From 0abb3f9130419eb1e13c153e441303ed6ea27809 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Wed, 3 Jan 2024 11:32:01 +0100 Subject: [PATCH] kube-ovn get values from cozystack configmap Signed-off-by: Andrei Kvapil --- packages/system/kubeovn/.gitignore | 1 - packages/system/kubeovn/Makefile | 3 +- .../kube-ovn/templates/controller-deploy.yaml | 37 +------ .../charts/kube-ovn/templates/ovncni-ds.yaml | 10 +- .../kubeovn/charts/kube-ovn/values.yaml | 4 - packages/system/kubeovn/patches/3597.diff | 68 ------------- packages/system/kubeovn/patches/3598.diff | 29 ------ .../system/kubeovn/patches/cozyconfig.diff | 97 +++++++++++++++++++ packages/system/kubeovn/values.yaml | 5 - 9 files changed, 105 insertions(+), 149 deletions(-) delete mode 100644 packages/system/kubeovn/.gitignore delete mode 100644 packages/system/kubeovn/patches/3597.diff delete mode 100644 packages/system/kubeovn/patches/3598.diff create mode 100644 packages/system/kubeovn/patches/cozyconfig.diff diff --git a/packages/system/kubeovn/.gitignore b/packages/system/kubeovn/.gitignore deleted file mode 100644 index 9f53b555..00000000 --- a/packages/system/kubeovn/.gitignore +++ /dev/null @@ -1 +0,0 @@ -values-runttime.yaml diff --git a/packages/system/kubeovn/Makefile b/packages/system/kubeovn/Makefile index ce993347..13fd4490 100644 --- a/packages/system/kubeovn/Makefile +++ b/packages/system/kubeovn/Makefile @@ -14,5 +14,4 @@ update: rm -rf charts && mkdir -p charts/kube-ovn curl -sSL https://github.com/kubeovn/kube-ovn/archive/refs/heads/master.tar.gz | \ tar -C charts/kube-ovn -xzvf - --strip 2 kube-ovn-master/charts - cd charts/kube-ovn && patch -p2 < ../../patches/3597.diff - cd charts/kube-ovn && patch -p2 < ../../patches/3598.diff + patch -p4 < patches/cozyconfig.diff diff --git a/packages/system/kubeovn/charts/kube-ovn/templates/controller-deploy.yaml b/packages/system/kubeovn/charts/kube-ovn/templates/controller-deploy.yaml index 0e694945..756eb7cc 100644 --- a/packages/system/kubeovn/charts/kube-ovn/templates/controller-deploy.yaml +++ b/packages/system/kubeovn/charts/kube-ovn/templates/controller-deploy.yaml @@ -52,46 +52,19 @@ spec: image: {{ .Values.global.registry.address }}/{{ .Values.global.images.kubeovn.repository }}:{{ .Values.global.images.kubeovn.tag }} imagePullPolicy: {{ .Values.image.pullPolicy }} args: + {{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} - /kube-ovn/start-controller.sh - --default-ls={{ .Values.networking.DEFAULT_SUBNET }} - - --default-cidr= - {{- if eq .Values.networking.NET_STACK "dual_stack" -}} - {{ .Values.dual_stack.POD_CIDR }} - {{- else if eq .Values.networking.NET_STACK "ipv4" -}} - {{ .Values.ipv4.POD_CIDR }} - {{- else if eq .Values.networking.NET_STACK "ipv6" -}} - {{ .Values.ipv6.POD_CIDR }} - {{- end }} - - --default-gateway= - {{- if eq .Values.networking.NET_STACK "dual_stack" -}} - {{ .Values.dual_stack.POD_GATEWAY }} - {{- else if eq .Values.networking.NET_STACK "ipv4" -}} - {{ .Values.ipv4.POD_GATEWAY }} - {{- else if eq .Values.networking.NET_STACK "ipv6" -}} - {{ .Values.ipv6.POD_GATEWAY }} - {{- end }} + - --default-cidr={{ index $cozyConfig.data "ipv4-pod-cidr" }} + - --default-gateway={{ index $cozyConfig.data "ipv4-pod-gateway" }} - --default-gateway-check={{- .Values.func.CHECK_GATEWAY }} - --default-logical-gateway={{- .Values.func.LOGICAL_GATEWAY }} - --default-u2o-interconnection={{- .Values.func.U2O_INTERCONNECTION }} - --default-exclude-ips={{- .Values.networking.EXCLUDE_IPS }} - --cluster-router={{ .Values.networking.DEFAULT_VPC }} - --node-switch={{ .Values.networking.NODE_SUBNET }} - - --node-switch-cidr= - {{- if eq .Values.networking.NET_STACK "dual_stack" -}} - {{ .Values.dual_stack.JOIN_CIDR }} - {{- else if eq .Values.networking.NET_STACK "ipv4" -}} - {{ .Values.ipv4.JOIN_CIDR }} - {{- else if eq .Values.networking.NET_STACK "ipv6" -}} - {{ .Values.ipv6.JOIN_CIDR }} - {{- end }} - - --service-cluster-ip-range= - {{- if eq .Values.networking.NET_STACK "dual_stack" -}} - {{ .Values.dual_stack.SVC_CIDR }} - {{- else if eq .Values.networking.NET_STACK "ipv4" -}} - {{ .Values.ipv4.SVC_CIDR }} - {{- else if eq .Values.networking.NET_STACK "ipv6" -}} - {{ .Values.ipv6.SVC_CIDR }} - {{- end }} + - --node-switch-cidr={{ index $cozyConfig.data "ipv4-join-cidr" }} + - --service-cluster-ip-range={{ index $cozyConfig.data "ipv4-svc-cidr" }} - --network-type={{- .Values.networking.NETWORK_TYPE }} - --default-provider-name={{ .Values.networking.vlan.PROVIDER_NAME }} - --default-interface-name={{- .Values.networking.vlan.VLAN_INTERFACE_NAME }} diff --git a/packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml b/packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml index d9a9a676..b2e12dd1 100644 --- a/packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml +++ b/packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml @@ -51,18 +51,12 @@ spec: - bash - /kube-ovn/start-cniserver.sh args: + {{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} - --enable-mirror={{- .Values.debug.ENABLE_MIRROR }} - --mirror-iface={{- .Values.debug.MIRROR_IFACE }} - --node-switch={{ .Values.networking.NODE_SUBNET }} - --encap-checksum=true - - --service-cluster-ip-range= - {{- if eq .Values.networking.NET_STACK "dual_stack" -}} - {{ .Values.dual_stack.SVC_CIDR }} - {{- else if eq .Values.networking.NET_STACK "ipv4" -}} - {{ .Values.ipv4.SVC_CIDR }} - {{- else if eq .Values.networking.NET_STACK "ipv6" -}} - {{ .Values.ipv6.SVC_CIDR }} - {{- end }} + - --service-cluster-ip-range={{ index $cozyConfig.data "ipv4-svc-cidr" }} {{- if eq .Values.networking.NETWORK_TYPE "vlan" }} - --iface= {{- else}} diff --git a/packages/system/kubeovn/charts/kube-ovn/values.yaml b/packages/system/kubeovn/charts/kube-ovn/values.yaml index bfffc4d7..b8807499 100644 --- a/packages/system/kubeovn/charts/kube-ovn/values.yaml +++ b/packages/system/kubeovn/charts/kube-ovn/values.yaml @@ -70,10 +70,6 @@ func: ENABLE_TPROXY: false ipv4: - POD_CIDR: "10.16.0.0/16" - POD_GATEWAY: "10.16.0.1" - SVC_CIDR: "10.96.0.0/12" - JOIN_CIDR: "100.64.0.0/16" PINGER_EXTERNAL_ADDRESS: "1.1.1.1" PINGER_EXTERNAL_DOMAIN: "alauda.cn." diff --git a/packages/system/kubeovn/patches/3597.diff b/packages/system/kubeovn/patches/3597.diff deleted file mode 100644 index 334fd543..00000000 --- a/packages/system/kubeovn/patches/3597.diff +++ /dev/null @@ -1,68 +0,0 @@ -diff --git a/charts/templates/_helpers.tpl b/charts/templates/_helpers.tpl -index ef9343d2e5..8be2462dae 100644 ---- a/charts/templates/_helpers.tpl -+++ b/charts/templates/_helpers.tpl -@@ -5,7 +5,13 @@ Get IP-addresses of master nodes - {{- $nodes := lookup "v1" "Node" "" "" -}} - {{- $ips := list -}} - {{- range $node := $nodes.items -}} -- {{- if eq (index $node.metadata.labels "kube-ovn/role") "master" -}} -+ {{- $label := splitList "=" $.Values.MASTER_NODES_LABEL }} -+ {{- $key := index $label 0 }} -+ {{- $val := "" }} -+ {{- if eq (len $label) 2 }} -+ {{- $val = index $label 1 }} -+ {{- end }} -+ {{- if eq (index $node.metadata.labels $key) $val -}} - {{- range $address := $node.status.addresses -}} - {{- if eq $address.type "InternalIP" -}} - {{- $ips = append $ips $address.address -}} -diff --git a/charts/templates/central-deploy.yaml b/charts/templates/central-deploy.yaml -index cbdf87b728..bf234e11e9 100644 ---- a/charts/templates/central-deploy.yaml -+++ b/charts/templates/central-deploy.yaml -@@ -126,7 +126,9 @@ spec: - timeoutSeconds: 45 - nodeSelector: - kubernetes.io/os: "linux" -- kube-ovn/role: "master" -+ {{- with splitList "=" .Values.MASTER_NODES_LABEL }} -+ {{ index . 0 }}: "{{ if eq (len .) 2 }}{{ index . 1 }}{{ end }}" -+ {{- end }} - volumes: - - name: host-run-ovs - hostPath: -diff --git a/charts/templates/monitor-deploy.yaml b/charts/templates/monitor-deploy.yaml -index d28999b4bc..b938ebfedd 100644 ---- a/charts/templates/monitor-deploy.yaml -+++ b/charts/templates/monitor-deploy.yaml -@@ -108,7 +108,9 @@ spec: - timeoutSeconds: 3 - nodeSelector: - kubernetes.io/os: "linux" -- kube-ovn/role: "master" -+ {{- with splitList "=" .Values.MASTER_NODES_LABEL }} -+ {{ index . 0 }}: "{{ if eq (len .) 2 }}{{ index . 1 }}{{ end }}" -+ {{- end }} - volumes: - - name: host-run-ovs - hostPath: -@@ -134,4 +136,4 @@ spec: - secretName: kube-ovn-tls - - name: kube-ovn-log - hostPath: -- path: {{ .Values.log_conf.LOG_DIR }}/kube-ovn -\ No newline at end of file -+ path: {{ .Values.log_conf.LOG_DIR }}/kube-ovn -diff --git a/charts/values.yaml b/charts/values.yaml -index d7ad7da67e..bfffc4d7fb 100644 ---- a/charts/values.yaml -+++ b/charts/values.yaml -@@ -19,6 +19,7 @@ image: - - namespace: kube-system - MASTER_NODES: "" -+MASTER_NODES_LABEL: "kube-ovn/role=master" - - networking: - # NET_STACK could be dual_stack, ipv4, ipv6 diff --git a/packages/system/kubeovn/patches/3598.diff b/packages/system/kubeovn/patches/3598.diff deleted file mode 100644 index c549e49f..00000000 --- a/packages/system/kubeovn/patches/3598.diff +++ /dev/null @@ -1,29 +0,0 @@ -diff --git a/charts/templates/ovn-tls-secret.yaml b/charts/templates/ovn-tls-secret.yaml -new file mode 100644 -index 0000000000..dde402039d ---- /dev/null -+++ b/charts/templates/ovn-tls-secret.yaml -@@ -0,0 +1,23 @@ -+{{- if .Values.networking.ENABLE_SSL }} -+{{- $cn := "ovn" -}} -+{{- $ca := genCA "ovn-ca" 3650 -}} -+--- -+apiVersion: v1 -+kind: Secret -+metadata: -+ name: kube-ovn-tls -+ namespace: {{ .Values.namespace }} -+data: -+{{- $existingSecret := lookup "v1" "Secret" .Values.namespace "kube-ovn-tls" }} -+ {{- if $existingSecret }} -+ cacert: {{ index $existingSecret.data "cacert" }} -+ cert: {{ index $existingSecret.data "cert" }} -+ key: {{ index $existingSecret.data "key" }} -+ {{- else }} -+ {{- with genSignedCert $cn nil nil 3650 $ca }} -+ cacert: {{ b64enc $ca.Cert }} -+ cert: {{ b64enc .Cert }} -+ key: {{ b64enc .Key }} -+ {{- end }} -+ {{- end }} -+{{- end }} diff --git a/packages/system/kubeovn/patches/cozyconfig.diff b/packages/system/kubeovn/patches/cozyconfig.diff new file mode 100644 index 00000000..c5a14190 --- /dev/null +++ b/packages/system/kubeovn/patches/cozyconfig.diff @@ -0,0 +1,97 @@ + +diff --git a/packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml b/packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml +index d9a9a67..b2e12dd 100644 +--- a/packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml ++++ b/packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml +@@ -51,18 +51,12 @@ spec: + - bash + - /kube-ovn/start-cniserver.sh + args: ++ {{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} + - --enable-mirror={{- .Values.debug.ENABLE_MIRROR }} + - --mirror-iface={{- .Values.debug.MIRROR_IFACE }} + - --node-switch={{ .Values.networking.NODE_SUBNET }} + - --encap-checksum=true +- - --service-cluster-ip-range= +- {{- if eq .Values.networking.NET_STACK "dual_stack" -}} +- {{ .Values.dual_stack.SVC_CIDR }} +- {{- else if eq .Values.networking.NET_STACK "ipv4" -}} +- {{ .Values.ipv4.SVC_CIDR }} +- {{- else if eq .Values.networking.NET_STACK "ipv6" -}} +- {{ .Values.ipv6.SVC_CIDR }} +- {{- end }} ++ - --service-cluster-ip-range={{ index $cozyConfig.data "ipv4-svc-cidr" }} + {{- if eq .Values.networking.NETWORK_TYPE "vlan" }} + - --iface= + {{- else}} +diff --git a/packages/system/kubeovn/charts/kube-ovn/templates/controller-deploy.yaml b/packages/system/kubeovn/charts/kube-ovn/templates/controller-deploy.yaml +index 0e69494..756eb7c 100644 +--- a/packages/system/kubeovn/charts/kube-ovn/templates/controller-deploy.yaml ++++ b/packages/system/kubeovn/charts/kube-ovn/templates/controller-deploy.yaml +@@ -52,46 +52,19 @@ spec: + image: {{ .Values.global.registry.address }}/{{ .Values.global.images.kubeovn.repository }}:{{ .Values.global.images.kubeovn.tag }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + args: ++ {{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} + - /kube-ovn/start-controller.sh + - --default-ls={{ .Values.networking.DEFAULT_SUBNET }} +- - --default-cidr= +- {{- if eq .Values.networking.NET_STACK "dual_stack" -}} +- {{ .Values.dual_stack.POD_CIDR }} +- {{- else if eq .Values.networking.NET_STACK "ipv4" -}} +- {{ .Values.ipv4.POD_CIDR }} +- {{- else if eq .Values.networking.NET_STACK "ipv6" -}} +- {{ .Values.ipv6.POD_CIDR }} +- {{- end }} +- - --default-gateway= +- {{- if eq .Values.networking.NET_STACK "dual_stack" -}} +- {{ .Values.dual_stack.POD_GATEWAY }} +- {{- else if eq .Values.networking.NET_STACK "ipv4" -}} +- {{ .Values.ipv4.POD_GATEWAY }} +- {{- else if eq .Values.networking.NET_STACK "ipv6" -}} +- {{ .Values.ipv6.POD_GATEWAY }} +- {{- end }} ++ - --default-cidr={{ index $cozyConfig.data "ipv4-pod-cidr" }} ++ - --default-gateway={{ index $cozyConfig.data "ipv4-pod-gateway" }} + - --default-gateway-check={{- .Values.func.CHECK_GATEWAY }} + - --default-logical-gateway={{- .Values.func.LOGICAL_GATEWAY }} + - --default-u2o-interconnection={{- .Values.func.U2O_INTERCONNECTION }} + - --default-exclude-ips={{- .Values.networking.EXCLUDE_IPS }} + - --cluster-router={{ .Values.networking.DEFAULT_VPC }} + - --node-switch={{ .Values.networking.NODE_SUBNET }} +- - --node-switch-cidr= +- {{- if eq .Values.networking.NET_STACK "dual_stack" -}} +- {{ .Values.dual_stack.JOIN_CIDR }} +- {{- else if eq .Values.networking.NET_STACK "ipv4" -}} +- {{ .Values.ipv4.JOIN_CIDR }} +- {{- else if eq .Values.networking.NET_STACK "ipv6" -}} +- {{ .Values.ipv6.JOIN_CIDR }} +- {{- end }} +- - --service-cluster-ip-range= +- {{- if eq .Values.networking.NET_STACK "dual_stack" -}} +- {{ .Values.dual_stack.SVC_CIDR }} +- {{- else if eq .Values.networking.NET_STACK "ipv4" -}} +- {{ .Values.ipv4.SVC_CIDR }} +- {{- else if eq .Values.networking.NET_STACK "ipv6" -}} +- {{ .Values.ipv6.SVC_CIDR }} +- {{- end }} ++ - --node-switch-cidr={{ index $cozyConfig.data "ipv4-join-cidr" }} ++ - --service-cluster-ip-range={{ index $cozyConfig.data "ipv4-svc-cidr" }} + - --network-type={{- .Values.networking.NETWORK_TYPE }} + - --default-provider-name={{ .Values.networking.vlan.PROVIDER_NAME }} + - --default-interface-name={{- .Values.networking.vlan.VLAN_INTERFACE_NAME }} +diff --git a/packages/system/kubeovn/charts/kube-ovn/values.yaml b/packages/system/kubeovn/charts/kube-ovn/values.yaml +index bfffc4d..b880749 100644 +--- a/packages/system/kubeovn/charts/kube-ovn/values.yaml ++++ b/packages/system/kubeovn/charts/kube-ovn/values.yaml +@@ -70,10 +70,6 @@ func: + ENABLE_TPROXY: false + + ipv4: +- POD_CIDR: "10.16.0.0/16" +- POD_GATEWAY: "10.16.0.1" +- SVC_CIDR: "10.96.0.0/12" +- JOIN_CIDR: "100.64.0.0/16" + PINGER_EXTERNAL_ADDRESS: "1.1.1.1" + PINGER_EXTERNAL_DOMAIN: "alauda.cn." + diff --git a/packages/system/kubeovn/values.yaml b/packages/system/kubeovn/values.yaml index 11734e1e..421b14de 100644 --- a/packages/system/kubeovn/values.yaml +++ b/packages/system/kubeovn/values.yaml @@ -9,11 +9,6 @@ kube-ovn: namespace: cozy-kubeovn - ipv4: - POD_CIDR: "10.244.0.0/16" - POD_GATEWAY: "10.244.0.1" - SVC_CIDR: "10.96.0.0/16" - func: ENABLE_NP: false