--- apiVersion: v1 items: - apiVersion: v1 kind: Pod metadata: annotations: networkoperator.openshift.io/cluster-network-cidr: 10.128.0.0/14 networkoperator.openshift.io/hybrid-overlay-status: disabled networkoperator.openshift.io/ip-family-mode: single-stack creationTimestamp: "2025-10-11T10:27:25Z" generateName: ovnkube-control-plane-864d695c77- labels: app: ovnkube-control-plane component: network kubernetes.io/os: linux openshift.io/component: network pod-template-hash: 864d695c77 type: infra managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:networkoperator.openshift.io/cluster-network-cidr: {} f:networkoperator.openshift.io/hybrid-overlay-status: {} f:networkoperator.openshift.io/ip-family-mode: {} f:target.workload.openshift.io/management: {} f:generateName: {} f:labels: .: {} f:app: {} f:component: {} f:kubernetes.io/os: {} f:openshift.io/component: {} f:pod-template-hash: {} f:type: {} f:ownerReferences: .: {} k:{"uid":"68f88204-ab46-4829-8724-a6975f6c7dec"}: {} f:spec: f:containers: k:{"name":"kube-rbac-proxy"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":9108,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/pki/tls/metrics-cert"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"name":"ovnkube-cluster-manager"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"OVN_KUBE_LOG_LEVEL"}: .: {} f:name: {} f:value: {} k:{"name":"POD_NAME"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":29108,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovnkube-config/"}: .: {} f:mountPath: {} f:name: {} f:dnsPolicy: {} f:enableServiceLinks: {} f:hostNetwork: {} f:nodeSelector: {} f:priorityClassName: {} f:restartPolicy: {} f:schedulerName: {} f:securityContext: {} f:serviceAccount: {} f:serviceAccountName: {} f:terminationGracePeriodSeconds: {} f:tolerations: {} f:volumes: .: {} k:{"name":"env-overrides"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:optional: {} f:name: {} k:{"name":"ovn-control-plane-metrics-cert"}: .: {} f:name: {} f:secret: .: {} f:defaultMode: {} f:optional: {} f:secretName: {} k:{"name":"ovnkube-config"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:name: {} manager: kube-controller-manager operation: Update time: "2025-10-11T10:27:25Z" - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:status: f:conditions: k:{"type":"ContainersReady"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Initialized"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"PodReadyToStartContainers"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Ready"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} f:containerStatuses: {} f:hostIP: {} f:hostIPs: {} f:phase: {} f:podIP: {} f:podIPs: .: {} k:{"ip":"192.168.34.11"}: .: {} f:ip: {} f:startTime: {} manager: kubelet operation: Update subresource: status time: "2025-10-11T10:27:42Z" name: ovnkube-control-plane-864d695c77-5mflb namespace: openshift-ovn-kubernetes ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: ovnkube-control-plane-864d695c77 uid: 68f88204-ab46-4829-8724-a6975f6c7dec resourceVersion: "3917" uid: a65a56b0-5ee8-4429-8fe5-b33a6f29bc79 spec: containers: - command: - /bin/bash - -c - | #!/bin/bash set -euo pipefail TLS_PK=/etc/pki/tls/metrics-cert/tls.key TLS_CERT=/etc/pki/tls/metrics-cert/tls.crt # As the secret mount is optional we must wait for the files to be present. # The service is created in monitor.yaml and this is created in sdn.yaml. TS=$(date +%s) WARN_TS=$(( ${TS} + $(( 20 * 60)) )) HAS_LOGGED_INFO=0 log_missing_certs(){ CUR_TS=$(date +%s) if [[ "${CUR_TS}" -gt "WARN_TS" ]]; then echo $(date -Iseconds) WARN: ovn-control-plane-metrics-cert not mounted after 20 minutes. elif [[ "${HAS_LOGGED_INFO}" -eq 0 ]] ; then echo $(date -Iseconds) INFO: ovn-control-plane-metrics-cert not mounted. Waiting 20 minutes. HAS_LOGGED_INFO=1 fi } while [[ ! -f "${TLS_PK}" || ! -f "${TLS_CERT}" ]] ; do log_missing_certs sleep 5 done echo $(date -Iseconds) INFO: ovn-control-plane-metrics-certs mounted, starting kube-rbac-proxy exec /usr/bin/kube-rbac-proxy \ --logtostderr \ --secure-listen-address=:9108 \ --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 \ --upstream=http://127.0.0.1:29108/ \ --tls-private-key-file=${TLS_PK} \ --tls-cert-file=${TLS_CERT} image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imagePullPolicy: IfNotPresent name: kube-rbac-proxy ports: - containerPort: 9108 hostPort: 9108 name: https protocol: TCP resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /etc/pki/tls/metrics-cert name: ovn-control-plane-metrics-cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-snph7 readOnly: true - command: - /bin/bash - -c - | set -xe if [[ -f "/env/_master" ]]; then set -o allexport source "/env/_master" set +o allexport fi ovn_v4_join_subnet_opt= if [[ "" != "" ]]; then ovn_v4_join_subnet_opt="--gateway-v4-join-subnet " fi ovn_v6_join_subnet_opt= if [[ "" != "" ]]; then ovn_v6_join_subnet_opt="--gateway-v6-join-subnet " fi ovn_v4_transit_switch_subnet_opt= if [[ "" != "" ]]; then ovn_v4_transit_switch_subnet_opt="--cluster-manager-v4-transit-switch-subnet " fi ovn_v6_transit_switch_subnet_opt= if [[ "" != "" ]]; then ovn_v6_transit_switch_subnet_opt="--cluster-manager-v6-transit-switch-subnet " fi dns_name_resolver_enabled_flag= if [[ "false" == "true" ]]; then dns_name_resolver_enabled_flag="--enable-dns-name-resolver" fi persistent_ips_enabled_flag= if [[ "true" == "true" ]]; then persistent_ips_enabled_flag="--enable-persistent-ips" fi # This is needed so that converting clusters from GA to TP # will rollout control plane pods as well network_segmentation_enabled_flag= multi_network_enabled_flag= if [[ "true" == "true" ]]; then multi_network_enabled_flag="--enable-multi-network" network_segmentation_enabled_flag="--enable-network-segmentation" fi route_advertisements_enable_flag= if [[ "false" == "true" ]]; then route_advertisements_enable_flag="--enable-route-advertisements" fi echo "I$(date "+%m%d %H:%M:%S.%N") - ovnkube-control-plane - start ovnkube --init-cluster-manager ${K8S_NODE}" exec /usr/bin/ovnkube \ --enable-interconnect \ --init-cluster-manager "${K8S_NODE}" \ --config-file=/run/ovnkube-config/ovnkube.conf \ --loglevel "${OVN_KUBE_LOG_LEVEL}" \ --metrics-bind-address "127.0.0.1:29108" \ --metrics-enable-pprof \ --metrics-enable-config-duration \ ${ovn_v4_join_subnet_opt} \ ${ovn_v6_join_subnet_opt} \ ${ovn_v4_transit_switch_subnet_opt} \ ${ovn_v6_transit_switch_subnet_opt} \ ${dns_name_resolver_enabled_flag} \ ${persistent_ips_enabled_flag} \ ${multi_network_enabled_flag} \ ${network_segmentation_enabled_flag} \ ${route_advertisements_enable_flag} env: - name: OVN_KUBE_LOG_LEVEL value: "4" - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: ovnkube-cluster-manager ports: - containerPort: 29108 hostPort: 29108 name: metrics-port protocol: TCP resources: requests: cpu: 10m memory: 300Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-snph7 readOnly: true dnsPolicy: Default enableServiceLinks: true hostNetwork: true nodeName: master-1 nodeSelector: kubernetes.io/os: linux node-role.kubernetes.io/master: "" preemptionPolicy: PreemptLowerPriority priority: 2000000000 priorityClassName: system-cluster-critical restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: ovn-kubernetes-control-plane serviceAccountName: ovn-kubernetes-control-plane terminationGracePeriodSeconds: 30 tolerations: - key: node-role.kubernetes.io/master operator: Exists - key: node.kubernetes.io/not-ready operator: Exists - key: node.kubernetes.io/unreachable operator: Exists - key: node.kubernetes.io/network-unavailable operator: Exists - effect: NoSchedule key: node.kubernetes.io/memory-pressure operator: Exists volumes: - configMap: defaultMode: 420 name: ovnkube-config name: ovnkube-config - configMap: defaultMode: 420 name: env-overrides optional: true name: env-overrides - name: ovn-control-plane-metrics-cert secret: defaultMode: 420 optional: true secretName: ovn-control-plane-metrics-cert - name: kube-api-access-snph7 projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace - configMap: items: - key: service-ca.crt path: service-ca.crt name: openshift-service-ca.crt status: conditions: - lastProbeTime: null lastTransitionTime: "2025-10-11T10:27:42Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-10-11T10:27:25Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-10-11T10:27:42Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-10-11T10:27:42Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-10-11T10:27:25Z" status: "True" type: PodScheduled containerStatuses: - containerID: cri-o://6943eb663574984dc2c6e6a328d40af44972ef8e57e6085814bb716f16c316dc image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 lastState: {} name: kube-rbac-proxy ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:25Z" volumeMounts: - mountPath: /etc/pki/tls/metrics-cert name: ovn-control-plane-metrics-cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-snph7 readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://fd429044454b120b7f284bbe76d575ec34a3889f8f0e590f4edb09bf076942ee image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovnkube-cluster-manager ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:42Z" volumeMounts: - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-snph7 readOnly: true recursiveReadOnly: Disabled hostIP: 192.168.34.11 hostIPs: - ip: 192.168.34.11 phase: Running podIP: 192.168.34.11 podIPs: - ip: 192.168.34.11 qosClass: Burstable startTime: "2025-10-11T10:27:25Z" - apiVersion: v1 kind: Pod metadata: annotations: