelm/ovn:latest-ubuntu_focal
- dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
+ ovn_ovsdb_nb: docker.io/openstackhelm/ovn:ubuntu_focal
+ ovn_ovsdb_sb: docker.io/openstackhelm/ovn:ubuntu_focal
+ ovn_northd: docker.io/openstackhelm/ovn:ubuntu_focal
+ ovn_controller: docker.io/openstackhelm/ovn:ubuntu_focal
+ dep_check: quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal
image_repo_sync: docker.io/library/docker:17.07.0
vector: docker.io/timberio/vector:0.39.0-debian
ovn_logging_parser: docker.io/openstackhelm/neutron:2024.1-ubuntu_jammy
@@ -37,16 +37,16 @@
labels:
ovn_ovsdb_nb:
- node_selector_key: openstack-compute-node
+ node_selector_key: openstack-network-node
node_selector_value: enabled
ovn_ovsdb_sb:
- node_selector_key: openstack-compute-node
+ node_selector_key: openstack-network-node
node_selector_value: enabled
ovn_northd:
- node_selector_key: openstack-compute-node
+ node_selector_key: openstack-network-node
node_selector_value: enabled
ovn_controller:
- node_selector_key: openstack-compute-node
+ node_selector_key: openvswitch
node_selector_value: enabled
ovn_controller_gw:
node_selector_key: openstack-control-plane
@@ -72,7 +72,7 @@
conf:
ovn_cms_options: "availability-zones=nova"
- gw_ovn_cms_options: "enable-chassis-as-gw,availability-zones=nova"
+ ovn_cms_options_gw_enabled: "enable-chassis-as-gw,availability-zones=nova"
ovn_encap_type: geneve
ovn_bridge: br-int
ovn_bridge_mappings: external:br-ex
@@ -84,10 +84,6 @@
# br-public: eth1
auto_bridge_add: {}
- # NOTE: should be same as nova.conf.use_fqdn.compute
- use_fqdn:
- compute: true
-
ovn_network_logging_parser_uwsgi:
uwsgi:
add-header: "Connection: close"
@@ -107,6 +103,9 @@
wsgi-file: /var/lib/openstack/bin/neutron-ovn-network-logging-parser-wsgi
pod:
+ # NOTE: should be same as nova.pod.use_fqdn.compute
+ use_fqdn:
+ compute: true
security_context:
ovn_northd:
container:
@@ -117,21 +116,19 @@
ovn_controller:
container:
controller_init:
+ readOnlyRootFilesystem: true
privileged: true
- runAsUser: 0
controller:
- capabilities:
- add:
- - SYS_NICE
+ readOnlyRootFilesystem: true
+ privileged: true
ovn_controller_gw:
container:
controller_init:
+ readOnlyRootFilesystem: true
privileged: true
- runAsUser: 0
controller:
- capabilities:
- add:
- - SYS_NICE
+ readOnlyRootFilesystem: true
+ privileged: true
ovn_logging_parser:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
@@ -289,6 +286,7 @@
limits:
memory: "1024Mi"
cpu: "2000m"
+
sidecars:
ovn_logging_parser: false
vector: false
diff --git a/charts/patches/ovn/0001-switch-to-ovn-kubernetes.patch b/charts/patches/ovn/0001-switch-to-ovn-kubernetes.patch
index f8dc4c1..51a4bad 100644
--- a/charts/patches/ovn/0001-switch-to-ovn-kubernetes.patch
+++ b/charts/patches/ovn/0001-switch-to-ovn-kubernetes.patch
@@ -1,7 +1,7 @@
-diff --git b/ovn/templates/bin/_ovn-controller-init.sh.tpl a/charts/ovn/templates/bin/_ovn-controller-init.sh.tpl
-index 1e61577d..77e1e687 100644
---- b/ovn/templates/bin/_ovn-controller-init.sh.tpl
-+++ a/ovn/templates/bin/_ovn-controller-init.sh.tpl
+diff --git a/ovn/templates/bin/_ovn-controller-init.sh.tpl b/ovn/templates/bin/_ovn-controller-init.sh.tpl
+index 55cc2ecb..885204a0 100644
+--- a/ovn/templates/bin/_ovn-controller-init.sh.tpl
++++ b/ovn/templates/bin/_ovn-controller-init.sh.tpl
@@ -14,6 +14,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.
