Skip to content

Latest commit

 

History

History
105 lines (86 loc) · 2.87 KB

config.md

File metadata and controls

105 lines (86 loc) · 2.87 KB

Config variables

Initial setup

If you want to override the default values for some config options, then the file available in this repo (etc/ovn_k8s.conf) must be copied to the following locations:

  • on Linux:
/etc/openvswitch/ovn_k8s.conf

The following command copies the config file if it is run from inside the repo:

cp etc/ovn_k8s.conf /etc/openvswitch/ovn_k8s.conf
  • on Windows:
C:\etc\ovn_k8s.conf

The following PowerShell command copies the config file if is run from inside the repo:

Copy-Item ".\etc\ovn_k8s.conf" -Destination (New-Item "C:\etc" -Type container -Force)

Config values

The config file contains common configuration options shared between the various ovn-kubernetes programs (ovnkube, ovn-k8s-cni-overlay, etc). All configuration file options can also be specified as command-line arguments which override config file options; see the -help output of each program for more details.

[default] section

The following config option represents the MTU value which should be used for the overlay networks.

mtu=1400

The following option affects only the gateway nodes. This value is used to track connections that are initiated from the pods so that the reverse connections go back to the pods. This represents the conntrack zone used for the conntrack flow rules.

conntrack-zone=64000

[logging] section

The following config values control what verbosity level logging is written at and to what file (if any).

loglevel=5
logfile=/var/log/ovnkube.log

[cni] section

The following config values are used for the CNI plugin.

conf-dir=/etc/cni/net.d
plugin=ovn-k8s-cni-overlay

[kubernetes] section

Kubernetes API options are stored in the following section.

apiserver=https://1.2.3.4:6443
token=TG9yZW0gaXBzdW0gZG9sb3Igc2l0IGFtZXQsIGNvbnNlY3RldHVyIGFkaXBpc2NpbmcgZWxpdC4gQ3JhcyBhdCB1bHRyaWNpZXMgZWxpdC4gVXQgc2l0IGFtZXQgdm9sdXRwYXQgbnVuYy4K
cacert=/etc/kubernetes/ca.crt

[ovnnorth] section

This section contains the address and (if the 'ssl' method is used) certificates needed to use the OVN northbound database API. Only the the ovn-kubernetes master needs to specify the 'server' options.

address=ssl://1.2.3.4:6641
client-privkey=/path/to/private.key
client-cert=/path/to/client.crt
client-cacert=/path/to/client-ca.crt
server-privkey=/path/to/private.key
server-cert=/path/to/server.crt
server-cacert=/path/to/server-ca.crt

[ovnsouth] section

This section contains the address and (if the 'ssl' method is used) certificates needed to use the OVN southbound database API. Only the the ovn-kubernetes master needs to specify the 'server' options.

address=ssl://1.2.3.4:6642
client-privkey=/path/to/private.key
client-cert=/path/to/client.crt
client-cacert=/path/to/client-ca.crt
server-privkey=/path/to/private.key
server-cert=/path/to/server.crt
server-cacert=/path/to/server-ca.crt