apiVersion: apps/v1 kind: DaemonSet metadata: annotations: deprecated.daemonset.template.generation: "1" creationTimestamp: "2025-12-03T22:22:58Z" generation: 1 name: ovn-controller namespace: openstack ownerReferences: - apiVersion: ovn.openstack.org/v1beta1 blockOwnerDeletion: true controller: true kind: OVNController name: ovncontroller uid: b905dfd9-32ce-41e7-b1a1-83e980eeca39 resourceVersion: "30571" uid: 4c687a55-bced-4285-aee8-6be818f487d9 spec: revisionHistoryLimit: 10 selector: matchLabels: service: ovn-controller template: metadata: creationTimestamp: null labels: service: ovn-controller spec: containers: - command: - ovn-controller - --pidfile - unix:/run/openvswitch/db.sock - --certificate=/etc/pki/tls/certs/ovndb.crt - --private-key=/etc/pki/tls/private/ovndb.key - --ca-cert=/etc/pki/tls/certs/ovndbca.crt env: - name: CONFIG_HASH value: n576h5d9h545h78h9fh8ch699h5bch5b6hddh648h54ch689h5c7h584h678hb9h98hb5h69hcch95h5f4h5fch564h688h65hb5h5d5h7hfchf7q image: quay.io/podified-antelope-centos9/openstack-ovn-controller@sha256:ebeb25c4a4ce978c741d166518070e05f0fd81c143bdc680ee1d8f5985ec8d6c imagePullPolicy: IfNotPresent lifecycle: preStop: exec: command: - /usr/share/ovn/scripts/ovn-ctl - stop_controller livenessProbe: exec: command: - /usr/local/bin/container-scripts/ovn_controller_liveness.sh failureThreshold: 3 initialDelaySeconds: 30 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 5 name: ovn-controller readinessProbe: exec: command: - /usr/local/bin/container-scripts/ovn_controller_readiness.sh failureThreshold: 3 initialDelaySeconds: 30 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 5 resources: {} securityContext: capabilities: add: - NET_ADMIN - SYS_ADMIN - SYS_NICE privileged: true runAsUser: 0 terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /var/run/openvswitch name: var-run - mountPath: /var/run/ovn name: var-run-ovn - mountPath: /var/log/ovn name: var-log-ovn - mountPath: /usr/local/bin/container-scripts name: scripts readOnly: true - mountPath: /etc/pki/tls/certs/ovndb.crt name: ovn-controller-tls-certs readOnly: true subPath: tls.crt - mountPath: /etc/pki/tls/private/ovndb.key name: ovn-controller-tls-certs readOnly: true subPath: tls.key - mountPath: /etc/pki/tls/certs/ovndbca.crt name: ovn-controller-tls-certs readOnly: true subPath: ca.crt - mountPath: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem name: combined-ca-bundle readOnly: true subPath: tls-ca-bundle.pem dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: ovncontroller-ovncontroller serviceAccountName: ovncontroller-ovncontroller terminationGracePeriodSeconds: 30 volumes: - hostPath: path: /var/home/core/openstack/etc/ovs type: DirectoryOrCreate name: etc-ovs - hostPath: path: /var/home/core/openstack/var/run/openvswitch type: DirectoryOrCreate name: var-run - hostPath: path: /var/home/core/openstack/var/log/openvswitch type: DirectoryOrCreate name: var-log - hostPath: path: /var/home/core/openstack/var/lib/openvswitch type: DirectoryOrCreate name: var-lib - hostPath: path: /var/home/core/openstack/var/run/ovn type: DirectoryOrCreate name: var-run-ovn - hostPath: path: /var/home/core/openstack/var/log/ovn type: DirectoryOrCreate name: var-log-ovn - configMap: defaultMode: 493 name: ovncontroller-scripts name: scripts - name: ovn-controller-tls-certs secret: defaultMode: 256 secretName: cert-ovncontroller-ovndbs - name: combined-ca-bundle secret: defaultMode: 292 secretName: combined-ca-bundle updateStrategy: rollingUpdate: maxSurge: 0 maxUnavailable: 1 type: RollingUpdate status: currentNumberScheduled: 1 desiredNumberScheduled: 1 numberAvailable: 1 numberMisscheduled: 0 numberReady: 1 observedGeneration: 1 updatedNumberScheduled: 1