@@ -10,7 +10,7 @@
+
function get_ip_address_from_interface {
local interface=$1
- local ip=$(ip -4 -o addr s "${interface}" | awk '{ print $4; exit }' | awk -F '/' '{print $1}')
+ local ip=$(ip -4 -o addr s "${interface}" | awk '{ print $4; exit }' | awk -F '/' 'NR==1 {print $1}')
@@ -75,6 +77,19 @@ function migrate_ip_from_nic {
set -e
}
@@ -63,21 +63,22 @@
# Configure OVN remote
{{- if empty .Values.conf.ovn_remote -}}
-@@ -118,6 +145,9 @@ ovs-vsctl set open . external-ids:ovn-encap-type="{{ .Values.conf.ovn_encap_type
- ovs-vsctl set open . external-ids:ovn-bridge="{{ .Values.conf.ovn_bridge }}"
- ovs-vsctl set open . external-ids:ovn-bridge-mappings="{{ .Values.conf.ovn_bridge_mappings }}"
- ovs-vsctl set open . external-ids:ovn-cms-options="${OVN_CMS_OPTIONS}"
+@@ -125,6 +152,10 @@ else
+ ovs-vsctl set open . external-ids:ovn-cms-options={{ .Values.conf.ovn_cms_options }}
+ fi
+
+{{ if .Values.conf.ovn_bridge_datapath_type -}}
+ovs-vsctl set open . external-ids:ovn-bridge-datapath-type="{{ .Values.conf.ovn_bridge_datapath_type }}"
+{{- end }}
-
++
# Configure hostname
- {{- if .Values.conf.use_fqdn.compute }}
-diff --git b/ovn/templates/clusterrole-controller.yaml a/charts/ovn/templates/clusterrole-controller.yaml
+ {{- if .Values.pod.use_fqdn.compute }}
+ ovs-vsctl set open . external-ids:hostname="$(hostname -f)"
+diff --git a/ovn/templates/clusterrole-controller.yaml b/ovn/templates/clusterrole-controller.yaml
new file mode 100644
index 00000000..8291f65a
--- /dev/null
-+++ a/ovn/templates/clusterrole-controller.yaml
++++ b/ovn/templates/clusterrole-controller.yaml
@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
@@ -91,11 +92,11 @@
+ verbs:
+ - get
+ - patch
-diff --git b/ovn/templates/clusterrolebinding-controller.yaml a/charts/ovn/templates/clusterrolebinding-controller.yaml
+diff --git a/ovn/templates/clusterrolebinding-controller.yaml b/ovn/templates/clusterrolebinding-controller.yaml
new file mode 100644
index 00000000..c95ef5e9
--- /dev/null
-+++ a/ovn/templates/clusterrolebinding-controller.yaml
++++ b/ovn/templates/clusterrolebinding-controller.yaml
@@ -0,0 +1,15 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
@@ -112,10 +113,10 @@
+- kind: ServiceAccount
+ name: ovn-controller-gw
+ namespace: {{ .Release.Namespace }}
-diff --git b/ovn/templates/configmap-bin.yaml a/charts/ovn/templates/configmap-bin.yaml
+diff --git a/ovn/templates/configmap-bin.yaml b/ovn/templates/configmap-bin.yaml
index a849dd8a..82001f99 100644
---- b/ovn/templates/configmap-bin.yaml
-+++ a/ovn/templates/configmap-bin.yaml
+--- a/ovn/templates/configmap-bin.yaml
++++ b/ovn/templates/configmap-bin.yaml
@@ -24,12 +24,6 @@ data:
image-repo-sync.sh: |
{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }}
@@ -129,10 +130,10 @@
- ovn-controller.sh: |
-{{ tuple "bin/_ovn-controller.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}
-diff --git b/ovn/templates/daemonset-controller-gw.yaml a/charts/ovn/templates/daemonset-controller-gw.yaml
-index 6307bbab..eb309c5e 100644