networkoperator.openshift.io/cluster-network-cidr: 10.128.0.0/14 networkoperator.openshift.io/hybrid-overlay-status: disabled networkoperator.openshift.io/ip-family-mode: single-stack creationTimestamp: "2025-10-11T10:27:25Z" generateName: ovnkube-control-plane-864d695c77- labels: app: ovnkube-control-plane component: network kubernetes.io/os: linux openshift.io/component: network pod-template-hash: 864d695c77 type: infra managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:networkoperator.openshift.io/cluster-network-cidr: {} f:networkoperator.openshift.io/hybrid-overlay-status: {} f:networkoperator.openshift.io/ip-family-mode: {} f:target.workload.openshift.io/management: {} f:generateName: {} f:labels: .: {} f:app: {} f:component: {} f:kubernetes.io/os: {} f:openshift.io/component: {} f:pod-template-hash: {} f:type: {} f:ownerReferences: .: {} k:{"uid":"68f88204-ab46-4829-8724-a6975f6c7dec"}: {} f:spec: f:containers: k:{"name":"kube-rbac-proxy"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":9108,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/pki/tls/metrics-cert"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"name":"ovnkube-cluster-manager"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"OVN_KUBE_LOG_LEVEL"}: .: {} f:name: {} f:value: {} k:{"name":"POD_NAME"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":29108,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovnkube-config/"}: .: {} f:mountPath: {} f:name: {} f:dnsPolicy: {} f:enableServiceLinks: {} f:hostNetwork: {} f:nodeSelector: {} f:priorityClassName: {} f:restartPolicy: {} f:schedulerName: {} f:securityContext: {} f:serviceAccount: {} f:serviceAccountName: {} f:terminationGracePeriodSeconds: {} f:tolerations: {} f:volumes: .: {} k:{"name":"env-overrides"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:optional: {} f:name: {} k:{"name":"ovn-control-plane-metrics-cert"}: .: {} f:name: {} f:secret: .: {} f:defaultMode: {} f:optional: {} f:secretName: {} k:{"name":"ovnkube-config"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:name: {} manager: kube-controller-manager operation: Update time: "2025-10-11T10:27:25Z" - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:status: f:conditions: k:{"type":"ContainersReady"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Initialized"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"PodReadyToStartContainers"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Ready"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} f:containerStatuses: {} f:hostIP: {} f:hostIPs: {} f:phase: {} f:podIP: {} f:podIPs: .: {} k:{"ip":"192.168.34.12"}: .: {} f:ip: {} f:startTime: {} manager: kubelet operation: Update subresource: status time: "2025-10-11T10:37:47Z" name: ovnkube-control-plane-864d695c77-b8x7k namespace: openshift-ovn-kubernetes ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: ovnkube-control-plane-864d695c77 uid: 68f88204-ab46-4829-8724-a6975f6c7dec resourceVersion: "17960" uid: 9727aec8-dcb9-40a6-9d8d-2a61f37b6503 spec: containers: - command: - /bin/bash - -c - | #!/bin/bash set -euo pipefail TLS_PK=/etc/pki/tls/metrics-cert/tls.key TLS_CERT=/etc/pki/tls/metrics-cert/tls.crt # As the secret mount is optional we must wait for the files to be present. # The service is created in monitor.yaml and this is created in sdn.yaml. TS=$(date +%s) WARN_TS=$(( ${TS} + $(( 20 * 60)) )) HAS_LOGGED_INFO=0 log_missing_certs(){ CUR_TS=$(date +%s) if [[ "${CUR_TS}" -gt "WARN_TS" ]]; then echo $(date -Iseconds) WARN: ovn-control-plane-metrics-cert not mounted after 20 minutes. elif [[ "${HAS_LOGGED_INFO}" -eq 0 ]] ; then echo $(date -Iseconds) INFO: ovn-control-plane-metrics-cert not mounted. Waiting 20 minutes. HAS_LOGGED_INFO=1 fi } while [[ ! -f "${TLS_PK}" || ! -f "${TLS_CERT}" ]] ; do log_missing_certs sleep 5 done echo $(date -Iseconds) INFO: ovn-control-plane-metrics-certs mounted, starting kube-rbac-proxy exec /usr/bin/kube-rbac-proxy \ --logtostderr \ --secure-listen-address=:9108 \ --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 \ --upstream=http://127.0.0.1:29108/ \ --tls-private-key-file=${TLS_PK} \ --tls-cert-file=${TLS_CERT} image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imagePullPolicy: IfNotPresent name: kube-rbac-proxy ports: - containerPort: 9108 hostPort: 9108 name: https protocol: TCP resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /etc/pki/tls/metrics-cert name: ovn-control-plane-metrics-cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-njmgm readOnly: true - command: - /bin/bash - -c - | set -xe if [[ -f "/env/_master" ]]; then set -o allexport source "/env/_master" set +o allexport fi ovn_v4_join_subnet_opt= if [[ "" != "" ]]; then ovn_v4_join_subnet_opt="--gateway-v4-join-subnet " fi ovn_v6_join_subnet_opt= if [[ "" != "" ]]; then ovn_v6_join_subnet_opt="--gateway-v6-join-subnet " fi ovn_v4_transit_switch_subnet_opt= if [[ "" != "" ]]; then ovn_v4_transit_switch_subnet_opt="--cluster-manager-v4-transit-switch-subnet " fi ovn_v6_transit_switch_subnet_opt= if [[ "" != "" ]]; then ovn_v6_transit_switch_subnet_opt="--cluster-manager-v6-transit-switch-subnet " fi dns_name_resolver_enabled_flag= if [[ "false" == "true" ]]; then dns_name_resolver_enabled_flag="--enable-dns-name-resolver" fi persistent_ips_enabled_flag= if [[ "true" == "true" ]]; then persistent_ips_enabled_flag="--enable-persistent-ips" fi # This is needed so that converting clusters from GA to TP # will rollout control plane pods as well network_segmentation_enabled_flag= multi_network_enabled_flag= if [[ "true" == "true" ]]; then multi_network_enabled_flag="--enable-multi-network" network_segmentation_enabled_flag="--enable-network-segmentation" fi route_advertisements_enable_flag= if [[ "false" == "true" ]]; then route_advertisements_enable_flag="--enable-route-advertisements" fi echo "I$(date "+%m%d %H:%M:%S.%N") - ovnkube-control-plane - start ovnkube --init-cluster-manager ${K8S_NODE}" exec /usr/bin/ovnkube \ --enable-interconnect \ --init-cluster-manager "${K8S_NODE}" \ --config-file=/run/ovnkube-config/ovnkube.conf \ --loglevel "${OVN_KUBE_LOG_LEVEL}" \ --metrics-bind-address "127.0.0.1:29108" \ --metrics-enable-pprof \ --metrics-enable-config-duration \ ${ovn_v4_join_subnet_opt} \ ${ovn_v6_join_subnet_opt} \ ${ovn_v4_transit_switch_subnet_opt} \ ${ovn_v6_transit_switch_subnet_opt} \ ${dns_name_resolver_enabled_flag} \ ${persistent_ips_enabled_flag} \ ${multi_network_enabled_flag} \ ${network_segmentation_enabled_flag} \ ${route_advertisements_enable_flag} env: - name: OVN_KUBE_LOG_LEVEL value: "4" - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: ovnkube-cluster-manager ports: - containerPort: 29108 hostPort: 29108 name: metrics-port protocol: TCP resources: requests: cpu: 10m memory: 300Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-njmgm readOnly: true dnsPolicy: Default enableServiceLinks: true hostNetwork: true nodeName: master-2 nodeSelector: kubernetes.io/os: linux node-role.kubernetes.io/master: "" preemptionPolicy: PreemptLowerPriority priority: 2000000000 priorityClassName: system-cluster-critical restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: ovn-kubernetes-control-plane serviceAccountName: ovn-kubernetes-control-plane terminationGracePeriodSeconds: 30 tolerations: - key: node-role.kubernetes.io/master operator: Exists - key: node.kubernetes.io/not-ready operator: Exists - key: node.kubernetes.io/unreachable operator: Exists - key: node.kubernetes.io/network-unavailable operator: Exists - effect: NoSchedule key: node.kubernetes.io/memory-pressure operator: Exists volumes: - configMap: defaultMode: 420 name: ovnkube-config name: ovnkube-config - configMap: defaultMode: 420 name: env-overrides optional: true name: env-overrides - name: ovn-control-plane-metrics-cert secret: defaultMode: 420 optional: true secretName: ovn-control-plane-metrics-cert - name: kube-api-access-njmgm projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace - configMap: items: - key: service-ca.crt path: service-ca.crt name: openshift-service-ca.crt status: conditions: - lastProbeTime: null lastTransitionTime: "2025-10-11T10:27:46Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-10-11T10:27:25Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-10-11T10:27:46Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-10-11T10:27:46Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-10-11T10:27:25Z" status: "True" type: PodScheduled containerStatuses: - containerID: cri-o://dc031f4dd9db1fa90da21ee773e117ca3278e0a2094f12e77f4c3fd673ee09ad image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 lastState: {} name: kube-rbac-proxy ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:25Z" volumeMounts: - mountPath: /etc/pki/tls/metrics-cert name: ovn-control-plane-metrics-cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-njmgm readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://e158d51773ea3d54a9f7af87b30a23cf17dc3b04e477c11473ef17096d07a719 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovnkube-cluster-manager ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:45Z" volumeMounts: - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-njmgm readOnly: true recursiveReadOnly: Disabled hostIP: 192.168.34.12 hostIPs: - ip: 192.168.34.12 phase: Running podIP: 192.168.34.12 podIPs: - ip: 192.168.34.12 qosClass: Burstable startTime: "2025-10-11T10:27:25Z" - apiVersion: v1 kind: Pod metadata: annotations: cluster-autoscaler.kubernetes.io/enable-ds-eviction: "false" network.operator.openshift.io/ovnkube-script-lib-hash: 