fb90642b18
- OVN init script must be able to attach an interface to the provider network bridge and migrate IP from the interface to the bridge exactly like Neutron OVS agent init script does it. - OVN init script sets gateway option to those OVN controller instances which are running on nodes with l3-agent=enabled label. Change-Id: I24345c1f85c1e75af6e804f09d35abf530ddd6b4
325 lines
7.4 KiB
YAML
325 lines
7.4 KiB
YAML
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# Default values for openvswitch.
|
|
# This is a YAML-formatted file.
|
|
# Declare name/value pairs to be passed into your templates.
|
|
# name: value
|
|
|
|
---
|
|
release_group: null
|
|
|
|
images:
|
|
tags:
|
|
ovn_ovsdb_nb: docker.io/openstackhelm/ovn:ubuntu_focal
|
|
ovn_ovsdb_sb: docker.io/openstackhelm/ovn:ubuntu_focal
|
|
ovn_northd: docker.io/openstackhelm/ovn:ubuntu_focal
|
|
ovn_controller: docker.io/openstackhelm/ovn:ubuntu_focal
|
|
ovn_controller_kubectl: docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy
|
|
dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
|
|
image_repo_sync: docker.io/library/docker:17.07.0
|
|
pull_policy: "IfNotPresent"
|
|
local_registry:
|
|
active: false
|
|
exclude:
|
|
- dep_check
|
|
- image_repo_sync
|
|
|
|
labels:
|
|
ovn_ovsdb_nb:
|
|
node_selector_key: openstack-network-node
|
|
node_selector_value: enabled
|
|
ovn_ovsdb_sb:
|
|
node_selector_key: openstack-network-node
|
|
node_selector_value: enabled
|
|
ovn_northd:
|
|
node_selector_key: openstack-network-node
|
|
node_selector_value: enabled
|
|
ovn_controller:
|
|
node_selector_key: openvswitch
|
|
node_selector_value: enabled
|
|
|
|
volume:
|
|
ovn_ovsdb_nb:
|
|
enabled: true
|
|
class_name: general
|
|
size: 5Gi
|
|
ovn_ovsdb_sb:
|
|
enabled: true
|
|
class_name: general
|
|
size: 5Gi
|
|
|
|
network:
|
|
interface:
|
|
# Tunnel interface will be used for VXLAN tunneling.
|
|
tunnel: null
|
|
# If tunnel is null there is a fallback mechanism to search
|
|
# for interface with routing using tunnel network cidr.
|
|
tunnel_network_cidr: "0/0"
|
|
|
|
conf:
|
|
ovn_cms_options: "availability-zones=nova"
|
|
onv_cms_options_gw_enabled: "enable-chassis-as-gw,availability-zones=nova"
|
|
ovn_encap_type: geneve
|
|
ovn_bridge: br-int
|
|
ovn_bridge_mappings: external:br-ex
|
|
|
|
# auto_bridge_add:
|
|
# br-private: eth0
|
|
# br-public: eth1
|
|
auto_bridge_add: {}
|
|
|
|
pod:
|
|
# NOTE: should be same as nova.pod.use_fqdn.compute
|
|
use_fqdn:
|
|
compute: true
|
|
security_context:
|
|
ovn_northd:
|
|
container:
|
|
northd:
|
|
capabilities:
|
|
add:
|
|
- SYS_NICE
|
|
ovn_controller:
|
|
container:
|
|
controller_init:
|
|
readOnlyRootFilesystem: true
|
|
privileged: true
|
|
controller:
|
|
readOnlyRootFilesystem: true
|
|
privileged: true
|
|
tolerations:
|
|
ovn_ovsdb_nb:
|
|
enabled: false
|
|
ovn_ovsdb_sb:
|
|
enabled: false
|
|
ovn_northd:
|
|
enabled: false
|
|
ovn_controller:
|
|
enabled: false
|
|
affinity:
|
|
anti:
|
|
type:
|
|
default: preferredDuringSchedulingIgnoredDuringExecution
|
|
topologyKey:
|
|
default: kubernetes.io/hostname
|
|
weight:
|
|
default: 10
|
|
|
|
probes:
|
|
ovn_northd:
|
|
northd:
|
|
readiness:
|
|
enabled: true
|
|
params:
|
|
initialDelaySeconds: 5
|
|
timeoutSeconds: 10
|
|
liveness:
|
|
enabled: true
|
|
params:
|
|
initialDelaySeconds: 5
|
|
timeoutSeconds: 10
|
|
dns_policy: "ClusterFirstWithHostNet"
|
|
replicas:
|
|
ovn_ovsdb_nb: 1
|
|
ovn_ovsdb_sb: 1
|
|
ovn_northd: 1
|
|
lifecycle:
|
|
upgrades:
|
|
daemonsets:
|
|
pod_replacement_strategy: RollingUpdate
|
|
ovn_ovsdb_nb:
