X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=src%2Ffoundation%2Fscripts%2Fcni%2Fovn-kubernetes%2Ftemplates%2Fovnkube-db.yaml.j2;fp=src%2Ffoundation%2Fscripts%2Fcni%2Fovn-kubernetes%2Ftemplates%2Fovnkube-db.yaml.j2;h=a81076702d240b06e2255465fd38f17f9a0f1c1b;hb=fa1c3405246cfa807b6c2e917d90ab8a44222bdb;hp=10523bed0bf2a32df89f46015c20441136f40fde;hpb=bba2e4db70d9f5b39845e991020db05de4d03b62;p=iec.git diff --git a/src/foundation/scripts/cni/ovn-kubernetes/templates/ovnkube-db.yaml.j2 b/src/foundation/scripts/cni/ovn-kubernetes/templates/ovnkube-db.yaml.j2 index 10523be..a810767 100644 --- a/src/foundation/scripts/cni/ovn-kubernetes/templates/ovnkube-db.yaml.j2 +++ b/src/foundation/scripts/cni/ovn-kubernetes/templates/ovnkube-db.yaml.j2 @@ -1,7 +1,29 @@ +# service to expose the ovnkube-db pod +apiVersion: v1 +kind: Service +metadata: + name: ovnkube-db + namespace: ovn-kubernetes +spec: + ports: + - name: north + port: 6641 + protocol: TCP + targetPort: 6641 + - name: south + port: 6642 + protocol: TCP + targetPort: 6642 + sessionAffinity: None + clusterIP: None + type: ClusterIP + +--- + # ovnkube-db # daemonset version 3 # starts ovn NB/SB ovsdb daemons, each in a separate container -# it is running on master node for now, but does not need to be the case +# it is running on master for now, but does not need to be the case kind: Deployment apiVersion: apps/v1 metadata: @@ -29,8 +51,7 @@ spec: name: ovnkube-db component: network type: infra - openshift.io/component: network - beta.kubernetes.io/os: "linux" + kubernetes.io/os: "linux" annotations: scheduler.alpha.kubernetes.io/critical-pod: '' spec: @@ -55,13 +76,26 @@ spec: capabilities: add: ["NET_ADMIN"] + terminationMessagePolicy: FallbackToLogsOnError volumeMounts: # ovn db is stored in the pod in /etc/openvswitch + # (or in /etc/ovn if OVN from new repository is used) # and on the host in /var/lib/openvswitch/ - mountPath: /etc/openvswitch/ name: host-var-lib-ovs + - mountPath: /etc/ovn/ + name: host-var-lib-ovs - mountPath: /var/log/openvswitch/ name: host-var-log-ovs + - mountPath: /var/log/ovn/ + name: host-var-log-ovs + # for the iptables wrapper + - mountPath: /host + name: host-slash + readOnly: true + - mountPath: /ovn-cert + name: host-ovn-cert + readOnly: true resources: requests: @@ -70,8 +104,8 @@ spec: env: - name: OVN_DAEMONSET_VERSION value: "3" - - name: OVN_LOG_NB - value: "-vconsole:info -vfile:info" + - name: OVN_LOGLEVEL_NB + value: "{{ ovn_loglevel_nb }}" - name: K8S_APISERVER valueFrom: configMapKeyRef: @@ -81,18 +115,18 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - ports: - - name: healthz - containerPort: 10256 - # TODO: Temporarily disabled until we determine how to wait for clean default - # config - # livenessProbe: - # initialDelaySeconds: 10 - # httpGet: - # path: /healthz - # port: 10256 - # scheme: HTTP - lifecycle: + - name: K8S_NODE_IP + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OVN_SSL_ENABLE + value: "{{ ovn_ssl_en }}" + readinessProbe: + exec: + command: ["/usr/bin/ovn-kube-util", "readiness-probe", "-t", "ovnnb-db"] + initialDelaySeconds: 30 + timeoutSeconds: 30 + periodSeconds: 60 # end of container # sb-ovsdb - v3 @@ -107,13 +141,26 @@ spec: capabilities: add: ["NET_ADMIN"] + terminationMessagePolicy: FallbackToLogsOnError volumeMounts: # ovn db is stored in the pod in /etc/openvswitch + # (or in /etc/ovn if OVN from new repository is used) # and on the host in /var/lib/openvswitch/ - mountPath: /etc/openvswitch/ name: host-var-lib-ovs + - mountPath: /etc/ovn/ + name: host-var-lib-ovs - mountPath: /var/log/openvswitch/ name: host-var-log-ovs + - mountPath: /var/log/ovn/ + name: host-var-log-ovs + # for the iptables wrapper + - mountPath: /host + name: host-slash + readOnly: true + - mountPath: /ovn-cert + name: host-ovn-cert + readOnly: true resources: requests: @@ -122,8 +169,8 @@ spec: env: - name: OVN_DAEMONSET_VERSION value: "3" - - name: OVN_LOG_SB - value: "-vconsole:info -vfile:info" + - name: OVN_LOGLEVEL_SB + value: "{{ ovn_loglevel_sb }}" - name: K8S_APISERVER valueFrom: configMapKeyRef: @@ -133,23 +180,24 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - ports: - - name: healthz - containerPort: 10255 - # TODO: Temporarily disabled until we determine how to wait for clean default - # config - # livenessProbe: - # initialDelaySeconds: 10 - # httpGet: - # path: /healthz - # port: 10255 - # scheme: HTTP - lifecycle: + - name: K8S_NODE_IP + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OVN_SSL_ENABLE + value: "{{ ovn_ssl_en }}" + readinessProbe: + exec: + command: ["/usr/bin/ovn-kube-util", "readiness-probe", "-t", "ovnsb-db"] + initialDelaySeconds: 30 + timeoutSeconds: 30 + periodSeconds: 60 + # end of container nodeSelector: node-role.kubernetes.io/master: "" - beta.kubernetes.io/os: "linux" + kubernetes.io/os: "linux" volumes: - name: host-var-lib-ovs hostPath: @@ -157,5 +205,12 @@ spec: - name: host-var-log-ovs hostPath: path: /var/log/openvswitch + - name: host-slash + hostPath: + path: / + - name: host-ovn-cert + hostPath: + path: /etc/ovn + type: DirectoryOrCreate tolerations: - operator: "Exists"