feat(ovn): enable ha for OVN control plane

This is a really big refactor which implements and adds OVN HA
for the control plane which can enable production deployments.

Depends-On: https://review.opendev.org/c/openstack/openstack-helm-images/+/889181
Change-Id: Idce896148b33a87467cd5656918c5c7377a29504

ovn/Chart.yaml

@@ -15,7 +15,7 @@ apiVersion: v1
 appVersion: v23.3.0
 description: OpenStack-Helm OVN
 name: ovn
-version: 0.1.3
+version: 0.1.4
 home: https://www.ovn.org
 icon: https://www.ovn.org/images/ovn-logo.png
 sources:

ovn/templates/bin/_ovn-controller-init.sh.tpl

@@ -0,0 +1,89 @@
+#!/bin/bash -xe
+
+# Copyright 2023 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+function get_ip_address_from_interface {
+  local interface=$1
+  local ip=$(ip -4 -o addr s "${interface}" | awk '{ print $4; exit }' | awk -F '/' '{print $1}')
+  if [ -z "${ip}" ] ; then
+    exit 1
+  fi
+  echo ${ip}
+}
+
+# Detect tunnel interface
+tunnel_interface="{{- .Values.network.interface.tunnel -}}"
+if [ -z "${tunnel_interface}" ] ; then
+    # search for interface with tunnel network routing
+    tunnel_network_cidr="{{- .Values.network.interface.tunnel_network_cidr -}}"
+    if [ -z "${tunnel_network_cidr}" ] ; then
+        tunnel_network_cidr="0/0"
+    fi
+    # If there is not tunnel network gateway, exit
+    tunnel_interface=$(ip -4 route list ${tunnel_network_cidr} | awk -F 'dev' '{ print $2; exit }' \
+        | awk '{ print $1 }') || exit 1
+fi
+ovs-vsctl set open . external_ids:ovn-encap-ip="$(get_ip_address_from_interface ${tunnel_interface})"
+
+# Configure system ID
+set +e
+ovs-vsctl get open . external-ids:system-id
+if [ $? -eq 1 ]; then
+  ovs-vsctl set open . external-ids:system-id="$(uuidgen)"
+fi
+set -e
+
+# Configure OVN remote
+{{- if empty .Values.conf.ovn_remote -}}
+{{- $sb_svc_name := "ovn-ovsdb-sb" -}}
+{{- $sb_svc := (tuple $sb_svc_name "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup") -}}
+{{- $sb_port := (tuple "ovn-ovsdb-sb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup") -}}
+{{- $sb_service_list := list -}}
+{{- range $i := until (.Values.pod.replicas.ovn_ovsdb_sb | int) -}}
+  {{- $sb_service_list = printf "tcp:%s-%d.%s:%s" $sb_svc_name $i $sb_svc $sb_port | append $sb_service_list -}}
+{{- end }}
+
+ovs-vsctl set open . external-ids:ovn-remote="{{ include "helm-toolkit.utils.joinListWithComma" $sb_service_list }}"
+{{- else -}}
+ovs-vsctl set open . external-ids:ovn-remote="{{ .Values.conf.ovn_remote }}"
+{{- end }}
+
+# Configure OVN values
+ovs-vsctl set open . external-ids:rundir="/var/run/openvswitch"
+ovs-vsctl set open . external-ids:ovn-encap-type="{{ .Values.conf.ovn_encap_type }}"
+ovs-vsctl set open . external-ids:ovn-bridge="{{ .Values.conf.ovn_bridge }}"
+ovs-vsctl set open . external-ids:ovn-bridge-mappings="{{ .Values.conf.ovn_bridge_mappings }}"
+ovs-vsctl set open . external-ids:ovn-cms-options="{{ .Values.conf.ovn_cms_options }}"
+
+# Configure hostname
+{{- if .Values.conf.use_fqdn.compute }}
+  ovs-vsctl set open . external-ids:hostname="$(hostname -f)"
+{{- else }}
+  ovs-vsctl set open . external-ids:hostname="$(hostname)"
+{{- end }}
+
+# Create bridges and create ports
+# handle any bridge mappings
+# /tmp/auto_bridge_add is one line json file: {"br-ex1":"eth1","br-ex2":"eth2"}
+for bmap in `sed 's/[{}"]//g' /tmp/auto_bridge_add | tr "," "\n"`
+do
+  bridge=${bmap%:*}
+  iface=${bmap#*:}
+  ovs-vsctl --may-exist add-br $bridge -- set bridge $bridge protocols=OpenFlow13
+  if [ -n "$iface" ] && [ "$iface" != "null" ]
+  then
+    ovs-vsctl --may-exist add-port $bridge $iface
+  fi
+done

