apiVersion: apps/v1 kind: DaemonSet metadata: annotations: deprecated.daemonset.template.generation: "1" creationTimestamp: "2025-12-04T22:33:34Z" generation: 1 name: ovn-controller namespace: openstack ownerReferences: - apiVersion: ovn.openstack.org/v1beta1 blockOwnerDeletion: true controller: true kind: OVNController name: ovncontroller uid: dfeba907-9d0c-415a-8bb8-52243a3a3178 resourceVersion: "29813" uid: 7cb8ad7e-4f4e-4d1c-a9d5-303875ca1eee spec: revisionHistoryLimit: 10 selector: matchLabels: service: ovn-controller template: metadata: creationTimestamp: null labels: service: ovn-controller spec: containers: - command: - ovn-controller - --pidfile - unix:/run/openvswitch/db.sock - --certificate=/etc/pki/tls/certs/ovndb.crt - --private-key=/etc/pki/tls/private/ovndb.key - --ca-cert=/etc/pki/tls/certs/ovndbca.crt env: - name: CONFIG_HASH value: nbdh5f5h7chd8hfch657h656h66bh699h654hd6h5fbh84h56ch57dh565h649h8dh586h7bhcdh659h65fh5d8h5b4h5d4h58h56ch557h85h64bh558q image: quay.io/podified-antelope-centos9/openstack-ovn-controller@sha256:ebeb25c4a4ce978c741d166518070e05f0fd81c143bdc680ee1d8f5985ec8d6c imagePullPolicy: IfNotPresent lifecycle: preStop: exec: command: - /usr/share/ovn/scripts/ovn-ctl - stop_controller livenessProbe: exec: command: - /usr/local/bin/container-scripts/ovn_controller_liveness.sh failureThreshold: 3 initialDelaySeconds: 30 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 5 name: ovn-controller readinessProbe: exec: command: - /usr/local/bin/container-scripts/ovn_controller_readiness.sh failureThreshold: 3 initialDelaySeconds: 30 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 5 resources: {} securityContext: capabilities: add: - NET_ADMIN - SYS_ADMIN - SYS_NICE privileged: true runAsUser: 0 terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /var/run/openvswitch name: var-run - mountPath: /var/run/ovn name: var-run-ovn - mountPath: /var/log/ovn name: var-log-ovn - mountPath: /usr/local/bin/container-scripts name: scripts readOnly: true - mountPath: /etc/pki/tls/certs/ovndb.crt name: ovn-controller-tls-certs readOnly: true subPath: tls.crt - mountPath: /etc/pki/tls/private/ovndb.key name: ovn-controller-tls-certs readOnly: true subPath: tls.key - mountPath: /etc/pki/tls/certs/ovndbca.crt name: ovn-controller-tls-certs readOnly: true subPath: ca.crt - mountPath: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem name: combined-ca-bundle readOnly: true subPath: tls-ca-bundle.pem dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: ovncontroller-ovncontroller serviceAccountName: ovncontroller-ovncontroller terminationGracePeriodSeconds: 30 volumes: - hostPath: path: /var/home/core/openstack/etc/ovs type: DirectoryOrCreate name: etc-ovs - hostPath: path: /var/home/core/openstack/var/run/openvswitch type: DirectoryOrCreate name: var-run - hostPath: path: /var/home/core/openstack/var/log/openvswitch type: DirectoryOrCreate name: var-log - hostPath: path: /var/home/core/openstack/var/lib/openvswitch type: DirectoryOrCreate name: var-lib - hostPath: path: /var/home/core/openstack/var/run/ovn type: DirectoryOrCreate name: var-run-ovn - hostPath: path: /var/home/core/openstack/var/log/ovn type: DirectoryOrCreate name: var-log-ovn - configMap: defaultMode: 493 name: ovncontroller-scripts name: scripts - name: ovn-controller-tls-certs secret: defaultMode: 256 secretName: cert-ovncontroller-ovndbs - name: combined-ca-bundle secret: defaultMode: 292 secretName: combined-ca-bundle updateStrategy: rollingUpdate: maxSurge: 0 maxUnavailable: 1 type: RollingUpdate status: currentNumberScheduled: 1 desiredNumberScheduled: 1 numberAvailable: 1 numberMisscheduled: 0 numberReady: 1 observedGeneration: 1 updatedNumberScheduled: 1