4663e2cd756605339dc0ac3a52f8438c1f5de1d8 networkoperator.openshift.io/cluster-network-cidr: 10.128.0.0/14 networkoperator.openshift.io/hybrid-overlay-status: disabled networkoperator.openshift.io/ip-family-mode: single-stack creationTimestamp: "2025-10-11T10:38:51Z" generateName: ovnkube-node- labels: app: ovnkube-node component: network controller-revision-hash: 6964586d86 kubernetes.io/os: linux openshift.io/component: network ovn-db-pod: "true" pod-template-generation: "2" type: infra managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:cluster-autoscaler.kubernetes.io/enable-ds-eviction: {} f:network.operator.openshift.io/ovnkube-script-lib-hash: {} f:networkoperator.openshift.io/cluster-network-cidr: {} f:networkoperator.openshift.io/hybrid-overlay-status: {} f:networkoperator.openshift.io/ip-family-mode: {} f:target.workload.openshift.io/management: {} f:generateName: {} f:labels: .: {} f:app: {} f:component: {} f:controller-revision-hash: {} f:kubernetes.io/os: {} f:openshift.io/component: {} f:ovn-db-pod: {} f:pod-template-generation: {} f:type: {} f:ownerReferences: .: {} k:{"uid":"bf9fd235-86c7-42b3-8fb9-26fcbcec6526"}: {} f:spec: f:affinity: .: {} f:nodeAffinity: .: {} f:requiredDuringSchedulingIgnoredDuringExecution: {} f:containers: k:{"name":"kube-rbac-proxy-node"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":9103,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/pki/tls/metrics-cert"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"name":"kube-rbac-proxy-ovn-metrics"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":9105,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/pki/tls/metrics-cert"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"name":"nbdb"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:postStart: .: {} f:exec: .: {} f:command: {} f:name: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"name":"northd"}: .: {} f:command: {} f:env: .: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovn-acl-logging"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovn-controller"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:securityContext: .: {} f:privileged: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/dev/log"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/lib/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovnkube-controller"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"KUBERNETES_SERVICE_HOST"}: .: {} f:name: {} f:value: {} k:{"name":"KUBERNETES_SERVICE_PORT"}: .: {} f:name: {} f:value: {} k:{"name":"OVN_CONTROLLER_INACTIVITY_PROBE"}: .: {} f:name: {} f:value: {} k:{"name":"OVN_KUBE_LOG_LEVEL"}: .: {} f:name: {} f:value: {} k:{"name":"POD_NAME"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:preStop: .: {} f:exec: .: {} f:command: {} f:name: {} f:ports: .: {} k:{"containerPort":29105,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:securityContext: .: {} f:privileged: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/cni-bin-dir"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/cni/net.d"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/systemd/system"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/host"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/netns"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/run/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn-kubernetes/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovnkube-config/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/systemd/private"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} f:subPath: {} k:{"mountPath":"/var/lib/cni/networks/ovn-k8s-cni-overlay"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/lib/kubelet"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/var/lib/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovnkube/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"sbdb"}: .: {} f:command: {} f:env: .: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:postStart: .: {} f:exec: .: {} f:command: {} f:name: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} f:dnsPolicy: {} f:enableServiceLinks: {} f:hostNetwork: {} f:hostPID: {} f:initContainers: .: {} k:{"name":"kubecfg-setup"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} f:nodeSelector: {} f:priorityClassName: {} f:restartPolicy: {} f:schedulerName: {} f:securityContext: {} f:serviceAccount: {} f:serviceAccountName: {} f:terminationGracePeriodSeconds: {} f:tolerations: {} f:volumes: .: {} k:{"name":"env-overrides"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:optional: {} f:name: {} k:{"name":"etc-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-cni-bin"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-cni-netd"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-kubelet"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-run-netns"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-run-ovn-kubernetes"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-slash"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-var-lib-cni-networks-ovn-kubernetes"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"log-socket"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"node-log"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"ovn-node-metrics-cert"}: .: {} f:name: {} f:secret: .: {} f:defaultMode: {} f:optional: {} f:secretName: {} k:{"name":"ovnkube-config"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:name: {} k:{"name":"ovnkube-script-lib"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:name: {} k:{"name":"run-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"run-ovn"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"run-systemd"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"systemd-units"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"var-lib-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} manager: kube-controller-manager operation: Update time: "2025-10-11T10:38:51Z" - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:status: f:conditions: k:{"type":"ContainersReady"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Initialized"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"PodReadyToStartContainers"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Ready"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} f:containerStatuses: {} f:hostIP: {} f:hostIPs: {} f:initContainerStatuses: {} f:phase: {} f:podIP: {} f:podIPs: .: {} k:{"ip":"192.168.34.10"}: .: {} f:ip: {} f:startTime: {} manager: kubelet operation: Update subresource: status time: "2025-10-11T10:39:50Z" name: ovnkube-node-96nq6 namespace: openshift-ovn-kubernetes ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: DaemonSet name: ovnkube-node uid: bf9fd235-86c7-42b3-8fb9-26fcbcec6526 resourceVersion: "20121" uid: 417d5cfd-0cf3-4d96-b901-fcfe4f742ca5 spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchFields: - key: metadata.name operator: In values: - master-0 containers: - command: - /bin/bash - -c - | set -e . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-ovn-controller ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: ovn-controller resources: requests: cpu: 10m memory: 300Mi securityContext: privileged: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /env name: env-overrides - mountPath: /var/log/ovn/ name: node-log - mountPath: /dev/log name: log-socket - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true - command: - /bin/bash - -c - | set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-audit-log-rotation image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: ovn-acl-logging resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/log/ovn/ name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true - command: - /bin/bash - -c - | #!/bin/bash set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-rbac-proxy-node ovn-node-metrics 9103 29103 /etc/pki/tls/metrics-cert/tls.key /etc/pki/tls/metrics-cert/tls.crt image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imagePullPolicy: IfNotPresent name: kube-rbac-proxy-node ports: - containerPort: 9103 hostPort: 9103 name: https protocol: TCP resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true - command: - /bin/bash - -c - | #!/bin/bash set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-rbac-proxy-node ovn-metrics 9105 29105 /etc/pki/tls/metrics-cert/tls.key /etc/pki/tls/metrics-cert/tls.crt image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imagePullPolicy: IfNotPresent name: kube-rbac-proxy-ovn-metrics ports: - containerPort: 9105 hostPort: 9105 name: https protocol: TCP resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-ovn-northd TERM INT start-ovn-northd "${OVN_LOG_LEVEL}" env: - name: OVN_LOG_LEVEL value: info image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: northd resources: requests: cpu: 10m memory: 70Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-nbdb TERM INT start-nbdb ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: postStart: exec: command: - /bin/bash - -c - | set -x . /ovnkube-lib/ovnkube-lib.sh || exit 1 nbdb-post-start 10000 name: nbdb readinessProbe: exec: command: - /bin/bash - -c - | set -xeo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 ovndb-readiness-probe "nb" failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: requests: cpu: 10m memory: 300Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-sbdb TERM INT start-sbdb ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: postStart: exec: command: - /bin/bash - -c - | set -x . /ovnkube-lib/ovnkube-lib.sh || exit 1 sbdb-post-start name: sbdb readinessProbe: exec: command: - /bin/bash - -c - | set -xeo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 ovndb-readiness-probe "sb" failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: requests: cpu: 10m memory: 300Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/log/ovn name: node-log - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true - command: - /bin/bash - -c - | set -xe . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-ovnkube-node ${OVN_KUBE_LOG_LEVEL} 29103 29105 env: - name: KUBERNETES_SERVICE_PORT value: "6443" - name: KUBERNETES_SERVICE_HOST value: api-int.ocp.openstack.lab - name: OVN_CONTROLLER_INACTIVITY_PROBE value: "180000" - name: OVN_KUBE_LOG_LEVEL value: "4" - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: preStop: exec: command: - rm - -f - /etc/cni/net.d/10-ovn-kubernetes.conf name: ovnkube-controller ports: - containerPort: 29105 hostPort: 29105 name: ovnmetrics-port protocol: TCP readinessProbe: exec: command: - /bin/bash - -c - | #!/bin/bash test -f /etc/cni/net.d/10-ovn-kubernetes.conf failureThreshold: 3 initialDelaySeconds: 5 periodSeconds: 30 successThreshold: 1 timeoutSeconds: 1 resources: requests: cpu: 10m memory: 600Mi securityContext: privileged: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/lib/kubelet mountPropagation: HostToContainer name: host-kubelet readOnly: true - mountPath: /etc/systemd/system name: systemd-units readOnly: true - mountPath: /host mountPropagation: HostToContainer name: host-slash readOnly: true - mountPath: /run/ovn-kubernetes/ name: host-run-ovn-kubernetes - mountPath: /run/netns mountPropagation: HostToContainer name: host-run-netns readOnly: true - mountPath: /run/systemd/private mountPropagation: HostToContainer name: run-systemd readOnly: true subPath: private - mountPath: /cni-bin-dir name: host-cni-bin - mountPath: /etc/cni/net.d name: host-cni-netd - mountPath: /var/lib/cni/networks/ovn-k8s-cni-overlay name: host-var-lib-cni-networks-ovn-kubernetes - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /var/log/ovnkube/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true dnsPolicy: Default enableServiceLinks: true hostNetwork: true hostPID: true imagePullSecrets: - name: ovn-kubernetes-node-dockercfg-dkksq initContainers: - command: - /bin/bash - -c - | cat << EOF > /etc/ovn/kubeconfig apiVersion: v1 clusters: - cluster: certificate-authority: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt server: https://api-int.ocp.openstack.lab:6443 name: default-cluster contexts: - context: cluster: default-cluster namespace: default user: default-auth name: default-context current-context: default-context kind: Config preferences: {} users: - name: default-auth user: client-certificate: /etc/ovn/ovnkube-node-certs/ovnkube-client-current.pem client-key: /etc/ovn/ovnkube-node-certs/ovnkube-client-current.pem EOF image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: kubecfg-setup resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true nodeName: master-0 nodeSelector: kubernetes.io/os: linux preemptionPolicy: PreemptLowerPriority priority: 2000001000 priorityClassName: system-node-critical restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: ovn-kubernetes-node serviceAccountName: ovn-kubernetes-node terminationGracePeriodSeconds: 30 tolerations: - operator: Exists volumes: - hostPath: path: /var/lib/kubelet type: "" name: host-kubelet - hostPath: path: /etc/systemd/system type: "" name: systemd-units - hostPath: path: / type: "" name: host-slash - hostPath: path: /run/netns type: "" name: host-run-netns - hostPath: path: /run/systemd type: "" name: run-systemd - hostPath: path: /var/lib/openvswitch/data type: "" name: var-lib-openvswitch - hostPath: path: /var/lib/ovn-ic/etc type: "" name: etc-openvswitch - hostPath: path: /var/run/openvswitch type: "" name: run-openvswitch - hostPath: path: /var/run/ovn-ic type: "" name: run-ovn - hostPath: path: /var/log/ovn type: "" name: node-log - hostPath: path: /dev/log type: "" name: log-socket - hostPath: path: /run/ovn-kubernetes type: "" name: host-run-ovn-kubernetes - hostPath: path: /var/lib/cni/bin type: "" name: host-cni-bin - hostPath: path: /var/run/multus/cni/net.d type: "" name: host-cni-netd - hostPath: path: /var/lib/cni/networks/ovn-k8s-cni-overlay type: "" name: host-var-lib-cni-networks-ovn-kubernetes - configMap: defaultMode: 420 name: ovnkube-config name: ovnkube-config - configMap: defaultMode: 420 name: env-overrides optional: true name: env-overrides - name: ovn-node-metrics-cert secret: defaultMode: 420 optional: true secretName: ovn-node-metrics-cert - configMap: defaultMode: 484 name: ovnkube-script-lib name: ovnkube-script-lib - name: kube-api-access-l99wx projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace - configMap: items: - key: service-ca.crt path: service-ca.crt name: openshift-service-ca.crt status: conditions: - lastProbeTime: null lastTransitionTime: "2025-10-11T10:39:24Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-10-11T10:39:24Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-10-11T10:39:50Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-10-11T10:39:50Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-10-11T10:39:00Z" status: "True" type: PodScheduled containerStatuses: - containerID: cri-o://0953b5b0c5d6edfebd7e041d85e453f7d46a7e288f2dbe6db61c650e49aa3ec0 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 lastState: {} name: kube-rbac-proxy-node ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:39:24Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://ab19d5c0142bc874df4b98658c457d1cdc054f9b46eef50595af10649131145b image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 lastState: {} name: kube-rbac-proxy-ovn-metrics ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:39:24Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://b5faae4cb3ce806047cd66c065a54f6c8cc6b120d3d6c1a930b8eb04fb788f18 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: nbdb ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:39:25Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://7355ba655a327634066827f4e80f5fe8032e43bdabdd01970c30815cb9d86537 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: northd ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:39:25Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://a66d1fdbb33d748a1a06a36bf1348949b781c536249b656184762e926e180206 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovn-acl-logging ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:39:24Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/log/ovn/ name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://1c19f9bbf921ae3af539ff0dff6e8cc4553b77a82249a509f0b4aa7f76a3e97f image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovn-controller ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:39:24Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /env name: env-overrides - mountPath: /var/log/ovn/ name: node-log - mountPath: /dev/log name: log-socket - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://2f0526028039267cde2979d801362373c8768640c849ad28a6187f6ce5f10f04 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovnkube-controller ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:39:29Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/lib/kubelet name: host-kubelet readOnly: true recursiveReadOnly: Disabled - mountPath: /etc/systemd/system name: systemd-units readOnly: true recursiveReadOnly: Disabled - mountPath: /host name: host-slash readOnly: true recursiveReadOnly: Disabled - mountPath: /run/ovn-kubernetes/ name: host-run-ovn-kubernetes - mountPath: /run/netns name: host-run-netns readOnly: true recursiveReadOnly: Disabled - mountPath: /run/systemd/private name: run-systemd readOnly: true recursiveReadOnly: Disabled - mountPath: /cni-bin-dir name: host-cni-bin - mountPath: /etc/cni/net.d name: host-cni-netd - mountPath: /var/lib/cni/networks/ovn-k8s-cni-overlay name: host-var-lib-cni-networks-ovn-kubernetes - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /var/log/ovnkube/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://6a176c78e46a2ac85d5511e5328a902be27c1e6cbfc1e616a7087d989017fbb7 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: sbdb ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:39:27Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/log/ovn name: node-log - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true recursiveReadOnly: Disabled hostIP: 192.168.34.10 hostIPs: - ip: 192.168.34.10 initContainerStatuses: - containerID: cri-o://8d6c1b823de6d3bbb1ce290ecfdd81097a24f1a6b64ac3d1baa8dbfab78727e3 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: kubecfg-setup ready: true restartCount: 0 started: false state: terminated: containerID: cri-o://8d6c1b823de6d3bbb1ce290ecfdd81097a24f1a6b64ac3d1baa8dbfab78727e3 exitCode: 0 finishedAt: "2025-10-11T10:39:24Z" reason: Completed startedAt: "2025-10-11T10:39:24Z" volumeMounts: - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-l99wx readOnly: true recursiveReadOnly: Disabled phase: Running podIP: 192.168.34.10 podIPs: - ip: 192.168.34.10 qosClass: Burstable startTime: "2025-10-11T10:39:00Z" - apiVersion: v1 kind: Pod metadata: annotations: cluster-autoscaler.kubernetes.io/enable-ds-eviction: "false" network.operator.openshift.io/ovnkube-script-lib-hash: 4663e2cd756605339dc0ac3a52f8438c1f5de1d8 networkoperator.openshift.io/cluster-network-cidr: 10.128.0.0/14 networkoperator.openshift.io/hybrid-overlay-status: disabled networkoperator.openshift.io/ip-family-mode: single-stack creationTimestamp: "2025-10-11T10:27:51Z" generateName: ovnkube-node- labels: app: ovnkube-node component: network controller-revision-hash: 6964586d86 kubernetes.io/os: linux openshift.io/component: network ovn-db-pod: "true" pod-template-generation: "2" type: infra managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:cluster-autoscaler.kubernetes.io/enable-ds-eviction: {} f:network.operator.openshift.io/ovnkube-script-lib-hash: {} f:networkoperator.openshift.io/cluster-network-cidr: {} f:networkoperator.openshift.io/hybrid-overlay-status: {} f:networkoperator.openshift.io/ip-family-mode: {} f:target.workload.openshift.io/management: {} f:generateName: {} f:labels: .: {} f:app: {} f:component: {} f:controller-revision-hash: {} f:kubernetes.io/os: {} f:openshift.io/component: {} f:ovn-db-pod: {} f:pod-template-generation: {} f:type: {} f:ownerReferences: .: {} k:{"uid":"bf9fd235-86c7-42b3-8fb9-26fcbcec6526"}: {} f:spec: f:affinity: .: {} f:nodeAffinity: .: {} f:requiredDuringSchedulingIgnoredDuringExecution: {} f:containers: k:{"name":"kube-rbac-proxy-node"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":9103,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/pki/tls/metrics-cert"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"name":"kube-rbac-proxy-ovn-metrics"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":9105,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/pki/tls/metrics-cert"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"name":"nbdb"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:postStart: .: {} f:exec: .: {} f:command: {} f:name: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"name":"northd"}: .: {} f:command: {} f:env: .: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovn-acl-logging"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovn-controller"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:securityContext: .: {} f:privileged: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/dev/log"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/lib/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovnkube-controller"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"KUBERNETES_SERVICE_HOST"}: .: {} f:name: {} f:value: {} k:{"name":"KUBERNETES_SERVICE_PORT"}: .: {} f:name: {} f:value: {} k:{"name":"OVN_CONTROLLER_INACTIVITY_PROBE"}: .: {} f:name: {} f:value: {} k:{"name":"OVN_KUBE_LOG_LEVEL"}: .: {} f:name: {} f:value: {} k:{"name":"POD_NAME"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:preStop: .: {} f:exec: .: {} f:command: {} f:name: {} f:ports: .: {} k:{"containerPort":29105,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:securityContext: .: {} f:privileged: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/cni-bin-dir"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/cni/net.d"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/systemd/system"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/host"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/netns"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/run/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn-kubernetes/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovnkube-config/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/systemd/private"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} f:subPath: {} k:{"mountPath":"/var/lib/cni/networks/ovn-k8s-cni-overlay"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/lib/kubelet"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/var/lib/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovnkube/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"sbdb"}: .: {} f:command: {} f:env: .: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:postStart: .: {} f:exec: .: {} f:command: {} f:name: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} f:dnsPolicy: {} f:enableServiceLinks: {} f:hostNetwork: {} f:hostPID: {} f:initContainers: .: {} k:{"name":"kubecfg-setup"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} f:nodeSelector: {} f:priorityClassName: {} f:restartPolicy: {} f:schedulerName: {} f:securityContext: {} f:serviceAccount: {} f:serviceAccountName: {} f:terminationGracePeriodSeconds: {} f:tolerations: {} f:volumes: .: {} k:{"name":"env-overrides"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:optional: {} f:name: {} k:{"name":"etc-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-cni-bin"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-cni-netd"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-kubelet"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-run-netns"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-run-ovn-kubernetes"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-slash"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-var-lib-cni-networks-ovn-kubernetes"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"log-socket"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"node-log"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"ovn-node-metrics-cert"}: .: {} f:name: {} f:secret: .: {} f:defaultMode: {} f:optional: {} f:secretName: {} k:{"name":"ovnkube-config"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:name: {} k:{"name":"ovnkube-script-lib"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:name: {} k:{"name":"run-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"run-ovn"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"run-systemd"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"systemd-units"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"var-lib-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} manager: kube-controller-manager operation: Update time: "2025-10-11T10:27:51Z" - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:status: f:conditions: k:{"type":"ContainersReady"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Initialized"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"PodReadyToStartContainers"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Ready"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} f:containerStatuses: {} f:hostIP: {} f:hostIPs: {} f:initContainerStatuses: {} f:phase: {} f:podIP: {} f:podIPs: .: {} k:{"ip":"192.168.34.11"}: .: {} f:ip: {} f:startTime: {} manager: kubelet operation: Update subresource: status time: "2025-10-11T10:28:11Z" name: ovnkube-node-p9l4v namespace: openshift-ovn-kubernetes ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: DaemonSet name: ovnkube-node uid: bf9fd235-86c7-42b3-8fb9-26fcbcec6526 resourceVersion: "4560" uid: a199ebda-03a4-4154-902b-28397e4bc616 spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchFields: - key: metadata.name operator: In values: - master-1 containers: - command: - /bin/bash - -c - | set -e . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-ovn-controller ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: ovn-controller resources: requests: cpu: 10m memory: 300Mi securityContext: privileged: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /env name: env-overrides - mountPath: /var/log/ovn/ name: node-log - mountPath: /dev/log name: log-socket - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true - command: - /bin/bash - -c - | set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-audit-log-rotation image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: ovn-acl-logging resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/log/ovn/ name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true - command: - /bin/bash - -c - | #!/bin/bash set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-rbac-proxy-node ovn-node-metrics 9103 29103 /etc/pki/tls/metrics-cert/tls.key /etc/pki/tls/metrics-cert/tls.crt image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imagePullPolicy: IfNotPresent name: kube-rbac-proxy-node ports: - containerPort: 9103 hostPort: 9103 name: https protocol: TCP resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true - command: - /bin/bash - -c - | #!/bin/bash set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-rbac-proxy-node ovn-metrics 9105 29105 /etc/pki/tls/metrics-cert/tls.key /etc/pki/tls/metrics-cert/tls.crt image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imagePullPolicy: IfNotPresent name: kube-rbac-proxy-ovn-metrics ports: - containerPort: 9105 hostPort: 9105 name: https protocol: TCP resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-ovn-northd TERM INT start-ovn-northd "${OVN_LOG_LEVEL}" env: - name: OVN_LOG_LEVEL value: info image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: northd resources: requests: cpu: 10m memory: 70Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-nbdb TERM INT start-nbdb ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: postStart: exec: command: - /bin/bash - -c - | set -x . /ovnkube-lib/ovnkube-lib.sh || exit 1 nbdb-post-start 10000 name: nbdb readinessProbe: exec: command: - /bin/bash - -c - | set -xeo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 ovndb-readiness-probe "nb" failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: requests: cpu: 10m memory: 300Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-sbdb TERM INT start-sbdb ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: postStart: exec: command: - /bin/bash - -c - | set -x . /ovnkube-lib/ovnkube-lib.sh || exit 1 sbdb-post-start name: sbdb readinessProbe: exec: command: - /bin/bash - -c - | set -xeo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 ovndb-readiness-probe "sb" failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: requests: cpu: 10m memory: 300Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/log/ovn name: node-log - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true - command: - /bin/bash - -c - | set -xe . