---
apiVersion: v1
kind: Pod
metadata:
  annotations:
    cluster-autoscaler.kubernetes.io/enable-ds-eviction: "false"
  creationTimestamp: "2025-10-11T10:38:50Z"
  generateName: multus-additional-cni-plugins-
  labels:
    app: multus-additional-cni-plugins
    component: network
    controller-revision-hash: b4cbbbbc9
    openshift.io/component: network
    pod-template-generation: "1"
    type: infra
  managedFields:
  - apiVersion: v1
    fieldsType: FieldsV1
    fieldsV1:
      f:metadata:
        f:annotations:
          .: {}
          f:cluster-autoscaler.kubernetes.io/enable-ds-eviction: {}
          f:target.workload.openshift.io/management: {}
        f:generateName: {}
        f:labels:
          .: {}
          f:app: {}
          f:component: {}
          f:controller-revision-hash: {}
          f:openshift.io/component: {}
          f:pod-template-generation: {}
          f:type: {}
        f:ownerReferences:
          .: {}
          k:{"uid":"41f9b9b4-1ebd-4b55-87f4-44f6863ad7ee"}: {}
      f:spec:
        f:affinity:
          .: {}
          f:nodeAffinity:
            .: {}
            f:requiredDuringSchedulingIgnoredDuringExecution: {}
        f:containers:
          k:{"name":"kube-multus-additional-cni-plugins"}:
            .: {}
            f:args: {}
            f:command: {}
            f:image: {}
            f:imagePullPolicy: {}
            f:name: {}
            f:resources:
              .: {}
              f:requests:
                .: {}
                f:cpu: {}
                f:memory: {}
            f:securityContext:
              .: {}
              f:privileged: {}
            f:terminationMessagePath: {}
            f:terminationMessagePolicy: {}
        f:dnsPolicy: {}
        f:enableServiceLinks: {}
        f:hostNetwork: {}
        f:initContainers:
          .: {}
          k:{"name":"bond-cni-plugin"}:
            .: {}
            f:command: {}
            f:env:
              .: {}
              k:{"name":"DEFAULT_SOURCE_DIRECTORY"}:
                .: {}
                f:name: {}
                f:value: {}
              k:{"name":"RHEL8_SOURCE_DIRECTORY"}:
                .: {}
                f:name: {}
                f:value: {}
              k:{"name":"RHEL9_SOURCE_DIRECTORY"}:
                .: {}
                f:name: {}
                f:value: {}
            f:image: {}
            f:imagePullPolicy: {}
            f:name: {}
            f:resources: {}
            f:terminationMessagePath: {}
            f:terminationMessagePolicy: {}
            f:volumeMounts:
              .: {}
              k:{"mountPath":"/entrypoint"}:
                .: {}
                f:mountPath: {}
                f:name: {}
              k:{"mountPath":"/host/etc/os-release"}:
                .: {}
                f:mountPath: {}
                f:name: {}
                f:readOnly: {}
              k:{"mountPath":"/host/opt/cni/bin"}:
                .: {}
                f:mountPath: {}
                f:name: {}
          k:{"name":"cni-plugins"}:
            .: {}
            f:command: {}
            f:env:
              .: {}
              k:{"name":"DEFAULT_SOURCE_DIRECTORY"}:
                .: {}
                f:name: {}
                f:value: {}
              k:{"name":"RHEL8_SOURCE_DIRECTORY"}:
                .: {}
                f:name: {}
                f:value: {}
              k:{"name":"RHEL9_SOURCE_DIRECTORY"}:
                .: {}
                f:name: {}
                f:value: {}
            f:image: {}
            f:imagePullPolicy: {}
            f:name: {}
            f:resources: {}
            f:terminationMessagePath: {}
            f:terminationMessagePolicy: {}
            f:volumeMounts:
              .: {}
              k:{"mountPath":"/entrypoint"}:
                .: {}
                f:mountPath: {}
                f:name: {}
              k:{"mountPath":"/host/etc/cni/tuning/"}:
                .: {}
                f:mountPath: {}
                f:name: {}
              k:{"mountPath":"/host/etc/os-release"}:
                .: {}
                f:mountPath: {}
                f:name: {}
                f:readOnly: {}
              k:{"mountPath":"/host/opt/cni/bin"}:
                .: {}
                f:mountPath: {}
                f:name: {}
              k:{"mountPath":"/sysctls"}:
                .: {}
                f:mountPath: {}
                f:name: {}
          k:{"name":"egress-router-binary-copy"}:
            .: {}
            f:command: {}
            f:env:
              .: {}
              k:{"name":"DEFAULT_SOURCE_DIRECTORY"}:
                .: {}
                f:name: {}
                f:value: {}
