1 # yamllint disable rule:hyphens rule:commas rule:indentation
2 # service to expose the ovnkube-db pod
7 namespace: ovn-kubernetes
26 # starts ovn NB/SB ovsdb daemons, each in a separate container
27 # it is running on master for now, but does not need to be the case
32 # namespace set up by install
33 namespace: ovn-kubernetes
35 kubernetes.io/description: |
36 This daemonset launches the OVN NB/SB ovsdb service components.
38 progressDeadlineSeconds: 600
40 revisionHistoryLimit: 10
55 kubernetes.io/os: "linux"
57 scheduler.alpha.kubernetes.io/critical-pod: ''
59 # Requires fairly broad permissions - ability to read all services and network functions as well
61 serviceAccountName: ovn
64 # firewall rules for ovn - assumed to be setup
65 # iptables -A OS_FIREWALL_ALLOW -p tcp -m state --state NEW -m tcp --dport 6641 -j ACCEPT
66 # iptables -A OS_FIREWALL_ALLOW -p tcp -m state --state NEW -m tcp --dport 6642 -j ACCEPT
70 image: "iecedge/ovn-daemonset-ubuntu:2020-04-16"
71 imagePullPolicy: "IfNotPresent"
73 command: ["/root/ovnkube.sh", "nb-ovsdb"]
80 terminationMessagePolicy: FallbackToLogsOnError
82 # ovn db is stored in the pod in /etc/openvswitch
83 # (or in /etc/ovn if OVN from new repository is used)
84 # and on the host in /var/lib/openvswitch/
85 - mountPath: /etc/openvswitch/
86 name: host-var-lib-ovs
87 - mountPath: /etc/ovn/
88 name: host-var-lib-ovs
89 - mountPath: /var/log/openvswitch/
90 name: host-var-log-ovs
91 - mountPath: /var/log/ovn/
92 name: host-var-log-ovs
93 # for the iptables wrapper
97 - mountPath: /ovn-cert
106 - name: OVN_DAEMONSET_VERSION
108 - name: OVN_LOGLEVEL_NB
109 value: "-vconsole:info -vfile:info"
110 - name: K8S_APISERVER
115 - name: OVN_KUBERNETES_NAMESPACE
118 fieldPath: metadata.namespace
122 fieldPath: status.hostIP
123 - name: OVN_SSL_ENABLE
127 command: ["/usr/bin/ovn-kube-util", "readiness-probe", "-t", "ovnnb-db"]
128 initialDelaySeconds: 30
135 image: "iecedge/ovn-daemonset-ubuntu:2020-04-16"
136 imagePullPolicy: "IfNotPresent"
138 command: ["/root/ovnkube.sh", "sb-ovsdb"]
145 terminationMessagePolicy: FallbackToLogsOnError
147 # ovn db is stored in the pod in /etc/openvswitch
148 # (or in /etc/ovn if OVN from new repository is used)
149 # and on the host in /var/lib/openvswitch/
150 - mountPath: /etc/openvswitch/
151 name: host-var-lib-ovs
152 - mountPath: /etc/ovn/
153 name: host-var-lib-ovs
154 - mountPath: /var/log/openvswitch/
155 name: host-var-log-ovs
156 - mountPath: /var/log/ovn/
157 name: host-var-log-ovs
158 # for the iptables wrapper
162 - mountPath: /ovn-cert
171 - name: OVN_DAEMONSET_VERSION
173 - name: OVN_LOGLEVEL_SB
174 value: "-vconsole:info -vfile:info"
175 - name: K8S_APISERVER
180 - name: OVN_KUBERNETES_NAMESPACE
183 fieldPath: metadata.namespace
187 fieldPath: status.hostIP
188 - name: OVN_SSL_ENABLE
192 command: ["/usr/bin/ovn-kube-util", "readiness-probe", "-t", "ovnsb-db"]
193 initialDelaySeconds: 30
200 node-role.kubernetes.io/master: ""
201 kubernetes.io/os: "linux"
203 - name: host-var-lib-ovs
205 path: /var/lib/openvswitch
206 - name: host-var-log-ovs
208 path: /var/log/openvswitch
212 - name: host-ovn-cert
215 type: DirectoryOrCreate