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-ovnkube-node ${OVN_KUBE_LOG_LEVEL} 29103 29105 env: - name: KUBERNETES_SERVICE_PORT value: "6443" - name: KUBERNETES_SERVICE_HOST value: api-int.ocp.openstack.lab - name: OVN_CONTROLLER_INACTIVITY_PROBE value: "180000" - name: OVN_KUBE_LOG_LEVEL value: "4" - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: preStop: exec: command: - rm - -f - /etc/cni/net.d/10-ovn-kubernetes.conf name: ovnkube-controller ports: - containerPort: 29105 hostPort: 29105 name: ovnmetrics-port protocol: TCP readinessProbe: exec: command: - /bin/bash - -c - | #!/bin/bash test -f /etc/cni/net.d/10-ovn-kubernetes.conf failureThreshold: 3 initialDelaySeconds: 5 periodSeconds: 30 successThreshold: 1 timeoutSeconds: 1 resources: requests: cpu: 10m memory: 600Mi securityContext: privileged: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/lib/kubelet mountPropagation: HostToContainer name: host-kubelet readOnly: true - mountPath: /etc/systemd/system name: systemd-units readOnly: true - mountPath: /host mountPropagation: HostToContainer name: host-slash readOnly: true - mountPath: /run/ovn-kubernetes/ name: host-run-ovn-kubernetes - mountPath: /run/netns mountPropagation: HostToContainer name: host-run-netns readOnly: true - mountPath: /run/systemd/private mountPropagation: HostToContainer name: run-systemd readOnly: true subPath: private - mountPath: /cni-bin-dir name: host-cni-bin - mountPath: /etc/cni/net.d name: host-cni-netd - mountPath: /var/lib/cni/networks/ovn-k8s-cni-overlay name: host-var-lib-cni-networks-ovn-kubernetes - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /var/log/ovnkube/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true dnsPolicy: Default enableServiceLinks: true hostNetwork: true hostPID: true initContainers: - command: - /bin/bash - -c - | cat << EOF > /etc/ovn/kubeconfig apiVersion: v1 clusters: - cluster: certificate-authority: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt server: https://api-int.ocp.openstack.lab:6443 name: default-cluster contexts: - context: cluster: default-cluster namespace: default user: default-auth name: default-context current-context: default-context kind: Config preferences: {} users: - name: default-auth user: client-certificate: /etc/ovn/ovnkube-node-certs/ovnkube-client-current.pem client-key: /etc/ovn/ovnkube-node-certs/ovnkube-client-current.pem EOF image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: kubecfg-setup resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true nodeName: master-1 nodeSelector: kubernetes.io/os: linux preemptionPolicy: PreemptLowerPriority priority: 2000001000 priorityClassName: system-node-critical restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: ovn-kubernetes-node serviceAccountName: ovn-kubernetes-node terminationGracePeriodSeconds: 30 tolerations: - operator: Exists volumes: - hostPath: path: /var/lib/kubelet type: "" name: host-kubelet - hostPath: path: /etc/systemd/system type: "" name: systemd-units - hostPath: path: / type: "" name: host-slash - hostPath: path: /run/netns type: "" name: host-run-netns - hostPath: path: /run/systemd type: "" name: run-systemd - hostPath: path: /var/lib/openvswitch/data type: "" name: var-lib-openvswitch - hostPath: path: /var/lib/ovn-ic/etc type: "" name: etc-openvswitch - hostPath: path: /var/run/openvswitch type: "" name: run-openvswitch - hostPath: path: /var/run/ovn-ic type: "" name: run-ovn - hostPath: path: /var/log/ovn type: "" name: node-log - hostPath: path: /dev/log type: "" name: log-socket - hostPath: path: /run/ovn-kubernetes type: "" name: host-run-ovn-kubernetes - hostPath: path: /var/lib/cni/bin type: "" name: host-cni-bin - hostPath: path: /var/run/multus/cni/net.d type: "" name: host-cni-netd - hostPath: path: /var/lib/cni/networks/ovn-k8s-cni-overlay type: "" name: host-var-lib-cni-networks-ovn-kubernetes - configMap: defaultMode: 420 name: ovnkube-config name: ovnkube-config - configMap: defaultMode: 420 name: env-overrides optional: true name: env-overrides - name: ovn-node-metrics-cert secret: defaultMode: 420 optional: true secretName: ovn-node-metrics-cert - configMap: defaultMode: 484 name: ovnkube-script-lib name: ovnkube-script-lib - name: kube-api-access-tm62v projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace - configMap: items: - key: service-ca.crt path: service-ca.crt name: openshift-service-ca.crt status: conditions: - lastProbeTime: null lastTransitionTime: "2025-10-11T10:27:52Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-10-11T10:27:52Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-10-11T10:28:11Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-10-11T10:28:11Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-10-11T10:27:51Z" status: "True" type: PodScheduled containerStatuses: - containerID: cri-o://8627a1f9bab17ac392bffb2dceb0bec6de4b75d5ef5d603424b688f3ef7d9b5f image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 lastState: {} name: kube-rbac-proxy-node ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:53Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://c1d8c24dcdadcad5e7a13a9718b6daeeaaa8375978b55bcf3c855d56d5b71f16 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 lastState: {} name: kube-rbac-proxy-ovn-metrics ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:53Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://811acc170d18d1cc1fb2e96244bd657affd5063d11b11fed0eb46a3a7c5a648f image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: nbdb ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:53Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://3c3b5bb1f5483e2ded64735aa85858cf0858f4f695f8c037443c207c64d0f520 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: northd ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:53Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://dba69f90e730cf13a8b86f0ec5f8fb7feed6a3bdf7e8bd0002e37b08b0d0cab9 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovn-acl-logging ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:53Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/log/ovn/ name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://99315b03b176b9548ff6f442300ed5f7301dbc1d41371db939926c6b88f3bbcb image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovn-controller ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:52Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /env name: env-overrides - mountPath: /var/log/ovn/ name: node-log - mountPath: /dev/log name: log-socket - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://ca302a8439820b05b4af2e1ab36feb2534be24776f9c7a40729fdb60938aaa70 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovnkube-controller ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:58Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/lib/kubelet name: host-kubelet readOnly: true recursiveReadOnly: Disabled - mountPath: /etc/systemd/system name: systemd-units readOnly: true recursiveReadOnly: Disabled - mountPath: /host name: host-slash readOnly: true recursiveReadOnly: Disabled - mountPath: /run/ovn-kubernetes/ name: host-run-ovn-kubernetes - mountPath: /run/netns name: host-run-netns readOnly: true recursiveReadOnly: Disabled - mountPath: /run/systemd/private name: run-systemd readOnly: true recursiveReadOnly: Disabled - mountPath: /cni-bin-dir name: host-cni-bin - mountPath: /etc/cni/net.d name: host-cni-netd - mountPath: /var/lib/cni/networks/ovn-k8s-cni-overlay name: host-var-lib-cni-networks-ovn-kubernetes - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /var/log/ovnkube/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://a31f2faa9277289c626596c01158d31130d2fd07a0622a3dc29355c1c98bcbc4 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: sbdb ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:55Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/log/ovn name: node-log - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true recursiveReadOnly: Disabled hostIP: 192.168.34.11 hostIPs: - ip: 192.168.34.11 initContainerStatuses: - containerID: cri-o://e286ed9631e3bc792d7041c1bf8fc3c79727dde398696236177ad7a5a407c619 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: kubecfg-setup ready: true restartCount: 0 started: false state: terminated: containerID: cri-o://e286ed9631e3bc792d7041c1bf8fc3c79727dde398696236177ad7a5a407c619 exitCode: 0 finishedAt: "2025-10-11T10:27:51Z" reason: Completed startedAt: "2025-10-11T10:27:51Z" volumeMounts: - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-tm62v readOnly: true recursiveReadOnly: Disabled phase: Running podIP: 192.168.34.11 podIPs: - ip: 192.168.34.11 qosClass: Burstable startTime: "2025-10-11T10:27:51Z" - apiVersion: v1 kind: Pod metadata: annotations: cluster-autoscaler.kubernetes.io/enable-ds-eviction: "false" network.operator.openshift.io/ovnkube-script-lib-hash: 4663e2cd756605339dc0ac3a52f8438c1f5de1d8 networkoperator.openshift.io/cluster-network-cidr: 10.128.0.0/14 networkoperator.openshift.io/hybrid-overlay-status: disabled networkoperator.openshift.io/ip-family-mode: single-stack creationTimestamp: "2025-10-11T10:27:52Z" generateName: ovnkube-node- labels: app: ovnkube-node component: network controller-revision-hash: 6964586d86 