              k:{"name":"RHEL8_SOURCE_DIRECTORY"}:
                .: {}
                f:name: {}
                f:value: {}
              k:{"name":"RHEL9_SOURCE_DIRECTORY"}:
                .: {}
                f:name: {}
                f:value: {}
            f:image: {}
            f:imagePullPolicy: {}
            f:name: {}
            f:resources: {}
            f:terminationMessagePath: {}
            f:terminationMessagePolicy: {}
            f:volumeMounts:
              .: {}
              k:{"mountPath":"/entrypoint"}:
                .: {}
                f:mountPath: {}
                f:name: {}
              k:{"mountPath":"/host/etc/os-release"}:
                .: {}
                f:mountPath: {}
                f:name: {}
                f:readOnly: {}
              k:{"mountPath":"/host/opt/cni/bin"}:
                .: {}
                f:mountPath: {}
                f:name: {}
          k:{"name":"routeoverride-cni"}:
            .: {}
            f:command: {}
            f:env:
              .: {}
              k:{"name":"DEFAULT_SOURCE_DIRECTORY"}:
                .: {}
                f:name: {}
                f:value: {}
              k:{"name":"RHEL8_SOURCE_DIRECTORY"}:
                .: {}
                f:name: {}
                f:value: {}
              k:{"name":"RHEL9_SOURCE_DIRECTORY"}:
                .: {}
                f:name: {}
                f:value: {}
            f:image: {}
            f:imagePullPolicy: {}
            f:name: {}
            f:resources: {}
            f:terminationMessagePath: {}
            f:terminationMessagePolicy: {}
            f:volumeMounts:
              .: {}
              k:{"mountPath":"/entrypoint"}:
                .: {}
                f:mountPath: {}
                f:name: {}
              k:{"mountPath":"/host/etc/os-release"}:
                .: {}
                f:mountPath: {}
                f:name: {}
                f:readOnly: {}
              k:{"mountPath":"/host/opt/cni/bin"}:
                .: {}
                f:mountPath: {}
                f:name: {}
          k:{"name":"whereabouts-cni"}:
            .: {}
            f:command: {}
            f:env:
              .: {}
              k:{"name":"CNI_BIN_DIR"}:
                .: {}
                f:name: {}
                f:value: {}
              k:{"name":"CNI_CONF_DIR"}:
                .: {}
                f:name: {}
                f:value: {}
              k:{"name":"KUBERNETES_SERVICE_HOST"}:
                .: {}
                f:name: {}
                f:value: {}
              k:{"name":"KUBERNETES_SERVICE_PORT"}:
                .: {}
                f:name: {}
                f:value: {}
              k:{"name":"NODENAME"}:
                .: {}
                f:name: {}
                f:valueFrom:
                  .: {}
                  f:fieldRef: {}
              k:{"name":"SLEEP"}:
                .: {}
                f:name: {}
                f:value: {}
              k:{"name":"WHEREABOUTS_NAMESPACE"}:
                .: {}
                f:name: {}
                f:value: {}
            f:image: {}
            f:imagePullPolicy: {}
            f:name: {}
            f:resources:
              .: {}
              f:requests:
                .: {}
                f:cpu: {}
                f:memory: {}
            f:terminationMessagePath: {}
            f:terminationMessagePolicy: {}
            f:volumeMounts:
              .: {}
              k:{"mountPath":"/etc/whereabouts/config"}:
                .: {}
                f:mountPath: {}
                f:name: {}
              k:{"mountPath":"/host/etc/cni/net.d"}:
                .: {}
                f:mountPath: {}
                f:name: {}
              k:{"mountPath":"/host/opt/cni/bin"}:
                .: {}
                f:mountPath: {}
                f:name: {}
          k:{"name":"whereabouts-cni-bincopy"}:
            .: {}
            f:command: {}
            f:env:
              .: {}
              k:{"name":"DEFAULT_SOURCE_DIRECTORY"}:
                .: {}
                f:name: {}
                f:value: {}
              k:{"name":"RHEL8_SOURCE_DIRECTORY"}:
                .: {}
                f:name: {}
                f:value: {}
              k:{"name":"RHEL9_SOURCE_DIRECTORY"}:
                .: {}
                f:name: {}
                f:value: {}
            f:image: {}
            f:imagePullPolicy: {}
            f:name: {}
            f:resources:
              .: {}
              f:requests:
                .: {}
                f:cpu: {}
                f:memory: {}
            f:terminationMessagePath: {}
            f:terminationMessagePolicy: {}
            f:volumeMounts:
