Add OVN bridge-mapping

Change-Id: I84c38c7210217718339c0b1ef059bbad9854b2cc

ovn/Chart.yaml

@@ -15,7 +15,7 @@ apiVersion: v1
 appVersion: v23.3.0
 description: OpenStack-Helm OVN
 name: ovn
-version: 0.1.1
+version: 0.1.2
 home: https://www.ovn.org
 icon: https://www.ovn.org/images/ovn-logo.png
 sources:

ovn/templates/bin/_ovn-setup-bridges-init.sh.tpl

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+{{/*
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+set -ex
+
+# handle any bridge mappings
+# /tmp/auto_bridge_add is one line json file: {"br-ex1":"eth1","br-ex2":"eth2"}
+for bmap in `sed 's/[{}"]//g' /tmp/auto_bridge_add | tr "," "\n"`
+do
+  bridge=${bmap%:*}
+  iface=${bmap#*:}
+  ovs-vsctl --may-exist add-br $bridge -- set bridge $bridge protocols=OpenFlow13
+  if [ -n "$iface" ] && [ "$iface" != "null" ]
+  then
+    ovs-vsctl --may-exist add-port $bridge $iface
+  fi
+done

ovn/templates/bin/_ovn.sh.tpl

@@ -970,7 +970,11 @@ ovn-master() {
 }
 
 add-external-id-configs() {
-  ovs-vsctl set open . external-ids:system-id="$ovn_pod_host"
+  ovs-vsctl get open . external-ids:system-id
+  if [ $? -eq 1 ]; then
+    ovs-vsctl set open . external-ids:system-id="$(uuidgen)"
+  fi
+
   ovs-vsctl set open . external-ids:rundir="/var/run/openvswitch"
   ovs-vsctl set open . external_ids:ovn-encap-ip="$ovn_encap_ip"
   ovs-vsctl set open . external-ids:ovn-remote="{{ .Values.conf.ovn_remote }}"

ovn/templates/configmap-bin.yaml

@@ -26,4 +26,6 @@ data:
 {{- end }}
   ovn.sh: |
 {{ tuple "bin/_ovn.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
+  ovn-setup-bridges-init.sh: |
+{{ tuple "bin/_ovn-setup-bridges-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
 {{- end }}

ovn/templates/configmap-etc.yaml

@@ -0,0 +1,34 @@
+{{/*
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- define "ovn.configmap.etc" }}
+{{- $configMapName := index . 0 }}
+{{- $envAll := index . 1 }}
+{{- with $envAll }}
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ $configMapName }}
+type: Opaque
+data:
+  auto_bridge_add: {{ toJson $envAll.Values.conf.auto_bridge_add | b64enc }}
+
+{{- end }}
+{{- end }}
+
+{{- if .Values.manifests.configmap_etc }}
+{{- list "ovn-etc" . | include "ovn.configmap.etc" }}
+{{- end }}

ovn/templates/daemonset-controller.yaml

@@ -15,6 +15,7 @@ limitations under the License.
 {{- if .Values.manifests.daemonset_controller }}
 {{- $envAll := . }}
 
+{{- $configMapName := "ovn-etc" }}
 {{- $serviceAccountName := "ovn-controller" }}
 {{ tuple $envAll "ovn_controller" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
 ---
@@ -43,6 +44,21 @@ spec:
         {{ .Values.labels.ovn_controller.node_selector_key }}: {{ .Values.labels.ovn_controller.node_selector_value }}
       initContainers:
 {{- tuple $envAll "ovn_controller" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
+        - name: ovn-setup-bridge
+{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
+          command:
+            - /tmp/ovn-setup-bridges-init.sh
+          volumeMounts:
+            - name: ovn-bin
+              mountPath: /tmp/ovn-setup-bridges-init.sh
+              subPath: ovn-setup-bridges-init.sh
+              readOnly: true
+            - name: run-openvswitch
+              mountPath: /run/openvswitch
+            - name: ovn-etc
+              mountPath: /tmp/auto_bridge_add
+              subPath: auto_bridge_add
+              readOnly: true
       containers:
         - name: ovn-controller
 {{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
@@ -70,9 +86,13 @@ spec:
         - name: ovn-bin
           configMap:
             name: ovn-bin
-            defaultMode: 0555
+            defaultMode: 0777
         - name: run-openvswitch
           hostPath:
             path: /run/openvswitch
             type: DirectoryOrCreate
+        - name: ovn-etc
+          secret:
+            secretName: {{ $configMapName }}
+            defaultMode: 0444
 {{- end }}

ovn/values.yaml

@@ -70,8 +70,14 @@ conf:
   ovn_remote: tcp:ovn-sb-db.openstack.svc.cluster.local:6640
   ovn_encap_type: geneve
   ovn_bridge: br-int
+  # ovn_bridge_mappings: "physnet-public:br-public,physnet-private:br-private"
   ovn_bridge_mappings: ""
 
+  # auto_bridge_add:
+  #   br-private: eth0
+  #   br-public: eth1
+  auto_bridge_add: {}
+
   # NOTE: should be same as nova.conf.use_fqdn.compute
   use_fqdn:
     compute: true
@@ -272,6 +278,7 @@ dependencies:
 
 manifests:
   configmap_bin: true
+  configmap_etc: true
   deployment_northd: true
   daemonset_controller: true
   service_ovn_nb_db: true

releasenotes/notes/ovn.yaml

@@ -2,5 +2,5 @@
 ovn:
   - 0.1.0 Add OVN!
   - 0.1.1 Fix ovn db persistence issue
-
+  - 0.1.2 Add bridge-mapping configuration
 ...