Skip to content

Update Kube-OVN to v1.13.10 #847

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 23, 2025
Merged

Update Kube-OVN to v1.13.10 #847

merged 1 commit into from
Apr 23, 2025

Conversation

kvaps
Copy link
Member

@kvaps kvaps commented Apr 22, 2025
edited by coderabbitai bot
Loading

Signed-off-by: Andrei Kvapil kvapss@gmail.com

Summary by CodeRabbit

  • New Features
    • Updated kube-ovn chart and container image to version v1.13.10.
  • Bug Fixes
    • Adjusted volume mount paths in the ovncni DaemonSet for improved configuration consistency.
  • Chores
    • Streamlined Dockerfile to use the official kube-ovn image directly.
    • Automated version synchronization between chart files and Dockerfile for better maintainability.
  • Improvements
    • Removed NetworkManager synchronization to optimize controller runtime behavior.

@kvaps kvaps requested review from lllamnyp and klinch0 as code owners April 22, 2025 17:29
@coderabbitai coderabbitai
Copy link
Contributor

coderabbitai bot commented Apr 22, 2025
edited
Loading

"""

Walkthrough

This update modifies the Kube-OVN packaging and deployment process. The Makefile now dynamically sets the KUBEOVN_TAG version by extracting it from the chart YAML, and updates the Dockerfile's version argument accordingly. The Dockerfile for the kube-ovn image has been greatly simplified to use a prebuilt image rather than building from source. Helm chart and container image versions are bumped from v1.13.8 to v1.13.10, and certain volume mount paths in the DaemonSet YAML are updated to use new value references. Additionally, a patch disabling the NetworkManager syncer is removed.

Changes

File(s) Change Summary
packages/system/kubeovn/Makefile KUBEOVN_TAG now set dynamically from Chart.yaml; update target now syncs Dockerfile version with chart version.
packages/system/kubeovn/charts/kube-ovn/Chart.yaml
packages/system/kubeovn/charts/kube-ovn/values.yaml		 Chart and image versions updated from v1.13.8 to v1.13.10.
packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml Volume mount paths updated to use new value references for local bin and openvswitch directories.
packages/system/kubeovn/images/kubeovn/Dockerfile Replaced multi-stage build with a simple Dockerfile using prebuilt kube-ovn image and a version argument.
packages/system/kubeovn/images/kubeovn/patches/disable-nm-syncer.diff Patch removing NetworkManager syncer logic from controller runtime initialization is deleted.

Sequence Diagram(s)

sequenceDiagram
    participant Makefile
    participant Chart.yaml
    participant Dockerfile

    Makefile->>Chart.yaml: Extract KUBEOVN_TAG version
    Makefile->>Dockerfile: Update ARG VERSION to match chart version
    Dockerfile->>ImageRegistry: Pull kubeovn/kube-ovn:${VERSION}
Loading

Suggested labels

ok-to-test

Suggested reviewers

  • lllamnyp

Poem

🐇 Hopping through the code so bright,
Versions sync in perfect light.
Dockerfile trimmed, neat and clear,
Charts updated, spring is near!
Paths adjusted, syncer gone,
A rabbit’s dance to carry on!
🌿✨
"""

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

This was referenced Apr 23, 2025
Open
Closed
Closed
@kvaps kvaps removed the ok-to-test label Apr 23, 2025
coderabbitai[bot]
coderabbitai bot reviewed Apr 23, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 07d7fad and 1bb5332.

📒 Files selected for processing (6)
  • packages/system/kubeovn/Makefile (2 hunks)
  • packages/system/kubeovn/charts/kube-ovn/Chart.yaml (1 hunks)
  • packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml (1 hunks)
  • packages/system/kubeovn/charts/kube-ovn/values.yaml (1 hunks)
  • packages/system/kubeovn/images/kubeovn/Dockerfile (1 hunks)
  • packages/system/kubeovn/images/kubeovn/patches/disable-nm-syncer.diff (0 hunks)
💤 Files with no reviewable changes (1)
  • packages/system/kubeovn/images/kubeovn/patches/disable-nm-syncer.diff
🔇 Additional comments (6)
packages/system/kubeovn/charts/kube-ovn/values.yaml (1)

13-13: Bump image tag to v1.13.10
The global image tag was correctly updated to match the bumped Helm chart and application version.

packages/system/kubeovn/charts/kube-ovn/Chart.yaml (1)

18-24: Synchronize chart and appVersion
Both version and appVersion were bumped to v1.13.10 to align with the new release. Ensure that the Helm chart packaging and all downstream deployments reference this updated version.

packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml (2)

274-274: Use configurable LOCAL_BIN_DIR for local-bin volume
Replacing the hardcoded path with .Values.cni_conf.LOCAL_BIN_DIR improves flexibility. Confirm that cni_conf.LOCAL_BIN_DIR has a sensible default in values.yaml and that toggling MOUNT_LOCAL_BIN_DIR works as intended.