              .: {}
              k:{"mountPath":"/entrypoint"}:
                .: {}
                f:mountPath: {}
                f:name: {}
              k:{"mountPath":"/host/etc/os-release"}:
                .: {}
                f:mountPath: {}
                f:name: {}
                f:readOnly: {}
              k:{"mountPath":"/host/opt/cni/bin"}:
                .: {}
                f:mountPath: {}
                f:name: {}
        f:nodeSelector: {}
        f:priorityClassName: {}
        f:restartPolicy: {}
        f:schedulerName: {}
        f:securityContext: {}
        f:serviceAccount: {}
        f:serviceAccountName: {}
        f:terminationGracePeriodSeconds: {}
        f:tolerations: {}
        f:volumes:
          .: {}
          k:{"name":"cni-binary-copy"}:
            .: {}
            f:configMap:
              .: {}
              f:defaultMode: {}
              f:name: {}
            f:name: {}
          k:{"name":"cni-sysctl-allowlist"}:
            .: {}
            f:configMap:
              .: {}
              f:defaultMode: {}
              f:name: {}
            f:name: {}
          k:{"name":"cnibin"}:
            .: {}
            f:hostPath:
              .: {}
              f:path: {}
              f:type: {}
            f:name: {}
          k:{"name":"multus-cni-dir"}:
            .: {}
            f:hostPath:
              .: {}
              f:path: {}
              f:type: {}
            f:name: {}
          k:{"name":"os-release"}:
            .: {}
            f:hostPath:
              .: {}
              f:path: {}
              f:type: {}
            f:name: {}
          k:{"name":"system-cni-dir"}:
            .: {}
            f:hostPath:
              .: {}
              f:path: {}
              f:type: {}
            f:name: {}
          k:{"name":"tuning-conf-dir"}:
            .: {}
            f:hostPath:
              .: {}
              f:path: {}
              f:type: {}
            f:name: {}
          k:{"name":"whereabouts-configmap"}:
            .: {}
            f:configMap:
              .: {}
              f:defaultMode: {}
              f:name: {}
            f:name: {}
    manager: kube-controller-manager
    operation: Update
    time: "2025-10-11T10:38:50Z"
  - apiVersion: v1
    fieldsType: FieldsV1
    fieldsV1:
      f:status:
        f:conditions:
          k:{"type":"ContainersReady"}:
            .: {}
            f:lastProbeTime: {}
            f:lastTransitionTime: {}
            f:status: {}
            f:type: {}
          k:{"type":"Initialized"}:
            .: {}
            f:lastProbeTime: {}
            f:lastTransitionTime: {}
            f:status: {}
            f:type: {}
          k:{"type":"PodReadyToStartContainers"}:
            .: {}
            f:lastProbeTime: {}
            f:lastTransitionTime: {}
            f:status: {}
            f:type: {}
          k:{"type":"Ready"}:
            .: {}
            f:lastProbeTime: {}
            f:lastTransitionTime: {}
            f:status: {}
            f:type: {}
        f:containerStatuses: {}
        f:hostIP: {}
        f:hostIPs: {}
        f:initContainerStatuses: {}
        f:phase: {}
        f:podIP: {}
        f:podIPs:
          .: {}
          k:{"ip":"192.168.34.10"}:
            .: {}
            f:ip: {}
        f:startTime: {}
    manager: kubelet
    operation: Update
    subresource: status
    time: "2025-10-11T10:39:49Z"
  name: multus-additional-cni-plugins-ft6fv
  namespace: openshift-multus
  ownerReferences:
  - apiVersion: apps/v1
    blockOwnerDeletion: true
    controller: true
    kind: DaemonSet
    name: multus-additional-cni-plugins
    uid: 41f9b9b4-1ebd-4b55-87f4-44f6863ad7ee
  resourceVersion: "20111"
  uid: 24d4b452-8f49-4e9e-98b6-3429afefc4c4
spec:
  affinity:
    nodeAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        nodeSelectorTerms:
        - matchFields:
          - key: metadata.name
            operator: In
            values:
            - master-0
  containers:
  - args:
    - |
      trap : TERM INT; sleep infinity & wait
    command:
    - /bin/bash
    - -ec
    - --
    image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:bd0854905c4929cfbb163b57dd290d4a74e65d11c01d86b5e1e177a0c246106e
    imagePullPolicy: IfNotPresent
    name: kube-multus-additional-cni-plugins
    resources:
      requests:
        cpu: 10m
        memory: 10Mi
    securityContext:
      privileged: true
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: FallbackToLogsOnError
    volumeMounts:
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-mptfd
      readOnly: true
  dnsPolicy: ClusterFirst
  enableServiceLinks: true
  hostNetwork: true