kubernetes.io/os: linux openshift.io/component: network ovn-db-pod: "true" pod-template-generation: "2" type: infra managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:cluster-autoscaler.kubernetes.io/enable-ds-eviction: {} f:network.operator.openshift.io/ovnkube-script-lib-hash: {} f:networkoperator.openshift.io/cluster-network-cidr: {} f:networkoperator.openshift.io/hybrid-overlay-status: {} f:networkoperator.openshift.io/ip-family-mode: {} f:target.workload.openshift.io/management: {} f:generateName: {} f:labels: .: {} f:app: {} f:component: {} f:controller-revision-hash: {} f:kubernetes.io/os: {} f:openshift.io/component: {} f:ovn-db-pod: {} f:pod-template-generation: {} f:type: {} f:ownerReferences: .: {} k:{"uid":"bf9fd235-86c7-42b3-8fb9-26fcbcec6526"}: {} f:spec: f:affinity: .: {} f:nodeAffinity: .: {} f:requiredDuringSchedulingIgnoredDuringExecution: {} f:containers: k:{"name":"kube-rbac-proxy-node"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":9103,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/pki/tls/metrics-cert"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"name":"kube-rbac-proxy-ovn-metrics"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":9105,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/pki/tls/metrics-cert"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"name":"nbdb"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:postStart: .: {} f:exec: .: {} f:command: {} f:name: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"name":"northd"}: .: {} f:command: {} f:env: .: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovn-acl-logging"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovn-controller"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:securityContext: .: {} f:privileged: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/dev/log"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/lib/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"ovnkube-controller"}: .: {} f:command: {} f:env: .: {} k:{"name":"K8S_NODE"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} k:{"name":"KUBERNETES_SERVICE_HOST"}: .: {} f:name: {} f:value: {} k:{"name":"KUBERNETES_SERVICE_PORT"}: .: {} f:name: {} f:value: {} k:{"name":"OVN_CONTROLLER_INACTIVITY_PROBE"}: .: {} f:name: {} f:value: {} k:{"name":"OVN_KUBE_LOG_LEVEL"}: .: {} f:name: {} f:value: {} k:{"name":"POD_NAME"}: .: {} f:name: {} f:valueFrom: .: {} f:fieldRef: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:preStop: .: {} f:exec: .: {} f:command: {} f:name: {} f:ports: .: {} k:{"containerPort":29105,"protocol":"TCP"}: .: {} f:containerPort: {} f:hostPort: {} f:name: {} f:protocol: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:securityContext: .: {} f:privileged: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/cni-bin-dir"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/cni/net.d"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/systemd/system"}: .: {} f:mountPath: {} f:name: {} f:readOnly: {} k:{"mountPath":"/host"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/netns"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/run/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn-kubernetes/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovnkube-config/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/systemd/private"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} f:subPath: {} k:{"mountPath":"/var/lib/cni/networks/ovn-k8s-cni-overlay"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/lib/kubelet"}: .: {} f:mountPath: {} f:mountPropagation: {} f:name: {} f:readOnly: {} k:{"mountPath":"/var/lib/openvswitch"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovnkube/"}: .: {} f:mountPath: {} f:name: {} k:{"name":"sbdb"}: .: {} f:command: {} f:env: .: {} k:{"name":"OVN_LOG_LEVEL"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:lifecycle: .: {} f:postStart: .: {} f:exec: .: {} f:command: {} f:name: {} f:readinessProbe: .: {} f:exec: .: {} f:command: {} f:failureThreshold: {} f:initialDelaySeconds: {} f:periodSeconds: {} f:successThreshold: {} f:timeoutSeconds: {} f:resources: .: {} f:requests: .: {} f:cpu: {} f:memory: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/env"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/ovnkube-lib"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/run/ovn/"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/var/log/ovn"}: .: {} f:mountPath: {} f:name: {} f:dnsPolicy: {} f:enableServiceLinks: {} f:hostNetwork: {} f:hostPID: {} f:initContainers: .: {} k:{"name":"kubecfg-setup"}: .: {} f:command: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/etc/ovn/"}: .: {} f:mountPath: {} f:name: {} f:nodeSelector: {} f:priorityClassName: {} f:restartPolicy: {} f:schedulerName: {} f:securityContext: {} f:serviceAccount: {} f:serviceAccountName: {} f:terminationGracePeriodSeconds: {} f:tolerations: {} f:volumes: .: {} k:{"name":"env-overrides"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:optional: {} f:name: {} k:{"name":"etc-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-cni-bin"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-cni-netd"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-kubelet"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-run-netns"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-run-ovn-kubernetes"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-slash"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"host-var-lib-cni-networks-ovn-kubernetes"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"log-socket"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"node-log"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"ovn-node-metrics-cert"}: .: {} f:name: {} f:secret: .: {} f:defaultMode: {} f:optional: {} f:secretName: {} k:{"name":"ovnkube-config"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:name: {} k:{"name":"ovnkube-script-lib"}: .: {} f:configMap: .: {} f:defaultMode: {} f:name: {} f:name: {} k:{"name":"run-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"run-ovn"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"run-systemd"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"systemd-units"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} k:{"name":"var-lib-openvswitch"}: .: {} f:hostPath: .: {} f:path: {} f:type: {} f:name: {} manager: kube-controller-manager operation: Update time: "2025-10-11T10:27:52Z" - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:status: f:conditions: k:{"type":"ContainersReady"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Initialized"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"PodReadyToStartContainers"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Ready"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} f:containerStatuses: {} f:hostIP: {} f:hostIPs: {} f:initContainerStatuses: {} f:phase: {} f:podIP: {} f:podIPs: .: {} k:{"ip":"192.168.34.12"}: .: {} f:ip: {} f:startTime: {} manager: kubelet operation: Update subresource: status time: "2025-10-11T10:37:48Z" name: ovnkube-node-x5wg8 namespace: openshift-ovn-kubernetes ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: DaemonSet name: ovnkube-node uid: bf9fd235-86c7-42b3-8fb9-26fcbcec6526 resourceVersion: "18115" uid: b7bd3364-8f2a-492d-917f-acbbe3267954 spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchFields: - key: metadata.name operator: In values: - master-2 containers: - command: - /bin/bash - -c - | set -e . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-ovn-controller ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: ovn-controller resources: requests: cpu: 10m memory: 300Mi securityContext: privileged: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /env name: env-overrides - mountPath: /var/log/ovn/ name: node-log - mountPath: /dev/log name: log-socket - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true - command: - /bin/bash - -c - | set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-audit-log-rotation image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: ovn-acl-logging resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/log/ovn/ name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true - command: - /bin/bash - -c - | #!/bin/bash set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-rbac-proxy-node ovn-node-metrics 9103 29103 /etc/pki/tls/metrics-cert/tls.key /etc/pki/tls/metrics-cert/tls.crt image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imagePullPolicy: IfNotPresent name: kube-rbac-proxy-node ports: - containerPort: 9103 hostPort: 9103 name: https protocol: TCP resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true - command: - /bin/bash - -c - | #!