USHIFT-536: add user-facing config for ovn-kubernetes CNI

assets/components/ovn/configmap.yaml

@@ -8,7 +8,7 @@ metadata:
 data:
   ovnkube.conf:   |-
     [default]
-    mtu="{{.MTU}}"
+    mtu="{{.OVNConfig.MTU}}"
     cluster-subnets={{.ClusterCIDR}}
     encap-port="6081"
     enable-lflow-cache=false

docs/howto_config.md

@@ -17,7 +17,6 @@ cluster:
   dns: ""
   domain: ""
   url: ""
-  mtu: ""
 nodeIP: ""
 nodeName: ""
 logVLevel: ""
@@ -33,7 +32,6 @@ The configuration settings alongside with the supported command line arguments a
 | dns                 | --cluster-dns             | MICROSHIFT_CLUSTER_DNS                  | The Kubernetes service IP address where pods query for name resolution
 | domain              | --cluster-domain          | MICROSHIFT_CLUSTER_DOMAIN               | Base DNS domain used to construct fully qualified pod and service domain names
 | url                 | --url                     | MICROSHIFT_CLUSTER_URL                  | URL of the API server for the cluster.
-| mtu                 | --cluster-mtu             | MICROSHIFT_CLUSTER_MTU                  | The maximum transmission unit for the Generic Network Virtualization Encapsulation overlay network
 | nodeIP              | --node-ip                 | MICROSHIFT_NODEIP                       | The IP address of the node, defaults to IP of the default route
 | nodeName            | --node-name               | MICROSHIFT_NODENAME                     | The name of the node, defaults to hostname
 | logVLevel           | --v                       | MICROSHIFT_LOGVLEVEL                    | Log verbosity (0-5)
@@ -50,7 +48,6 @@ cluster:
   dns: 10.43.0.10
   domain: cluster.local
   url: https://127.0.0.1:6443
-  mtu: "1400"
 nodeIP: ""
 nodeName: ""
 logVLevel: 0

packaging/microshift/config.yaml

@@ -19,9 +19,6 @@ cluster:
   # URL of the API server for the cluster
   #url: https://127.0.0.1:6443
 
-  # MTU for CNI
-  #mtu: "1400"
-
 # Log verbosity (0-5)
 #logVLevel: 0
 

packaging/systemd/configure-ovs.sh

@@ -626,6 +626,15 @@ fi
 # print initial state
 print_state
 if [ "$1" == "OVNKubernetes" ]; then
+  # Skip configuring NICs onto OVS bridge "br-ex" when disableOVSInit is true
+  MICROSHIFT_OVN_CONFIG_FILE_PATH="/etc/microshift/ovn.yaml"
+  if [ -f "$MICROSHIFT_OVN_CONFIG_FILE_PATH" ]; then
+    disableOVSInit=$(cat "$MICROSHIFT_OVN_CONFIG_FILE_PATH" | awk "/disableOVSInit:/ && ! /#.*disableOVSInit:/ {print \$2}")
+    if [ "$disableOVSInit" == "true" ]; then
+      echo "disableOVSInit is true, skipped configure-ovs.sh "
+      exit 0
+    fi
+  fi
   # Configures NICs onto OVS bridge "br-ex"
   # Configuration is either auto-detected or provided through a config file written already in Network Manager
   # key files under /etc/NetworkManager/system-connections/

pkg/cmd/run.go

@@ -37,7 +37,6 @@ func addRunFlags(cmd *cobra.Command, cfg *config.MicroshiftConfig) {
 	flags.String("service-node-port-range", cfg.Cluster.ServiceNodePortRange, "The port range to reserve for services with NodePort visibility. This must not overlap with the ephemeral port range on nodes.")
 	flags.String("cluster-dns", cfg.Cluster.DNS, "Comma-separated list of DNS server IP address. This value is used for containers DNS server in case of Pods with \"dnsPolicy=ClusterFirst\".")
 	flags.String("cluster-domain", cfg.Cluster.Domain, "Domain for this cluster.")
-	flags.String("cluster-mtu", cfg.Cluster.MTU, "Network MTU for pods in the cluster.")
 }
 
 func NewRunMicroshiftCommand() *cobra.Command {

pkg/components/components.go

@@ -29,8 +29,8 @@ func StartComponents(cfg *config.MicroshiftConfig) error {
 		return err
 	}
 
-	if err := startOVNKubernetes(cfg, kubeAdminConfig); err != nil {
-		klog.Warningf("Failed to start OVNKubernetes: %v", err)
+	if err := startCNIPlugin(cfg, kubeAdminConfig); err != nil {
+		klog.Warningf("Failed to start CNI plugin: %v", err)
 		return err
 	}
 	return nil

pkg/components/networking.go

@@ -1,14 +1,17 @@
 package components
 
 import (
+	"fmt"
 	"path/filepath"
 
 	"github.com/openshift/microshift/pkg/assets"
 	"github.com/openshift/microshift/pkg/config"
+	"github.com/openshift/microshift/pkg/config/ovn"
+	"github.com/openshift/microshift/pkg/util"
 	"k8s.io/klog/v2"
 )
 
