4 # starts node daemons for ovs and ovn, each in a separate container
5 # it is run on all nodes
10 # namespace set up by install
11 namespace: ovn-kubernetes
13 kubernetes.io/description: |
14 This daemonset launches the ovn-kubernetes networking components.
27 openshift.io/component: network
28 beta.kubernetes.io/os: "linux"
30 scheduler.alpha.kubernetes.io/critical-pod: ''
32 # Requires fairly broad permissions - ability to read all services and network functions as well
34 serviceAccountName: ovn
39 # ovsdb-server and ovs-switchd daemons
41 image: "{{ ovn_image | default('docker.io/ovnkube/ovn-daemonset:latest') }}"
42 imagePullPolicy: "{{ ovn_image_pull_policy | default('IfNotPresent') }}"
44 command: ["/root/ovnkube.sh", "ovs-server"]
49 - /usr/share/openvswitch/scripts/ovs-ctl
51 initialDelaySeconds: 15
56 # Permission could be reduced by selecting an appropriate SELinux policy
60 - mountPath: /lib/modules
63 - mountPath: /run/openvswitch
65 - mountPath: /var/run/openvswitch
66 name: host-var-run-ovs
70 - mountPath: /etc/openvswitch
71 name: host-config-openvswitch
80 - name: OVN_DAEMONSET_VERSION
90 command: ["/root/ovnkube.sh", "cleanup-ovs-server"]
92 - name: ovn-controller
93 image: "{{ ovn_image | default('docker.io/ovnkube/ovn-daemonset:latest') }}"
94 imagePullPolicy: "{{ ovn_image_pull_policy | default('IfNotPresent') }}"
96 command: ["/root/ovnkube.sh", "ovn-controller"]
104 - mountPath: /var/run/dbus/
105 name: host-var-run-dbus
107 - mountPath: /var/log/openvswitch/
108 name: host-var-log-ovs
109 - mountPath: /var/run/openvswitch/
110 name: host-var-run-ovs
117 - name: OVN_DAEMONSET_VERSION
119 - name: OVNKUBE_LOGLEVEL
131 - name: K8S_APISERVER
139 fieldPath: spec.nodeName
140 - name: OVN_KUBERNETES_NAMESPACE
143 fieldPath: metadata.namespace
148 # TODO: Temporarily disabled until we determine how to wait for clean default
151 # initialDelaySeconds: 10
159 image: "{{ ovn_image | default('docker.io/ovnkube/ovn-daemonset:latest') }}"
160 imagePullPolicy: "{{ ovn_image_pull_policy | default('IfNotPresent') }}"
162 command: ["/root/ovnkube.sh", "ovn-node"]
167 add: ["NET_ADMIN", "SYS_ADMIN", "SYS_PTRACE"]
170 - mountPath: /var/run/dbus/
171 name: host-var-run-dbus
173 - mountPath: /var/log/ovn-kubernetes/
174 name: host-var-log-ovnkube
175 - mountPath: /var/run/openvswitch/
176 name: host-var-run-ovs
177 # We mount our socket here
178 - mountPath: /var/run/ovn-kubernetes
179 name: host-var-run-ovn-kubernetes
180 # CNI related mounts which we take over
181 - mountPath: /opt/cni/bin
182 name: host-opt-cni-bin
183 - mountPath: /etc/cni/net.d
184 name: host-etc-cni-netd
191 - name: OVN_DAEMONSET_VERSION
193 - name: OVNKUBE_LOGLEVEL
205 - name: K8S_APISERVER
213 fieldPath: spec.nodeName
214 - name: OVN_GATEWAY_MODE
215 value: "{{ ovn_gateway_mode }}"
216 - name: OVN_GATEWAY_OPTS
217 value: "{{ ovn_gateway_opts }}"
222 # TODO: Temporarily disabled until we determine how to wait for clean default
225 # initialDelaySeconds: 10
233 command: ["/root/ovnkube.sh", "cleanup-ovn-node"]
236 beta.kubernetes.io/os: "linux"
242 - name: host-var-run-dbus
245 - name: host-var-log-ovs
247 path: /var/log/openvswitch
248 - name: host-var-log-ovnkube
250 path: /var/log/ovn-kubernetes
253 path: /run/openvswitch
254 - name: host-var-run-ovs
256 path: /var/run/openvswitch
257 - name: host-var-run-ovn-kubernetes
259 path: /var/run/ovn-kubernetes
263 - name: host-opt-cni-bin
266 - name: host-etc-cni-netd
269 - name: host-config-openvswitch
271 path: /etc/origin/openvswitch