1 # yamllint disable rule:hyphens rule:commas rule:indentation
5 # starts node daemons for ovs and ovn, each in a separate container
6 # it is run on all nodes
11 # namespace set up by install
12 namespace: ovn-kubernetes
14 kubernetes.io/description: |
15 This daemonset launches the ovn-kubernetes networking components.
28 openshift.io/component: network
29 beta.kubernetes.io/os: "linux"
31 scheduler.alpha.kubernetes.io/critical-pod: ''
33 # Requires fairly broad permissions - ability to read all services and network functions as well
35 serviceAccountName: ovn
40 # ovsdb-server and ovs-switchd daemons
42 image: "iecedge/ovn-daemonset:latest"
43 imagePullPolicy: "IfNotPresent"
45 command: ["/root/ovnkube.sh", "ovs-server"]
50 - /usr/share/openvswitch/scripts/ovs-ctl
52 initialDelaySeconds: 15
57 # Permission could be reduced by selecting an appropriate SELinux policy
61 - mountPath: /lib/modules
64 - mountPath: /run/openvswitch
66 - mountPath: /var/run/openvswitch
67 name: host-var-run-ovs
71 - mountPath: /etc/openvswitch
72 name: host-config-openvswitch
81 - name: OVN_DAEMONSET_VERSION
91 command: ["/root/ovnkube.sh", "cleanup-ovs-server"]
93 - name: ovn-controller
94 image: "iecedge/ovn-daemonset:latest"
95 imagePullPolicy: "IfNotPresent"
97 command: ["/root/ovnkube.sh", "ovn-controller"]
105 - mountPath: /var/run/dbus/
106 name: host-var-run-dbus
108 - mountPath: /var/log/openvswitch/
109 name: host-var-log-ovs
110 - mountPath: /var/run/openvswitch/
111 name: host-var-run-ovs
118 - name: OVN_DAEMONSET_VERSION
120 - name: OVNKUBE_LOGLEVEL
132 - name: K8S_APISERVER
140 fieldPath: spec.nodeName
141 - name: OVN_KUBERNETES_NAMESPACE
144 fieldPath: metadata.namespace
149 # TODO: Temporarily disabled until we determine how to wait for clean default
152 # initialDelaySeconds: 10
160 image: "iecedge/ovn-daemonset:latest"
161 imagePullPolicy: "IfNotPresent"
163 command: ["/root/ovnkube.sh", "ovn-node"]
168 add: ["NET_ADMIN", "SYS_ADMIN", "SYS_PTRACE"]
171 - mountPath: /var/run/dbus/
172 name: host-var-run-dbus
174 - mountPath: /var/log/ovn-kubernetes/
175 name: host-var-log-ovnkube
176 - mountPath: /var/run/openvswitch/
177 name: host-var-run-ovs
178 # We mount our socket here
179 - mountPath: /var/run/ovn-kubernetes
180 name: host-var-run-ovn-kubernetes
181 # CNI related mounts which we take over
182 - mountPath: /opt/cni/bin
183 name: host-opt-cni-bin
184 - mountPath: /etc/cni/net.d
185 name: host-etc-cni-netd
192 - name: OVN_DAEMONSET_VERSION
194 - name: OVNKUBE_LOGLEVEL
206 - name: K8S_APISERVER
214 fieldPath: spec.nodeName
215 - name: OVN_GATEWAY_MODE
217 - name: OVN_GATEWAY_OPTS
223 # TODO: Temporarily disabled until we determine how to wait for clean default
226 # initialDelaySeconds: 10
234 command: ["/root/ovnkube.sh", "cleanup-ovn-node"]
237 beta.kubernetes.io/os: "linux"
243 - name: host-var-run-dbus
246 - name: host-var-log-ovs
248 path: /var/log/openvswitch
249 - name: host-var-log-ovnkube
251 path: /var/log/ovn-kubernetes
254 path: /run/openvswitch
255 - name: host-var-run-ovs
257 path: /var/run/openvswitch
258 - name: host-var-run-ovn-kubernetes
260 path: /var/run/ovn-kubernetes
264 - name: host-opt-cni-bin
267 - name: host-etc-cni-netd
270 - name: host-config-openvswitch
272 path: /etc/origin/openvswitch