-func startOVNKubernetes(cfg *config.MicroshiftConfig, kubeconfigPath string) error {
+func startCNIPlugin(cfg *config.MicroshiftConfig, kubeconfigPath string) error {
 	var (
 		ns = []string{
 			"components/ovn/namespace.yaml",
@@ -38,6 +41,17 @@ func startOVNKubernetes(cfg *config.MicroshiftConfig, kubeconfigPath string) err
 		}
 	)
 
+	ovnConfig, err := ovn.NewOVNKubernetesConfigFromFileOrDefault(filepath.Join(filepath.Dir(config.GetConfigFile()), ovn.ConfigFileName))
+	if err != nil {
+		return err
+	}
+
+	if ovnConfig.DisableOVSInit {
+		if err := ovnConfig.ValidateOVSBridge(util.OVNGatewayInterface); err != nil {
+			return fmt.Errorf("failed to find ovn-kubernetes gateway bridge %s: %v", util.OVNGatewayInterface, err)
+		}
+	}
+
 	if err := assets.ApplyNamespaces(ns, kubeconfigPath); err != nil {
 		klog.Warningf("Failed to apply ns %v: %v", ns, err)
 		return err
@@ -63,6 +77,7 @@ func startOVNKubernetes(cfg *config.MicroshiftConfig, kubeconfigPath string) err
 		return err
 	}
 	extraParams := assets.RenderParams{
+		"OVNConfig":      ovnConfig,
 		"KubeconfigPath": kubeconfigPath,
 		"KubeconfigDir":  filepath.Join(microshiftDataDir, "/resources/kubeadmin"),
 	}

pkg/components/render.go

@@ -29,7 +29,6 @@ func renderParamsFromConfig(cfg *config.MicroshiftConfig, extra assets.RenderPar
 		"ServiceCIDR":   cfg.Cluster.ServiceCIDR,
 		"ClusterDNS":    cfg.Cluster.DNS,
 		"ClusterDomain": cfg.Cluster.Domain,
-		"MTU":           cfg.Cluster.MTU,
 	}
 	for k, v := range extra {
 		params[k] = v

pkg/config/config.go

@@ -45,7 +45,6 @@ type ClusterConfig struct {
 	ServiceNodePortRange string `json:"serviceNodePortRange"`
 	DNS                  string `json:"dns"`
 	Domain               string `json:"domain"`
-	MTU                  string `json:"mtu"`
 }
 
 type IngressConfig struct {
@@ -112,7 +111,6 @@ func NewMicroshiftConfig() *MicroshiftConfig {
 			ServiceNodePortRange: "30000-32767",
 			DNS:                  "10.43.0.10",
 			Domain:               "cluster.local",
-			MTU:                  "1400",
 		},
 	}
 }
@@ -231,9 +229,6 @@ func (c *MicroshiftConfig) ReadFromCmdLine(flags *pflag.FlagSet) error {
 	if s, err := flags.GetString("cluster-domain"); err == nil && flags.Changed("cluster-domain") {
 		c.Cluster.Domain = s
 	}
-	if s, err := flags.GetString("cluster-mtu"); err == nil && flags.Changed("cluster-mtu") {
-		c.Cluster.MTU = s
-	}
 
 	return nil
 }

pkg/config/config_test.go

@@ -51,7 +51,6 @@ func TestCommandLineConfig(t *testing.T) {
 					ServiceNodePortRange: "1024-32767",
 					DNS:                  "cluster.dns",
 					Domain:               "cluster.local",
-					MTU:                  "1200",
 				},
 			},
 			err: nil,
@@ -72,7 +71,6 @@ func TestCommandLineConfig(t *testing.T) {
 		flags.String("service-node-port-range", config.Cluster.ServiceNodePortRange, "")
 		flags.String("cluster-dns", config.Cluster.DNS, "")
 		flags.String("cluster-domain", config.Cluster.Domain, "")
-		flags.String("cluster-mtu", config.Cluster.MTU, "")
 
 		// parse the flags
 		var err error
@@ -86,7 +84,6 @@ func TestCommandLineConfig(t *testing.T) {
 			"--service-node-port-range=" + tt.config.Cluster.ServiceNodePortRange,
 			"--cluster-dns=" + tt.config.Cluster.DNS,
 			"--cluster-domain=" + tt.config.Cluster.Domain,
-			"--cluster-mtu=" + tt.config.Cluster.MTU,
 		})
 		if err != nil {
 			t.Errorf("failed to parse command line flags: %s", err)
@@ -126,7 +123,6 @@ func TestEnvironmentVariableConfig(t *testing.T) {
 					ServiceNodePortRange: "1024-32767",
 					DNS:                  "10.43.0.10",
 					Domain:               "cluster.local",
-					MTU:                  "1400",
 				},
 			},
 			err: nil,
@@ -143,7 +139,6 @@ func TestEnvironmentVariableConfig(t *testing.T) {
 				{"MICROSHIFT_CLUSTER_SERVICENODEPORTRANGE", "1024-32767"},
 				{"MICROSHIFT_CLUSTER_DNS", "10.43.0.10"},
 				{"MICROSHIFT_CLUSTER_DOMAIN", "cluster.local"},
-				{"MICROSHIFT_CLUSTER_MTU", "1400"},
 			},
 		},
 		{
@@ -158,7 +153,6 @@ func TestEnvironmentVariableConfig(t *testing.T) {
 					ServiceNodePortRange: "1024-32767",
 					DNS:                  "10.43.0.10",
 					Domain:               "cluster.local",
-					MTU:                  "1300",
 				},
 			},
 			err: nil,
@@ -174,7 +168,6 @@ func TestEnvironmentVariableConfig(t *testing.T) {
 				{"MICROSHIFT_CLUSTER_SERVICECIDR", "40.30.20.10/16"},
 				{"MICROSHIFT_CLUSTER_SERVICENODEPORTRANGE", "1024-32767"},
 				{"MICROSHIFT_CLUSTER_DNS", "10.43.0.10"},
-				{"MICROSHIFT_CLUSTER_MTU", "1300"},
 			},
 		},
 	}