ovn/templates/bin/_ovn-controller.sh.tpl

@@ -0,0 +1,39 @@
+#!/bin/bash -xe
+
+# Copyright 2023 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+COMMAND="${@:-start}"
+
+function start () {
+  /usr/share/ovn/scripts/ovn-ctl start_controller \
+    --ovn-manage-ovsdb=no
+
+  tail --follow=name /var/log/ovn/ovn-controller.log
+}
+
+function stop () {
+  /usr/share/ovn/scripts/ovn-ctl stop_controller
+  pkill tail
+}
+
+function liveness () {
+  ovs-appctl -t /var/run/ovn/ovn-controller.$(cat /var/run/ovn/ovn-controller.pid).ctl status
+}
+
+function readiness () {
+  ovs-appctl -t /var/run/ovn/ovn-controller.$(cat /var/run/ovn/ovn-controller.pid).ctl status
+}
+
+$COMMAND

ovn/templates/bin/_ovn-northd.sh.tpl

@@ -0,0 +1,57 @@
+#!/bin/bash -xe
+
+# Copyright 2023 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+COMMAND="${@:-start}"
+
+{{- $nb_svc_name := "ovn-ovsdb-nb" -}}
+{{- $nb_svc := (tuple $nb_svc_name "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup") -}}
+{{- $nb_port := (tuple "ovn-ovsdb-nb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup") -}}
+{{- $nb_service_list := list -}}
+{{- range $i := until (.Values.pod.replicas.ovn_ovsdb_nb | int) -}}
+  {{- $nb_service_list = printf "tcp:%s-%d.%s:%s" $nb_svc_name $i $nb_svc $nb_port | append $nb_service_list -}}
+{{- end -}}
+
+{{- $sb_svc_name := "ovn-ovsdb-sb" -}}
+{{- $sb_svc := (tuple $sb_svc_name "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup") -}}
+{{- $sb_port := (tuple "ovn-ovsdb-sb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup") -}}
+{{- $sb_service_list := list -}}
+{{- range $i := until (.Values.pod.replicas.ovn_ovsdb_sb | int) -}}
+  {{- $sb_service_list = printf "tcp:%s-%d.%s:%s" $sb_svc_name $i $sb_svc $sb_port | append $sb_service_list -}}
+{{- end }}
+
+function start () {
+  /usr/share/ovn/scripts/ovn-ctl start_northd \
+    --ovn-manage-ovsdb=no \
+    --ovn-northd-nb-db={{ include "helm-toolkit.utils.joinListWithComma" $nb_service_list }} \
+    --ovn-northd-sb-db={{ include "helm-toolkit.utils.joinListWithComma" $sb_service_list }}
+
+  tail --follow=name /var/log/ovn/ovn-northd.log
+}
+
+function stop () {
+  /usr/share/ovn/scripts/ovn-ctl stop_northd
+  pkill tail
+}
+
+function liveness () {
+  ovs-appctl -t /var/run/ovn/ovn-northd.$(cat /var/run/ovn/ovn-northd.pid).ctl status
+}
+
+function readiness () {
+  ovs-appctl -t /var/run/ovn/ovn-northd.$(cat /var/run/ovn/ovn-northd.pid).ctl status
+}
+
+$COMMAND

ovn/templates/bin/_ovn-setup-bridges-init.sh.tpl

@@ -1,29 +0,0 @@
-#!/bin/bash
-
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-   http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-set -ex
-
-# handle any bridge mappings
-# /tmp/auto_bridge_add is one line json file: {"br-ex1":"eth1","br-ex2":"eth2"}
-for bmap in `sed 's/[{}"]//g' /tmp/auto_bridge_add | tr "," "\n"`
-do
-  bridge=${bmap%:*}
-  iface=${bmap#*:}
-  ovs-vsctl --may-exist add-br $bridge -- set bridge $bridge protocols=OpenFlow13
-  if [ -n "$iface" ] && [ "$iface" != "null" ]
-  then
-    ovs-vsctl --may-exist add-port $bridge $iface
-  fi
-done