---- b/ovn/templates/daemonset-controller-gw.yaml
-+++ a/ovn/templates/daemonset-controller-gw.yaml
+diff --git a/ovn/templates/daemonset-controller-gw.yaml b/ovn/templates/daemonset-controller-gw.yaml
+index 8255f6a4..a0da8b0b 100644
+--- a/ovn/templates/daemonset-controller-gw.yaml
++++ b/ovn/templates/daemonset-controller-gw.yaml
@@ -12,6 +12,15 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
@@ -149,10 +150,10 @@
{{- if .Values.manifests.daemonset_ovn_controller_gw }}
{{- $envAll := . }}
-@@ -59,6 +68,10 @@ spec:
+@@ -56,6 +65,10 @@ spec:
env:
- name: OVN_CMS_OPTIONS
- value: {{ .Values.conf.gw_ovn_cms_options | quote }}
+ value: {{ .Values.conf.ovn_cms_options_gw_enabled | quote }}
+ - name: NODE_NAME
+ valueFrom:
+ fieldRef:
@@ -160,7 +161,7 @@
volumeMounts:
- name: ovn-bin
mountPath: /tmp/ovn-controller-init.sh
-@@ -72,25 +85,33 @@ spec:
+@@ -69,25 +83,33 @@ spec:
readOnly: true
containers:
- name: controller
@@ -208,10 +209,10 @@
volumes:
- name: ovn-bin
configMap:
-diff --git b/ovn/templates/daemonset-controller.yaml a/charts/ovn/templates/daemonset-controller.yaml
-index 85daf70b..b6b0b048 100644
---- b/ovn/templates/daemonset-controller.yaml
-+++ a/ovn/templates/daemonset-controller.yaml
+diff --git a/ovn/templates/daemonset-controller.yaml b/ovn/templates/daemonset-controller.yaml
+index 4cd5d9b2..fae94512 100644
+--- a/ovn/templates/daemonset-controller.yaml
++++ b/ovn/templates/daemonset-controller.yaml
@@ -12,6 +12,15 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
@@ -239,17 +240,10 @@
volumeMounts:
- name: ovn-bin
mountPath: /tmp/ovn-controller-init.sh
-@@ -72,25 +85,33 @@ spec:
- readOnly: true
- containers:
- - name: controller
-+ command:
-+ - /root/ovnkube.sh
-+ - ovn-controller
- {{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
+@@ -76,21 +89,29 @@ spec:
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "ovn_controller" "container" "controller" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
-- command:
+ command:
- - /tmp/ovn-controller.sh
- - start
- lifecycle:
@@ -258,6 +252,8 @@
- command:
- - /tmp/ovn-controller.sh
- - stop
++ - /root/ovnkube.sh
++ - ovn-controller
+{{ dict "envAll" . "component" "ovn_controller" "container" "controller" "type" "readiness" "probeTemplate" (include "controllerReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
+ env:
+ - name: OVN_DAEMONSET_VERSION
@@ -284,13 +280,13 @@
+ mountPath: /var/run/ovn
+ - name: run-openvswitch
+ mountPath: /var/run/openvswitch
- volumes:
- - name: ovn-bin
- configMap:
-diff --git b/ovn/templates/deployment-northd.yaml a/charts/ovn/templates/deployment-northd.yaml
+ - name: logs
+ mountPath: /var/log/ovn
+ - name: run-ovn
+diff --git a/ovn/templates/deployment-northd.yaml b/ovn/templates/deployment-northd.yaml
index e3afdd05..ae31b357 100644
---- b/ovn/templates/deployment-northd.yaml
-+++ a/ovn/templates/deployment-northd.yaml
+--- a/ovn/templates/deployment-northd.yaml
++++ b/ovn/templates/deployment-northd.yaml
@@ -12,18 +12,13 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
