Deep Dive into Kube-OVN Controller Architecture and Initialization

Overview

Kube‑OVN is a Kubernetes network project based on OVS/OVN that brings mature OpenStack networking features to Kubernetes, greatly enhancing security, operability, manageability and performance.

This series shares the kube‑ovn‑controller, Pod IP address management, CNI plugin, security‑group functionality, and a unified Vagrant testing environment, providing a deep analysis to help users get started quickly.

Container Orchestration

The kube‑ovn‑controller is deployed as a Deployment in a Kubernetes cluster. The deployment manifests are generated by the install.sh script according to the chosen configuration and then applied to the cluster.

The controller image is kubeovn/kube-ovn:v1.8.0 . A symbolic link points the kube-ovn binary to kube-ovn-controller , and the controller process is started with the kube-ovn-controller command.

Controller Main Process

Main Function

The main function flow is illustrated in the following diagram:

Controller Initialization

Controller Runtime

Controller Workers

The controller creates multiple workers (goroutines) to handle resources such as VPC, subnet, and pod events. Each worker has its own queue; when an event occurs, it is enqueued and later processed by the corresponding worker.

Example of VPC event registration:

Example of an add event:

Worker creation diagram:

VPC resource handling (runAddVpcWorker) diagram:

Key Initialization of the Controller

Default VPC Creation

The controller ensures a default VPC exists after deployment. The following code creates it:

InitDefaultVpc()

The default VPC (named ovn-cluster ) includes a logical router created via ovn-nbctl lr-add . Custom VPCs (introduced in later versions) add static route handling.

Conclusion

The article concludes the first part of the Kube‑OVN source‑code analysis series and previews the next topic: Pod IP address management.