RDG for DPF with OVN-Kubernetes and HBN Services

CNI Installation

OVN Kubernetes is used as the primary CNI for the cluster. On worker nodes, the primary CNI will be accelerated by offloading work to the DPU. On control plane nodes, OVN Kubernetes will run without offloading.

  1. Create the NS for the CNI:

    Jump Node Console

    Copy
    Copied!
                

    $ kubectl create ns ovn-kubernetes

  2. Install the OVN Kubernetes CNI components from the helm chart substituting the environment variables with the ones we defined before.

    Note

    Note that MTU field with value of 8940 has been added to the yaml to override the default value and to be able to achieve better performance results.

    manifests/01-cni-installation/helm-values/ovn-kubernetes.yml

    Copy
    Copied!
                

    commonManifests: enabled: true nodeWithoutDPUManifests: enabled: true controlPlaneManifests: enabled: true nodeWithDPUManifests: enabled: true nodeMgmtPortNetdev: $DPU_P0_VF1 dpuServiceAccountNamespace: dpf-operator-system gatewayOpts: --gateway-interface=$DPU_P0 ## Note this CIDR is followed by a trailing /24 which informs OVN Kubernetes on how to split the CIDR per node. podNetwork: $POD_CIDR/24 serviceNetwork: $SERVICE_CIDR k8sAPIServer: https://$TARGETCLUSTER_API_SERVER_HOST:$TARGETCLUSTER_API_SERVER_PORT mtu: 8940

  3. Run the following command:

    Jump Node Console

    Copy
    Copied!
                

    $ envsubst < manifests/01-cni-installation/helm-values/ovn-kubernetes.yml | helm upgrade --install -n ovn-kubernetes ovn-kubernetes ${OVN_KUBERNETES_REPO_URL}/ovn-kubernetes-chart --version $TAG --values -   Release "ovn-kubernetes" does not exist. Installing it now. Pulled: ghcr.io/nvidia/ovn-kubernetes-chart:v25.4.0 Digest: sha256:bce61b35ab485f06924681c5c906bfc0ab0065ac94830c6c036418e1edf995b3 NAME: ovn-kubernetes LAST DEPLOYED: Tue May 20 08:51:29 2025 NAMESPACE: ovn-kubernetes STATUS: deployed REVISION: 1 TEST SUITE: None

  4. Verify the CNI installation:

    Note

    The following verification commands may need to be run multiple times to ensure the condition is met.

    Jump Node Console

    Copy
    Copied!
                

    $ kubectl wait --for=condition=ready --namespace ovn-kubernetes pods --all --timeout=300s pod/ovn-kubernetes-cluster-manager-595dbf85c4-lpnd6 condition met pod/ovn-kubernetes-node-7x66w condition met pod/ovn-kubernetes-node-dmgs7 condition met pod/ovn-kubernetes-node-mrwzk condition met   $ kubectl wait --for=condition=ready nodes --all node/master1 condition met node/master2 condition met node/master3 condition met   $ kubectl wait --for=condition=ready --namespace kube-system pods --all pod/coredns-776bb9db5d-9bjhd condition met pod/coredns-776bb9db5d-rqvlw condition met pod/dns-autoscaler-6ffb84bd6-8jnjj condition met pod/kube-apiserver-master1 condition met pod/kube-apiserver-master2 condition met pod/kube-apiserver-master3 condition met pod/kube-controller-manager-master1 condition met pod/kube-controller-manager-master2 condition met pod/kube-controller-manager-master3 condition met pod/kube-scheduler-master1 condition met pod/kube-scheduler-master2 condition met pod/kube-scheduler-master3 condition met pod/kube-vip-master1 condition met pod/kube-vip-master2 condition met pod/kube-vip-master3 condition met

© Copyright 2025, NVIDIA. Last updated on Jul 29, 2025.