apiVersion: apps/v1 kind: StatefulSet metadata: creationTimestamp: "2025-12-03T22:23:40Z" generation: 1 name: ovn-northd namespace: openstack ownerReferences: - apiVersion: ovn.openstack.org/v1beta1 blockOwnerDeletion: true controller: true kind: OVNNorthd name: ovnnorthd uid: 5c2c7a5b-a406-4bbf-8590-7dc0854ce876 resourceVersion: "29938" uid: 14b27ceb-6be6-4d23-ab17-9870aca23a85 spec: persistentVolumeClaimRetentionPolicy: whenDeleted: Retain whenScaled: Retain podManagementPolicy: Parallel replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: service: ovn-northd serviceName: ovn-northd template: metadata: creationTimestamp: null labels: service: ovn-northd spec: affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchExpressions: - key: service operator: In values: - ovn-northd topologyKey: kubernetes.io/hostname weight: 100 containers: - args: - -vfile:off - -vconsole:info - --n-threads=1 - --ovnnb-db=ssl:ovsdbserver-nb-0.openstack.svc.cluster.local:6641 - --ovnsb-db=ssl:ovsdbserver-sb-0.openstack.svc.cluster.local:6642 - --certificate=/etc/pki/tls/certs/ovndb.crt - --private-key=/etc/pki/tls/private/ovndb.key - --ca-cert=/etc/pki/tls/certs/ovndbca.crt command: - /usr/bin/ovn-northd env: - name: CONFIG_HASH value: nd8h69h65ch9dh568hffh7dh9ch685h54dhbbh589h595h545h56h5b9h86h65dh5d5h658hbch595hf8h75hb6hbh65ch86h596h555h669h65q - name: OVN_RUNDIR value: /tmp - name: certs value: n557hdchc8hb6h644h5f9h5d8h59chbdh65ch8dhc8h5b9h94h64dh54h576hd6h58ch5ddhddh79h98h589h644hf5h696hc7hf7h557h5fch68bq - name: certs_metrics value: n5fbh64fh647h579h649h9h5bh587h694h76h78hd9hdh7dh686h4h546h5cch57fh5bh56hcch57fhf7h5d7h649h588h598h8dh687h67dh95q - name: ovnnorthd-config value: n5c8h7ch56bh8dh8hc4h5dch9dh68h6bhb7h598h549h5dbh66fh6bh5b4h5cch5d6h55ch57fhfch588h89h5ddh5d6h65bh65bh8dhc4h67dh569q - name: ovnnorthd-scripts value: n664hd8h66ch58dh64hc9h66bhd4h558h697h67bh557hdch664h567h669h555h696h556h556h5fh5bh569hbh665h9dh4h9bh564hc8h5b7h5c4q - name: tls-ca-bundle.pem value: n677h9bh648h697h568hf8h5bbh77hc8h67ch664h544h58dh5b6h559hb5h5f5h88h59fh6h5c6h59bh5b7h55ch77h68bh95h656h64fhd5h575hd7q image: quay.io/podified-antelope-centos9/openstack-ovn-northd@sha256:c8e13f116261ef06b59e9034c605f68d53eb6f760426c35ee6ed3785b97b1800 imagePullPolicy: IfNotPresent livenessProbe: exec: command: - /usr/local/bin/container-scripts/status_check.sh failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 1 name: ovn-northd readinessProbe: exec: command: - /usr/local/bin/container-scripts/status_check.sh failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 1 resources: {} securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL runAsNonRoot: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /usr/local/bin/container-scripts name: scripts readOnly: true - mountPath: /tmp name: ovn-rundir - mountPath: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem name: combined-ca-bundle readOnly: true subPath: tls-ca-bundle.pem - mountPath: /etc/pki/tls/certs/ovndb.crt name: ovn-northd-tls-certs readOnly: true subPath: tls.crt - mountPath: /etc/pki/tls/private/ovndb.key name: ovn-northd-tls-certs readOnly: true subPath: tls.key - mountPath: /etc/pki/tls/certs/ovndbca.crt name: ovn-northd-tls-certs readOnly: true subPath: ca.crt - command: - /app/openstack-network-exporter env: - name: OPENSTACK_NETWORK_EXPORTER_YAML value: /etc/config/openstack-network-exporter.yaml - name: CONFIG_HASH value: nd8h69h65ch9dh568hffh7dh9ch685h54dhbbh589h595h545h56h5b9h86h65dh5d5h658hbch595hf8h75hb6hbh65ch86h596h555h669h65q image: quay.io/openstack-k8s-operators/openstack-network-exporter@sha256:ecd56e6733c475f2d441344fd98f288c3eac0261ba113695fec7520a954ccbc7 imagePullPolicy: IfNotPresent name: openstack-network-exporter resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /tmp name: ovn-rundir - mountPath: /etc/config name: config readOnly: true - mountPath: /etc/pki/tls/certs/ovnmetrics.crt name: metrics-certs-tls-certs readOnly: true subPath: tls.crt - mountPath: /etc/pki/tls/private/ovnmetrics.key name: metrics-certs-tls-certs readOnly: true subPath: tls.key - mountPath: /etc/pki/tls/certs/ovndbca.crt name: metrics-certs-tls-certs readOnly: true subPath: ca.crt dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: ovnnorthd-ovnnorthd serviceAccountName: ovnnorthd-ovnnorthd terminationGracePeriodSeconds: 30 volumes: - configMap: defaultMode: 493 name: ovnnorthd-scripts name: scripts - emptyDir: {} name: ovn-rundir - configMap: defaultMode: 493 name: ovnnorthd-config name: config - name: combined-ca-bundle secret: defaultMode: 292 secretName: combined-ca-bundle - name: ovn-northd-tls-certs secret: defaultMode: 256 secretName: cert-ovnnorthd-ovndbs - name: metrics-certs-tls-certs secret: defaultMode: 256 secretName: cert-ovn-metrics updateStrategy: rollingUpdate: partition: 0 type: RollingUpdate status: availableReplicas: 1 collisionCount: 0 currentReplicas: 1 currentRevision: ovn-northd-cb9674c68 observedGeneration: 1 readyReplicas: 1 replicas: 1 updateRevision: ovn-northd-cb9674c68 updatedReplicas: 1