ovn/templates/bin/_ovsdb-server.sh.tpl

@@ -0,0 +1,72 @@
+#!/bin/bash -xe
+
+# Copyright 2023 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+COMMAND="${@:-start}"
+
+OVSDB_HOST=$(hostname -f)
+ARGS=(
+  --db-${OVS_DATABASE}-create-insecure-remote=yes
+  --db-${OVS_DATABASE}-cluster-local-proto=tcp
+  --db-${OVS_DATABASE}-cluster-local-addr=$(hostname -f)
+)
+
+if [[ ! $HOSTNAME == *-0 && $OVSDB_HOST =~ (.+)-([0-9]+)\. ]]; then
+  OVSDB_BOOTSTRAP_HOST="${BASH_REMATCH[1]}-0.${OVSDB_HOST#*.}"
+
+  ARGS+=(
+    --db-${OVS_DATABASE}-cluster-remote-proto=tcp
+    --db-${OVS_DATABASE}-cluster-remote-addr=${OVSDB_BOOTSTRAP_HOST}
+  )
+fi
+
+function start () {
+  /usr/share/ovn/scripts/ovn-ctl start_${OVS_DATABASE}_ovsdb ${ARGS[@]}
+
+  tail --follow=name /var/log/ovn/ovsdb-server-${OVS_DATABASE}.log
+}
+
+function stop () {
+  /usr/share/ovn/scripts/ovn-ctl stop_${OVS_DATABASE}_ovsdb
+  pkill tail
+}
+
+function liveness () {
+  if [[ $OVS_DATABASE == "nb" ]]; then
+    OVN_DATABASE="Northbound"
+  elif [[ $OVS_DATABASE == "sb" ]]; then
+    OVN_DATABASE="Southbound"
+  else
+    echo "OVS_DATABASE must be nb or sb"
+    exit 1
+  fi
+
+  ovs-appctl -t /var/run/ovn/ovn${OVS_DATABASE}_db.ctl cluster/status OVN_${OVN_DATABASE}
+}
+
+function readiness () {
+  if [[ $OVS_DATABASE == "nb" ]]; then
+    OVN_DATABASE="Northbound"
+  elif [[ $OVS_DATABASE == "sb" ]]; then
+    OVN_DATABASE="Southbound"
+  else
+    echo "OVS_DATABASE must be nb or sb"
+    exit 1
+  fi
+
+  ovs-appctl -t /var/run/ovn/ovn${OVS_DATABASE}_db.ctl cluster/status OVN_${OVN_DATABASE}
+}
+
+$COMMAND

ovn/templates/configmap-bin.yaml

@@ -24,8 +24,12 @@ data:
   image-repo-sync.sh: |
 {{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }}
 {{- end }}
-  ovn.sh: |
+  ovsdb-server.sh: |
-{{ tuple "bin/_ovn.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
+{{ tuple "bin/_ovsdb-server.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
-  ovn-setup-bridges-init.sh: |
+  ovn-northd.sh: |
-{{ tuple "bin/_ovn-setup-bridges-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
+{{ tuple "bin/_ovn-northd.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
+  ovn-controller-init.sh: |
+{{ tuple "bin/_ovn-controller-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
+  ovn-controller.sh: |
+{{ tuple "bin/_ovn-controller.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
 {{- end }}

ovn/templates/daemonset-controller.yaml

@@ -38,20 +38,22 @@ spec:
 {{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
       annotations:
 {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
+        configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+        configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
     spec:
       serviceAccountName: {{ $serviceAccountName }}
       nodeSelector:
         {{ .Values.labels.ovn_controller.node_selector_key }}: {{ .Values.labels.ovn_controller.node_selector_value }}
       initContainers:
 {{- tuple $envAll "ovn_controller" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
-        - name: ovn-setup-bridge
+        - name: controller-init
 {{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
           command:
-            - /tmp/ovn-setup-bridges-init.sh
+            - /tmp/ovn-controller-init.sh
           volumeMounts:
             - name: ovn-bin
-              mountPath: /tmp/ovn-setup-bridges-init.sh
+              mountPath: /tmp/ovn-controller-init.sh
-              subPath: ovn-setup-bridges-init.sh
+              subPath: ovn-controller-init.sh
               readOnly: true
             - name: run-openvswitch
               mountPath: /run/openvswitch
@@ -60,25 +62,23 @@ spec:
               subPath: auto_bridge_add
               readOnly: true
       containers:
-        - name: ovn-controller
+        - name: controller
 {{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
-          command:
-            - /tmp/start.sh
-            - ovn-controller
 {{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-          env:
+{{ dict "envAll" $envAll "application" "ovn_controller" "container" "controller" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
-            - name: K8S_NODE
+          command:
-              valueFrom:
+            - /tmp/ovn-controller.sh
-                fieldRef:
+            - start
-                  fieldPath: spec.nodeName
+          lifecycle:
-            - name: OVN_ENCAP_IP
+            preStop:
-              valueFrom:
+              exec:
-                fieldRef:
+                command:
-                  fieldPath: status.hostIP
+                  - /tmp/ovn-controller.sh
+                  - stop
           volumeMounts:
             - name: ovn-bin
-              mountPath: /tmp/start.sh
+              mountPath: /tmp/ovn-controller.sh
-              subPath: ovn.sh
+              subPath: ovn-controller.sh
               readOnly: true
             - name: run-openvswitch
               mountPath: /run/openvswitch

ovn/templates/deployment-northd.yaml

@@ -12,6 +12,20 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 
+{{- define "livenessProbeTemplate" }}
+exec:
+  command:
+    - /tmp/ovn-northd.sh
+    - liveness
+{{- end }}
+
+{{- define "readinessProbeTemplate" }}
+exec:
+  command:
+    - /tmp/ovn-northd.sh
+    - readiness
+{{- end }}
+
 {{- if .Values.manifests.deployment_northd }}
 {{- $envAll := . }}
 