@@ -315,7 +311,7 @@
{{- end }}
{{- if .Values.manifests.deployment_northd }}
-@@ -60,28 +55,26 @@ spec:
+@@ -60,28 +55,27 @@ spec:
{{- tuple $envAll "ovn_northd" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: northd
@@ -347,6 +343,7 @@
- name: ovn-bin
- defaultMode: 0555
+{{ dict "envAll" . "component" "ovn_northd" "container" "northd" "type" "readiness" "probeTemplate" (include "northdReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
++{{ dict "envAll" . "component" "ovn_northd" "container" "northd" "type" "liveness" "probeTemplate" (include "northdReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
+ env:
+ - name: OVN_DAEMONSET_VERSION
+ value: "3"
@@ -363,11 +360,11 @@
+ - name: OVN_SSL_ENABLE
+ value: "no"
{{- end }}
-diff --git b/ovn/templates/role-controller.yaml a/charts/ovn/templates/role-controller.yaml
+diff --git a/ovn/templates/role-controller.yaml b/ovn/templates/role-controller.yaml
new file mode 100644
index 00000000..de3cfa6d
--- /dev/null
-+++ a/ovn/templates/role-controller.yaml
++++ b/ovn/templates/role-controller.yaml
@@ -0,0 +1,11 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
@@ -380,11 +377,11 @@
+ - endpointslices
+ verbs:
+ - list
-diff --git b/ovn/templates/role-northd.yaml a/charts/ovn/templates/role-northd.yaml
+diff --git a/ovn/templates/role-northd.yaml b/ovn/templates/role-northd.yaml
new file mode 100644
index 00000000..ca02fae6
--- /dev/null
-+++ a/ovn/templates/role-northd.yaml
++++ b/ovn/templates/role-northd.yaml
@@ -0,0 +1,11 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
@@ -397,11 +394,11 @@
+ - endpointslices
+ verbs:
+ - list
-diff --git b/ovn/templates/role-ovsdb.yaml a/charts/ovn/templates/role-ovsdb.yaml
+diff --git a/ovn/templates/role-ovsdb.yaml b/ovn/templates/role-ovsdb.yaml
new file mode 100644
index 00000000..10e0e239
--- /dev/null
-+++ a/ovn/templates/role-ovsdb.yaml
++++ b/ovn/templates/role-ovsdb.yaml
@@ -0,0 +1,19 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
@@ -422,11 +419,11 @@
+ verbs:
+ - list
+ - get
-diff --git b/ovn/templates/rolebinding-controller.yaml a/charts/ovn/templates/rolebinding-controller.yaml
+diff --git a/ovn/templates/rolebinding-controller.yaml b/ovn/templates/rolebinding-controller.yaml
new file mode 100644
index 00000000..7973c7e2
--- /dev/null
-+++ a/ovn/templates/rolebinding-controller.yaml
++++ b/ovn/templates/rolebinding-controller.yaml
@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
@@ -441,11 +438,11 @@
+ name: ovn-controller
+- kind: ServiceAccount
+ name: ovn-controller-gw
-diff --git b/ovn/templates/rolebinding-northd.yaml a/charts/ovn/templates/rolebinding-northd.yaml
+diff --git a/ovn/templates/rolebinding-northd.yaml b/ovn/templates/rolebinding-northd.yaml
new file mode 100644
index 00000000..428a4707
--- /dev/null
-+++ a/ovn/templates/rolebinding-northd.yaml
++++ b/ovn/templates/rolebinding-northd.yaml
@@ -0,0 +1,11 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
@@ -458,11 +455,11 @@
+subjects:
