add and enable a bunch of features

Signed-off-by: Alin Serdean <aserdean@nvidia.com>

Author: aserdean

helm/ovn-kubernetes-dpf/templates/control-plane-manifests.yaml

@@ -254,17 +254,19 @@ spec:
         - name: OVN_HYBRID_OVERLAY_ENABLE
           value: ""
         - name: OVN_ADMIN_NETWORK_POLICY_ENABLE
-          value: ""
+          value: {{ .Values.adminNetworkPolicy.enable | quote }}
         - name: OVN_EGRESSIP_ENABLE
-          value: ""
+          value: {{ .Values.egress.ipEnable | quote }}
         - name: OVN_EGRESSSERVICE_ENABLE
-          value: ""
+          value: {{ .Values.egress.serviceEnable | quote }}
         - name: OVN_EGRESSFIREWALL_ENABLE
-          value: ""
+          value: {{ .Values.egress.firewallEnable | quote }}
         - name: OVN_EGRESSQOS_ENABLE
-          value: ""
+          value: {{ .Values.egress.qosEnable | quote }}
+        - name: OVN_NETWORK_QOS_ENABLE
+          value: {{ .Values.qos.enable | quote }}
         - name: OVN_MULTI_NETWORK_ENABLE
-          value: "false"
+          value: {{ .Values.multiNetwork.enable | quote }}
         - name: OVN_HYBRID_OVERLAY_NET_CIDR
           value: ""
         - name: OVN_DISABLE_SNAT_MULTIPLE_GWS
@@ -280,11 +282,11 @@ spec:
         - name: OVN_GATEWAY_MODE
           value: shared
         - name: OVN_MULTICAST_ENABLE
-          value: ""
+          value: {{ .Values.multicast.enable | quote }}
         - name: OVN_ACL_LOGGING_RATE_LIMIT
-          value: "20"
+          value: {{ .Values.networkPolicy.aclLoggingRateLimit | quote }}
         - name: OVN_STATELESS_NETPOL_ENABLE
-          value: "true"
+          value: {{ .Values.networkPolicy.statelessEnable | quote }}
         - name: OVN_HOST_NETWORK_NAMESPACE
           valueFrom:
             configMapKeyRef:

helm/ovn-kubernetes-dpf/templates/dpu-manifests.yaml

@@ -555,7 +555,7 @@ spec:
             memory: 300Mi
         env:
         - name: OVN_EGRESSSERVICE_ENABLE
-          value: ""
+          value: {{ .Values.egress.serviceEnable | quote }}
         - name: OVN_DAEMONSET_VERSION
           value: "1.1.0"
         - name: OVNKUBE_LOGLEVEL
@@ -619,15 +619,17 @@ spec:
         - name: OVN_HYBRID_OVERLAY_ENABLE
           value: ""
         - name: OVN_ADMIN_NETWORK_POLICY_ENABLE
-          value: ""
+          value: {{ .Values.adminNetworkPolicy.enable | quote }}
         - name: OVN_EGRESSIP_ENABLE
-          value: ""
+          value: {{ .Values.egress.ipEnable | quote }}
         - name: OVN_EGRESSIP_HEALTHCHECK_PORT
           value: "9107"
         - name: OVN_EGRESSFIREWALL_ENABLE
-          value: ""
+          value: {{ .Values.egress.firewallEnable | quote }}
         - name: OVN_EGRESSQOS_ENABLE
-          value: ""
+          value: {{ .Values.egress.qosEnable | quote }}
+        - name: OVN_NETWORK_QOS_ENABLE
+          value: {{ .Values.qos.enable | quote }}
         - name: OVN_HYBRID_OVERLAY_NET_CIDR
           value: ""
         - name: OVN_DISABLE_SNAT_MULTIPLE_GWS
@@ -659,7 +661,7 @@ spec:
         - name: OVN_V6_MASQUERADE_SUBNET
           value: "fd69::/112"
         - name: OVN_MULTICAST_ENABLE
-          value: ""
+          value: {{ .Values.multicast.enable | quote }}
         - name: OVN_UNPRIVILEGED_MODE
           value: "no"
         - name: OVN_EX_GW_NETWORK_INTERFACE
@@ -681,13 +683,13 @@ spec:
         - name: OVN_LFLOW_CACHE_LIMIT_KB
           value: ""
         - name: OVN_MULTI_NETWORK_ENABLE
-          value: "false"
+          value: {{ .Values.multiNetwork.enable | quote }}
         - name: OVN_EMPTY_LB_EVENTS
           value: ""
         - name: OVN_ACL_LOGGING_RATE_LIMIT
-          value: "20"
+          value: {{ .Values.networkPolicy.aclLoggingRateLimit | quote }}
         - name: OVN_STATELESS_NETPOL_ENABLE
-          value: "true"
+          value: {{ .Values.networkPolicy.statelessEnable | quote }}
         - name: OVN_HOST_NETWORK_NAMESPACE
           valueFrom:
             configMapKeyRef:

