openstack/openstack-helm-infra
Code Issues Proposed changes
openstack-helm-infra/ovn/templates/daemonset-controller.yaml
ricolin ffd183a164 Add OVN Kubernetes support 
This patch introduce OVN Kubernetes support.
With OVN Kubernetes (https://github.com/ovn-org/ovn-kubernetes)
OVN services control gets more native in Kubernetes way.

At this point we only use OVN Kubernetes utilities
to run and probe OVN components. We don't use OVN-Kubernetes
CNI and CRD features.

Depends-On: I2ec8ebb06a1ab7dca6651f5d1d6f34e417021447
Change-Id: I5821149c987070125f14d01c99343b72f234fc36
2025-01-16 02:05:59 -06:00

158 lines
6.1 KiB
YAML
Raw Blame History

{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "controllerReadinessProbeTemplate" }}
exec:
command:
- /usr/bin/ovn-kube-util
- readiness-probe
- -t
- ovn-controller
{{- end }}
{{- if .Values.manifests.daemonset_ovn_controller }}
{{- $envAll := . }}
{{- $configMapName := "ovn-etc" }}
{{- $serviceAccountName := "ovn-controller" }}
{{ tuple $envAll "ovn_controller" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: ovn-controller
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
labels:
{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
selector:
matchLabels:
{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
template:
metadata:
labels:
{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
serviceAccountName: {{ $serviceAccountName }}
hostNetwork: true
hostPID: true
hostIPC: true
dnsPolicy: {{ .Values.pod.dns_policy }}
nodeSelector:
{{ .Values.labels.ovn_controller.node_selector_key }}: {{ .Values.labels.ovn_controller.node_selector_value }}
initContainers:
{{- tuple $envAll "ovn_controller" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- name: get-gw-enabled
{{ tuple $envAll "ovn_controller_kubectl" | include "helm-toolkit.snippets.image" | indent 10 }}
command:
- /bin/bash
- -c
- |
kubectl get node ${NODENAME} -o jsonpath='{.metadata.labels.{{ .Values.labels.ovn_controller_gw.node_selector_key }}}' > /tmp/gw-enabled/gw-enabled
env:
- name: NODENAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
volumeMounts:
- name: gw-enabled
mountPath: /tmp/gw-enabled
readOnly: false
- name: controller-init
{{ dict "envAll" $envAll "application" "ovn_controller" "container" "controller_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
command:
- /tmp/ovn-controller-init.sh
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
volumeMounts:
- name: ovn-bin
mountPath: /tmp/ovn-controller-init.sh
subPath: ovn-controller-init.sh
readOnly: true
- name: run-openvswitch
mountPath: /run/openvswitch
- name: ovn-etc
mountPath: /tmp/auto_bridge_add
subPath: auto_bridge_add
readOnly: true
- name: gw-enabled
mountPath: /tmp/gw-enabled
readOnly: true
containers:
- name: controller
{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.ovn_controller | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "ovn_controller" "container" "controller" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
command:
- /root/ovnkube.sh
- ovn-controller
{{ dict "envAll" . "component" "ovn_controller" "container" "controller" "type" "readiness" "probeTemplate" (include "controllerReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
env:
- name: OVN_DAEMONSET_VERSION
value: "3"
- name: OVN_LOGLEVEL_CONTROLLER
value: "-vconsole:info -vfile:info"
- name: OVN_KUBERNETES_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: OVN_KUBERNETES_NB_STATEFULSET
value: ovn-ovsdb-nb
- name: OVN_KUBERNETES_SB_STATEFULSET
value: ovn-ovsdb-sb
- name: OVN_SSL_ENABLE
value: "no"
volumeMounts:
- name: run-openvswitch
mountPath: /run/openvswitch
- name: logs
mountPath: /var/log/ovn
- name: run-openvswitch
mountPath: /run/ovn
volumes:
- name: ovn-bin
configMap:
name: ovn-bin
defaultMode: 0777
- name: run-openvswitch
hostPath:
path: /run/openvswitch
type: DirectoryOrCreate
- name: ovn-etc
secret:
secretName: {{ $configMapName }}
defaultMode: 0444
- name: logs
hostPath:
path: /var/log/ovn
type: DirectoryOrCreate
- name: run-ovn
hostPath:
path: /run/ovn
type: DirectoryOrCreate
- name: gw-enabled
emptyDir: {}
{{- end }}
View Git Blame Copy Permalink