+- kind: ServiceAccount
+ name: ovn-northd
-diff --git b/ovn/templates/rolebinding-ovsdb.yaml a/charts/ovn/templates/rolebinding-ovsdb.yaml
+diff --git a/ovn/templates/rolebinding-ovsdb.yaml b/ovn/templates/rolebinding-ovsdb.yaml
new file mode 100644
index 00000000..f32382bc
--- /dev/null
-+++ a/ovn/templates/rolebinding-ovsdb.yaml
++++ b/ovn/templates/rolebinding-ovsdb.yaml
@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
@@ -477,10 +474,10 @@
+ name: ovn-ovsdb-nb
+- kind: ServiceAccount
+ name: ovn-ovsdb-sb
-diff --git b/ovn/templates/service-ovsdb-nb.yaml a/charts/ovn/templates/service-ovsdb-nb.yaml
+diff --git a/ovn/templates/service-ovsdb-nb.yaml b/ovn/templates/service-ovsdb-nb.yaml
index b93da9b8..56f7cd09 100644
---- b/ovn/templates/service-ovsdb-nb.yaml
-+++ a/ovn/templates/service-ovsdb-nb.yaml
+--- a/ovn/templates/service-ovsdb-nb.yaml
++++ b/ovn/templates/service-ovsdb-nb.yaml
@@ -20,6 +20,7 @@ kind: Service
metadata:
name: {{ tuple "ovn-ovsdb-nb" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
@@ -489,10 +486,10 @@
ports:
- name: ovsdb
port: {{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
-diff --git b/ovn/templates/service-ovsdb-sb.yaml a/charts/ovn/templates/service-ovsdb-sb.yaml
+diff --git a/ovn/templates/service-ovsdb-sb.yaml b/ovn/templates/service-ovsdb-sb.yaml
index 70f62c6e..4a6b5864 100644
---- b/ovn/templates/service-ovsdb-sb.yaml
-+++ a/ovn/templates/service-ovsdb-sb.yaml
+--- a/ovn/templates/service-ovsdb-sb.yaml
++++ b/ovn/templates/service-ovsdb-sb.yaml
@@ -20,6 +20,7 @@ kind: Service
metadata:
name: {{ tuple "ovn-ovsdb-sb" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
@@ -501,10 +498,10 @@
ports:
- name: ovsdb
port: {{ tuple "ovn-ovsdb-sb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
-diff --git b/ovn/templates/statefulset-ovsdb-nb.yaml a/charts/ovn/templates/statefulset-ovsdb-nb.yaml
-index c8198279..4866074e 100644
---- b/ovn/templates/statefulset-ovsdb-nb.yaml
-+++ a/ovn/templates/statefulset-ovsdb-nb.yaml
+diff --git a/ovn/templates/statefulset-ovsdb-nb.yaml b/ovn/templates/statefulset-ovsdb-nb.yaml
+index 04958165..98e70ada 100644
+--- a/ovn/templates/statefulset-ovsdb-nb.yaml
++++ b/ovn/templates/statefulset-ovsdb-nb.yaml
@@ -12,6 +12,19 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
@@ -533,7 +530,7 @@
replicas: {{ .Values.pod.replicas.ovn_ovsdb_nb }}
selector:
matchLabels:
-@@ -49,41 +63,54 @@ spec:
+@@ -49,43 +63,57 @@ spec:
{{- tuple $envAll "ovn_ovsdb_nb" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: ovsdb
@@ -547,6 +544,7 @@
{{ tuple $envAll "ovn_ovsdb_nb" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+{{ dict "envAll" . "component" "ovn_ovsdb_nb" "container" "ovsdb" "type" "readiness" "probeTemplate" (include "ovnnbReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
++
ports:
- containerPort: {{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
- containerPort: {{ tuple "ovn-ovsdb-nb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
@@ -602,7 +600,9 @@
+ mountPath: /etc/ovn
volumes:
- name: run-openvswitch
- emptyDir: {}
+ hostPath:
+ path: /run/openvswitch
+ type: DirectoryOrCreate
- - name: ovn-bin
- configMap:
- name: ovn-bin
@@ -610,10 +610,10 @@
{{- if not .Values.volume.ovn_ovsdb_nb.enabled }}
- name: data
emptyDir: {}
-diff --git b/ovn/templates/statefulset-ovsdb-sb.yaml a/charts/ovn/templates/statefulset-ovsdb-sb.yaml
-index 916ef94d..92af96de 100644
---- b/ovn/templates/statefulset-ovsdb-sb.yaml
-+++ a/ovn/templates/statefulset-ovsdb-sb.yaml
+diff --git a/ovn/templates/statefulset-ovsdb-sb.yaml b/ovn/templates/statefulset-ovsdb-sb.yaml
+index 9e7b6670..694348b2 100644
+--- a/ovn/templates/statefulset-ovsdb-sb.yaml
++++ b/ovn/templates/statefulset-ovsdb-sb.yaml
@@ -12,6 +12,19 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
@@ -642,7 +642,7 @@
replicas: {{ .Values.pod.replicas.ovn_ovsdb_sb }}
selector:
matchLabels:
-@@ -49,41 +63,54 @@ spec:
+@@ -49,43 +63,56 @@ spec:
{{- tuple $envAll "ovn_ovsdb_sb" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: ovsdb
@@ -711,7 +711,9 @@
+ mountPath: /etc/ovn
volumes:
- name: run-openvswitch
- emptyDir: {}
+ hostPath:
+ path: /run/openvswitch
+ type: DirectoryOrCreate
- - name: ovn-bin
- configMap:
- name: ovn-bin
@@ -719,7 +721,7 @@
{{- if not .Values.volume.ovn_ovsdb_sb.enabled }}
- name: data
emptyDir: {}
-@@ -93,10 +120,10 @@ spec:
+@@ -95,10 +122,10 @@ spec:
name: data
spec:
accessModes: ["ReadWriteOnce"]
@@ -731,11 +733,11 @@
{{- end }}
{{- end }}
-diff --git b/ovn/values.yaml a/charts/ovn/values.yaml
-index 518dd71e..214dd16f 100644
---- b/ovn/values.yaml
-+++ a/ovn/values.yaml
-@@ -52,12 +52,10 @@ labels:
+diff --git a/ovn/values.yaml b/ovn/values.yaml
+index a18184ab..b07a0f5a 100644
+--- a/ovn/values.yaml
++++ b/ovn/values.yaml
+@@ -51,12 +51,10 @@ labels:
volume:
ovn_ovsdb_nb:
@@ -757,7 +759,7 @@
# auto_bridge_add:
# br-private: eth0
-@@ -138,13 +138,41 @@ pod:
+@@ -135,13 +135,41 @@ pod:
readiness:
enabled: true
params:
@@ -804,7 +806,7 @@
dns_policy: "ClusterFirstWithHostNet"
replicas:
ovn_ovsdb_nb: 1
-@@ -179,18 +207,18 @@ pod:
+@@ -176,18 +204,18 @@ pod:
ovs:
ovn_ovsdb_nb:
requests:
diff --git a/charts/patches/ovn/0002-add-logging-parser.patch b/charts/patches/ovn/0002-add-logging-parser.patch
index f964369..9133d00 100644
--- a/charts/patches/ovn/0002-add-logging-parser.patch
+++ b/charts/patches/ovn/0002-add-logging-parser.patch
@@ -211,21 +211,20 @@
+ tenant_id = "{{`{{ project_id }}`}}"
+{{- end }}
diff --git a/ovn/values.yaml b/ovn/values.yaml
-index 214dd16f..d0f2406b 100644
---- a/ovn/values.yaml
-+++ b/ovn/values.yaml
-@@ -26,6 +26,8 @@ images:
- ovn_controller: docker.io/openstackhelm/ovn:latest-ubuntu_focal
- dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
+index b07a0f5a..79fde2c2 100644
+--- a/ovn//values.yaml
++++ b/ovn//values.yaml
+@@ -26,5 +26,7 @@ images:
+ dep_check: quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal
image_repo_sync: docker.io/library/docker:17.07.0
+ vector: docker.io/timberio/vector:0.39.0-debian