279-279: Review ovs-ipsec-keys hostPath mapping
Mounting .Values.OPENVSWITCH_DIR (/etc/origin/openvswitch) into /etc/ovs_ipsec_keys may override the entire Open vSwitch directory rather than a dedicated keys path. Verify that IPsec keys are indeed stored under OPENVSWITCH_DIR; if not, consider introducing a separate value (e.g. ovs_ipsec_keys_dir) to avoid unintended volume overlap.

packages/system/kubeovn/images/kubeovn/Dockerfile (1)

1-2: Simplified Dockerfile to use prebuilt image
The Dockerfile now cleanly pulls the kubeovn/kube-ovn:${VERSION} image, removing multi-stage build complexity. Ensure that the VERSION ARG is correctly set by the Makefile update target.

packages/system/kubeovn/Makefile (1)

16-17: Dynamically sync Dockerfile version ARG
Good addition: extracting the chart's version: and updating ARG VERSION in the Dockerfile ensures consistency. Verify that this sed -i invocation works across your CI environments (e.g., GNU vs BSD sed).

coderabbitai[bot]
coderabbitai bot reviewed Apr 23, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
packages/system/kubeovn/images/kubeovn/Dockerfile (1)

2-2: Consider pinning to an immutable image digest
Relying on a mutable tag can lead to non‑reproducible builds if the v1.13.10 tag is ever repointed. As an optional enhancement, you can pin the image to a digest:

- ARG VERSION=v1.13.10
- FROM kubeovn/kube-ovn:${VERSION}
+ ARG VERSION=v1.13.10
+ ARG KUBEOVN_DIGEST=sha256:<REPLACE_WITH_ACTUAL_DIGEST>
+ FROM kubeovn/kube-ovn@${KUBEOVN_DIGEST}

Retrieve the digest with:

docker pull kubeovn/kube-ovn:v1.13.10
docker inspect --format '{{index .RepoDigests 0}}' kubeovn/kube-ovn:v1.13.10
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1bb5332 and faec98d.

📒 Files selected for processing (6)
  • packages/system/kubeovn/Makefile (2 hunks)
  • packages/system/kubeovn/charts/kube-ovn/Chart.yaml (1 hunks)
  • packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml (1 hunks)
  • packages/system/kubeovn/charts/kube-ovn/values.yaml (1 hunks)
  • packages/system/kubeovn/images/kubeovn/Dockerfile (1 hunks)
  • packages/system/kubeovn/images/kubeovn/patches/disable-nm-syncer.diff (0 hunks)
💤 Files with no reviewable changes (1)
  • packages/system/kubeovn/images/kubeovn/patches/disable-nm-syncer.diff
🚧 Files skipped from review as they are similar to previous changes (4)
  • packages/system/kubeovn/charts/kube-ovn/values.yaml
  • packages/system/kubeovn/charts/kube-ovn/Chart.yaml
  • packages/system/kubeovn/Makefile
  • packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml
🔇 Additional comments (1)
packages/system/kubeovn/images/kubeovn/Dockerfile (1)

1-2: Bump Kube‑OVN image version
The ARG VERSION and FROM lines correctly update the base image to v1.13.10, aligning with the Helm chart and Makefile changes.

@kvaps
Update Kube-OVN to v1.13.10
04e2b39 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
coderabbitai[bot]
coderabbitai bot reviewed Apr 23, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (2)
packages/system/kubeovn/images/kubeovn/Dockerfile (2)

1-2: Improve build reproducibility and metadata
To ensure immutable, traceable images, consider:

  1. Pinning the base image to a specific digest instead of a mutable tag.
  2. Adding standard OCI labels like org.opencontainers.image.version and org.opencontainers.image.source.

Example diff:

- ARG VERSION=v1.13.10
- FROM kubeovn/kube-ovn:${VERSION}
+ ARG VERSION=v1.13.10
+ # pin to digest for immutability
+ FROM kubeovn/kube-ovn@sha256:<insert-digest-here>
+ LABEL org.opencontainers.image.version=${VERSION} \
+       org.opencontainers.image.source="https://github.com/cozystack/cozystack"

5-9: Guard against missing binaries when setting capabilities
The RUN setcap… chain assumes these binaries exist at fixed paths, which may vary between image releases. To avoid build failures, wrap each setcap in a check or loop:

RUN for bin in \
      /usr/lib/openvswitch-switch/ovs-vswitchd \
      /usr/sbin/xtables-legacy-multi \
      /usr/sbin/xtables-nft-multi \
      /usr/sbin/ipset \
      /usr/bin/ip; do \
    [ -f "$bin" ] && setcap CAP_NET_ADMIN,CAP_NET_BIND_SERVICE,CAP_SYS_ADMIN+eip "$bin"; \
  done
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between faec98d and 04e2b39.

📒 Files selected for processing (6)
  • packages/system/kubeovn/Makefile (2 hunks)
  • packages/system/kubeovn/charts/kube-ovn/Chart.yaml (1 hunks)
  • packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml (1 hunks)
  • packages/system/kubeovn/charts/kube-ovn/values.yaml (1 hunks)
  • packages/system/kubeovn/images/kubeovn/Dockerfile (1 hunks)
  • packages/system/kubeovn/images/kubeovn/patches/disable-nm-syncer.diff (0 hunks)
💤 Files with no reviewable changes (1)
  • packages/system/kubeovn/images/kubeovn/patches/disable-nm-syncer.diff
🚧 Files skipped from review as they are similar to previous changes (4)
  • packages/system/kubeovn/charts/kube-ovn/values.yaml
  • packages/system/kubeovn/charts/kube-ovn/Chart.yaml
  • packages/system/kubeovn/charts/kube-ovn/templates/ovncni-ds.yaml
  • packages/system/kubeovn/Makefile
⏰ Context from checks skipped due to timeout of 90000ms (1)
  • GitHub Check: Build and Test

@kvaps kvaps merged commit 0fc3fdc into main Apr 23, 2025
6 checks passed
@kvaps kvaps deleted the upd-kubeovn branch April 23, 2025 22:25
@coderabbitai coderabbitai bot mentioned this pull request Apr 24, 2025
Merged
@coderabbitai coderabbitai bot mentioned this pull request Aug 28, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@lllamnyp lllamnyp Awaiting requested review from lllamnyp lllamnyp is a code owner

@klinch0 klinch0 Awaiting requested review from klinch0 klinch0 is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@kvaps