  imagePullSecrets:
  - name: multus-ancillary-tools-dockercfg-7mxth
  initContainers:
  - command:
    - /entrypoint/cnibincopy.sh
    env:
    - name: RHEL8_SOURCE_DIRECTORY
      value: /usr/src/egress-router-cni/rhel8/bin/
    - name: RHEL9_SOURCE_DIRECTORY
      value: /usr/src/egress-router-cni/rhel9/bin/
    - name: DEFAULT_SOURCE_DIRECTORY
      value: /usr/src/egress-router-cni/bin/
    image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:fbde693d384ae08cdaf9126a9a6359bb5515793f63108ef216cbddf1c995af3e
    imagePullPolicy: IfNotPresent
    name: egress-router-binary-copy
    resources: {}
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: FallbackToLogsOnError
    volumeMounts:
    - mountPath: /entrypoint
      name: cni-binary-copy
    - mountPath: /host/opt/cni/bin
      name: cnibin
    - mountPath: /host/etc/os-release
      name: os-release
      readOnly: true
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-mptfd
      readOnly: true
  - command:
    - /bin/bash
    - -c
    - /entrypoint/cnibincopy.sh && cp -n /sysctls/allowlist.conf /host/etc/cni/tuning/
    env:
    - name: RHEL8_SOURCE_DIRECTORY
      value: /usr/src/plugins/rhel8/bin/
    - name: RHEL9_SOURCE_DIRECTORY
      value: /usr/src/plugins/rhel9/bin/
    - name: DEFAULT_SOURCE_DIRECTORY
      value: /usr/src/plugins/bin/
    image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:6128c3fda0a374e4e705551260ee45b426a747e9d3e450d4ca1a3714fd404207
    imagePullPolicy: IfNotPresent
    name: cni-plugins
    resources: {}
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: FallbackToLogsOnError
    volumeMounts:
    - mountPath: /entrypoint
      name: cni-binary-copy
    - mountPath: /host/opt/cni/bin
      name: cnibin
    - mountPath: /host/etc/os-release
      name: os-release
      readOnly: true
    - mountPath: /host/etc/cni/tuning/
      name: tuning-conf-dir
    - mountPath: /sysctls
      name: cni-sysctl-allowlist
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-mptfd
      readOnly: true
  - command:
    - /entrypoint/cnibincopy.sh
    env:
    - name: RHEL8_SOURCE_DIRECTORY
      value: /bondcni/rhel8/
    - name: RHEL9_SOURCE_DIRECTORY
      value: /bondcni/rhel9/
    - name: DEFAULT_SOURCE_DIRECTORY
      value: /bondcni/rhel9/
    image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:9c713df8493f490d2cd316861e6f63bc27078cda759dd9dd2817f101f233db28
    imagePullPolicy: IfNotPresent
    name: bond-cni-plugin
    resources: {}
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: FallbackToLogsOnError
    volumeMounts:
    - mountPath: /entrypoint
      name: cni-binary-copy
    - mountPath: /host/opt/cni/bin
      name: cnibin
    - mountPath: /host/etc/os-release
      name: os-release
      readOnly: true
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-mptfd
      readOnly: true
  - command:
    - /entrypoint/cnibincopy.sh
    env:
    - name: RHEL8_SOURCE_DIRECTORY
      value: /usr/src/route-override/rhel8/bin/
    - name: RHEL9_SOURCE_DIRECTORY
      value: /usr/src/route-override/rhel9/bin/
    - name: DEFAULT_SOURCE_DIRECTORY
      value: /usr/src/route-override/bin/
    image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:0b95ed8eaa90077acc5910504a338c0b5eea8a9b6632868366d72d48a4b6f2c4
    imagePullPolicy: IfNotPresent
    name: routeoverride-cni
    resources: {}
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: FallbackToLogsOnError
    volumeMounts:
    - mountPath: /entrypoint
      name: cni-binary-copy
    - mountPath: /host/opt/cni/bin
      name: cnibin
    - mountPath: /host/etc/os-release
      name: os-release
      readOnly: true
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-mptfd
      readOnly: true
  - command:
    - /entrypoint/cnibincopy.sh
    env:
    - name: RHEL8_SOURCE_DIRECTORY
      value: /usr/src/whereabouts/rhel8/bin/
    - name: RHEL9_SOURCE_DIRECTORY
      value: /usr/src/whereabouts/rhel9/bin/
    - name: DEFAULT_SOURCE_DIRECTORY
      value: /usr/src/whereabouts/bin/
    image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:7983420590be0b0f62b726996dd73769a35c23a4b3b283f8cf20e09418e814eb
    imagePullPolicy: IfNotPresent
    name: whereabouts-cni-bincopy
    resources:
      requests:
        cpu: 10m
        memory: 10Mi
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: FallbackToLogsOnError
    volumeMounts:
    - mountPath: /entrypoint
      name: cni-binary-copy
    - mountPath: /host/opt/cni/bin
      name: cnibin
    - mountPath: /host/etc/os-release
      name: os-release
      readOnly: true
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-mptfd
      readOnly: true
  - command:
    - /bin/sh
    - -c
    - |
      #!/bin/sh