+ ovn_logging_parser: docker.io/openstackhelm/neutron:2024.1-ubuntu_jammy
pull_policy: "IfNotPresent"
local_registry:
active: false
-@@ -86,6 +88,24 @@ conf:
- use_fqdn:
- compute: true
+@@ -82,6 +84,24 @@ conf:
+ # br-public: eth1
+ auto_bridge_add: {}
+ ovn_network_logging_parser_uwsgi:
+ uwsgi:
@@ -246,12 +245,12 @@
+ wsgi-file: /var/lib/openstack/bin/neutron-ovn-network-logging-parser-wsgi
+
pod:
- security_context:
- ovn_northd:
-@@ -112,6 +132,12 @@ pod:
- capabilities:
- add:
- - SYS_NICE
+ # NOTE: should be same as nova.pod.use_fqdn.compute
+ use_fqdn:
+@@ -109,6 +129,12 @@ pod:
+ controller:
+ readOnlyRootFilesystem: true
+ privileged: true
+ ovn_logging_parser:
+ allowPrivilegeEscalation: false
+ readOnlyRootFilesystem: true
@@ -261,7 +260,7 @@
tolerations:
ovn_ovsdb_nb:
enabled: false
-@@ -240,6 +266,21 @@ pod:
+@@ -237,6 +263,21 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
@@ -283,17 +282,19 @@
jobs:
image_repo_sync:
requests:
-@@ -248,6 +289,9 @@ pod:
+@@ -245,7 +286,11 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
+
+ sidecars:
+ ovn_logging_parser: false
+ vector: false
-
++
secrets:
oci_image_registry:
-@@ -311,6 +355,22 @@ endpoints:
+ ovn: ovn-oci-image-registry-key
+@@ -304,6 +349,22 @@ endpoints:
default: 6642
raft:
default: 6644
@@ -316,80 +317,3 @@
network_policy:
ovn_ovsdb_nb:
-diff --git a/images/neutron/Dockerfile b/images/neutron/Dockerfile
-index 7032319b..992091b6 100644
---- a/images/neutron/Dockerfile
-+++ b/images/neutron/Dockerfile
-@@ -13,12 +13,16 @@ RUN git -C /src/neutron-vpnaas fetch --unshallow
- ARG POLICY_SERVER_GIT_REF=4a86b140d5510823a8fb8a59137feddf5b111b26
- ADD --keep-git-dir=true https://github.com/vexxhost/neutron-policy-server.git#${POLICY_SERVER_GIT_REF} /src/neutron-policy-server
- RUN git -C /src/neutron-policy-server fetch --unshallow
-+ARG LOG_PASER_GIT_REF=3bc113d9fc0eb3264feca5900e550f6ed15503c2
-+ADD --keep-git-dir=true https://github.com/vexxhost/neutron-ovn-network-logging-parser.git#${LOG_PASER_GIT_REF} /src/neutron-ovn-network-logging-parser
-+RUN git -C /src/neutron-ovn-network-logging-parser fetch --unshallow
- RUN --mount=type=cache,mode=0755,target=/root/.cache/pip,sharing=private <<EOF bash -xe
- pip3 install \
- --constraint /upper-constraints.txt \
- /src/neutron \
- /src/neutron-vpnaas \
-- /src/neutron-policy-server
-+ /src/neutron-policy-server \
-+ /src/neutron-ovn-network-logging-parser
- EOF
-
- FROM registry.atmosphere.dev/library/openstack-python-runtime:${RELEASE}
-diff --git a/roles/defaults/vars/main.yml b/roles/defaults/vars/main.yml
-index ff60d44a..2904e8de 100644
---- a/roles/defaults/vars/main.yml
-+++ b/roles/defaults/vars/main.yml
-@@ -173,6 +173,7 @@ _atmosphere_images:
- openvswitch_db_server: "registry.atmosphere.dev/library/openvswitch:{{ atmosphere_release }}"
- openvswitch_vswitchd: "registry.atmosphere.dev/library/openvswitch:{{ atmosphere_release }}"
- ovn_controller: "registry.atmosphere.dev/library/ovn-host:{{ atmosphere_release }}"
-+ ovn_logging_parser: "registry.atmosphere.dev/library/neutron:{{ atmosphere_release }}"