pkg/config/ovn/ovn.go

@@ -0,0 +1,70 @@
+package ovn
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"os"
+
+	"gopkg.in/yaml.v2"
+	"k8s.io/klog/v2"
+)
+
+const (
+	ConfigFileName = "ovn.yaml"
+)
+
+type OVNKubernetesConfig struct {
+	// disable microshift-ovs-init.service.
+	// OVS bridge "br-ex" needs to be configured manually when disableOVSInit is true.
+	DisableOVSInit bool `json:"disableOVSInit,omitempty"`
+	// MTU to use for the geneve tunnel interface.
+	// This must be 100 bytes smaller than the uplink mtu.
+	// Default is 1400.
+	MTU uint32 `json:"mtu,omitempty"`
+}
+
+func (o *OVNKubernetesConfig) ValidateOVSBridge(bridge string) error {
+	_, err := net.InterfaceByName(bridge)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+func (o *OVNKubernetesConfig) withDefaults() *OVNKubernetesConfig {
+	o.DisableOVSInit = false
+	o.MTU = 1400
+	return o
+}
+
+func newOVNKubernetesConfigFromFile(path string) (*OVNKubernetesConfig, error) {
+	o := new(OVNKubernetesConfig)
+	buf, err := os.ReadFile(path)
+	if err != nil {
+		return nil, err
+	}
+
+	err = yaml.Unmarshal(buf, &o)
+	if err != nil {
+		return nil, fmt.Errorf("parsing OVNKubernetes config: %v", err)
+	}
+	return o, nil
+}
+
+func NewOVNKubernetesConfigFromFileOrDefault(path string) (*OVNKubernetesConfig, error) {
+	if _, err := os.Stat(path); err != nil {
+		if errors.Is(err, os.ErrNotExist) {
+			klog.Info("OVNKubernetes config file not found, assuming default values")
+			return new(OVNKubernetesConfig).withDefaults(), nil
+		}
+		return nil, fmt.Errorf("failed to get OVNKubernetes config file: %v", err)
+	}
+
+	o, err := newOVNKubernetesConfigFromFile(path)
+	if err == nil {
+		klog.Info("got OVNKubernetes config from file %q", path)
+		return o, nil
+	}
+	return nil, fmt.Errorf("getting OVNKubernetes config: %v", err)
+}

pkg/config/ovn/ovn_test.go

@@ -0,0 +1,43 @@
+package ovn
+
+import (
+	"fmt"
+	"testing"
+)
+
+func TestValidateOVSBridge(t *testing.T) {
+
+	var ttests = []struct {
+		name string
+		err  error
+	}{
+		{"lo", nil},
+		{"unexist-bridge-interface-name", fmt.Errorf("failed to validate bridge interface name")},
+	}
+
+	o := new(OVNKubernetesConfig)
+	for _, tt := range ttests {
+		err := o.ValidateOVSBridge(tt.name)
+		if (err != nil) != (tt.err != nil) {
+			t.Errorf("ValidateOVSBridge() error = %v, wantErr %v", err, tt.err)
+		}
+	}
+}
+
+// tests to make sure that the config file is parsed correctly
+func TestNewOVNKubernetesConfigFromFileOrDefault(t *testing.T) {
+	var ttests = []struct {
+		configFile string
+		err        error
+	}{
+		{"./test/ovn.yaml", nil},
+		{"./test/non-exist.yaml", nil},
+	}
+
+	for _, tt := range ttests {
+		_, err := NewOVNKubernetesConfigFromFileOrDefault(tt.configFile)
+		if (err != nil) != (tt.err != nil) {
+			t.Errorf("NewOVNKubernetesConfigFromFileOrDefault() error = %v, wantErr %v", err, tt.err)
+		}
+	}
+}

pkg/config/ovn/test/ovn.yaml

@@ -0,0 +1,2 @@
+disableOVSInit: true
+mtu: 1300

test/config.yaml

@@ -9,4 +9,3 @@ cluster:
   dns: 'cluster.dns'
   domain: cluster.local
   serviceNodePortRange: 30000-32767
-  mtu: "1400"