|
|
enabled: true
|
|
min_ready_seconds: 0
|
|
max_unavailable: 1
|
|
ovn_ovsdb_sb:
|
|
enabled: true
|
|
min_ready_seconds: 0
|
|
max_unavailable: 1
|
|
ovn_northd:
|
|
enabled: true
|
|
min_ready_seconds: 0
|
|
max_unavailable: 1
|
|
ovn_controller:
|
|
enabled: true
|
|
min_ready_seconds: 0
|
|
max_unavailable: 1
|
|
resources:
|
|
enabled: false
|
|
ovs:
|
|
ovn_ovsdb_nb:
|
|
requests:
|
|
memory: "128Mi"
|
|
cpu: "100m"
|
|
limits:
|
|
memory: "1024Mi"
|
|
cpu: "2000m"
|
|
ovn_ovsdb_sb:
|
|
requests:
|
|
memory: "128Mi"
|
|
cpu: "100m"
|
|
limits:
|
|
memory: "1024Mi"
|
|
cpu: "2000m"
|
|
ovn_northd:
|
|
requests:
|
|
memory: "128Mi"
|
|
cpu: "100m"
|
|
limits:
|
|
memory: "1024Mi"
|
|
cpu: "2000m"
|
|
ovn_controller:
|
|
requests:
|
|
memory: "128Mi"
|
|
cpu: "100m"
|
|
limits:
|
|
memory: "1024Mi"
|
|
cpu: "2000m"
|
|
jobs:
|
|
image_repo_sync:
|
|
requests:
|
|
memory: "128Mi"
|
|
cpu: "100m"
|
|
limits:
|
|
memory: "1024Mi"
|
|
cpu: "2000m"
|
|
|
|
secrets:
|
|
oci_image_registry:
|
|
ovn_ovsdb_nb: ovn-ovsdb-nb-oci-image-registry-key
|
|
ovn_ovsdb_sb: ovn-ovsdb-sb-oci-image-registry-key
|
|
ovn_northd: ovn-northd-oci-image-registry-key
|
|
ovn_controller: ovn-controller-oci-image-registry-key
|
|
|
|
# TODO: Check these endpoints?!
|
|
endpoints:
|
|
cluster_domain_suffix: cluster.local
|
|
local_image_registry:
|
|
name: docker-registry
|
|
namespace: docker-registry
|
|
hosts:
|
|
default: localhost
|
|
internal: docker-registry
|
|
node: localhost
|
|
host_fqdn_override:
|
|
default: null
|
|
port:
|
|
registry:
|
|
node: 5000
|
|
oci_image_registry:
|
|
name: oci-image-registry
|
|
namespace: oci-image-registry
|
|
auth:
|
|
enabled: false
|
|
openvswitch:
|
|
username: openvswitch
|
|
password: password
|
|
hosts:
|
|
default: localhost
|
|
host_fqdn_override:
|
|
default: null
|
|
port:
|
|
registry:
|
|
default: null
|
|
ovn_ovsdb_nb:
|
|
name: ovn-ovsdb-nb
|
|
namespace: null
|
|
hosts:
|
|
default: ovn-ovsdb-nb
|
|
host_fqdn_override:
|
|
default: null
|
|
port:
|
|
ovsdb:
|
|
default: 6641
|
|
raft:
|
|
default: 6643
|
|
ovn_ovsdb_sb:
|
|
name: ovn-ovsdb-sb
|
|
namespace: null
|
|
hosts:
|
|
default: ovn-ovsdb-sb
|
|
host_fqdn_override:
|
|
default: null
|
|
port:
|
|
ovsdb:
|
|
default: 6642
|
|
raft:
|
|
default: 6644
|
|
|
|
network_policy:
|
|
ovn_ovsdb_nb:
|
|
ingress:
|
|
- {}
|
|
egress:
|
|
- {}
|
|
ovn_ovsdb_sb:
|
|
ingress:
|
|
- {}
|
|
egress:
|
|
- {}
|
|
ovn_northd:
|
|
ingress:
|
|
- {}
|
|
egress:
|
|
- {}
|
|
ovn_controller:
|
|
ingress:
|
|
- {}
|
|
egress:
|
|
- {}
|
|
|
|
dependencies:
|
|
dynamic:
|
|
common:
|
|
local_image_registry:
|
|
jobs:
|
|
- openvswitch-image-repo-sync
|
|
services:
|
|
- endpoint: node
|
|
service: local_image_registry
|
|
static:
|
|
ovn_ovsdb_nb: null
|
|
ovn_ovsdb_sb: null
|
|
ovn_northd:
|
|
services:
|
|
- endpoint: internal
|
|
service: ovn-ovsdb-nb
|
|
- endpoint: internal
|
|
service: ovn-ovsdb-sb
|
|
ovn_controller:
|
|
services:
|
|
- endpoint: internal
|
|
service: ovn-ovsdb-sb
|
|
pod:
|
|
- requireSameNode: true
|
|
labels:
|
|
application: openvswitch
|
|
component: server
|
|
image_repo_sync:
|
|
services:
|
|
- endpoint: internal
|
|
service: local_image_registry
|
|
|
|
manifests:
|
|
configmap_bin: true
|
|
configmap_etc: true
|
|
deployment_northd: true
|
|
daemonset_controller: true
|
|
service_ovn_ovsdb_nb: true
|
|
service_ovn_ovsdb_sb: true
|
|
statefulset_ovn_ovsdb_nb: true
|
|
statefulset_ovn_ovsdb_sb: true
|
|
deployment_ovn_northd: true
|
|
daemonset_ovn_controller: true
|
|
job_image_repo_sync: true
|
|
...
|