apiVersion: apps/v1 kind: DaemonSet metadata: annotations: deprecated.daemonset.template.generation: "1" creationTimestamp: "2026-04-02T13:58:24Z" generation: 1 name: ovn-controller namespace: openstack ownerReferences: - apiVersion: ovn.openstack.org/v1beta1 blockOwnerDeletion: true controller: true kind: OVNController name: ovncontroller uid: 2cbed795-1ec1-4ab8-b998-eaac8291b2d7 resourceVersion: "42135" uid: e153538c-9567-40ac-ac54-30ea8245a982 spec: revisionHistoryLimit: 10 selector: matchLabels: service: ovn-controller template: metadata: creationTimestamp: null labels: service: ovn-controller spec: containers: - command: - ovn-controller - --pidfile - unix:/run/openvswitch/db.sock - --certificate=/etc/pki/tls/certs/ovndb.crt - --private-key=/etc/pki/tls/private/ovndb.key - --ca-cert=/etc/pki/tls/certs/ovndbca.crt env: - name: CONFIG_HASH value: n84h99h5dh66dh557h59bh5f9h5fdh9bh674hf6hbh586h698h578h68ch548h594h68ch7ch5d6h8chcbh677h5b4h559hf9h598h548h65h67ch5b4q image: quay.io/podified-antelope-centos9/openstack-ovn-controller:current-podified imagePullPolicy: IfNotPresent lifecycle: preStop: exec: command: - /usr/share/ovn/scripts/ovn-ctl - stop_controller livenessProbe: exec: command: - /usr/local/bin/container-scripts/ovn_controller_liveness.sh failureThreshold: 3 initialDelaySeconds: 30 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 5 name: ovn-controller readinessProbe: exec: command: - /usr/local/bin/container-scripts/ovn_controller_readiness.sh failureThreshold: 3 initialDelaySeconds: 30 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 5 resources: {} securityContext: capabilities: add: - NET_ADMIN - SYS_ADMIN - SYS_NICE privileged: true runAsUser: 0 terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /var/run/openvswitch name: var-run - mountPath: /var/run/ovn name: var-run-ovn - mountPath: /var/log/ovn name: var-log-ovn - mountPath: /usr/local/bin/container-scripts name: scripts readOnly: true - mountPath: /etc/pki/tls/certs/ovndb.crt name: ovn-controller-tls-certs readOnly: true subPath: tls.crt - mountPath: /etc/pki/tls/private/ovndb.key name: ovn-controller-tls-certs readOnly: true subPath: tls.key - mountPath: /etc/pki/tls/certs/ovndbca.crt name: ovn-controller-tls-certs readOnly: true subPath: ca.crt - mountPath: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem name: combined-ca-bundle readOnly: true subPath: tls-ca-bundle.pem dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: ovncontroller-ovncontroller serviceAccountName: ovncontroller-ovncontroller terminationGracePeriodSeconds: 30 volumes: - hostPath: path: /var/home/core/openstack/etc/ovs type: DirectoryOrCreate name: etc-ovs - hostPath: path: /var/home/core/openstack/var/run/openvswitch type: DirectoryOrCreate name: var-run - hostPath: path: /var/home/core/openstack/var/log/openvswitch type: DirectoryOrCreate name: var-log - hostPath: path: /var/home/core/openstack/var/lib/openvswitch type: DirectoryOrCreate name: var-lib - hostPath: path: /var/home/core/openstack/var/run/ovn type: DirectoryOrCreate name: var-run-ovn - hostPath: path: /var/home/core/openstack/var/log/ovn type: DirectoryOrCreate name: var-log-ovn - configMap: defaultMode: 493 name: ovncontroller-scripts name: scripts - name: ovn-controller-tls-certs secret: defaultMode: 256 secretName: cert-ovncontroller-ovndbs - name: combined-ca-bundle secret: defaultMode: 292 secretName: combined-ca-bundle updateStrategy: rollingUpdate: maxSurge: 0 maxUnavailable: 1 type: RollingUpdate status: currentNumberScheduled: 1 desiredNumberScheduled: 1 numberAvailable: 1 numberMisscheduled: 0 numberReady: 1 observedGeneration: 1 updatedNumberScheduled: 1