Update kube-ovn to 1.8.1

This commit is contained in:
Florian Ruynat 2021-10-14 21:11:09 +02:00 committed by Kubernetes Prow Robot
parent b912dafd7a
commit 16bf3549c1
6 changed files with 144 additions and 14 deletions

View file

@ -143,7 +143,7 @@ Note: Upstart/SysV init based OS types are not supported.
- [flanneld](https://github.com/flannel-io/flannel) v0.14.0
- [kube-ovn](https://github.com/alauda/kube-ovn) v1.7.2
- [kube-router](https://github.com/cloudnativelabs/kube-router) v1.3.1
- [multus](https://github.com/intel/multus-cni) v3.8.0
- [multus](https://github.com/intel/multus-cni) v3.8
- [ovn4nfv](https://github.com/opnfv/ovn4nfv-k8s-plugin) v1.1.0
- [weave](https://github.com/weaveworks/weave) v2.8.1
- Application

View file

@ -83,9 +83,9 @@ cni_version: "v0.9.1"
weave_version: 2.8.1
pod_infra_version: "3.3"
cilium_version: "v1.9.10"
kube_ovn_version: "v1.7.2"
kube_ovn_version: "v1.8.1"
kube_router_version: "v1.3.1"
multus_version: "v3.8.0"
multus_version: "v3.8"
ovn4nfv_ovn_image_version: "v1.0.0"
ovn4nfv_k8s_plugin_image_version: "v1.1.0"
helm_version: "v3.7.0"

View file

@ -7,6 +7,10 @@ kube_ovn_node_cpu_request: 200m
kube_ovn_node_memory_request: 200Mi
kube_ovn_node_cpu_limit: 1000m
kube_ovn_node_memory_limit: 800Mi
kube_ovn_cni_server_cpu_request: 200m
kube_ovn_cni_server_memory_request: 200Mi
kube_ovn_cni_server_cpu_limit: 1000m
kube_ovn_cni_server_memory_limit: 1Gi
kube_ovn_controller_cpu_request: 200m
kube_ovn_controller_memory_request: 200Mi
kube_ovn_controller_cpu_limit: 1000m

View file

@ -100,15 +100,6 @@ spec:
- name: NAT
type: boolean
jsonPath: .spec.natOutgoing
- name: ExternalEgressGateway
type: string
jsonPath: .spec.externalEgressGateway
- name: PolicyRoutingPriority
type: integer
jsonPath: .spec.policyRoutingPriority
- name: PolicyRoutingTableID
type: integer
jsonPath: .spec.policyRoutingTableID
- name: Default
type: boolean
jsonPath: .spec.default
@ -127,6 +118,9 @@ spec:
- name: V6Available
type: number
jsonPath: .status.v6availableIPs
- name: ExcludeIPs
type: string
jsonPath: .spec.excludeIps
schema:
openAPIV3Schema:
type: object
@ -214,7 +208,7 @@ spec:
type: boolean
vlan:
type: string
underlayGateway:
disableGatewayCheck:
type: boolean
disableInterConnection:
type: boolean
@ -293,11 +287,23 @@ spec:
openAPIV3Schema:
type: object
properties:
metadata:
type: object
properties:
name:
type: string
maxLength: 12
not:
enum:
- int
- external
spec:
type: object
properties:
defaultInterface:
type: string
maxLength: 15
pattern: '^[^/\s]+$'
customInterfaces:
type: array
items:
@ -305,6 +311,8 @@ spec:
properties:
interface:
type: string
maxLength: 15
pattern: '^[^/\s]+$'
nodes:
type: array
items:
@ -375,6 +383,9 @@ spec:
- jsonPath: .status.subnets
name: Subnets
type: string
- jsonPath: .spec.namespaces
name: Namespaces
type: string
name: v1
schema:
openAPIV3Schema:
@ -466,7 +477,17 @@ spec:
listKind: VpcNatGatewayList
scope: Cluster
versions:
- name: v1
- additionalPrinterColumns:
- jsonPath: .spec.vpc
name: Vpc
type: string
- jsonPath: .spec.subnet
name: Subnet
type: string
- jsonPath: .spec.lanIp
name: LanIP
type: string
name: v1
served: true
storage: true
schema:
@ -528,3 +549,96 @@ spec:
status: {}
conversion:
strategy: None
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: security-groups.kubeovn.io
spec:
group: kubeovn.io
names:
plural: security-groups
singular: security-group
shortNames:
- sg
kind: SecurityGroup
listKind: SecurityGroupList
scope: Cluster
versions:
- name: v1
served: true
storage: true
schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
properties:
ingressRules:
type: array
items:
type: object
properties:
ipVersion:
type: string
protocol:
type: string
priority:
type: integer
remoteType:
type: string
remoteAddress:
type: string
remoteSecurityGroup:
type: string
portRangeMin:
type: integer
portRangeMax:
type: integer
policy:
type: string
egressRules:
type: array
items:
type: object
properties:
ipVersion:
type: string
protocol:
type: string
priority:
type: integer
remoteType:
type: string
remoteAddress:
type: string
remoteSecurityGroup:
type: string
portRangeMin:
type: integer
portRangeMax:
type: integer
policy:
type: string
allowSameGroupTraffic:
type: boolean
status:
type: object
properties:
portGroup:
type: string
allowSameGroupTraffic:
type: boolean
ingressMd5:
type: string
egressMd5:
type: string
ingressLastSyncSuccess:
type: boolean
egressLastSyncSuccess:
type: boolean
subresources:
status: {}
conversion:
strategy: None

View file

@ -45,6 +45,9 @@ spec:
args:
- --default-cidr={{ kube_pods_subnet }}
- --pod-nic-type=veth-pair
- --enable-lb=true
- --enable-np=true
- --enable-external-vpc=true
env:
- name: ENABLE_SSL
value: "{{ enable_ssl | lower }}"
@ -194,6 +197,13 @@ spec:
initialDelaySeconds: 30
periodSeconds: 7
failureThreshold: 5
resources:
requests:
cpu: {{ kube_ovn_cni_server_cpu_request }}
memory: {{ kube_ovn_cni_server_memory_request }}
limits:
cpu: {{ kube_ovn_cni_server_cpu_limit }}
memory: {{ kube_ovn_cni_server_memory_limit }}
nodeSelector:
kubernetes.io/os: "linux"
volumes:

View file

@ -70,6 +70,8 @@ rules:
- provider-networks
- provider-networks/status
- networks
- security-groups
- security-groups/status
verbs:
- "*"
- apiGroups: