--- apiVersion: v1 items: - apiVersion: v1 kind: Pod metadata: annotations: networkoperator.openshift.io/cluster-network-cidr: 10.128.0.0/14 networkoperator.openshift.io/hybrid-overlay-status: disabled networkoperator.openshift.io/ip-family-mode: single-stack creationTimestamp: "2025-10-14T13:07:21Z" generateName: ovnkube-control-plane-864d695c77- labels: app: ovnkube-control-plane component: network kubernetes.io/os: linux openshift.io/component: network pod-template-hash: 864d695c77 type: infra managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:networkoperator.openshift.io/cluster-network-cidr: {} f:networkoperator.openshift.io/hybrid-overlay-status: {} f:networkoperator.openshift.io/ip-family-mode: {} f:target.workload.openshift.io/management: {} f:generateName: {} f:labels: .: {} f:app: {} f:component: {} f:kubernetes.io/os: {} f:openshift.io/component: {} f:pod-template-hash: {} f:type: {} f:ownerReferences: .: {} k:{"uid":"ca759789-4e24-465f-9fa2-6b8e43ad1521"}: {} f:spec: f:containers: k:{"name":"kube-rbac-proxy"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":9108,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/pki/tls/metrics-cert"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"name":"ovnkube-cluster-manager"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"OVN_KUBE_LOG_LEVEL"}: .: {} f:name: {} f:value: {} k:{"name":"POD_NAME"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":29108,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovnkube-config/"}: .: {} f:mountPath: {} f:name: {} f:dnsPolicy: {} f:enableServiceLinks: {} f:hostNetwork: {} f:nodeSelector: {} f:priorityClassName: {} f:restartPolicy: {} f:schedulerName: {} f:securityContext: {} f:serviceAccount: {} f:serviceAccountName: {} f:terminationGracePeriodSeconds: {} f:tolerations: {} f:volumes: .: {} k:{"name":"env-overrides"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:optional: {} f:name: {} k:{"name":"ovn-control-plane-metrics-cert"}: .: {} f:name: {} f:secret: .: {} f:defaultMode: {} f:optional: {} f:secretName: {} k:{"name":"ovnkube-config"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:name: {} manager: kube-controller-manager operation: Update time: "2025-10-14T13:07:21Z" - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:status: f:conditions: k:{"type":"ContainersReady"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Initialized"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"PodReadyToStartContainers"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Ready"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} f:containerStatuses: {} f:hostIP: {} f:hostIPs: {} f:phase: {} f:podIP: {} f:podIPs: .: {} k:{"ip":"192.168.34.12"}: .: {} f:ip: {} f:startTime: {} manager: kubelet operation: Update subresource: status time: "2025-10-14T13:07:37Z" name: ovnkube-control-plane-864d695c77-vbf9m namespace: openshift-ovn-kubernetes ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: ovnkube-control-plane-864d695c77 uid: ca759789-4e24-465f-9fa2-6b8e43ad1521 resourceVersion: "3969" uid: 8d692cb4-5325-41b6-9058-c3d4870dee2a spec: containers: - command: - /bin/bash - -c - | #!/bin/bash set -euo pipefail TLS_PK=/etc/pki/tls/metrics-cert/tls.key TLS_CERT=/etc/pki/tls/metrics-cert/tls.crt # As the secret mount is optional we must wait for the files to be present. # The service is created in monitor.yaml and this is created in sdn.yaml. TS=$(date +%s) WARN_TS=$(( ${TS} + $(( 20 * 60)) )) HAS_LOGGED_INFO=0 log_missing_certs(){ CUR_TS=$(date +%s) if [[ "${CUR_TS}" -gt "WARN_TS" ]]; then echo $(date -Iseconds) WARN: ovn-control-plane-metrics-cert not mounted after 20 minutes. elif [[ "${HAS_LOGGED_INFO}" -eq 0 ]] ; then echo $(date -Iseconds) INFO: ovn-control-plane-metrics-cert not mounted. Waiting 20 minutes. HAS_LOGGED_INFO=1 fi } while [[ ! -f "${TLS_PK}" || ! -f "${TLS_CERT}" ]] ; do log_missing_certs sleep 5 done echo $(date -Iseconds) INFO: ovn-control-plane-metrics-certs mounted, starting kube-rbac-proxy exec /usr/bin/kube-rbac-proxy \ --logtostderr \ --secure-listen-address=:9108 \ --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 \ --upstream=http://127.0.0.1:29108/ \ --tls-private-key-file=${TLS_PK} \ --tls-cert-file=${TLS_CERT} image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imagePullPolicy: IfNotPresent name: kube-rbac-proxy ports: - containerPort: 9108 hostPort: 9108 name: https protocol: TCP resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /etc/pki/tls/metrics-cert name: ovn-control-plane-metrics-cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-rb727 readOnly: true - command: - /bin/bash - -c - | set -xe if [[ -f "/env/_master" ]]; then set -o allexport source "/env/_master" set +o allexport fi ovn_v4_join_subnet_opt= if [[ "" != "" ]]; then ovn_v4_join_subnet_opt="--gateway-v4-join-subnet " fi ovn_v6_join_subnet_opt= if [[ "" != "" ]]; then ovn_v6_join_subnet_opt="--gateway-v6-join-subnet " fi ovn_v4_transit_switch_subnet_opt= if [[ "" != "" ]]; then ovn_v4_transit_switch_subnet_opt="--cluster-manager-v4-transit-switch-subnet " fi ovn_v6_transit_switch_subnet_opt= if [[ "" != "" ]]; then ovn_v6_transit_switch_subnet_opt="--cluster-manager-v6-transit-switch-subnet " fi dns_name_resolver_enabled_flag= if [[ "false" == "true" ]]; then dns_name_resolver_enabled_flag="--enable-dns-name-resolver" fi persistent_ips_enabled_flag= if [[ "true" == "true" ]]; then persistent_ips_enabled_flag="--enable-persistent-ips" fi # This is needed so that converting clusters from GA to TP # will rollout control plane pods as well network_segmentation_enabled_flag= multi_network_enabled_flag= if [[ "true" == "true" ]]; then multi_network_enabled_flag="--enable-multi-network" network_segmentation_enabled_flag="--enable-network-segmentation" fi route_advertisements_enable_flag= if [[ "false" == "true" ]]; then route_advertisements_enable_flag="--enable-route-advertisements" fi echo "I$(date "+%m%d %H:%M:%S.%N") - ovnkube-control-plane - start ovnkube --init-cluster-manager ${K8S_NODE}" exec /usr/bin/ovnkube \ --enable-interconnect \ --init-cluster-manager "${K8S_NODE}" \ --config-file=/run/ovnkube-config/ovnkube.conf \ --loglevel "${OVN_KUBE_LOG_LEVEL}" \ --metrics-bind-address "127.0.0.1:29108" \ --metrics-enable-pprof \ --metrics-enable-config-duration \ ${ovn_v4_join_subnet_opt} \ ${ovn_v6_join_subnet_opt} \ ${ovn_v4_transit_switch_subnet_opt} \ ${ovn_v6_transit_switch_subnet_opt} \ ${dns_name_resolver_enabled_flag} \ ${persistent_ips_enabled_flag} \ ${multi_network_enabled_flag} \ ${network_segmentation_enabled_flag} \ ${route_advertisements_enable_flag} env: - name: OVN_KUBE_LOG_LEVEL value: "4" - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: ovnkube-cluster-manager ports: - containerPort: 29108 hostPort: 29108 name: metrics-port protocol: TCP resources: requests: cpu: 10m memory: 300Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-rb727 readOnly: true dnsPolicy: Default enableServiceLinks: true hostNetwork: true nodeName: master-2 nodeSelector: kubernetes.io/os: linux node-role.kubernetes.io/master: "" preemptionPolicy: PreemptLowerPriority priority: 2000000000 priorityClassName: system-cluster-critical restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: ovn-kubernetes-control-plane serviceAccountName: ovn-kubernetes-control-plane terminationGracePeriodSeconds: 30 tolerations: - key: node-role.kubernetes.io/master operator: Exists - key: node.kubernetes.io/not-ready operator: Exists - key: node.kubernetes.io/unreachable operator: Exists - key: node.kubernetes.io/network-unavailable operator: Exists - effect: NoSchedule key: node.kubernetes.io/memory-pressure operator: Exists volumes: - configMap: defaultMode: 420 name: ovnkube-config name: ovnkube-config - configMap: defaultMode: 420 name: env-overrides optional: true name: env-overrides - name: ovn-control-plane-metrics-cert secret: defaultMode: 420 optional: true secretName: ovn-control-plane-metrics-cert - name: kube-api-access-rb727 projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace - configMap: items: - key: service-ca.crt path: service-ca.crt name: openshift-service-ca.crt status: conditions: - lastProbeTime: null lastTransitionTime: "2025-10-14T13:07:37Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-10-14T13:07:21Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-10-14T13:07:37Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-10-14T13:07:37Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-10-14T13:07:21Z" status: "True" type: PodScheduled containerStatuses: - containerID: cri-o://6ba8e5f1eac7d2ab1018901fc3445ee24646780c013c147c24b0390a1e0da080 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 lastState: {} name: kube-rbac-proxy ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:22Z" volumeMounts: - mountPath: /etc/pki/tls/metrics-cert name: ovn-control-plane-metrics-cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-rb727 readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://8768f37f7e5beffd121af2f6150a7c35e86c05b4f08f16f913afac67cb63d846 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovnkube-cluster-manager ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:37Z" volumeMounts: - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-rb727 readOnly: true recursiveReadOnly: Disabled hostIP: 192.168.34.12 hostIPs: - ip: 192.168.34.12 phase: Running podIP: 192.168.34.12 podIPs: - ip: 192.168.34.12 qosClass: Burstable startTime: "2025-10-14T13:07:21Z" - apiVersion: v1 kind: Pod metadata: annotations: networkoperator.openshift.io/cluster-network-cidr: 10.128.0.0/14 networkoperator.openshift.io/hybrid-overlay-status: disabled networkoperator.openshift.io/ip-family-mode: single-stack creationTimestamp: "2025-10-14T13:07:21Z" generateName: ovnkube-control-plane-864d695c77- labels: app: ovnkube-control-plane component: network kubernetes.io/os: linux openshift.io/component: network pod-template-hash: 864d695c77 type: infra managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:networkoperator.openshift.io/cluster-network-cidr: {} f:networkoperator.openshift.io/hybrid-overlay-status: {} f:networkoperator.openshift.io/ip-family-mode: {} f:target.workload.openshift.io/management: {} f:generateName: {} f:labels: .: {} f:app: {} f:component: {} f:kubernetes.io/os: {} f:openshift.io/component: {} f:pod-template-hash: {} f:type: {} f:ownerReferences: .: {} k:{"uid":"ca759789-4e24-465f-9fa2-6b8e43ad1521"}: {} f:spec: f:containers: k:{"name":"kube-rbac-proxy"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":9108,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/pki/tls/metrics-cert"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"name":"ovnkube-cluster-manager"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"OVN_KUBE_LOG_LEVEL"}: .: {} f:name: {} f:value: {} k:{"name":"POD_NAME"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":29108,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovnkube-config/"}: .: {} f:mountPath: {} f:name: {} f:dnsPolicy: {} f:enableServiceLinks: {} f:hostNetwork: {} f:nodeSelector: {} f:priorityClassName: {} f:restartPolicy: {} f:schedulerName: {} f:securityContext: {} f:serviceAccount: {} f:serviceAccountName: {} f:terminationGracePeriodSeconds: {} f:tolerations: {} f:volumes: .: {} k:{"name":"env-overrides"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:optional: {} f:name: {} k:{"name":"ovn-control-plane-metrics-cert"}: .: {} f:name: {} f:secret: .: {} f:defaultMode: {} f:optional: {} f:secretName: {} k:{"name":"ovnkube-config"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:name: {} manager: kube-controller-manager operation: Update time: "2025-10-14T13:07:21Z" - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:status: f:conditions: k:{"type":"ContainersReady"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Initialized"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"PodReadyToStartContainers"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Ready"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} f:containerStatuses: {} f:hostIP: {} f:hostIPs: {} f:phase: {} f:podIP: {} f:podIPs: .: {} k:{"ip":"192.168.34.11"}: .: {} f:ip: {} f:startTime: {} manager: kubelet operation: Update subresource: status time: "2025-10-14T13:07:38Z" name: ovnkube-control-plane-864d695c77-zrhxj namespace: openshift-ovn-kubernetes ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: ovnkube-control-plane-864d695c77 uid: ca759789-4e24-465f-9fa2-6b8e43ad1521 resourceVersion: "3997" uid: 1f4848ce-ac6d-4d7c-8a6d-5038d4d975dd spec: containers: - command: - /bin/bash - -c - | #!/bin/bash set -euo pipefail TLS_PK=/etc/pki/tls/metrics-cert/tls.key TLS_CERT=/etc/pki/tls/metrics-cert/tls.crt # As the secret mount is optional we must wait for the files to be present. # The service is created in monitor.yaml and this is created in sdn.yaml. TS=$(date +%s) WARN_TS=$(( ${TS} + $(( 20 * 60)) )) HAS_LOGGED_INFO=0 log_missing_certs(){ CUR_TS=$(date +%s) if [[ "${CUR_TS}" -gt "WARN_TS" ]]; then echo $(date -Iseconds) WARN: ovn-control-plane-metrics-cert not mounted after 20 minutes. elif [[ "${HAS_LOGGED_INFO}" -eq 0 ]] ; then echo $(date -Iseconds) INFO: ovn-control-plane-metrics-cert not mounted. Waiting 20 minutes. HAS_LOGGED_INFO=1 fi } while [[ ! -f "${TLS_PK}" || ! -f "${TLS_CERT}" ]] ; do log_missing_certs sleep 5 done echo $(date -Iseconds) INFO: ovn-control-plane-metrics-certs mounted, starting kube-rbac-proxy exec /usr/bin/kube-rbac-proxy \ --logtostderr \ --secure-listen-address=:9108 \ --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 \ --upstream=http://127.0.0.1:29108/ \ --tls-private-key-file=${TLS_PK} \ --tls-cert-file=${TLS_CERT} image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imagePullPolicy: IfNotPresent name: kube-rbac-proxy ports: - containerPort: 9108 hostPort: 9108 name: https protocol: TCP resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /etc/pki/tls/metrics-cert name: ovn-control-plane-metrics-cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dpvpc readOnly: true - command: - /bin/bash - -c - | set -xe if [[ -f "/env/_master" ]]; then set -o allexport source "/env/_master" set +o allexport fi ovn_v4_join_subnet_opt= if [[ "" != "" ]]; then ovn_v4_join_subnet_opt="--gateway-v4-join-subnet " fi ovn_v6_join_subnet_opt= if [[ "" != "" ]]; then ovn_v6_join_subnet_opt="--gateway-v6-join-subnet " fi ovn_v4_transit_switch_subnet_opt= if [[ "" != "" ]]; then ovn_v4_transit_switch_subnet_opt="--cluster-manager-v4-transit-switch-subnet " fi ovn_v6_transit_switch_subnet_opt= if [[ "" != "" ]]; then ovn_v6_transit_switch_subnet_opt="--cluster-manager-v6-transit-switch-subnet " fi dns_name_resolver_enabled_flag= if [[ "false" == "true" ]]; then dns_name_resolver_enabled_flag="--enable-dns-name-resolver" fi persistent_ips_enabled_flag= if [[ "true" == "true" ]]; then persistent_ips_enabled_flag="--enable-persistent-ips" fi # This is needed so that converting clusters from GA to TP # will rollout control plane pods as well network_segmentation_enabled_flag= multi_network_enabled_flag= if [[ "true" == "true" ]]; then multi_network_enabled_flag="--enable-multi-network" network_segmentation_enabled_flag="--enable-network-segmentation" fi route_advertisements_enable_flag= if [[ "false" == "true" ]]; then route_advertisements_enable_flag="--enable-route-advertisements" fi echo "I$(date "+%m%d %H:%M:%S.%N") - ovnkube-control-plane - start ovnkube --init-cluster-manager ${K8S_NODE}" exec /usr/bin/ovnkube \ --enable-interconnect \ --init-cluster-manager "${K8S_NODE}" \ --config-file=/run/ovnkube-config/ovnkube.conf \ --loglevel "${OVN_KUBE_LOG_LEVEL}" \ --metrics-bind-address "127.0.0.1:29108" \ --metrics-enable-pprof \ --metrics-enable-config-duration \ ${ovn_v4_join_subnet_opt} \ ${ovn_v6_join_subnet_opt} \ ${ovn_v4_transit_switch_subnet_opt} \ ${ovn_v6_transit_switch_subnet_opt} \ ${dns_name_resolver_enabled_flag} \ ${persistent_ips_enabled_flag} \ ${multi_network_enabled_flag} \ ${network_segmentation_enabled_flag} \ ${route_advertisements_enable_flag} env: - name: OVN_KUBE_LOG_LEVEL value: "4" - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: ovnkube-cluster-manager ports: - containerPort: 29108 hostPort: 29108 name: metrics-port protocol: TCP resources: requests: cpu: 10m memory: 300Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dpvpc readOnly: true dnsPolicy: Default enableServiceLinks: true hostNetwork: true nodeName: master-1 nodeSelector: kubernetes.io/os: linux node-role.kubernetes.io/master: "" preemptionPolicy: PreemptLowerPriority priority: 2000000000 priorityClassName: system-cluster-critical restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: ovn-kubernetes-control-plane serviceAccountName: ovn-kubernetes-control-plane terminationGracePeriodSeconds: 30 tolerations: - key: node-role.kubernetes.io/master operator: Exists - key: node.kubernetes.io/not-ready operator: Exists - key: node.kubernetes.io/unreachable operator: Exists - key: node.kubernetes.io/network-unavailable operator: Exists - effect: NoSchedule key: node.kubernetes.io/memory-pressure operator: Exists volumes: - configMap: defaultMode: 420 name: ovnkube-config name: ovnkube-config - configMap: defaultMode: 420 name: env-overrides optional: true name: env-overrides - name: ovn-control-plane-metrics-cert secret: defaultMode: 420 optional: true secretName: ovn-control-plane-metrics-cert - name: kube-api-access-dpvpc projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace - configMap: items: - key: service-ca.crt path: service-ca.crt name: openshift-service-ca.crt status: conditions: - lastProbeTime: null lastTransitionTime: "2025-10-14T13:07:38Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-10-14T13:07:21Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-10-14T13:07:38Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-10-14T13:07:38Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-10-14T13:07:21Z" status: "True" type: PodScheduled containerStatuses: - containerID: cri-o://701ecf2a2b49e2a931d8a8e5769a2d32821587f1a52e27a8095c84b118a94099 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 lastState: {} name: kube-rbac-proxy ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:21Z" volumeMounts: - mountPath: /etc/pki/tls/metrics-cert name: ovn-control-plane-metrics-cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dpvpc readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://6ff808c1c104400dc06b19d5166313b81c903c0cc0cf4f4f743d1f76d1b4025c image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovnkube-cluster-manager ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:37Z" volumeMounts: - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dpvpc readOnly: true recursiveReadOnly: Disabled hostIP: 192.168.34.11 hostIPs: - ip: 192.168.34.11 phase: Running podIP: 192.168.34.11 podIPs: - ip: 192.168.34.11 qosClass: Burstable startTime: "2025-10-14T13:07:21Z" - apiVersion: v1 kind: Pod metadata: annotations: cluster-autoscaler.kubernetes.io/enable-ds-eviction: "false" network.operator.openshift.io/ovnkube-script-lib-hash: 4663e2cd756605339dc0ac3a52f8438c1f5de1d8 networkoperator.openshift.io/cluster-network-cidr: 10.128.0.0/14 networkoperator.openshift.io/hybrid-overlay-status: disabled networkoperator.openshift.io/ip-family-mode: single-stack creationTimestamp: "2025-10-14T13:07:48Z" generateName: ovnkube-node- labels: app: ovnkube-node component: network controller-revision-hash: 6964586d86 kubernetes.io/os: linux openshift.io/component: network ovn-db-pod: "true" pod-template-generation: "2" type: infra managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:cluster-autoscaler.kubernetes.io/enable-ds-eviction: {} f:network.operator.openshift.io/ovnkube-script-lib-hash: {} f:networkoperator.openshift.io/cluster-network-cidr: {} f:networkoperator.openshift.io/hybrid-overlay-status: {} f:networkoperator.openshift.io/ip-family-mode: {} f:target.workload.openshift.io/management: {} f:generateName: {} f:labels: .: {} f:app: {} f:component: {} f:controller-revision-hash: {} f:kubernetes.io/os: {} f:openshift.io/component: {} f:ovn-db-pod: {} f:pod-template-generation: {} f:type: {} f:ownerReferences: .: {} k:{"uid":"325db7cc-81da-466f-a3f7-0b67596afd71"}: {} f:spec: f:affinity: .: {} f:nodeAffinity: .: {} f:requiredDuringSchedulingIgnoredDuringExecution: {} f:containers: k:{"name":"kube-rbac-proxy-node"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":9103,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/pki/tls/metrics-cert"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"name":"kube-rbac-proxy-ovn-metrics"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":9105,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/pki/tls/metrics-cert"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"name":"nbdb"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:postStart: .: {} f:exec: .: {} f:command: {} f:name: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"name":"northd"}: .: {} f:command: {} f:env: .: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovn-acl-logging"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovn-controller"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:securityContext: .: {} f:privileged: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/dev/log"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/lib/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovnkube-controller"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"KUBERNETES_SERVICE_HOST"}: .: {} f:name: {} f:value: {} k:{"name":"KUBERNETES_SERVICE_PORT"}: .: {} f:name: {} f:value: {} k:{"name":"OVN_CONTROLLER_INACTIVITY_PROBE"}: .: {} f:name: {} f:value: {} k:{"name":"OVN_KUBE_LOG_LEVEL"}: .: {} f:name: {} f:value: {} k:{"name":"POD_NAME"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:preStop: .: {} f:exec: .: {} f:command: {} f:name: {} f:ports: .: {} k:{"containerPort":29105,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:securityContext: .: {} f:privileged: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/cni-bin-dir"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/cni/net.d"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/systemd/system"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/host"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/netns"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/run/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn-kubernetes/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovnkube-config/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/systemd/private"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} f:subPath: {} k:{"mountPath":"/var/lib/cni/networks/ovn-k8s-cni-overlay"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/lib/kubelet"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/var/lib/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovnkube/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"sbdb"}: .: {} f:command: {} f:env: .: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:postStart: .: {} f:exec: .: {} f:command: {} f:name: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} f:dnsPolicy: {} f:enableServiceLinks: {} f:hostNetwork: {} f:hostPID: {} f:initContainers: .: {} k:{"name":"kubecfg-setup"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} f:nodeSelector: {} f:priorityClassName: {} f:restartPolicy: {} f:schedulerName: {} f:securityContext: {} f:serviceAccount: {} f:serviceAccountName: {} f:terminationGracePeriodSeconds: {} f:tolerations: {} f:volumes: .: {} k:{"name":"env-overrides"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:optional: {} f:name: {} k:{"name":"etc-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-cni-bin"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-cni-netd"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-kubelet"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-run-netns"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-run-ovn-kubernetes"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-slash"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-var-lib-cni-networks-ovn-kubernetes"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"log-socket"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"node-log"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"ovn-node-metrics-cert"}: .: {} f:name: {} f:secret: .: {} f:defaultMode: {} f:optional: {} f:secretName: {} k:{"name":"ovnkube-config"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:name: {} k:{"name":"ovnkube-script-lib"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:name: {} k:{"name":"run-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"run-ovn"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"run-systemd"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"systemd-units"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"var-lib-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} manager: kube-controller-manager operation: Update time: "2025-10-14T13:07:48Z" - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:status: f:conditions: k:{"type":"ContainersReady"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Initialized"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"PodReadyToStartContainers"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Ready"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} f:containerStatuses: {} f:hostIP: {} f:hostIPs: {} f:initContainerStatuses: {} f:phase: {} f:podIP: {} f:podIPs: .: {} k:{"ip":"192.168.34.12"}: .: {} f:ip: {} f:startTime: {} manager: kubelet operation: Update subresource: status time: "2025-10-14T13:08:08Z" name: ovnkube-node-4cthp namespace: openshift-ovn-kubernetes ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: DaemonSet name: ovnkube-node uid: 325db7cc-81da-466f-a3f7-0b67596afd71 resourceVersion: "4622" uid: 5a8ea9f0-8c47-4230-82cc-19ba4debe407 spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchFields: - key: metadata.name operator: In values: - master-2 containers: - command: - /bin/bash - -c - | set -e . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-ovn-controller ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: ovn-controller resources: requests: cpu: 10m memory: 300Mi securityContext: privileged: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /env name: env-overrides - mountPath: /var/log/ovn/ name: node-log - mountPath: /dev/log name: log-socket - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true - command: - /bin/bash - -c - | set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-audit-log-rotation image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: ovn-acl-logging resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/log/ovn/ name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true - command: - /bin/bash - -c - | #!/bin/bash set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-rbac-proxy-node ovn-node-metrics 9103 29103 /etc/pki/tls/metrics-cert/tls.key /etc/pki/tls/metrics-cert/tls.crt image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imagePullPolicy: IfNotPresent name: kube-rbac-proxy-node ports: - containerPort: 9103 hostPort: 9103 name: https protocol: TCP resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true - command: - /bin/bash - -c - | #!/bin/bash set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-rbac-proxy-node ovn-metrics 9105 29105 /etc/pki/tls/metrics-cert/tls.key /etc/pki/tls/metrics-cert/tls.crt image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imagePullPolicy: IfNotPresent name: kube-rbac-proxy-ovn-metrics ports: - containerPort: 9105 hostPort: 9105 name: https protocol: TCP resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-ovn-northd TERM INT start-ovn-northd "${OVN_LOG_LEVEL}" env: - name: OVN_LOG_LEVEL value: info image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: northd resources: requests: cpu: 10m memory: 70Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-nbdb TERM INT start-nbdb ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: postStart: exec: command: - /bin/bash - -c - | set -x . /ovnkube-lib/ovnkube-lib.sh || exit 1 nbdb-post-start 10000 name: nbdb readinessProbe: exec: command: - /bin/bash - -c - | set -xeo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 ovndb-readiness-probe "nb" failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: requests: cpu: 10m memory: 300Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-sbdb TERM INT start-sbdb ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: postStart: exec: command: - /bin/bash - -c - | set -x . /ovnkube-lib/ovnkube-lib.sh || exit 1 sbdb-post-start name: sbdb readinessProbe: exec: command: - /bin/bash - -c - | set -xeo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 ovndb-readiness-probe "sb" failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: requests: cpu: 10m memory: 300Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/log/ovn name: node-log - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true - command: - /bin/bash - -c - | set -xe . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-ovnkube-node ${OVN_KUBE_LOG_LEVEL} 29103 29105 env: - name: KUBERNETES_SERVICE_PORT value: "6443" - name: KUBERNETES_SERVICE_HOST value: api-int.ocp.openstack.lab - name: OVN_CONTROLLER_INACTIVITY_PROBE value: "180000" - name: OVN_KUBE_LOG_LEVEL value: "4" - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: preStop: exec: command: - rm - -f - /etc/cni/net.d/10-ovn-kubernetes.conf name: ovnkube-controller ports: - containerPort: 29105 hostPort: 29105 name: ovnmetrics-port protocol: TCP readinessProbe: exec: command: - /bin/bash - -c - | #!/bin/bash test -f /etc/cni/net.d/10-ovn-kubernetes.conf failureThreshold: 3 initialDelaySeconds: 5 periodSeconds: 30 successThreshold: 1 timeoutSeconds: 1 resources: requests: cpu: 10m memory: 600Mi securityContext: privileged: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/lib/kubelet mountPropagation: HostToContainer name: host-kubelet readOnly: true - mountPath: /etc/systemd/system name: systemd-units readOnly: true - mountPath: /host mountPropagation: HostToContainer name: host-slash readOnly: true - mountPath: /run/ovn-kubernetes/ name: host-run-ovn-kubernetes - mountPath: /run/netns mountPropagation: HostToContainer name: host-run-netns readOnly: true - mountPath: /run/systemd/private mountPropagation: HostToContainer name: run-systemd readOnly: true subPath: private - mountPath: /cni-bin-dir name: host-cni-bin - mountPath: /etc/cni/net.d name: host-cni-netd - mountPath: /var/lib/cni/networks/ovn-k8s-cni-overlay name: host-var-lib-cni-networks-ovn-kubernetes - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /var/log/ovnkube/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true dnsPolicy: Default enableServiceLinks: true hostNetwork: true hostPID: true initContainers: - command: - /bin/bash - -c - | cat << EOF > /etc/ovn/kubeconfig apiVersion: v1 clusters: - cluster: certificate-authority: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt server: https://api-int.ocp.openstack.lab:6443 name: default-cluster contexts: - context: cluster: default-cluster namespace: default user: default-auth name: default-context current-context: default-context kind: Config preferences: {} users: - name: default-auth user: client-certificate: /etc/ovn/ovnkube-node-certs/ovnkube-client-current.pem client-key: /etc/ovn/ovnkube-node-certs/ovnkube-client-current.pem EOF image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: kubecfg-setup resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true nodeName: master-2 nodeSelector: kubernetes.io/os: linux preemptionPolicy: PreemptLowerPriority priority: 2000001000 priorityClassName: system-node-critical restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: ovn-kubernetes-node serviceAccountName: ovn-kubernetes-node terminationGracePeriodSeconds: 30 tolerations: - operator: Exists volumes: - hostPath: path: /var/lib/kubelet type: "" name: host-kubelet - hostPath: path: /etc/systemd/system type: "" name: systemd-units - hostPath: path: / type: "" name: host-slash - hostPath: path: /run/netns type: "" name: host-run-netns - hostPath: path: /run/systemd type: "" name: run-systemd - hostPath: path: /var/lib/openvswitch/data type: "" name: var-lib-openvswitch - hostPath: path: /var/lib/ovn-ic/etc type: "" name: etc-openvswitch - hostPath: path: /var/run/openvswitch type: "" name: run-openvswitch - hostPath: path: /var/run/ovn-ic type: "" name: run-ovn - hostPath: path: /var/log/ovn type: "" name: node-log - hostPath: path: /dev/log type: "" name: log-socket - hostPath: path: /run/ovn-kubernetes type: "" name: host-run-ovn-kubernetes - hostPath: path: /var/lib/cni/bin type: "" name: host-cni-bin - hostPath: path: /var/run/multus/cni/net.d type: "" name: host-cni-netd - hostPath: path: /var/lib/cni/networks/ovn-k8s-cni-overlay type: "" name: host-var-lib-cni-networks-ovn-kubernetes - configMap: defaultMode: 420 name: ovnkube-config name: ovnkube-config - configMap: defaultMode: 420 name: env-overrides optional: true name: env-overrides - name: ovn-node-metrics-cert secret: defaultMode: 420 optional: true secretName: ovn-node-metrics-cert - configMap: defaultMode: 484 name: ovnkube-script-lib name: ovnkube-script-lib - name: kube-api-access-dzp5c projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace - configMap: items: - key: service-ca.crt path: service-ca.crt name: openshift-service-ca.crt status: conditions: - lastProbeTime: null lastTransitionTime: "2025-10-14T13:07:48Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-10-14T13:07:49Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-10-14T13:08:08Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-10-14T13:08:08Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-10-14T13:07:48Z" status: "True" type: PodScheduled containerStatuses: - containerID: cri-o://7e012188ef185c6f52bcea916cbfa6edea2c81015563b9c67ffb30b1d8918356 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 lastState: {} name: kube-rbac-proxy-node ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:50Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://51f4c65d2e20b29d0c1b01b7ad5288aff512aacba24577d73d950851ed2e8c32 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 lastState: {} name: kube-rbac-proxy-ovn-metrics ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:50Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://e85110fb5a1f7fa8d158eb39217dd32f8e8b74a042bc7e7119d92e08d24bcd30 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: nbdb ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:50Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://fd927bc71581c60c38a4c18ca7ab0b045c31f6a5345d29caae7a65efeff1bcf3 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: northd ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:50Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://80a1592e5f950a5be8591f775b540a1797997267deffa5664c89d94f660fa962 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovn-acl-logging ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:50Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/log/ovn/ name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://62bd911c96d92eb232e058255595236f5ed93464c45015632c4bd34273ec38cd image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovn-controller ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:50Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /env name: env-overrides - mountPath: /var/log/ovn/ name: node-log - mountPath: /dev/log name: log-socket - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://180f1d8444996cb7a7543424d77423512c5acebcc2110a221a1ff3dbc5fed09f image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovnkube-controller ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:55Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/lib/kubelet name: host-kubelet readOnly: true recursiveReadOnly: Disabled - mountPath: /etc/systemd/system name: systemd-units readOnly: true recursiveReadOnly: Disabled - mountPath: /host name: host-slash readOnly: true recursiveReadOnly: Disabled - mountPath: /run/ovn-kubernetes/ name: host-run-ovn-kubernetes - mountPath: /run/netns name: host-run-netns readOnly: true recursiveReadOnly: Disabled - mountPath: /run/systemd/private name: run-systemd readOnly: true recursiveReadOnly: Disabled - mountPath: /cni-bin-dir name: host-cni-bin - mountPath: /etc/cni/net.d name: host-cni-netd - mountPath: /var/lib/cni/networks/ovn-k8s-cni-overlay name: host-var-lib-cni-networks-ovn-kubernetes - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /var/log/ovnkube/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://3e201fc8244d6a6ba573956b6cabeda57a7e08a24ce1d10e829a60b95e4483a5 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: sbdb ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:52Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/log/ovn name: node-log - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true recursiveReadOnly: Disabled hostIP: 192.168.34.12 hostIPs: - ip: 192.168.34.12 initContainerStatuses: - containerID: cri-o://8a36ec8922ed65ff7893e21c623cbabeaeb91298bdbac53ce911a00db43bf79e image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: kubecfg-setup ready: true restartCount: 0 started: false state: terminated: containerID: cri-o://8a36ec8922ed65ff7893e21c623cbabeaeb91298bdbac53ce911a00db43bf79e exitCode: 0 finishedAt: "2025-10-14T13:07:48Z" reason: Completed startedAt: "2025-10-14T13:07:48Z" volumeMounts: - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dzp5c readOnly: true recursiveReadOnly: Disabled phase: Running podIP: 192.168.34.12 podIPs: - ip: 192.168.34.12 qosClass: Burstable startTime: "2025-10-14T13:07:48Z" - apiVersion: v1 kind: Pod metadata: annotations: cluster-autoscaler.kubernetes.io/enable-ds-eviction: "false" network.operator.openshift.io/ovnkube-script-lib-hash: 4663e2cd756605339dc0ac3a52f8438c1f5de1d8 networkoperator.openshift.io/cluster-network-cidr: 10.128.0.0/14 networkoperator.openshift.io/hybrid-overlay-status: disabled networkoperator.openshift.io/ip-family-mode: single-stack creationTimestamp: "2025-10-14T13:07:47Z" generateName: ovnkube-node- labels: app: ovnkube-node component: network controller-revision-hash: 6964586d86 kubernetes.io/os: linux openshift.io/component: network ovn-db-pod: "true" pod-template-generation: "2" type: infra managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:cluster-autoscaler.kubernetes.io/enable-ds-eviction: {} f:network.operator.openshift.io/ovnkube-script-lib-hash: {} f:networkoperator.openshift.io/cluster-network-cidr: {} f:networkoperator.openshift.io/hybrid-overlay-status: {} f:networkoperator.openshift.io/ip-family-mode: {} f:target.workload.openshift.io/management: {} f:generateName: {} f:labels: .: {} f:app: {} f:component: {} f:controller-revision-hash: {} f:kubernetes.io/os: {} f:openshift.io/component: {} f:ovn-db-pod: {} f:pod-template-generation: {} f:type: {} f:ownerReferences: .: {} k:{"uid":"325db7cc-81da-466f-a3f7-0b67596afd71"}: {} f:spec: f:affinity: .: {} f:nodeAffinity: .: {} f:requiredDuringSchedulingIgnoredDuringExecution: {} f:containers: k:{"name":"kube-rbac-proxy-node"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":9103,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/pki/tls/metrics-cert"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"name":"kube-rbac-proxy-ovn-metrics"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":9105,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/pki/tls/metrics-cert"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"name":"nbdb"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:postStart: .: {} f:exec: .: {} f:command: {} f:name: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"name":"northd"}: .: {} f:command: {} f:env: .: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovn-acl-logging"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovn-controller"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:securityContext: .: {} f:privileged: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/dev/log"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/lib/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovnkube-controller"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"KUBERNETES_SERVICE_HOST"}: .: {} f:name: {} f:value: {} k:{"name":"KUBERNETES_SERVICE_PORT"}: .: {} f:name: {} f:value: {} k:{"name":"OVN_CONTROLLER_INACTIVITY_PROBE"}: .: {} f:name: {} f:value: {} k:{"name":"OVN_KUBE_LOG_LEVEL"}: .: {} f:name: {} f:value: {} k:{"name":"POD_NAME"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:preStop: .: {} f:exec: .: {} f:command: {} f:name: {} f:ports: .: {} k:{"containerPort":29105,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:securityContext: .: {} f:privileged: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/cni-bin-dir"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/cni/net.d"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/systemd/system"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/host"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/netns"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/run/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn-kubernetes/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovnkube-config/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/systemd/private"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} f:subPath: {} k:{"mountPath":"/var/lib/cni/networks/ovn-k8s-cni-overlay"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/lib/kubelet"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/var/lib/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovnkube/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"sbdb"}: .: {} f:command: {} f:env: .: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:postStart: .: {} f:exec: .: {} f:command: {} f:name: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} f:dnsPolicy: {} f:enableServiceLinks: {} f:hostNetwork: {} f:hostPID: {} f:initContainers: .: {} k:{"name":"kubecfg-setup"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} f:nodeSelector: {} f:priorityClassName: {} f:restartPolicy: {} f:schedulerName: {} f:securityContext: {} f:serviceAccount: {} f:serviceAccountName: {} f:terminationGracePeriodSeconds: {} f:tolerations: {} f:volumes: .: {} k:{"name":"env-overrides"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:optional: {} f:name: {} k:{"name":"etc-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-cni-bin"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-cni-netd"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-kubelet"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-run-netns"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-run-ovn-kubernetes"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-slash"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-var-lib-cni-networks-ovn-kubernetes"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"log-socket"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"node-log"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"ovn-node-metrics-cert"}: .: {} f:name: {} f:secret: .: {} f:defaultMode: {} f:optional: {} f:secretName: {} k:{"name":"ovnkube-config"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:name: {} k:{"name":"ovnkube-script-lib"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:name: {} k:{"name":"run-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"run-ovn"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"run-systemd"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"systemd-units"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"var-lib-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} manager: kube-controller-manager operation: Update time: "2025-10-14T13:07:47Z" - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:status: f:conditions: k:{"type":"ContainersReady"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Initialized"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"PodReadyToStartContainers"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Ready"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} f:containerStatuses: {} f:hostIP: {} f:hostIPs: {} f:initContainerStatuses: {} f:phase: {} f:podIP: {} f:podIPs: .: {} k:{"ip":"192.168.34.11"}: .: {} f:ip: {} f:startTime: {} manager: kubelet operation: Update subresource: status time: "2025-10-14T13:08:08Z" name: ovnkube-node-qvfnh namespace: openshift-ovn-kubernetes ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: DaemonSet name: ovnkube-node uid: 325db7cc-81da-466f-a3f7-0b67596afd71 resourceVersion: "4614" uid: 4e6bd500-0de9-4c62-84f1-924e0ba066bb spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchFields: - key: metadata.name operator: In values: - master-1 containers: - command: - /bin/bash - -c - | set -e . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-ovn-controller ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: ovn-controller resources: requests: cpu: 10m memory: 300Mi securityContext: privileged: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /env name: env-overrides - mountPath: /var/log/ovn/ name: node-log - mountPath: /dev/log name: log-socket - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true - command: - /bin/bash - -c - | set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-audit-log-rotation image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: ovn-acl-logging resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/log/ovn/ name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true - command: - /bin/bash - -c - | #!/bin/bash set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-rbac-proxy-node ovn-node-metrics 9103 29103 /etc/pki/tls/metrics-cert/tls.key /etc/pki/tls/metrics-cert/tls.crt image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imagePullPolicy: IfNotPresent name: kube-rbac-proxy-node ports: - containerPort: 9103 hostPort: 9103 name: https protocol: TCP resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true - command: - /bin/bash - -c - | #!/bin/bash set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-rbac-proxy-node ovn-metrics 9105 29105 /etc/pki/tls/metrics-cert/tls.key /etc/pki/tls/metrics-cert/tls.crt image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imagePullPolicy: IfNotPresent name: kube-rbac-proxy-ovn-metrics ports: - containerPort: 9105 hostPort: 9105 name: https protocol: TCP resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-ovn-northd TERM INT start-ovn-northd "${OVN_LOG_LEVEL}" env: - name: OVN_LOG_LEVEL value: info image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: northd resources: requests: cpu: 10m memory: 70Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-nbdb TERM INT start-nbdb ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: postStart: exec: command: - /bin/bash - -c - | set -x . /ovnkube-lib/ovnkube-lib.sh || exit 1 nbdb-post-start 10000 name: nbdb readinessProbe: exec: command: - /bin/bash - -c - | set -xeo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 ovndb-readiness-probe "nb" failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: requests: cpu: 10m memory: 300Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-sbdb TERM INT start-sbdb ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: postStart: exec: command: - /bin/bash - -c - | set -x . /ovnkube-lib/ovnkube-lib.sh || exit 1 sbdb-post-start name: sbdb readinessProbe: exec: command: - /bin/bash - -c - | set -xeo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 ovndb-readiness-probe "sb" failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: requests: cpu: 10m memory: 300Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/log/ovn name: node-log - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true - command: - /bin/bash - -c - | set -xe . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-ovnkube-node ${OVN_KUBE_LOG_LEVEL} 29103 29105 env: - name: KUBERNETES_SERVICE_PORT value: "6443" - name: KUBERNETES_SERVICE_HOST value: api-int.ocp.openstack.lab - name: OVN_CONTROLLER_INACTIVITY_PROBE value: "180000" - name: OVN_KUBE_LOG_LEVEL value: "4" - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: preStop: exec: command: - rm - -f - /etc/cni/net.d/10-ovn-kubernetes.conf name: ovnkube-controller ports: - containerPort: 29105 hostPort: 29105 name: ovnmetrics-port protocol: TCP readinessProbe: exec: command: - /bin/bash - -c - | #!/bin/bash test -f /etc/cni/net.d/10-ovn-kubernetes.conf failureThreshold: 3 initialDelaySeconds: 5 periodSeconds: 30 successThreshold: 1 timeoutSeconds: 1 resources: requests: cpu: 10m memory: 600Mi securityContext: privileged: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/lib/kubelet mountPropagation: HostToContainer name: host-kubelet readOnly: true - mountPath: /etc/systemd/system name: systemd-units readOnly: true - mountPath: /host mountPropagation: HostToContainer name: host-slash readOnly: true - mountPath: /run/ovn-kubernetes/ name: host-run-ovn-kubernetes - mountPath: /run/netns mountPropagation: HostToContainer name: host-run-netns readOnly: true - mountPath: /run/systemd/private mountPropagation: HostToContainer name: run-systemd readOnly: true subPath: private - mountPath: /cni-bin-dir name: host-cni-bin - mountPath: /etc/cni/net.d name: host-cni-netd - mountPath: /var/lib/cni/networks/ovn-k8s-cni-overlay name: host-var-lib-cni-networks-ovn-kubernetes - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /var/log/ovnkube/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true dnsPolicy: Default enableServiceLinks: true hostNetwork: true hostPID: true initContainers: - command: - /bin/bash - -c - | cat << EOF > /etc/ovn/kubeconfig apiVersion: v1 clusters: - cluster: certificate-authority: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt server: https://api-int.ocp.openstack.lab:6443 name: default-cluster contexts: - context: cluster: default-cluster namespace: default user: default-auth name: default-context current-context: default-context kind: Config preferences: {} users: - name: default-auth user: client-certificate: /etc/ovn/ovnkube-node-certs/ovnkube-client-current.pem client-key: /etc/ovn/ovnkube-node-certs/ovnkube-client-current.pem EOF image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: kubecfg-setup resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true nodeName: master-1 nodeSelector: kubernetes.io/os: linux preemptionPolicy: PreemptLowerPriority priority: 2000001000 priorityClassName: system-node-critical restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: ovn-kubernetes-node serviceAccountName: ovn-kubernetes-node terminationGracePeriodSeconds: 30 tolerations: - operator: Exists volumes: - hostPath: path: /var/lib/kubelet type: "" name: host-kubelet - hostPath: path: /etc/systemd/system type: "" name: systemd-units - hostPath: path: / type: "" name: host-slash - hostPath: path: /run/netns type: "" name: host-run-netns - hostPath: path: /run/systemd type: "" name: run-systemd - hostPath: path: /var/lib/openvswitch/data type: "" name: var-lib-openvswitch - hostPath: path: /var/lib/ovn-ic/etc type: "" name: etc-openvswitch - hostPath: path: /var/run/openvswitch type: "" name: run-openvswitch - hostPath: path: /var/run/ovn-ic type: "" name: run-ovn - hostPath: path: /var/log/ovn type: "" name: node-log - hostPath: path: /dev/log type: "" name: log-socket - hostPath: path: /run/ovn-kubernetes type: "" name: host-run-ovn-kubernetes - hostPath: path: /var/lib/cni/bin type: "" name: host-cni-bin - hostPath: path: /var/run/multus/cni/net.d type: "" name: host-cni-netd - hostPath: path: /var/lib/cni/networks/ovn-k8s-cni-overlay type: "" name: host-var-lib-cni-networks-ovn-kubernetes - configMap: defaultMode: 420 name: ovnkube-config name: ovnkube-config - configMap: defaultMode: 420 name: env-overrides optional: true name: env-overrides - name: ovn-node-metrics-cert secret: defaultMode: 420 optional: true secretName: ovn-node-metrics-cert - configMap: defaultMode: 484 name: ovnkube-script-lib name: ovnkube-script-lib - name: kube-api-access-hgr5f projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace - configMap: items: - key: service-ca.crt path: service-ca.crt name: openshift-service-ca.crt status: conditions: - lastProbeTime: null lastTransitionTime: "2025-10-14T13:07:49Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-10-14T13:07:49Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-10-14T13:08:08Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-10-14T13:08:08Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-10-14T13:07:47Z" status: "True" type: PodScheduled containerStatuses: - containerID: cri-o://1d32c8f5998c5a011514e460023e4c9f792354432890fdf7d11d32f67b204fe7 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 lastState: {} name: kube-rbac-proxy-node ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:49Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://7305cbbcb025f845948c8a95f78fc47b25294efced5553ccedec3fa94bf51ca9 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 lastState: {} name: kube-rbac-proxy-ovn-metrics ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:49Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://4a9606ee2f32831ba88336d5e8a2b9c569d54389ab597ca402d0c8d9e15c4d91 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: nbdb ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:49Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://996372f8c6b70bab2a739967f8a85bc783d9400f7c1d15dfffd0e5ec872b815f image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: northd ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:49Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://c35c690d3c92fe7199a5247005e1d609e44134c5106703757a4942512153be76 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovn-acl-logging ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:49Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/log/ovn/ name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://47c1e25350b6e31be742d21a799d9e78988cb93eb1690d5eb67308878db44569 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovn-controller ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:49Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /env name: env-overrides - mountPath: /var/log/ovn/ name: node-log - mountPath: /dev/log name: log-socket - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://ca4a02aa2bc207a924d04bf7cd5daa757471f818422be90f316c9af290b63b4d image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovnkube-controller ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:54Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/lib/kubelet name: host-kubelet readOnly: true recursiveReadOnly: Disabled - mountPath: /etc/systemd/system name: systemd-units readOnly: true recursiveReadOnly: Disabled - mountPath: /host name: host-slash readOnly: true recursiveReadOnly: Disabled - mountPath: /run/ovn-kubernetes/ name: host-run-ovn-kubernetes - mountPath: /run/netns name: host-run-netns readOnly: true recursiveReadOnly: Disabled - mountPath: /run/systemd/private name: run-systemd readOnly: true recursiveReadOnly: Disabled - mountPath: /cni-bin-dir name: host-cni-bin - mountPath: /etc/cni/net.d name: host-cni-netd - mountPath: /var/lib/cni/networks/ovn-k8s-cni-overlay name: host-var-lib-cni-networks-ovn-kubernetes - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /var/log/ovnkube/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://26b4ccbc31b946205b010c66087afb5763b00ce720920e9c4f708563498a6b10 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: sbdb ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:07:52Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/log/ovn name: node-log - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true recursiveReadOnly: Disabled hostIP: 192.168.34.11 hostIPs: - ip: 192.168.34.11 initContainerStatuses: - containerID: cri-o://695690d379e66d8480e9c584e267bcf283d8f6932d94f3a15e82ebb66b896b8c image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: kubecfg-setup ready: true restartCount: 0 started: false state: terminated: containerID: cri-o://695690d379e66d8480e9c584e267bcf283d8f6932d94f3a15e82ebb66b896b8c exitCode: 0 finishedAt: "2025-10-14T13:07:48Z" reason: Completed startedAt: "2025-10-14T13:07:48Z" volumeMounts: - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-hgr5f readOnly: true recursiveReadOnly: Disabled phase: Running podIP: 192.168.34.11 podIPs: - ip: 192.168.34.11 qosClass: Burstable startTime: "2025-10-14T13:07:47Z" - apiVersion: v1 kind: Pod metadata: annotations: cluster-autoscaler.kubernetes.io/enable-ds-eviction: "false" network.operator.openshift.io/ovnkube-script-lib-hash: 4663e2cd756605339dc0ac3a52f8438c1f5de1d8 networkoperator.openshift.io/cluster-network-cidr: 10.128.0.0/14 networkoperator.openshift.io/hybrid-overlay-status: disabled networkoperator.openshift.io/ip-family-mode: single-stack creationTimestamp: "2025-10-14T13:20:12Z" generateName: ovnkube-node- labels: app: ovnkube-node component: network controller-revision-hash: 6964586d86 kubernetes.io/os: linux openshift.io/component: network ovn-db-pod: "true" pod-template-generation: "2" type: infra managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:cluster-autoscaler.kubernetes.io/enable-ds-eviction: {} f:network.operator.openshift.io/ovnkube-script-lib-hash: {} f:networkoperator.openshift.io/cluster-network-cidr: {} f:networkoperator.openshift.io/hybrid-overlay-status: {} f:networkoperator.openshift.io/ip-family-mode: {} f:target.workload.openshift.io/management: {} f:generateName: {} f:labels: .: {} f:app: {} f:component: {} f:controller-revision-hash: {} f:kubernetes.io/os: {} f:openshift.io/component: {} f:ovn-db-pod: {} f:pod-template-generation: {} f:type: {} f:ownerReferences: .: {} k:{"uid":"325db7cc-81da-466f-a3f7-0b67596afd71"}: {} f:spec: f:affinity: .: {} f:nodeAffinity: .: {} f:requiredDuringSchedulingIgnoredDuringExecution: {} f:containers: k:{"name":"kube-rbac-proxy-node"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":9103,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/pki/tls/metrics-cert"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"name":"kube-rbac-proxy-ovn-metrics"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":9105,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/pki/tls/metrics-cert"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"name":"nbdb"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:postStart: .: {} f:exec: .: {} f:command: {} f:name: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"name":"northd"}: .: {} f:command: {} f:env: .: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovn-acl-logging"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovn-controller"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:securityContext: .: {} f:privileged: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/dev/log"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/lib/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovnkube-controller"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"KUBERNETES_SERVICE_HOST"}: .: {} f:name: {} f:value: {} k:{"name":"KUBERNETES_SERVICE_PORT"}: .: {} f:name: {} f:value: {} k:{"name":"OVN_CONTROLLER_INACTIVITY_PROBE"}: .: {} f:name: {} f:value: {} k:{"name":"OVN_KUBE_LOG_LEVEL"}: .: {} f:name: {} f:value: {} k:{"name":"POD_NAME"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:preStop: .: {} f:exec: .: {} f:command: {} f:name: {} f:ports: .: {} k:{"containerPort":29105,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:securityContext: .: {} f:privileged: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/cni-bin-dir"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/cni/net.d"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/systemd/system"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/host"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/netns"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/run/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn-kubernetes/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovnkube-config/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/systemd/private"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} f:subPath: {} k:{"mountPath":"/var/lib/cni/networks/ovn-k8s-cni-overlay"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/lib/kubelet"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/var/lib/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovnkube/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"sbdb"}: .: {} f:command: {} f:env: .: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:postStart: .: {} f:exec: .: {} f:command: {} f:name: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} f:dnsPolicy: {} f:enableServiceLinks: {} f:hostNetwork: {} f:hostPID: {} f:initContainers: .: {} k:{"name":"kubecfg-setup"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} f:nodeSelector: {} f:priorityClassName: {} f:restartPolicy: {} f:schedulerName: {} f:securityContext: {} f:serviceAccount: {} f:serviceAccountName: {} f:terminationGracePeriodSeconds: {} f:tolerations: {} f:volumes: .: {} k:{"name":"env-overrides"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:optional: {} f:name: {} k:{"name":"etc-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-cni-bin"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-cni-netd"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-kubelet"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-run-netns"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-run-ovn-kubernetes"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-slash"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-var-lib-cni-networks-ovn-kubernetes"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"log-socket"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"node-log"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"ovn-node-metrics-cert"}: .: {} f:name: {} f:secret: .: {} f:defaultMode: {} f:optional: {} f:secretName: {} k:{"name":"ovnkube-config"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:name: {} k:{"name":"ovnkube-script-lib"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:name: {} k:{"name":"run-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"run-ovn"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"run-systemd"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"systemd-units"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"var-lib-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} manager: kube-controller-manager operation: Update time: "2025-10-14T13:20:12Z" - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:status: f:conditions: k:{"type":"ContainersReady"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Initialized"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"PodReadyToStartContainers"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Ready"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} f:containerStatuses: {} f:hostIP: {} f:hostIPs: {} f:initContainerStatuses: {} f:phase: {} f:podIP: {} f:podIPs: .: {} k:{"ip":"192.168.34.10"}: .: {} f:ip: {} f:startTime: {} manager: kubelet operation: Update subresource: status time: "2025-10-14T13:22:17Z" name: ovnkube-node-xsrn9 namespace: openshift-ovn-kubernetes ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: DaemonSet name: ovnkube-node uid: 325db7cc-81da-466f-a3f7-0b67596afd71 resourceVersion: "21609" uid: 5e794951-e28c-4305-a38b-00f1d5c9942f spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchFields: - key: metadata.name operator: In values: - master-0 containers: - command: - /bin/bash - -c - | set -e . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-ovn-controller ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: ovn-controller resources: requests: cpu: 10m memory: 300Mi securityContext: privileged: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /env name: env-overrides - mountPath: /var/log/ovn/ name: node-log - mountPath: /dev/log name: log-socket - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true - command: - /bin/bash - -c - | set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-audit-log-rotation image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: ovn-acl-logging resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/log/ovn/ name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true - command: - /bin/bash - -c - | #!/bin/bash set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-rbac-proxy-node ovn-node-metrics 9103 29103 /etc/pki/tls/metrics-cert/tls.key /etc/pki/tls/metrics-cert/tls.crt image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imagePullPolicy: IfNotPresent name: kube-rbac-proxy-node ports: - containerPort: 9103 hostPort: 9103 name: https protocol: TCP resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true - command: - /bin/bash - -c - | #!/bin/bash set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-rbac-proxy-node ovn-metrics 9105 29105 /etc/pki/tls/metrics-cert/tls.key /etc/pki/tls/metrics-cert/tls.crt image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imagePullPolicy: IfNotPresent name: kube-rbac-proxy-ovn-metrics ports: - containerPort: 9105 hostPort: 9105 name: https protocol: TCP resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-ovn-northd TERM INT start-ovn-northd "${OVN_LOG_LEVEL}" env: - name: OVN_LOG_LEVEL value: info image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: northd resources: requests: cpu: 10m memory: 70Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-nbdb TERM INT start-nbdb ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: postStart: exec: command: - /bin/bash - -c - | set -x . /ovnkube-lib/ovnkube-lib.sh || exit 1 nbdb-post-start 10000 name: nbdb readinessProbe: exec: command: - /bin/bash - -c - | set -xeo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 ovndb-readiness-probe "nb" failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: requests: cpu: 10m memory: 300Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-sbdb TERM INT start-sbdb ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: postStart: exec: command: - /bin/bash - -c - | set -x . /ovnkube-lib/ovnkube-lib.sh || exit 1 sbdb-post-start name: sbdb readinessProbe: exec: command: - /bin/bash - -c - | set -xeo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 ovndb-readiness-probe "sb" failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: requests: cpu: 10m memory: 300Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/log/ovn name: node-log - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true - command: - /bin/bash - -c - | set -xe . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-ovnkube-node ${OVN_KUBE_LOG_LEVEL} 29103 29105 env: - name: KUBERNETES_SERVICE_PORT value: "6443" - name: KUBERNETES_SERVICE_HOST value: api-int.ocp.openstack.lab - name: OVN_CONTROLLER_INACTIVITY_PROBE value: "180000" - name: OVN_KUBE_LOG_LEVEL value: "4" - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: preStop: exec: command: - rm - -f - /etc/cni/net.d/10-ovn-kubernetes.conf name: ovnkube-controller ports: - containerPort: 29105 hostPort: 29105 name: ovnmetrics-port protocol: TCP readinessProbe: exec: command: - /bin/bash - -c - | #!/bin/bash test -f /etc/cni/net.d/10-ovn-kubernetes.conf failureThreshold: 3 initialDelaySeconds: 5 periodSeconds: 30 successThreshold: 1 timeoutSeconds: 1 resources: requests: cpu: 10m memory: 600Mi securityContext: privileged: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/lib/kubelet mountPropagation: HostToContainer name: host-kubelet readOnly: true - mountPath: /etc/systemd/system name: systemd-units readOnly: true - mountPath: /host mountPropagation: HostToContainer name: host-slash readOnly: true - mountPath: /run/ovn-kubernetes/ name: host-run-ovn-kubernetes - mountPath: /run/netns mountPropagation: HostToContainer name: host-run-netns readOnly: true - mountPath: /run/systemd/private mountPropagation: HostToContainer name: run-systemd readOnly: true subPath: private - mountPath: /cni-bin-dir name: host-cni-bin - mountPath: /etc/cni/net.d name: host-cni-netd - mountPath: /var/lib/cni/networks/ovn-k8s-cni-overlay name: host-var-lib-cni-networks-ovn-kubernetes - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /var/log/ovnkube/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true dnsPolicy: Default enableServiceLinks: true hostNetwork: true hostPID: true imagePullSecrets: - name: ovn-kubernetes-node-dockercfg-hlhhv initContainers: - command: - /bin/bash - -c - | cat << EOF > /etc/ovn/kubeconfig apiVersion: v1 clusters: - cluster: certificate-authority: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt server: https://api-int.ocp.openstack.lab:6443 name: default-cluster contexts: - context: cluster: default-cluster namespace: default user: default-auth name: default-context current-context: default-context kind: Config preferences: {} users: - name: default-auth user: client-certificate: /etc/ovn/ovnkube-node-certs/ovnkube-client-current.pem client-key: /etc/ovn/ovnkube-node-certs/ovnkube-client-current.pem EOF image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: kubecfg-setup resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true nodeName: master-0 nodeSelector: kubernetes.io/os: linux preemptionPolicy: PreemptLowerPriority priority: 2000001000 priorityClassName: system-node-critical restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: ovn-kubernetes-node serviceAccountName: ovn-kubernetes-node terminationGracePeriodSeconds: 30 tolerations: - operator: Exists volumes: - hostPath: path: /var/lib/kubelet type: "" name: host-kubelet - hostPath: path: /etc/systemd/system type: "" name: systemd-units - hostPath: path: / type: "" name: host-slash - hostPath: path: /run/netns type: "" name: host-run-netns - hostPath: path: /run/systemd type: "" name: run-systemd - hostPath: path: /var/lib/openvswitch/data type: "" name: var-lib-openvswitch - hostPath: path: /var/lib/ovn-ic/etc type: "" name: etc-openvswitch - hostPath: path: /var/run/openvswitch type: "" name: run-openvswitch - hostPath: path: /var/run/ovn-ic type: "" name: run-ovn - hostPath: path: /var/log/ovn type: "" name: node-log - hostPath: path: /dev/log type: "" name: log-socket - hostPath: path: /run/ovn-kubernetes type: "" name: host-run-ovn-kubernetes - hostPath: path: /var/lib/cni/bin type: "" name: host-cni-bin - hostPath: path: /var/run/multus/cni/net.d type: "" name: host-cni-netd - hostPath: path: /var/lib/cni/networks/ovn-k8s-cni-overlay type: "" name: host-var-lib-cni-networks-ovn-kubernetes - configMap: defaultMode: 420 name: ovnkube-config name: ovnkube-config - configMap: defaultMode: 420 name: env-overrides optional: true name: env-overrides - name: ovn-node-metrics-cert secret: defaultMode: 420 optional: true secretName: ovn-node-metrics-cert - configMap: defaultMode: 484 name: ovnkube-script-lib name: ovnkube-script-lib - name: kube-api-access-n6p8d projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace - configMap: items: - key: service-ca.crt path: service-ca.crt name: openshift-service-ca.crt status: conditions: - lastProbeTime: null lastTransitionTime: "2025-10-14T13:22:04Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-10-14T13:22:04Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-10-14T13:22:17Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-10-14T13:22:17Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-10-14T13:21:46Z" status: "True" type: PodScheduled containerStatuses: - containerID: cri-o://24a9a43f9e0c171427fe8cc8eee0c8a45903856b43c7deef146fd07c539f2a2f image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 lastState: {} name: kube-rbac-proxy-node ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:22:04Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://9d1ea9e979327ca6e192dffbc3dcffebfc9036294d97018533bc4edd430f802b image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 lastState: {} name: kube-rbac-proxy-ovn-metrics ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:22:05Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://a70e238255e2ee7ac3f0a5d5daa42440e94f691014ad09fa2c39bc3ea404d3f5 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: nbdb ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:22:05Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://49946d58c29b58eed5f642a0476eaaaed3721cc87f3d1a0ecd65628317da1909 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: northd ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:22:05Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://80442393ce4fdbf4d51690f9ebeceb62ac91aa4735d5eed383ebaf347361ea70 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovn-acl-logging ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:22:04Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/log/ovn/ name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://f32781c30d91dc1c4745877a846de08121b88d78bb8892d922ee6f8a7ff04038 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovn-controller ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:22:04Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /env name: env-overrides - mountPath: /var/log/ovn/ name: node-log - mountPath: /dev/log name: log-socket - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://3987d1f40848734a7ffad604a186a01bed31f264213be87ad5607c9927cb25d1 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovnkube-controller ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:22:10Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/lib/kubelet name: host-kubelet readOnly: true recursiveReadOnly: Disabled - mountPath: /etc/systemd/system name: systemd-units readOnly: true recursiveReadOnly: Disabled - mountPath: /host name: host-slash readOnly: true recursiveReadOnly: Disabled - mountPath: /run/ovn-kubernetes/ name: host-run-ovn-kubernetes - mountPath: /run/netns name: host-run-netns readOnly: true recursiveReadOnly: Disabled - mountPath: /run/systemd/private name: run-systemd readOnly: true recursiveReadOnly: Disabled - mountPath: /cni-bin-dir name: host-cni-bin - mountPath: /etc/cni/net.d name: host-cni-netd - mountPath: /var/lib/cni/networks/ovn-k8s-cni-overlay name: host-var-lib-cni-networks-ovn-kubernetes - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /var/log/ovnkube/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://30553a23e1837d09fd0ce7def8ebb84d40865743432412e4e88baa082d9e394b image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: sbdb ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-14T13:22:07Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/log/ovn name: node-log - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true recursiveReadOnly: Disabled hostIP: 192.168.34.10 hostIPs: - ip: 192.168.34.10 initContainerStatuses: - containerID: cri-o://07bdd7e3e24686b2977b749bea68318d1876d79c53f50a35b9660659ee8b31c5 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: kubecfg-setup ready: true restartCount: 0 started: false state: terminated: containerID: cri-o://07bdd7e3e24686b2977b749bea68318d1876d79c53f50a35b9660659ee8b31c5 exitCode: 0 finishedAt: "2025-10-14T13:22:03Z" reason: Completed startedAt: "2025-10-14T13:22:03Z" volumeMounts: - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-n6p8d readOnly: true recursiveReadOnly: Disabled phase: Running podIP: 192.168.34.10 podIPs: - ip: 192.168.34.10 qosClass: Burstable startTime: "2025-10-14T13:21:46Z" kind: PodList metadata: resourceVersion: "61691"