      set -u -e

      CNI_BIN_DIR=${CNI_BIN_DIR:-"/host/opt/cni/bin/"}
      WHEREABOUTS_KUBECONFIG_FILE_HOST=${WHEREABOUTS_KUBECONFIG_FILE_HOST:-"/etc/cni/net.d/whereabouts.d/whereabouts.kubeconfig"}
      CNI_CONF_DIR=${CNI_CONF_DIR:-"/host/etc/kubernetes/cni/net.d"}
      WHEREABOUTS_RECONCILER_CRON=${WHEREABOUTS_RECONCILER_CRON:-30 4 * * *}

      # Make a whereabouts.d directory (for our kubeconfig)

      mkdir -p $CNI_CONF_DIR/whereabouts.d
      WHEREABOUTS_KUBECONFIG=$CNI_CONF_DIR/whereabouts.d/whereabouts.kubeconfig
      WHEREABOUTS_CONF_FILE=$CNI_CONF_DIR/whereabouts.d/whereabouts.conf
      WHEREABOUTS_KUBECONFIG_LITERAL=$(echo "$WHEREABOUTS_KUBECONFIG" | sed -e s'|/host||')

      # Write the nodename to the whereabouts.d directory for standardized hostname reference across cloud providers
      echo $NODENAME > $CNI_CONF_DIR/whereabouts.d/nodename

      SERVICE_ACCOUNT_PATH=/var/run/secrets/kubernetes.io/serviceaccount
      KUBE_CA_FILE=${KUBE_CA_FILE:-$SERVICE_ACCOUNT_PATH/ca.crt}
      SERVICE_ACCOUNT_TOKEN=$(cat $SERVICE_ACCOUNT_PATH/token)
      SERVICE_ACCOUNT_TOKEN_PATH=$SERVICE_ACCOUNT_PATH/token
      SKIP_TLS_VERIFY=${SKIP_TLS_VERIFY:-false}


      function log()
      {
          echo "$(date -Iseconds) ${1}"
      }

      function error()
      {
          log "ERR:  {$1}"
      }

      function warn()
      {
          log "WARN: {$1}"
      }


      function generateKubeConfig {
      # Check if we're running as a k8s pod.
      if [ -f "$SERVICE_ACCOUNT_PATH/token" ]; then
        # We're running as a k8d pod - expect some variables.
        if [ -z ${KUBERNETES_SERVICE_HOST} ]; then
          error "KUBERNETES_SERVICE_HOST not set"; exit 1;
        fi
        if [ -z ${KUBERNETES_SERVICE_PORT} ]; then
          error "KUBERNETES_SERVICE_PORT not set"; exit 1;
        fi

        if [ "$SKIP_TLS_VERIFY" == "true" ]; then
          TLS_CFG="insecure-skip-tls-verify: true"
        elif [ -f "$KUBE_CA_FILE" ]; then
          TLS_CFG="certificate-authority-data: $(cat $KUBE_CA_FILE | base64 | tr -d '\n')"
        fi

        # Kubernetes service address must be wrapped if it is IPv6 address
        KUBERNETES_SERVICE_HOST_WRAP=$KUBERNETES_SERVICE_HOST
        if [ "$KUBERNETES_SERVICE_HOST_WRAP" != "${KUBERNETES_SERVICE_HOST_WRAP#*:[0-9a-fA-F]}" ]; then
          KUBERNETES_SERVICE_HOST_WRAP=\[$KUBERNETES_SERVICE_HOST_WRAP\]
        fi

        # Write a kubeconfig file for the CNI plugin.  Do this
        # to skip TLS verification for now.  We should eventually support
        # writing more complete kubeconfig files. This is only used
        # if the provided CNI network config references it.
        touch $WHEREABOUTS_KUBECONFIG
        chmod ${KUBECONFIG_MODE:-600} $WHEREABOUTS_KUBECONFIG
        cat > $WHEREABOUTS_KUBECONFIG <<EOF
      # Kubeconfig file for the Whereabouts CNI plugin.
      apiVersion: v1
      kind: Config
      clusters:
      - name: local
        cluster:
          server: ${KUBERNETES_SERVICE_PROTOCOL:-https}://${KUBERNETES_SERVICE_HOST_WRAP}:${KUBERNETES_SERVICE_PORT}
          $TLS_CFG
      users:
      - name: whereabouts
        user:
          token: "${SERVICE_ACCOUNT_TOKEN}"
      contexts:
      - name: whereabouts-context
        context:
          cluster: local
          user: whereabouts
          namespace: ${WHEREABOUTS_NAMESPACE}
      current-context: whereabouts-context
      EOF