@@ -24,13 +38,10 @@ metadata:
   name: ovn-northd
   annotations:
     {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
-    configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
   labels:
 {{ tuple $envAll "ovn" "ovn-northd" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
 spec:
-  replicas: 1
+  replicas: {{ .Values.pod.replicas.ovn_northd }}
-  strategy:
-    type: Recreate
   selector:
     matchLabels:
 {{ tuple $envAll "ovn" "ovn-northd" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
@@ -40,6 +51,7 @@ spec:
 {{ tuple $envAll "ovn" "ovn-northd" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
       annotations:
 {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
+        configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
     spec:
       serviceAccountName: {{ $serviceAccountName }}
       nodeSelector:
@@ -47,16 +59,25 @@ spec:
       initContainers:
 {{- tuple $envAll "ovn_northd" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
       containers:
-        - name: ovn-northd
+        - name: northd
 {{ tuple $envAll "ovn_northd" | include "helm-toolkit.snippets.image" | indent 10 }}
-          command:
-            - /tmp/start.sh
-            - run-ovn-northd
 {{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+{{ dict "envAll" $envAll "application" "ovn_northd" "container" "northd" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
+{{ dict "envAll" . "component" "ovn_northd" "container" "northd" "type" "liveness" "probeTemplate" (include "livenessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
+{{ dict "envAll" . "component" "ovn_northd" "container" "northd" "type" "readiness" "probeTemplate" (include "readinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
+          command:
+            - /tmp/ovn-northd.sh
+            - start
+          lifecycle:
+            preStop:
+              exec:
+                command:
+                  - /tmp/ovn-northd.sh
+                  - stop
           volumeMounts:
             - name: ovn-bin
-              mountPath: /tmp/start.sh
+              mountPath: /tmp/ovn-northd.sh
-              subPath: ovn.sh
+              subPath: ovn-northd.sh
               readOnly: true
       volumes:
         - name: ovn-bin

ovn/templates/service-ovsdb-nb.yaml

@@ -12,17 +12,19 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 
-{{- if .Values.manifests.service_ovn_nb_db }}
+{{- if .Values.manifests.service_ovn_ovsdb_nb }}
 {{- $envAll := . }}
 ---
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ tuple "ovn-nb-db" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+  name: {{ tuple "ovn-ovsdb-nb" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
 spec:
   ports:
-    - name: ovn-nb-db
+    - name: ovsdb
-      port: {{ tuple "ovn-nb-db" "internal" "db" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+      port: {{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+    - name: raft
+      port: {{ tuple "ovn-ovsdb-nb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
   selector:
-{{ tuple $envAll "ovn" "ovn-nb-db" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
+{{ tuple $envAll "ovn" "ovn-ovsdb-nb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
 {{- end }}

ovn/templates/service-ovsdb-sb.yaml

@@ -12,17 +12,19 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 
-{{- if .Values.manifests.service_ovn_sb_db }}
+{{- if .Values.manifests.service_ovn_ovsdb_sb }}
 {{- $envAll := . }}
 ---
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ tuple "ovn-sb-db" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+  name: {{ tuple "ovn-ovsdb-sb" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
 spec:
   ports:
-    - name: ovn-sb-db
+    - name: ovsdb
-      port: {{ tuple "ovn-sb-db" "internal" "db" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+      port: {{ tuple "ovn-ovsdb-sb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+    - name: raft
+      port: {{ tuple "ovn-ovsdb-sb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
   selector:
-{{ tuple $envAll "ovn" "ovn-sb-db" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
+{{ tuple $envAll "ovn" "ovn-ovsdb-sb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
 {{- end }}

