1 # service to expose the ovnkube-db pod
6 namespace: ovn-kubernetes
23 # ovndb-raft PodDisruptBudget to prevent majority of ovnkube raft cluster
24 # nodes from disruption
25 apiVersion: policy/v1beta1
26 kind: PodDisruptionBudget
29 namespace: ovn-kubernetes
31 minAvailable: {{ ovn_db_minAvailable | default(2) }}
38 # ovnkube-db raft statefulset
40 # starts ovn NB/SB ovsdb daemons, each in a separate container
46 namespace: ovn-kubernetes
48 kubernetes.io/description: |
49 This statefulset launches the OVN Northbound/Southbound Database raft clusters.
51 serviceName: ovnkube-db
52 podManagementPolicy: "Parallel"
53 replicas: {{ ovn_db_replicas | default(3) }}
54 revisionHistoryLimit: 10
64 kubernetes.io/os: "linux"
66 scheduler.alpha.kubernetes.io/critical-pod: ''
68 terminationGracePeriodSeconds: 30
70 - name: registry-credentials
71 serviceAccountName: ovn
74 # required to be scheduled on node with k8s.ovn.org/ovnkube-db=true label but can
75 # only have one instance per node
78 requiredDuringSchedulingIgnoredDuringExecution:
81 - key: k8s.ovn.org/ovnkube-db
86 requiredDuringSchedulingIgnoredDuringExecution:
93 topologyKey: kubernetes.io/hostname
98 image: "{{ ovn_image | default('docker.io/ovnkube/ovn-daemonset:latest') }}"
99 imagePullPolicy: "{{ ovn_image_pull_policy | default('IfNotPresent') }}"
100 command: ["/root/ovnkube.sh", "nb-ovsdb-raft"]
104 command: ["/usr/bin/ovn-kube-util", "readiness-probe", "-t", "ovnnb-db-raft"]
105 initialDelaySeconds: 30
114 terminationMessagePolicy: FallbackToLogsOnError
116 # ovn db is stored in the pod in /etc/openvswitch
117 # (or in /etc/ovn if OVN from new repository is used)
118 # and on the host in /var/lib/openvswitch/
119 - mountPath: /etc/openvswitch/
120 name: host-var-lib-ovs
121 - mountPath: /etc/ovn/
122 name: host-var-lib-ovs
123 - mountPath: /var/log/openvswitch/
124 name: host-var-log-ovs
125 - mountPath: /var/log/ovn/
126 name: host-var-log-ovs
127 - mountPath: /var/run/openvswitch/
128 name: host-var-run-ovs
129 - mountPath: /var/run/ovn/
130 name: host-var-run-ovs
131 - mountPath: /ovn-cert
140 - name: OVN_DAEMONSET_VERSION
142 - name: OVN_LOGLEVEL_NB
143 value: "{{ ovn_loglevel_nb }}"
144 - name: K8S_APISERVER
149 - name: OVN_KUBERNETES_NAMESPACE
152 fieldPath: metadata.namespace
156 fieldPath: metadata.name
160 fieldPath: status.hostIP
161 - name: OVN_SSL_ENABLE
162 value: "{{ ovn_ssl_en }}"
167 image: "{{ ovn_image | default('docker.io/ovnkube/ovn-daemonset:latest') }}"
168 imagePullPolicy: "{{ ovn_image_pull_policy | default('IfNotPresent') }}"
169 command: ["/root/ovnkube.sh", "sb-ovsdb-raft"]
173 command: ["/usr/bin/ovn-kube-util", "readiness-probe", "-t", "ovnsb-db-raft"]
174 initialDelaySeconds: 30
183 terminationMessagePolicy: FallbackToLogsOnError
185 # ovn db is stored in the pod in /etc/openvswitch
186 # (or in /etc/ovn if OVN from new repository is used)
187 # and on the host in /var/lib/openvswitch/
188 - mountPath: /etc/openvswitch/
189 name: host-var-lib-ovs
190 - mountPath: /etc/ovn/
191 name: host-var-lib-ovs
192 - mountPath: /var/log/openvswitch/
193 name: host-var-log-ovs
194 - mountPath: /var/log/ovn/
195 name: host-var-log-ovs
196 - mountPath: /var/run/openvswitch/
197 name: host-var-run-ovs
198 - mountPath: /var/run/ovn/
199 name: host-var-run-ovs
200 - mountPath: /ovn-cert
209 - name: OVN_DAEMONSET_VERSION
211 - name: OVN_LOGLEVEL_SB
212 value: "{{ ovn_loglevel_sb }}"
213 - name: K8S_APISERVER
218 - name: OVN_KUBERNETES_NAMESPACE
221 fieldPath: metadata.namespace
225 fieldPath: metadata.name
229 fieldPath: status.hostIP
230 - name: OVN_SSL_ENABLE
231 value: "{{ ovn_ssl_en }}"
234 # db-metrics-exporter - v3
235 - name: db-metrics-exporter
236 image: "{{ ovn_image | default('docker.io/ovnkube/ovn-daemonset:latest') }}"
237 imagePullPolicy: "{{ ovn_image_pull_policy | default('IfNotPresent') }}"
238 command: ["/root/ovnkube.sh", "db-raft-metrics"]
245 terminationMessagePolicy: FallbackToLogsOnError
247 # ovn db is stored in the pod in /etc/openvswitch
248 # (or in /etc/ovn if OVN from new repository is used)
249 # and on the host in /var/lib/openvswitch/
250 - mountPath: /etc/openvswitch/
251 name: host-var-lib-ovs
252 - mountPath: /etc/ovn/
253 name: host-var-lib-ovs
254 - mountPath: /var/run/openvswitch/
255 name: host-var-run-ovs
256 - mountPath: /var/run/ovn/
257 name: host-var-run-ovs
258 - mountPath: /ovn-cert
267 - name: OVN_DAEMONSET_VERSION
269 - name: K8S_APISERVER
274 - name: OVN_KUBERNETES_NAMESPACE
277 fieldPath: metadata.namespace
278 - name: OVN_SSL_ENABLE
279 value: "{{ ovn_ssl_en }}"
283 - name: host-var-log-ovs
285 path: /var/log/openvswitch
286 - name: host-var-lib-ovs
288 path: /var/lib/openvswitch
289 - name: host-var-run-ovs
291 path: /var/run/openvswitch
292 - name: host-ovn-cert
295 type: DirectoryOrCreate