- ovn_northd: "registry.atmosphere.dev/library/ovn-central:{{ atmosphere_release }}"
- ovn_ovsdb_nb: "registry.atmosphere.dev/library/ovn-central:{{ atmosphere_release }}"
- ovn_ovsdb_sb: "registry.atmosphere.dev/library/ovn-central:{{ atmosphere_release }}"
-diff --git a/roles/neutron/vars/main.yml b/roles/neutron/vars/main.yml
-index fc587502..5c814499 100644
---- a/roles/neutron/vars/main.yml
-+++ b/roles/neutron/vars/main.yml
-@@ -70,6 +70,8 @@ __neutron_helm_values:
- metadata_proxy_shared_secret: "{{ openstack_helm_endpoints['compute_metadata']['secret'] }}"
- plugins:
- ml2_conf:
-+ agent:
-+ extensions: "log"
- ml2:
- extension_drivers: dns_domain_ports,port_security,qos
- type_drivers: flat,gre,vlan,vxlan
-@@ -85,7 +87,7 @@ __neutron_ovn_helm_values:
- conf:
- neutron:
- DEFAULT:
-- service_plugins: qos,ovn-router,segments,trunk
-+ service_plugins: qos,ovn-router,segments,trunk,log
- ovn:
- ovn_emit_need_to_frag: true
- ovn_metadata_agent:
-diff --git a/roles/ovn/defaults/main.yml b/roles/ovn/defaults/main.yml
-index b9045986..a6ebdb96 100644
---- a/roles/ovn/defaults/main.yml
-+++ b/roles/ovn/defaults/main.yml
-@@ -18,3 +18,5 @@ ovn_helm_chart_ref: /usr/local/src/ovn
-
- ovn_helm_release_namespace: openstack
- ovn_helm_values: {}
-+
-+ovn_network_logging_parser_enabled: true
-diff --git a/roles/ovn/vars/main.yml b/roles/ovn/vars/main.yml
-index 59d9c209..603b4edf 100644
---- a/roles/ovn/vars/main.yml
-+++ b/roles/ovn/vars/main.yml
-@@ -35,3 +35,6 @@ _ovn_helm_values:
- ovn_ovsdb_nb: 3
- ovn_ovsdb_sb: 3
- ovn_northd: 3
-+ sidecars:
-+ ovn_logging_parser: "{{ ovn_network_logging_parser_enabled }}"
-+ vector: "{{ ovn_network_logging_parser_enabled }}"
diff --git a/charts/patches/ovn/0003-oci-image-registry-secret.patch b/charts/patches/ovn/0003-oci-image-registry-secret.patch
deleted file mode 100644
index 904f3ab..0000000
--- a/charts/patches/ovn/0003-oci-image-registry-secret.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-diff --git a/ovn/values.yaml b/ovn/values.yaml
-index 4171db47..2df5c38c 100644
---- a/ovn/values.yaml
-+++ b/ovn/values.yaml
-@@ -295,11 +295,7 @@ pod:
-
- secrets:
- oci_image_registry:
-- ovn_ovsdb_nb: ovn-ovsdb-nb-oci-image-registry-key
-- ovn_ovsdb_sb: ovn-ovsdb-sb-oci-image-registry-key
-- ovn_northd: ovn-northd-oci-image-registry-key
-- ovn_controller: ovn-controller-oci-image-registry-key
-- ovn_controller_gw: ovn-controller-gw-oci-image-registry-key
-+ ovn: ovn-oci-image-registry-key
diff --git a/roles/ovn/vars/main.yml b/roles/ovn/vars/main.yml
index 603b4ed..f03bd3b 100644
--- a/roles/ovn/vars/main.yml
+++ b/roles/ovn/vars/main.yml
@@ -25,12 +25,21 @@
ovn_northd:
node_selector_key: openstack-control-plane
node_selector_value: enabled
+ ovn_controller:
+ node_selector_key: openstack-compute-node
+ node_selector_value: enabled
volume:
ovn_ovsdb_nb:
size: 20Gi
ovn_ovsdb_sb:
size: 20Gi
pod:
+ labels:
+ ovn_controller_gw:
+ type: gw
+ ovn_controller:
+ type: hv
+
replicas:
ovn_ovsdb_nb: 3
ovn_ovsdb_sb: 3