ovn/templates/statefulset-nb-db.yaml

@@ -1,85 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-   http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.statefulset_ovn_nb_db }}
-{{- $envAll := . }}
-
-{{- $serviceAccountName := "ovn-nb-db" }}
-{{ tuple $envAll "ovn_nb_db" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
-  name: ovn-nb-db
-  annotations:
-    {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
-  labels:
-{{ tuple $envAll "ovn" "ovn-nb-db" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-spec:
-  serviceName: {{ tuple "ovn-nb-db" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
-  replicas: 1
-  selector:
-    matchLabels:
-{{ tuple $envAll "ovn" "ovn-nb-db" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
-  template:
-    metadata:
-      labels:
-{{ tuple $envAll "ovn" "ovn-nb-db" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-      annotations:
-{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
-    spec:
-      serviceAccountName: {{ $serviceAccountName }}
-      affinity:
-{{- tuple $envAll "ovn" "ovn-nb-db" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
-      nodeSelector:
-        {{ .Values.labels.ovn_nb_db.node_selector_key }}: {{ .Values.labels.ovn_nb_db.node_selector_value }}
-      initContainers:
-{{- tuple $envAll "ovn_nb_db" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
-      containers:
-        - name: ovn-nb-db
-{{ tuple $envAll "ovn_nb_db" | include "helm-toolkit.snippets.image" | indent 10 }}
-          ports:
-            - containerPort: {{ tuple "ovn-nb-db" "internal" "db" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
-          command:
-            - /tmp/start.sh
-            - nb-ovsdb
-{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-          volumeMounts:
-            - name: ovn-bin
-              mountPath: /tmp/start.sh
-              subPath: ovn.sh
-              readOnly: true
-            - name: ovn-nb-db-data
-              mountPath: /var/lib/ovn
-      volumes:
-        - name: ovn-bin
-          configMap:
-            name: ovn-bin
-            defaultMode: 0555
-{{- if not .Values.volume.ovn_nb_db.enabled }}
-        - name: ovn-nb-db-data
-          emptyDir: {}
-{{- else }}
-  volumeClaimTemplates:
-    - metadata:
-        name: ovn-nb-db-data
-      spec:
-        accessModes: ["ReadWriteOnce"]
-        resources:
-          requests:
-            storage: {{ $envAll.Values.volume.ovn_nb_db.size }}
-        storageClassName: {{ $envAll.Values.volume.ovn_nb_db.class_name }}
-{{- end }}
-
-{{- end }}

ovn/templates/statefulset-ovsdb-nb.yaml

@@ -0,0 +1,102 @@
+{{/*
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.manifests.statefulset_ovn_ovsdb_nb }}
+{{- $envAll := . }}
+
+{{- $serviceAccountName := "ovn-ovsdb-nb" }}
+{{ tuple $envAll "ovn_ovsdb_nb" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: ovn-ovsdb-nb
+  annotations:
+    {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
+  labels:
+{{ tuple $envAll "ovn" "ovn-ovsdb-nb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
+spec:
+  serviceName: {{ tuple "ovn-ovsdb-nb" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+  replicas: {{ .Values.pod.replicas.ovn_ovsdb_nb }}
+  selector:
+    matchLabels:
+{{ tuple $envAll "ovn" "ovn-ovsdb-nb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
+  template:
+    metadata:
+      labels:
+{{ tuple $envAll "ovn" "ovn-ovsdb-nb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
+      annotations:
+{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
+        configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+    spec:
+      serviceAccountName: {{ $serviceAccountName }}
+      affinity:
+{{- tuple $envAll "ovn" "ovn-ovsdb-nb" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+      nodeSelector:
+        {{ .Values.labels.ovn_ovsdb_nb.node_selector_key }}: {{ .Values.labels.ovn_ovsdb_nb.node_selector_value }}
+      initContainers:
+{{- tuple $envAll "ovn_ovsdb_nb" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
+      containers:
+        - name: ovsdb
+{{ tuple $envAll "ovn_ovsdb_nb" | include "helm-toolkit.snippets.image" | indent 10 }}
+{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+          ports:
+            - containerPort: {{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+            - containerPort: {{ tuple "ovn-ovsdb-nb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+          env:
+            - name: OVS_DATABASE
+              value: nb
+            - name: OVS_PORT
+              value: "{{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}"
+          command:
+            - /tmp/ovsdb-server.sh
+            - start
+          lifecycle:
+            preStop:
+              exec:
+                command:
+                  - /tmp/ovsdb-server.sh
+                  - stop
+          volumeMounts:
+            - name: ovn-bin
+              mountPath: /tmp/ovsdb-server.sh
+              subPath: ovsdb-server.sh
+              readOnly: true
+            - name: run-openvswitch
+              mountPath: /run/openvswitch
+            - name: data
+              mountPath: /var/lib/ovn
+      volumes:
+        - name: run-openvswitch
+          emptyDir: {}
+        - name: ovn-bin
+          configMap:
+            name: ovn-bin
+            defaultMode: 0555
+{{- if not .Values.volume.ovn_ovsdb_nb.enabled }}
+        - name: data
+          emptyDir: {}
+{{- else }}
+  volumeClaimTemplates:
+    - metadata:
+        name: data
+      spec:
+        accessModes: ["ReadWriteOnce"]
+        storageClassName: {{ $envAll.Values.volume.ovn_ovsdb_nb.class_name }}
+        resources:
+          requests:
+            storage: {{ $envAll.Values.volume.ovn_ovsdb_nb.size }}
+{{- end }}
+
+{{- end }}

