4 # Setup for Kubernetes to support the ovn-kubernetes plugin
6 # Create the namespace for ovn-kubernetes.
8 # This provisioning is done as part of installation after the cluster is
9 # up and before the ovn daemonsets are created.
15 openshift.io/node-selector: "beta.kubernetes.io/os=linux"
21 # Setup for Kubernetes to support the ovn-kubernetes plugin
23 # Create the service account and policies.
24 # ovnkube interacts with kubernetes and the environment
25 # must be properly set up.
27 # This provisioning is done as part of installation after the cluster is
28 # up and before the ovn daemonsets are created.
34 namespace: ovn-kubernetes
37 apiVersion: rbac.authorization.k8s.io/v1
41 rbac.authorization.k8s.io/system-only: "true"
42 name: system:ovn-reader
74 apiVersion: rbac.authorization.k8s.io/v1
75 kind: ClusterRoleBinding
79 name: system:ovn-reader
81 apiGroup: rbac.authorization.k8s.io
83 - kind: ServiceAccount
85 namespace: ovn-kubernetes
88 apiVersion: rbac.authorization.k8s.io/v1
89 kind: ClusterRoleBinding
95 apiGroup: rbac.authorization.k8s.io
97 - kind: ServiceAccount
99 namespace: ovn-kubernetes
102 # service to expose the ovnkube-db pod
107 namespace: ovn-kubernetes
118 sessionAffinity: None
123 # The network cidr and service cidr are set in the ovn-config configmap
128 namespace: ovn-kubernetes
130 net_cidr: "{{ net_cidr | default('10.128.0.0/14/23') }}"
131 svc_cidr: "{{ svc_cidr | default('172.30.0.0/16') }}"
132 k8s_apiserver: "{{ k8s_apiserver.stdout }}"