From ad1c7db43a794b2e4932a4b62c15966c23536133 Mon Sep 17 00:00:00 2001 From: ricolin Date: Fri, 31 Oct 2025 14:07:17 +0800 Subject: [PATCH 1/3] [OVN] Allow override OVN envs Signed-off-by: ricolin --- ovn/templates/daemonset-controller.yaml | 18 ++------ ovn/templates/deployment-northd.yaml | 19 ++------ ovn/templates/statefulset-ovsdb-nb.yaml | 25 ++-------- ovn/templates/statefulset-ovsdb-sb.yaml | 25 ++-------- ovn/values.yaml | 46 +++++++++++++++++++ ...low-ovn-env-override-daa003fe1f23d883.yaml | 7 +++ 6 files changed, 72 insertions(+), 68 deletions(-) create mode 100644 releasenotes/notes/allow-ovn-env-override-daa003fe1f23d883.yaml diff --git a/ovn/templates/daemonset-controller.yaml b/ovn/templates/daemonset-controller.yaml index c1122262f0..22eea1c2de 100644 --- a/ovn/templates/daemonset-controller.yaml +++ b/ovn/templates/daemonset-controller.yaml @@ -28,6 +28,8 @@ exec: {{- $envAll := index . 3 }} {{- with $envAll }} +{{- $env_ovn := .Values.pod.envs }} + --- kind: DaemonSet apiVersion: apps/v1 @@ -112,20 +114,8 @@ spec: env: - name: OVS_USER_ID value: {{ .Values.conf.ovs_user_name }} - - name: OVN_DAEMONSET_VERSION - value: "3" - - name: OVN_LOGLEVEL_CONTROLLER - value: "-vconsole:info -vfile:info" - - name: OVN_KUBERNETES_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: OVN_KUBERNETES_NB_STATEFULSET - value: ovn-ovsdb-nb - - name: OVN_KUBERNETES_SB_STATEFULSET - value: ovn-ovsdb-sb - - name: OVN_SSL_ENABLE - value: "no" +{{ if $env_ovn.common }}{{ toYaml $env_ovn.common | indent 12 }}{{ end }} +{{ if $env_ovn.controller }}{{ toYaml $env_ovn.controller | indent 12 }}{{ end }} volumeMounts: - name: run-openvswitch mountPath: /run/openvswitch diff --git a/ovn/templates/deployment-northd.yaml b/ovn/templates/deployment-northd.yaml index 2dbbb68902..bd12c8129d 100644 --- a/ovn/templates/deployment-northd.yaml +++ b/ovn/templates/deployment-northd.yaml @@ -26,6 +26,9 @@ exec: {{- $serviceAccountName := "ovn-northd" }} {{ tuple $envAll "ovn_northd" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} + +{{- $env_ovn := .Values.pod.envs }} + --- kind: Deployment apiVersion: apps/v1 @@ -64,18 +67,6 @@ spec: {{ dict "envAll" . "component" "ovn_northd" "container" "northd" "type" "readiness" "probeTemplate" (include "northdReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }} {{ dict "envAll" . "component" "ovn_northd" "container" "northd" "type" "liveness" "probeTemplate" (include "northdReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }} env: - - name: OVN_DAEMONSET_VERSION - value: "3" - - name: OVN_LOGLEVEL_NORTHD - value: "-vconsole:info -vfile:info" - - name: OVN_KUBERNETES_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: OVN_KUBERNETES_NB_STATEFULSET - value: ovn-ovsdb-nb - - name: OVN_KUBERNETES_SB_STATEFULSET - value: ovn-ovsdb-sb - - name: OVN_SSL_ENABLE - value: "no" +{{ if $env_ovn.common }}{{ toYaml $env_ovn.common | indent 12 }}{{ end }} +{{ if $env_ovn.northd }}{{ toYaml $env_ovn.northd | indent 12 }}{{ end }} {{- end }} diff --git a/ovn/templates/statefulset-ovsdb-nb.yaml b/ovn/templates/statefulset-ovsdb-nb.yaml index d19d5105d1..29977e6f42 100644 --- a/ovn/templates/statefulset-ovsdb-nb.yaml +++ b/ovn/templates/statefulset-ovsdb-nb.yaml @@ -30,6 +30,9 @@ exec: {{- $serviceAccountName := "ovn-ovsdb-nb" }} {{ tuple $envAll "ovn_ovsdb_nb" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} + +{{- $env_ovn := .Values.pod.envs }} + --- apiVersion: apps/v1 kind: StatefulSet @@ -77,30 +80,12 @@ spec: - containerPort: {{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} - containerPort: {{ tuple "ovn-ovsdb-nb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} env: - - name: OVN_DAEMONSET_VERSION - value: "3" - - name: OVN_LOGLEVEL_NB - value: "-vconsole:info -vfile:info" - - name: OVN_KUBERNETES_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: OVN_KUBERNETES_STATEFULSET - value: ovn-ovsdb-nb - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: OVN_SSL_ENABLE - value: "no" - - name: ENABLE_IPSEC - value: "false" - - name: OVN_NB_RAFT_ELECTION_TIMER - value: "1000" - name: OVN_NB_PORT value: {{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }} - name: OVN_NB_RAFT_PORT value: {{ tuple "ovn-ovsdb-nb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }} +{{ if $env_ovn.common }}{{ toYaml $env_ovn.common | indent 12 }}{{ end }} +{{ if $env_ovn.ovsdb_nb }}{{ toYaml $env_ovn.ovsdb_nb | indent 12 }}{{ end }} volumeMounts: - name: run-openvswitch mountPath: /var/run/openvswitch diff --git a/ovn/templates/statefulset-ovsdb-sb.yaml b/ovn/templates/statefulset-ovsdb-sb.yaml index a6180aaac1..745ababc98 100644 --- a/ovn/templates/statefulset-ovsdb-sb.yaml +++ b/ovn/templates/statefulset-ovsdb-sb.yaml @@ -30,6 +30,9 @@ exec: {{- $serviceAccountName := "ovn-ovsdb-sb" }} {{ tuple $envAll "ovn_ovsdb_sb" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} + +{{- $env_ovn := .Values.pod.envs }} + --- apiVersion: apps/v1 kind: StatefulSet @@ -77,30 +80,12 @@ spec: - containerPort: {{ tuple "ovn-ovsdb-sb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} - containerPort: {{ tuple "ovn-ovsdb-sb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} env: - - name: OVN_DAEMONSET_VERSION - value: "3" - - name: OVN_LOGLEVEL_SB - value: "-vconsole:info -vfile:info" - - name: OVN_KUBERNETES_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: OVN_KUBERNETES_STATEFULSET - value: ovn-ovsdb-sb - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: OVN_SSL_ENABLE - value: "no" - - name: ENABLE_IPSEC - value: "false" - - name: OVN_SB_RAFT_ELECTION_TIMER - value: "1000" - name: OVN_SB_PORT value: {{ tuple "ovn-ovsdb-sb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }} - name: OVN_SB_RAFT_PORT value: {{ tuple "ovn-ovsdb-sb" "internal" "raft" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }} +{{ if $env_ovn.common }}{{ toYaml $env_ovn.common | indent 12 }}{{ end }} +{{ if $env_ovn.ovsdb_sb }}{{ toYaml $env_ovn.ovsdb_sb | indent 12 }}{{ end }} volumeMounts: - name: run-openvswitch mountPath: /var/run/openvswitch diff --git a/ovn/values.yaml b/ovn/values.yaml index 49d4af8961..db6fc5c961 100644 --- a/ovn/values.yaml +++ b/ovn/values.yaml @@ -139,6 +139,52 @@ pod: # NOTE: should be same as nova.pod.use_fqdn.compute use_fqdn: compute: true + envs: + common: + - name: OVN_DAEMONSET_VERSION + value: "3" + - name: OVN_KUBERNETES_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OVN_KUBERNETES_NB_STATEFULSET + value: ovn-ovsdb-nb + - name: OVN_KUBERNETES_SB_STATEFULSET + value: ovn-ovsdb-sb + - name: OVN_SSL_ENABLE + value: "no" + controller: + - name: OVN_LOGLEVEL_CONTROLLER + value: "-vconsole:info -vfile:info" + northd: + - name: OVN_LOGLEVEL_NORTHD + value: "-vconsole:info -vfile:info" + ovsdb_nb: + - name: OVN_LOGLEVEL_NB + value: "-vconsole:info -vfile:info" + - name: OVN_KUBERNETES_STATEFULSET + value: ovn-ovsdb-nb + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: ENABLE_IPSEC + value: "false" + - name: OVN_NB_RAFT_ELECTION_TIMER + value: "1000" + ovsdb_sb: + - name: OVN_LOGLEVEL_SB + value: "-vconsole:info -vfile:info" + - name: OVN_KUBERNETES_STATEFULSET + value: ovn-ovsdb-sb + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: ENABLE_IPSEC + value: "false" + - name: OVN_SB_RAFT_ELECTION_TIMER + value: "1000" security_context: ovn_northd: container: diff --git a/releasenotes/notes/allow-ovn-env-override-daa003fe1f23d883.yaml b/releasenotes/notes/allow-ovn-env-override-daa003fe1f23d883.yaml new file mode 100644 index 0000000000..007e769095 --- /dev/null +++ b/releasenotes/notes/allow-ovn-env-override-daa003fe1f23d883.yaml @@ -0,0 +1,7 @@ +--- +features: + - | + Add support for overriding OVN environment variables. + OVN relies on environment variables to control the behavior of its services. + This allowing users to override these variables enables finer tuning of OVN + services when needed. From 9ceb486bb39c23051799d3a74d93ce16c01313fe Mon Sep 17 00:00:00 2001 From: ricolin Date: Fri, 31 Oct 2025 14:08:48 +0800 Subject: [PATCH 2/3] [OVN] Add OVN_NORTHD_PROBE_INTERVAL This change OVN_NORTHD_PROBE_INTERVAL from default 5000 (5 secs) to 30000 (30 secs). Signed-off-by: ricolin --- ovn/values.yaml | 2 ++ .../notes/tunning-ovn-probe-interval-11adf7898dd0d9f6.yaml | 6 ++++++ 2 files changed, 8 insertions(+) create mode 100644 releasenotes/notes/tunning-ovn-probe-interval-11adf7898dd0d9f6.yaml diff --git a/ovn/values.yaml b/ovn/values.yaml index db6fc5c961..64723ce70d 100644 --- a/ovn/values.yaml +++ b/ovn/values.yaml @@ -172,6 +172,8 @@ pod: value: "false" - name: OVN_NB_RAFT_ELECTION_TIMER value: "1000" + - name: OVN_NORTHD_PROBE_INTERVAL + value: "30000" ovsdb_sb: - name: OVN_LOGLEVEL_SB value: "-vconsole:info -vfile:info" diff --git a/releasenotes/notes/tunning-ovn-probe-interval-11adf7898dd0d9f6.yaml b/releasenotes/notes/tunning-ovn-probe-interval-11adf7898dd0d9f6.yaml new file mode 100644 index 0000000000..bd946d4824 --- /dev/null +++ b/releasenotes/notes/tunning-ovn-probe-interval-11adf7898dd0d9f6.yaml @@ -0,0 +1,6 @@ +--- +other: + - | + Increase the probe interval of OVN northd for connections to the OVN Northbound and + Southbound databases from 5 seconds to 30 seconds. This enhancing service resilience + under heavy load. From f4c31cde31b66e0d97a40ec10607debd8048535b Mon Sep 17 00:00:00 2001 From: Rico Lin Date: Fri, 14 Nov 2025 09:24:48 +0800 Subject: [PATCH 3/3] drop unused releasenote --- .../notes/allow-ovn-env-override-daa003fe1f23d883.yaml | 7 ------- 1 file changed, 7 deletions(-) delete mode 100644 releasenotes/notes/allow-ovn-env-override-daa003fe1f23d883.yaml diff --git a/releasenotes/notes/allow-ovn-env-override-daa003fe1f23d883.yaml b/releasenotes/notes/allow-ovn-env-override-daa003fe1f23d883.yaml deleted file mode 100644 index 007e769095..0000000000 --- a/releasenotes/notes/allow-ovn-env-override-daa003fe1f23d883.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -features: - - | - Add support for overriding OVN environment variables. - OVN relies on environment variables to control the behavior of its services. - This allowing users to override these variables enables finer tuning of OVN - services when needed.