ovn/templates/statefulset-ovsdb-sb.yaml

@@ -0,0 +1,102 @@
+{{/*
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.manifests.statefulset_ovn_ovsdb_sb }}
+{{- $envAll := . }}
+
+{{- $serviceAccountName := "ovn-ovsdb-sb" }}
+{{ tuple $envAll "ovn_ovsdb_sb" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: ovn-ovsdb-sb
+  annotations:
+    {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
+  labels:
+{{ tuple $envAll "ovn" "ovn-ovsdb-sb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
+spec:
+  serviceName: {{ tuple "ovn-ovsdb-sb" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+  replicas: {{ .Values.pod.replicas.ovn_ovsdb_sb }}
+  selector:
+    matchLabels:
+{{ tuple $envAll "ovn" "ovn-ovsdb-sb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
+  template:
+    metadata:
+      labels:
+{{ tuple $envAll "ovn" "ovn-ovsdb-sb" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
+      annotations:
+{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
+        configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+    spec:
+      serviceAccountName: {{ $serviceAccountName }}
+      affinity:
+{{- tuple $envAll "ovn" "ovn-ovsdb-sb" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+      nodeSelector:
+        {{ .Values.labels.ovn_ovsdb_sb.node_selector_key }}: {{ .Values.labels.ovn_ovsdb_sb.node_selector_value }}
+      initContainers:
+{{- tuple $envAll "ovn_ovsdb_sb" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
+      containers:
+        - name: ovsdb
+{{ tuple $envAll "ovn_ovsdb_sb" | include "helm-toolkit.snippets.image" | indent 10 }}
+{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+          ports:
+            - containerPort: {{ tuple "ovn-ovsdb-sb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+            - containerPort: {{ tuple "ovn-ovsdb-sb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+          env:
+            - name: OVS_DATABASE
+              value: sb
+            - name: OVS_PORT
+              value: "{{ tuple "ovn-ovsdb-sb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}"
+          command:
+            - /tmp/ovsdb-server.sh
+            - start
+          lifecycle:
+            preStop:
+              exec:
+                command:
+                  - /tmp/ovsdb-server.sh
+                  - stop
+          volumeMounts:
+            - name: ovn-bin
+              mountPath: /tmp/ovsdb-server.sh
+              subPath: ovsdb-server.sh
+              readOnly: true
+            - name: run-openvswitch
+              mountPath: /run/openvswitch
+            - name: data
+              mountPath: /var/lib/ovn
+      volumes:
+        - name: run-openvswitch
+          emptyDir: {}
+        - name: ovn-bin
+          configMap:
+            name: ovn-bin
+            defaultMode: 0555
+{{- if not .Values.volume.ovn_ovsdb_sb.enabled }}
+        - name: data
+          emptyDir: {}
+{{- else }}
+  volumeClaimTemplates:
+    - metadata:
+        name: data
+      spec:
+        accessModes: ["ReadWriteOnce"]
+        resources:
+          requests:
+            storage: {{ $envAll.Values.volume.ovn_ovsdb_sb.size }}
+        storageClassName: {{ $envAll.Values.volume.ovn_ovsdb_sb.class_name }}
+{{- end }}
+
+{{- end }}