      # Copy the config from ConfigMap to the desired directory
      cp /etc/whereabouts/config/whereabouts.conf $WHEREABOUTS_CONF_FILE
      chmod 600 $WHEREABOUTS_CONF_FILE

      else
        warn "Doesn't look like we're running in a kubernetes environment (no serviceaccount token)"
      fi

      }

      function generateWhereaboutsConf {

        touch $WHEREABOUTS_CONF_FILE
        chmod ${KUBECONFIG_MODE:-600} $WHEREABOUTS_CONF_FILE
        cat > $WHEREABOUTS_CONF_FILE <<EOF
      {
        "datastore": "kubernetes",
        "kubernetes": {
          "kubeconfig": "${WHEREABOUTS_KUBECONFIG_LITERAL}"
        },
        "reconciler_cron_expression": "${WHEREABOUTS_RECONCILER_CRON}"
      }
      EOF

      }

      generateKubeConfig
      # ------------------ end Generate a "kube-config"

      # ----------------- Generate a whereabouts conf
      # removed because we have the configmap
      #generateWhereaboutsConf
      # ---------------- End generate a whereabouts conf


      # copy whereabouts to the cni bin dir
      # SKIPPED DUE TO FIPS COPY.
      # cp -f /whereabouts $CNI_BIN_DIR

      # ---------------------- end generate a "kube-config".

      # Unless told otherwise, sleep forever.
      # This prevents Kubernetes from restarting the pod repeatedly.
      should_sleep=${SLEEP:-"true"}
      echo "Done configuring CNI.  Sleep=$should_sleep"
      while [ "$should_sleep" == "true"  ]; do
          sleep 1000000000000
      done
    env:
    - name: NODENAME
      valueFrom:
        fieldRef:
          apiVersion: v1
          fieldPath: spec.nodeName
    - name: KUBERNETES_SERVICE_PORT
      value: "6443"
    - name: KUBERNETES_SERVICE_HOST
      value: api-int.ocp.openstack.lab
    - name: CNI_BIN_DIR
      value: /host/opt/cni/bin/
    - name: CNI_CONF_DIR
      value: /host/etc/cni/net.d
    - name: SLEEP
      value: "false"
    - name: WHEREABOUTS_NAMESPACE
      value: openshift-multus
    image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:7983420590be0b0f62b726996dd73769a35c23a4b3b283f8cf20e09418e814eb
    imagePullPolicy: IfNotPresent
    name: whereabouts-cni
    resources:
      requests:
        cpu: 10m
        memory: 10Mi
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: FallbackToLogsOnError
    volumeMounts:
    - mountPath: /host/opt/cni/bin
      name: cnibin
    - mountPath: /host/etc/cni/net.d
      name: system-cni-dir
    - mountPath: /etc/whereabouts/config
      name: whereabouts-configmap
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-mptfd
      readOnly: true
  nodeName: master-0
  nodeSelector:
    kubernetes.io/os: linux
  preemptionPolicy: PreemptLowerPriority
  priority: 2000001000
  priorityClassName: system-node-critical
  restartPolicy: Always
  schedulerName: default-scheduler
  securityContext: {}
  serviceAccount: multus-ancillary-tools
  serviceAccountName: multus-ancillary-tools
  terminationGracePeriodSeconds: 10
  tolerations:
  - operator: Exists
  volumes:
  - hostPath:
      path: /etc/kubernetes/cni/net.d
      type: ""
    name: system-cni-dir
  - hostPath:
      path: /var/run/multus/cni/net.d
      type: ""
    name: multus-cni-dir
  - hostPath:
      path: /var/lib/cni/bin
      type: ""
    name: cnibin
  - hostPath:
      path: /etc/os-release
      type: File
    name: os-release
  - configMap:
      defaultMode: 484
      name: cni-copy-resources
    name: cni-binary-copy
  - hostPath:
      path: /etc/cni/tuning/
      type: DirectoryOrCreate
    name: tuning-conf-dir
  - configMap:
      defaultMode: 484
      name: default-cni-sysctl-allowlist
    name: cni-sysctl-allowlist
  - configMap:
      defaultMode: 420
      name: whereabouts-config
    name: whereabouts-configmap
  - name: kube-api-access-mptfd
    projected:
      defaultMode: 420
      sources:
      - serviceAccountToken:
          expirationSeconds: 3607
          path: token
      - configMap:
          items:
          - key: ca.crt
            path: ca.crt
          name: kube-root-ca.crt
      - downwardAPI:
          items:
          - fieldRef:
