X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=src%2Ffoundation%2Fscripts%2Fcni%2Fovn-kubernetes%2Fyaml%2Fovnkube-db.yaml;h=bf81495923a3773d6845d68f8768823304805b00;hb=fa1c3405246cfa807b6c2e917d90ab8a44222bdb;hp=602e27be9ef7e90dfd2498910a0cb3bd03ef3d4f;hpb=bba2e4db70d9f5b39845e991020db05de4d03b62;p=iec.git diff --git a/src/foundation/scripts/cni/ovn-kubernetes/yaml/ovnkube-db.yaml b/src/foundation/scripts/cni/ovn-kubernetes/yaml/ovnkube-db.yaml index 602e27b..bf81495 100644 --- a/src/foundation/scripts/cni/ovn-kubernetes/yaml/ovnkube-db.yaml +++ b/src/foundation/scripts/cni/ovn-kubernetes/yaml/ovnkube-db.yaml @@ -1,8 +1,30 @@ # yamllint disable rule:hyphens rule:commas rule:indentation +# service to expose the ovnkube-db pod +apiVersion: v1 +kind: Service +metadata: + name: ovnkube-db + namespace: ovn-kubernetes +spec: + ports: + - name: north + port: 6641 + protocol: TCP + targetPort: 6641 + - name: south + port: 6642 + protocol: TCP + targetPort: 6642 + sessionAffinity: None + clusterIP: None + type: ClusterIP + +--- + # ovnkube-db # daemonset version 3 # starts ovn NB/SB ovsdb daemons, each in a separate container -# it is running on master node for now, but does not need to be the case +# it is running on master for now, but does not need to be the case kind: Deployment apiVersion: apps/v1 metadata: @@ -30,8 +52,7 @@ spec: name: ovnkube-db component: network type: infra - openshift.io/component: network - beta.kubernetes.io/os: "linux" + kubernetes.io/os: "linux" annotations: scheduler.alpha.kubernetes.io/critical-pod: '' spec: @@ -46,7 +67,7 @@ spec: # nb-ovsdb - v3 - name: nb-ovsdb - image: "iecedge/ovn-daemonset:latest" + image: "iecedge/ovn-daemonset-ubuntu:2020-04-16" imagePullPolicy: "IfNotPresent" command: ["/root/ovnkube.sh", "nb-ovsdb"] @@ -56,13 +77,26 @@ spec: capabilities: add: ["NET_ADMIN"] + terminationMessagePolicy: FallbackToLogsOnError volumeMounts: # ovn db is stored in the pod in /etc/openvswitch + # (or in /etc/ovn if OVN from new repository is used) # and on the host in /var/lib/openvswitch/ - mountPath: /etc/openvswitch/ name: host-var-lib-ovs + - mountPath: /etc/ovn/ + name: host-var-lib-ovs - mountPath: /var/log/openvswitch/ name: host-var-log-ovs + - mountPath: /var/log/ovn/ + name: host-var-log-ovs + # for the iptables wrapper + - mountPath: /host + name: host-slash + readOnly: true + - mountPath: /ovn-cert + name: host-ovn-cert + readOnly: true resources: requests: @@ -71,7 +105,7 @@ spec: env: - name: OVN_DAEMONSET_VERSION value: "3" - - name: OVN_LOG_NB + - name: OVN_LOGLEVEL_NB value: "-vconsole:info -vfile:info" - name: K8S_APISERVER valueFrom: @@ -82,23 +116,23 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - ports: - - name: healthz - containerPort: 10256 - # TODO: Temporarily disabled until we determine how to wait for clean default - # config - # livenessProbe: - # initialDelaySeconds: 10 - # httpGet: - # path: /healthz - # port: 10256 - # scheme: HTTP - lifecycle: + - name: K8S_NODE_IP + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OVN_SSL_ENABLE + value: "no" + readinessProbe: + exec: + command: ["/usr/bin/ovn-kube-util", "readiness-probe", "-t", "ovnnb-db"] + initialDelaySeconds: 30 + timeoutSeconds: 30 + periodSeconds: 60 # end of container # sb-ovsdb - v3 - name: sb-ovsdb - image: "iecedge/ovn-daemonset:latest" + image: "iecedge/ovn-daemonset-ubuntu:2020-04-16" imagePullPolicy: "IfNotPresent" command: ["/root/ovnkube.sh", "sb-ovsdb"] @@ -108,13 +142,26 @@ spec: capabilities: add: ["NET_ADMIN"] + terminationMessagePolicy: FallbackToLogsOnError volumeMounts: # ovn db is stored in the pod in /etc/openvswitch + # (or in /etc/ovn if OVN from new repository is used) # and on the host in /var/lib/openvswitch/ - mountPath: /etc/openvswitch/ name: host-var-lib-ovs + - mountPath: /etc/ovn/ + name: host-var-lib-ovs - mountPath: /var/log/openvswitch/ name: host-var-log-ovs + - mountPath: /var/log/ovn/ + name: host-var-log-ovs + # for the iptables wrapper + - mountPath: /host + name: host-slash + readOnly: true + - mountPath: /ovn-cert + name: host-ovn-cert + readOnly: true resources: requests: @@ -123,7 +170,7 @@ spec: env: - name: OVN_DAEMONSET_VERSION value: "3" - - name: OVN_LOG_SB + - name: OVN_LOGLEVEL_SB value: "-vconsole:info -vfile:info" - name: K8S_APISERVER valueFrom: @@ -134,23 +181,24 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - ports: - - name: healthz - containerPort: 10255 - # TODO: Temporarily disabled until we determine how to wait for clean default - # config - # livenessProbe: - # initialDelaySeconds: 10 - # httpGet: - # path: /healthz - # port: 10255 - # scheme: HTTP - lifecycle: + - name: K8S_NODE_IP + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: OVN_SSL_ENABLE + value: "no" + readinessProbe: + exec: + command: ["/usr/bin/ovn-kube-util", "readiness-probe", "-t", "ovnsb-db"] + initialDelaySeconds: 30 + timeoutSeconds: 30 + periodSeconds: 60 + # end of container nodeSelector: node-role.kubernetes.io/master: "" - beta.kubernetes.io/os: "linux" + kubernetes.io/os: "linux" volumes: - name: host-var-lib-ovs hostPath: @@ -158,5 +206,12 @@ spec: - name: host-var-log-ovs hostPath: path: /var/log/openvswitch + - name: host-slash + hostPath: + path: / + - name: host-ovn-cert + hostPath: + path: /etc/ovn + type: DirectoryOrCreate tolerations: - operator: "Exists"