ovn/templates/statefulset-sb-db.yaml

@@ -1,85 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-   http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.statefulset_ovn_sb_db }}
-{{- $envAll := . }}
-
-{{- $serviceAccountName := "ovn-sb-db" }}
-{{ tuple $envAll "ovn_sb_db" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
-  name: ovn-sb-db
-  annotations:
-    {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
-  labels:
-{{ tuple $envAll "ovn" "ovn-sb-db" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-spec:
-  serviceName: {{ tuple "ovn-sb-db" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
-  replicas: 1
-  selector:
-    matchLabels:
-{{ tuple $envAll "ovn" "ovn-sb-db" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
-  template:
-    metadata:
-      labels:
-{{ tuple $envAll "ovn" "ovn-sb-db" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-      annotations:
-{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
-    spec:
-      serviceAccountName: {{ $serviceAccountName }}
-      affinity:
-{{- tuple $envAll "ovn" "ovn-sb-db" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
-      nodeSelector:
-        {{ .Values.labels.ovn_sb_db.node_selector_key }}: {{ .Values.labels.ovn_sb_db.node_selector_value }}
-      initContainers:
-{{- tuple $envAll "ovn_sb_db" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
-      containers:
-        - name: ovn-sb-db
-{{ tuple $envAll "ovn_sb_db" | include "helm-toolkit.snippets.image" | indent 10 }}
-          ports:
-            - containerPort: {{ tuple "ovn-sb-db" "internal" "db" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
-          command:
-            - /tmp/start.sh
-            - sb-ovsdb
-{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-          volumeMounts:
-            - name: ovn-bin
-              mountPath: /tmp/start.sh
-              subPath: ovn.sh
-              readOnly: true
-            - name: ovn-sb-db-data
-              mountPath: /var/lib/ovn
-      volumes:
-        - name: ovn-bin
-          configMap:
-            name: ovn-bin
-            defaultMode: 0555
-{{- if not .Values.volume.ovn_sb_db.enabled }}
-        - name: ovn-sb-db-data
-          emptyDir: {}
-{{- else }}
-  volumeClaimTemplates:
-    - metadata:
-        name: ovn-sb-db-data
-      spec:
-        accessModes: ["ReadWriteOnce"]
-        resources:
-          requests:
-            storage: {{ $envAll.Values.volume.ovn_sb_db.size }}
-        storageClassName: {{ $envAll.Values.volume.ovn_sb_db.class_name }}
-{{- end }}
-
-{{- end }}

ovn/values.yaml

@@ -20,8 +20,8 @@ release_group: null
 
 images:
   tags:
-    ovn_nb_db: docker.io/openstackhelm/ovn:latest-ubuntu_focal
+    ovn_ovsdb_nb: docker.io/openstackhelm/ovn:latest-ubuntu_focal
-    ovn_sb_db: docker.io/openstackhelm/ovn:latest-ubuntu_focal
+    ovn_ovsdb_sb: docker.io/openstackhelm/ovn:latest-ubuntu_focal
     ovn_northd: docker.io/openstackhelm/ovn:latest-ubuntu_focal
     ovn_controller: docker.io/openstackhelm/ovn:latest-ubuntu_focal
     dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
@@ -34,10 +34,10 @@ images:
       - image_repo_sync
 
 labels:
-  ovn_nb_db:
+  ovn_ovsdb_nb:
     node_selector_key: openstack-network-node
     node_selector_value: enabled
-  ovn_sb_db:
+  ovn_ovsdb_sb:
     node_selector_key: openstack-network-node
     node_selector_value: enabled
   ovn_northd:
@@ -48,30 +48,28 @@ labels:
     node_selector_value: enabled
 
 volume:
-  ovn_nb_db:
+  ovn_ovsdb_nb:
-    use_local_path:
-      enabled: false
-      host_path: /var/lib/rabbitmq
-    chown_on_start: true
     enabled: true
     class_name: general
     size: 5Gi
-  ovn_sb_db:
+  ovn_ovsdb_sb:
-    use_local_path:
-      enabled: false
-      host_path: /var/lib/rabbitmq
-    chown_on_start: true
     enabled: true
     class_name: general
     size: 5Gi
 
+network:
+  interface:
+    # Tunnel interface will be used for VXLAN tunneling.
+    tunnel: null
+    # If tunnel is null there is a fallback mechanism to search
+    # for interface with routing using tunnel network cidr.
+    tunnel_network_cidr: "0/0"
+
 conf:
   ovn_cms_options: "enable-chassis-as-gw,availability-zones=nova"
-  ovn_remote: tcp:ovn-sb-db.openstack.svc.cluster.local:6640
   ovn_encap_type: geneve
   ovn_bridge: br-int
-  # ovn_bridge_mappings: "physnet-public:br-public,physnet-private:br-private"
+  ovn_bridge_mappings: external:br-ex
-  ovn_bridge_mappings: ""
 
   # auto_bridge_add:
   #   br-private: eth0
@@ -83,10 +81,23 @@ conf:
     compute: true
 
 pod:
+  security_context:
+    ovn_northd:
+      container:
+        northd:
+          capabilities:
+            add:
+              - SYS_NICE
+    ovn_controller:
+      container:
+        controller:
+          capabilities:
+            add:
+              - SYS_NICE
   tolerations:
-    ovn_nb_db:
+    ovn_ovsdb_nb:
       enabled: false
-    ovn_sb_db:
+    ovn_ovsdb_sb:
       enabled: false
     ovn_northd:
       enabled: false
@@ -102,17 +113,32 @@ pod:
         default: 10
 