              apiVersion: v1
              fieldPath: metadata.namespace
            path: namespace
      - configMap:
          items:
          - key: service-ca.crt
            path: service-ca.crt
          name: openshift-service-ca.crt
status:
  conditions:
  - lastProbeTime: null
    lastTransitionTime: "2025-10-11T10:39:24Z"
    status: "True"
    type: PodReadyToStartContainers
  - lastProbeTime: null
    lastTransitionTime: "2025-10-11T10:39:48Z"
    status: "True"
    type: Initialized
  - lastProbeTime: null
    lastTransitionTime: "2025-10-11T10:39:49Z"
    status: "True"
    type: Ready
  - lastProbeTime: null
    lastTransitionTime: "2025-10-11T10:39:49Z"
    status: "True"
    type: ContainersReady
  - lastProbeTime: null
    lastTransitionTime: "2025-10-11T10:39:00Z"
    status: "True"
    type: PodScheduled
  containerStatuses:
  - containerID: cri-o://37ac6c36a12e5c9753eb09f407c7e986b907eb87aa9519edd17357fa157ee20e
    image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:bd0854905c4929cfbb163b57dd290d4a74e65d11c01d86b5e1e177a0c246106e
    imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:bd0854905c4929cfbb163b57dd290d4a74e65d11c01d86b5e1e177a0c246106e
    lastState: {}
    name: kube-multus-additional-cni-plugins
    ready: true
    restartCount: 0
    started: true
    state:
      running:
        startedAt: "2025-10-11T10:39:48Z"
    volumeMounts:
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-mptfd
      readOnly: true
      recursiveReadOnly: Disabled
  hostIP: 192.168.34.10
  hostIPs:
  - ip: 192.168.34.10
  initContainerStatuses:
  - containerID: cri-o://cb1b25e322d42bbe15cffe1d3217152fa186cf0eca7d74f0dcb251ca7411c341
    image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:fbde693d384ae08cdaf9126a9a6359bb5515793f63108ef216cbddf1c995af3e
    imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:fbde693d384ae08cdaf9126a9a6359bb5515793f63108ef216cbddf1c995af3e
    lastState: {}
    name: egress-router-binary-copy
    ready: true
    restartCount: 0
    started: false
    state:
      terminated:
        containerID: cri-o://cb1b25e322d42bbe15cffe1d3217152fa186cf0eca7d74f0dcb251ca7411c341
        exitCode: 0
        finishedAt: "2025-10-11T10:39:24Z"
        reason: Completed
        startedAt: "2025-10-11T10:39:24Z"
    volumeMounts:
    - mountPath: /entrypoint
      name: cni-binary-copy
    - mountPath: /host/opt/cni/bin
      name: cnibin
    - mountPath: /host/etc/os-release
      name: os-release
      readOnly: true
      recursiveReadOnly: Disabled
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-mptfd
      readOnly: true
      recursiveReadOnly: Disabled
  - containerID: cri-o://60ae2bc66c768fd133fb33de0b797bb3ba3a737ec0842ecc5b07d80a61c2f2b0
    image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:6128c3fda0a374e4e705551260ee45b426a747e9d3e450d4ca1a3714fd404207
    imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:6128c3fda0a374e4e705551260ee45b426a747e9d3e450d4ca1a3714fd404207
    lastState: {}
    name: cni-plugins
    ready: true
    restartCount: 0
    started: false
    state:
      terminated:
        containerID: cri-o://60ae2bc66c768fd133fb33de0b797bb3ba3a737ec0842ecc5b07d80a61c2f2b0
        exitCode: 0
        finishedAt: "2025-10-11T10:39:32Z"
        reason: Completed
        startedAt: "2025-10-11T10:39:31Z"
    volumeMounts:
    - mountPath: /entrypoint
      name: cni-binary-copy
    - mountPath: /host/opt/cni/bin
      name: cnibin
    - mountPath: /host/etc/os-release
      name: os-release
      readOnly: true
      recursiveReadOnly: Disabled
    - mountPath: /host/etc/cni/tuning/
      name: tuning-conf-dir
    - mountPath: /sysctls
      name: cni-sysctl-allowlist
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-mptfd
      readOnly: true
      recursiveReadOnly: Disabled
  - containerID: cri-o://577dbabbd1dcda298e8312f0abf41bca5da23d3e379e323dc62243a5ec9eb24c
    image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:9c713df8493f490d2cd316861e6f63bc27078cda759dd9dd2817f101f233db28
    imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:9c713df8493f490d2cd316861e6f63bc27078cda759dd9dd2817f101f233db28
    lastState: {}
    name: bond-cni-plugin
    ready: true
    restartCount: 0
    started: false
    state:
      terminated:
        containerID: cri-o://577dbabbd1dcda298e8312f0abf41bca5da23d3e379e323dc62243a5ec9eb24c
        exitCode: 0
        finishedAt: "2025-10-11T10:39:33Z"
        reason: Completed
        startedAt: "2025-10-11T10:39:33Z"
    volumeMounts:
    - mountPath: /entrypoint
      name: cni-binary-copy
    - mountPath: /host/opt/cni/bin
      name: cnibin
    - mountPath: /host/etc/os-release
      name: os-release
      readOnly: true
      recursiveReadOnly: Disabled
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-mptfd
      readOnly: true
      recursiveReadOnly: Disabled
  - containerID: cri-o://913e1a8c1cb851c82ef33685641673d1d715c6fa27efd620af4c66cb97b43d12
    image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:0b95ed8eaa90077acc5910504a338c0b5eea8a9b6632868366d72d48a4b6f2c4
    imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:0b95ed8eaa90077acc5910504a338c0b5eea8a9b6632868366d72d48a4b6f2c4
    lastState: {}
    name: routeoverride-cni
    ready: true
    restartCount: 0
    started: false
    state:
      terminated:
        containerID: cri-o://913e1a8c1cb851c82ef33685641673d1d715c6fa27efd620af4c66cb97b43d12
        exitCode: 0
        finishedAt: "2025-10-11T10:39:36Z"
        reason: Completed
        startedAt: "2025-10-11T10:39:36Z"
    volumeMounts:
    - mountPath: /entrypoint
      name: cni-binary-copy
    - mountPath: /host/opt/cni/bin
      name: cnibin
    - mountPath: /host/etc/os-release
      name: os-release
      readOnly: true
      recursiveReadOnly: Disabled
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-mptfd
      readOnly: true
      recursiveReadOnly: Disabled
  - containerID: cri-o://bc0358c40c75dc89bef20966f0a2851fd62d9b0845f2052ef84938a96fac4d83
    image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:7983420590be0b0f62b726996dd73769a35c23a4b3b283f8cf20e09418e814eb
    imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:7983420590be0b0f62b726996dd73769a35c23a4b3b283f8cf20e09418e814eb
    lastState: {}
    name: whereabouts-cni-bincopy
    ready: true
    restartCount: 0
    started: false
    state:
      terminated:
        containerID: cri-o://bc0358c40c75dc89bef20966f0a2851fd62d9b0845f2052ef84938a96fac4d83
        exitCode: 0
        finishedAt: "2025-10-11T10:39:47Z"
        reason: Completed
        startedAt: "2025-10-11T10:39:46Z"
    volumeMounts:
    - mountPath: /entrypoint
      name: cni-binary-copy
    - mountPath: /host/opt/cni/bin
      name: cnibin
    - mountPath: /host/etc/os-release
      name: os-release
      readOnly: true
      recursiveReadOnly: Disabled
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-mptfd
      readOnly: true
      recursiveReadOnly: Disabled
  - containerID: cri-o://a63f08ea91bf39979073d78bd84f5dd5d89bf91aa04b704a104dde5b04c85341
    image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:7983420590be0b0f62b726996dd73769a35c23a4b3b283f8cf20e09418e814eb
    imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:7983420590be0b0f62b726996dd73769a35c23a4b3b283f8cf20e09418e814eb
    lastState: {}
    name: whereabouts-cni
    ready: true
    restartCount: 0
    started: false
    state:
      terminated:
        containerID: cri-o://a63f08ea91bf39979073d78bd84f5dd5d89bf91aa04b704a104dde5b04c85341
        exitCode: 0
        finishedAt: "2025-10-11T10:39:47Z"
        reason: Completed
        startedAt: "2025-10-11T10:39:47Z"
    volumeMounts:
    - mountPath: /host/opt/cni/bin
      name: cnibin
    - mountPath: /host/etc/cni/net.d
      name: system-cni-dir
    - mountPath: /etc/whereabouts/config
      name: whereabouts-configmap
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-mptfd
      readOnly: true
      recursiveReadOnly: Disabled
  phase: Running
  podIP: 192.168.34.10
  podIPs:
  - ip: 192.168.34.10
  qosClass: Burstable
  startTime: "2025-10-11T10:39:00Z"