helm/ovn-kubernetes-dpf/templates/host-with-dpu-manifests.yaml

@@ -211,13 +211,13 @@ spec:
         - name: OVN_HYBRID_OVERLAY_ENABLE
           value: ""
         - name: OVN_ADMIN_NETWORK_POLICY_ENABLE
-          value: ""
+          value: {{ .Values.adminNetworkPolicy.enable | quote }}
         - name: OVN_EGRESSIP_ENABLE
-          value: ""
+          value: {{ .Values.egress.ipEnable | quote }}
         - name: OVN_EGRESSIP_HEALTHCHECK_PORT
           value: "9107"
         - name: OVN_EGRESSSERVICE_ENABLE
-          value: ""
+          value: {{ .Values.egress.serviceEnable | quote }}
         - name: OVN_HYBRID_OVERLAY_NET_CIDR
           value: ""
         - name: OVN_DISABLE_SNAT_MULTIPLE_GWS
@@ -249,7 +249,7 @@ spec:
         - name: OVN_V6_MASQUERADE_SUBNET
           value: "fd69::/112"
         - name: OVN_MULTICAST_ENABLE
-          value: ""
+          value: {{ .Values.multicast.enable | quote }}
         - name: OVN_UNPRIVILEGED_MODE
           value: "no"
         - name: OVN_EX_GW_NETWORK_INTERFACE

helm/ovn-kubernetes-dpf/templates/host-without-dpu-manifests.yaml

@@ -344,7 +344,7 @@ spec:
             memory: 300Mi
         env:
         - name: OVN_EGRESSSERVICE_ENABLE
-          value: ""
+          value: {{ .Values.egress.serviceEnable | quote }}
         - name: OVN_DAEMONSET_VERSION
           value: "1.1.0"
         - name: OVNKUBE_LOGLEVEL
@@ -406,15 +406,17 @@ spec:
         - name: OVN_HYBRID_OVERLAY_ENABLE
           value: ""
         - name: OVN_ADMIN_NETWORK_POLICY_ENABLE
-          value: ""
+          value: {{ .Values.adminNetworkPolicy.enable | quote }}
         - name: OVN_EGRESSIP_ENABLE
-          value: ""
+          value: {{ .Values.egress.ipEnable | quote }}
         - name: OVN_EGRESSIP_HEALTHCHECK_PORT
           value: "9107"
         - name: OVN_EGRESSFIREWALL_ENABLE
-          value: ""
+          value: {{ .Values.egress.firewallEnable | quote }}
         - name: OVN_EGRESSQOS_ENABLE
-          value: ""
+          value: {{ .Values.egress.qosEnable | quote }}
+        - name: OVN_NETWORK_QOS_ENABLE
+          value: {{ .Values.qos.enable | quote }}
         - name: OVN_HYBRID_OVERLAY_NET_CIDR
           value: ""
         - name: OVN_DISABLE_SNAT_MULTIPLE_GWS
@@ -446,7 +448,7 @@ spec:
         - name: OVN_V6_MASQUERADE_SUBNET
           value: "fd69::/112"
         - name: OVN_MULTICAST_ENABLE
-          value: ""
+          value: {{ .Values.multicast.enable | quote }}
         - name: OVN_UNPRIVILEGED_MODE
           value: "no"
         - name: OVN_EX_GW_NETWORK_INTERFACE
@@ -468,15 +470,15 @@ spec:
         - name: OVN_LFLOW_CACHE_LIMIT_KB
           value: ""
         - name: OVN_MULTI_NETWORK_ENABLE
-          value: "false"
+          value: {{ .Values.multiNetwork.enable | quote }}
         - name: OVNKUBE_NODE_MGMT_PORT_NETDEV
           value: ""
         - name: OVN_EMPTY_LB_EVENTS
           value: ""
         - name: OVN_ACL_LOGGING_RATE_LIMIT
-          value: "20"
+          value: {{ .Values.networkPolicy.aclLoggingRateLimit | quote }}
         - name: OVN_STATELESS_NETPOL_ENABLE
-          value: "true"
+          value: {{ .Values.networkPolicy.statelessEnable | quote }}
         - name: OVN_HOST_NETWORK_NAMESPACE
           valueFrom:
             configMapKeyRef:

helm/ovn-kubernetes-dpf/values.yaml

@@ -11,6 +11,44 @@ resourceName: nvidia.com/bf3-p0-vfs
 # -- The name of the NetworkAttachmentDefinition
 nadName: dpf-ovn-kubernetes
 
+# -- Egress feature configuration (applies to all manifests)
+egress:
+  # -- Enable EgressIP feature
+  ipEnable: true
+  # -- Enable EgressService feature
+  serviceEnable: true
+  # -- Enable EgressFirewall feature
+  firewallEnable: true
+  # -- Enable EgressQoS feature
+  qosEnable: true
+
+# -- Multi-network (UDN - User Defined Network) feature configuration (applies to all manifests)
+multiNetwork:
+  # -- Enable multi-network/UDN support
+  enable: true
+
+# -- Admin Network Policy feature configuration (applies to all manifests)
+adminNetworkPolicy:
+  # -- Enable Admin Network Policy support
+  enable: true
+
+# -- Multicast feature configuration (applies to all manifests)
+multicast:
+  # -- Enable multicast support
+  enable: true
+
+# -- Network policy configuration (applies to all manifests)
+networkPolicy:
+  # -- Enable stateless network policy mode for better performance
+  statelessEnable: true
+  # -- ACL logging rate limit (logs per second)
+  aclLoggingRateLimit: 20
+
+# -- QoS (Quality of Service) feature configuration (applies to all manifests)
+qos:
+  # -- Enable OVN native network QoS support for bandwidth limiting
+  enable: true
+
 # -- Variables related to manifests that are deployed for nodes with DPU
 nodeWithDPUManifests:
   enabled: false