   probes:
-    # TODO: Add healthchecks
+    ovn_northd:
+      northd:
+        readiness:
+          enabled: true
+          params:
+            initialDelaySeconds: 5
+            timeoutSeconds: 10
+        liveness:
+          enabled: true
+          params:
+            initialDelaySeconds: 5
+            timeoutSeconds: 10
   dns_policy: "ClusterFirstWithHostNet"
+  replicas:
+    ovn_ovsdb_nb: 1
+    ovn_ovsdb_sb: 1
+    ovn_northd: 1
   lifecycle:
     upgrades:
       daemonsets:
         pod_replacement_strategy: RollingUpdate
-        ovn_nb_db:
+        ovn_ovsdb_nb:
           enabled: true
           min_ready_seconds: 0
           max_unavailable: 1
-        ovn_sb_db:
+        ovn_ovsdb_sb:
           enabled: true
           min_ready_seconds: 0
           max_unavailable: 1
@@ -127,14 +153,14 @@ pod:
   resources:
     enabled: false
     ovs:
-      ovn_nb_db:
+      ovn_ovsdb_nb:
         requests:
           memory: "128Mi"
           cpu: "100m"
         limits:
           memory: "1024Mi"
           cpu: "2000m"
-      ovn_sb_db:
+      ovn_ovsdb_sb:
         requests:
           memory: "128Mi"
           cpu: "100m"
@@ -166,8 +192,8 @@ pod:
 
 secrets:
   oci_image_registry:
-    ovn_nb_db: ovn-nb-db-oci-image-registry-key
+    ovn_ovsdb_nb: ovn-ovsdb-nb-oci-image-registry-key
-    ovn_sb_db: ovn-sb-db-oci-image-registry-key
+    ovn_ovsdb_sb: ovn-ovsdb-sb-oci-image-registry-key
     ovn_northd: ovn-northd-oci-image-registry-key
     ovn_controller: ovn-controller-oci-image-registry-key
 
@@ -201,34 +227,38 @@ endpoints:
     port:
       registry:
         default: null
-  ovn_nb_db:
+  ovn_ovsdb_nb:
-    name: ovn-nb-db
+    name: ovn-ovsdb-nb
     namespace: null
     hosts:
-      default: ovn-nb-db
+      default: ovn-ovsdb-nb
     host_fqdn_override:
       default: null
     port:
-      db:
+      ovsdb:
-        default: 6640
+        default: 6641
-  ovn_sb_db:
+      raft:
-    name: ovn-sb-db
+        default: 6643
+  ovn_ovsdb_sb:
+    name: ovn-ovsdb-sb
     namespace: null
     hosts:
-      default: ovn-sb-db
+      default: ovn-ovsdb-sb
     host_fqdn_override:
       default: null
     port:
-      db:
+      ovsdb:
-        default: 6640
+        default: 6642
+      raft:
+        default: 6644
 
 network_policy:
-  ovn_nb_db:
+  ovn_ovsdb_nb:
     ingress:
       - {}
     egress:
       - {}
-  ovn_sb_db:
+  ovn_ovsdb_sb:
     ingress:
       - {}
     egress:
@@ -254,18 +284,18 @@ dependencies:
           - endpoint: node
             service: local_image_registry
   static:
-    ovn_nb_db: null
+    ovn_ovsdb_nb: null
-    ovn_sb_db: null
+    ovn_ovsdb_sb: null
     ovn_northd:
       services:
         - endpoint: internal
-          service: ovn-nb-db
+          service: ovn-ovsdb-nb
         - endpoint: internal
-          service: ovn-sb-db
+          service: ovn-ovsdb-sb
     ovn_controller:
       services:
         - endpoint: internal
-          service: ovn-sb-db
+          service: ovn-ovsdb-sb
       pod:
         - requireSameNode: true
           labels:
@@ -281,10 +311,10 @@ manifests:
   configmap_etc: true
   deployment_northd: true
   daemonset_controller: true
-  service_ovn_nb_db: true
+  service_ovn_ovsdb_nb: true
-  service_ovn_sb_db: true
+  service_ovn_ovsdb_sb: true
-  statefulset_ovn_nb_db: true
+  statefulset_ovn_ovsdb_nb: true
-  statefulset_ovn_sb_db: true
+  statefulset_ovn_ovsdb_sb: true
   deployment_ovn_northd: true
   daemonset_ovn_controller: true
   job_image_repo_sync: true

releasenotes/notes/ovn.yaml

@@ -4,4 +4,5 @@ ovn:
   - 0.1.1 Fix ovn db persistence issue
   - 0.1.2 Add bridge-mapping configuration
   - 0.1.3 Fix system-id reuse
+  - 0.1.4 Add support for OVN HA + refactor
 ...