/bin/bash set -euo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-rbac-proxy-node ovn-metrics 9105 29105 /etc/pki/tls/metrics-cert/tls.key /etc/pki/tls/metrics-cert/tls.crt image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imagePullPolicy: IfNotPresent name: kube-rbac-proxy-ovn-metrics ports: - containerPort: 9105 hostPort: 9105 name: https protocol: TCP resources: requests: cpu: 10m memory: 20Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-ovn-northd TERM INT start-ovn-northd "${OVN_LOG_LEVEL}" env: - name: OVN_LOG_LEVEL value: info image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: northd resources: requests: cpu: 10m memory: 70Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-nbdb TERM INT start-nbdb ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: postStart: exec: command: - /bin/bash - -c - | set -x . /ovnkube-lib/ovnkube-lib.sh || exit 1 nbdb-post-start 10000 name: nbdb readinessProbe: exec: command: - /bin/bash - -c - | set -xeo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 ovndb-readiness-probe "nb" failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: requests: cpu: 10m memory: 300Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true - command: - /bin/bash - -c - | set -xem if [[ -f /env/_master ]]; then set -o allexport source /env/_master set +o allexport fi . /ovnkube-lib/ovnkube-lib.sh || exit 1 trap quit-sbdb TERM INT start-sbdb ${OVN_LOG_LEVEL} env: - name: OVN_LOG_LEVEL value: info image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: postStart: exec: command: - /bin/bash - -c - | set -x . /ovnkube-lib/ovnkube-lib.sh || exit 1 sbdb-post-start name: sbdb readinessProbe: exec: command: - /bin/bash - -c - | set -xeo pipefail . /ovnkube-lib/ovnkube-lib.sh || exit 1 ovndb-readiness-probe "sb" failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: requests: cpu: 10m memory: 300Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/log/ovn name: node-log - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true - command: - /bin/bash - -c - | set -xe . /ovnkube-lib/ovnkube-lib.sh || exit 1 start-ovnkube-node ${OVN_KUBE_LOG_LEVEL} 29103 29105 env: - name: KUBERNETES_SERVICE_PORT value: "6443" - name: KUBERNETES_SERVICE_HOST value: api-int.ocp.openstack.lab - name: OVN_CONTROLLER_INACTIVITY_PROBE value: "180000" - name: OVN_KUBE_LOG_LEVEL value: "4" - name: K8S_NODE valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent lifecycle: preStop: exec: command: - rm - -f - /etc/cni/net.d/10-ovn-kubernetes.conf name: ovnkube-controller ports: - containerPort: 29105 hostPort: 29105 name: ovnmetrics-port protocol: TCP readinessProbe: exec: command: - /bin/bash - -c - | #!/bin/bash test -f /etc/cni/net.d/10-ovn-kubernetes.conf failureThreshold: 3 initialDelaySeconds: 5 periodSeconds: 30 successThreshold: 1 timeoutSeconds: 1 resources: requests: cpu: 10m memory: 600Mi securityContext: privileged: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/lib/kubelet mountPropagation: HostToContainer name: host-kubelet readOnly: true - mountPath: /etc/systemd/system name: systemd-units readOnly: true - mountPath: /host mountPropagation: HostToContainer name: host-slash readOnly: true - mountPath: /run/ovn-kubernetes/ name: host-run-ovn-kubernetes - mountPath: /run/netns mountPropagation: HostToContainer name: host-run-netns readOnly: true - mountPath: /run/systemd/private mountPropagation: HostToContainer name: run-systemd readOnly: true subPath: private - mountPath: /cni-bin-dir name: host-cni-bin - mountPath: /etc/cni/net.d name: host-cni-netd - mountPath: /var/lib/cni/networks/ovn-k8s-cni-overlay name: host-var-lib-cni-networks-ovn-kubernetes - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /var/log/ovnkube/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true dnsPolicy: Default enableServiceLinks: true hostNetwork: true hostPID: true initContainers: - command: - /bin/bash - -c - | cat << EOF > /etc/ovn/kubeconfig apiVersion: v1 clusters: - cluster: certificate-authority: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt server: https://api-int.ocp.openstack.lab:6443 name: default-cluster contexts: - context: cluster: default-cluster namespace: default user: default-auth name: default-context current-context: default-context kind: Config preferences: {} users: - name: default-auth user: client-certificate: /etc/ovn/ovnkube-node-certs/ovnkube-client-current.pem client-key: /etc/ovn/ovnkube-node-certs/ovnkube-client-current.pem EOF image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imagePullPolicy: IfNotPresent name: kubecfg-setup resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true nodeName: master-2 nodeSelector: kubernetes.io/os: linux preemptionPolicy: PreemptLowerPriority priority: 2000001000 priorityClassName: system-node-critical restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: ovn-kubernetes-node serviceAccountName: ovn-kubernetes-node terminationGracePeriodSeconds: 30 tolerations: - operator: Exists volumes: - hostPath: path: /var/lib/kubelet type: "" name: host-kubelet - hostPath: path: /etc/systemd/system type: "" name: systemd-units - hostPath: path: / type: "" name: host-slash - hostPath: path: /run/netns type: "" name: host-run-netns - hostPath: path: /run/systemd type: "" name: run-systemd - hostPath: path: /var/lib/openvswitch/data type: "" name: var-lib-openvswitch - hostPath: path: /var/lib/ovn-ic/etc type: "" name: etc-openvswitch - hostPath: path: /var/run/openvswitch type: "" name: run-openvswitch - hostPath: path: /var/run/ovn-ic type: "" name: run-ovn - hostPath: path: /var/log/ovn type: "" name: node-log - hostPath: path: /dev/log type: "" name: log-socket - hostPath: path: /run/ovn-kubernetes type: "" name: host-run-ovn-kubernetes - hostPath: path: /var/lib/cni/bin type: "" name: host-cni-bin - hostPath: path: /var/run/multus/cni/net.d type: "" name: host-cni-netd - hostPath: path: /var/lib/cni/networks/ovn-k8s-cni-overlay type: "" name: host-var-lib-cni-networks-ovn-kubernetes - configMap: defaultMode: 420 name: ovnkube-config name: ovnkube-config - configMap: defaultMode: 420 name: env-overrides optional: true name: env-overrides - name: ovn-node-metrics-cert secret: defaultMode: 420 optional: true secretName: ovn-node-metrics-cert - configMap: defaultMode: 484 name: ovnkube-script-lib name: ovnkube-script-lib - name: kube-api-access-h2g8t projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace - configMap: items: - key: service-ca.crt path: service-ca.crt name: openshift-service-ca.crt status: conditions: - lastProbeTime: null lastTransitionTime: "2025-10-11T10:27:53Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-10-11T10:27:53Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-10-11T10:28:13Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-10-11T10:28:13Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-10-11T10:27:52Z" status: "True" type: PodScheduled containerStatuses: - containerID: cri-o://886ab5820c28e6480d00698580e79e4781c20f7b130fa459da47233902f43417 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 lastState: {} name: kube-rbac-proxy-node ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:53Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://728ce00595d9265f53bf5fbf1d588ecd2ed424cf93b146811d6c3f08d82584b6 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f22b65e5c744a32d3955dd7c36d809e3114a8aa501b44c00330dfda886c21169 lastState: {} name: kube-rbac-proxy-ovn-metrics ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:53Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/pki/tls/metrics-cert name: ovn-node-metrics-cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://cc1598a4280245cab1f7a4fbea20199177a785ee92e9d62194ceca67349d3714 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: nbdb ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:53Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://d442efc1b44b6f95f4b75faeec2f7d5b3deac6b7b138cbc3871630d947eabc45 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: northd ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:53Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn name: etc-openvswitch - mountPath: /var/log/ovn name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://4d72efb914bdc3ea62ac41cf6038365dd833039cf28930aafc4d0e0130f12055 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovn-acl-logging ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:53Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/log/ovn/ name: node-log - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://776a37488dc34a6237bc811855d780600eb2615467f8e88048305ef984cd3514 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovn-controller ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:53Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /env name: env-overrides - mountPath: /var/log/ovn/ name: node-log - mountPath: /dev/log name: log-socket - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://179a33dd9b2c47cd10b8c7507158e6874a3b4b5607b9ce19ef0de9c49a47da08 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: ovnkube-controller ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:58Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /var/lib/kubelet name: host-kubelet readOnly: true recursiveReadOnly: Disabled - mountPath: /etc/systemd/system name: systemd-units readOnly: true recursiveReadOnly: Disabled - mountPath: /host name: host-slash readOnly: true recursiveReadOnly: Disabled - mountPath: /run/ovn-kubernetes/ name: host-run-ovn-kubernetes - mountPath: /run/netns name: host-run-netns readOnly: true recursiveReadOnly: Disabled - mountPath: /run/systemd/private name: run-systemd readOnly: true recursiveReadOnly: Disabled - mountPath: /cni-bin-dir name: host-cni-bin - mountPath: /etc/cni/net.d name: host-cni-netd - mountPath: /var/lib/cni/networks/ovn-k8s-cni-overlay name: host-var-lib-cni-networks-ovn-kubernetes - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /var/log/ovnkube/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /etc/openvswitch name: etc-openvswitch - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/lib/openvswitch name: var-lib-openvswitch - mountPath: /run/ovnkube-config/ name: ovnkube-config - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true recursiveReadOnly: Disabled - containerID: cri-o://29d5b2f57601ccd97e0b67297507c979bbda2eb904fb57963f2ba752d9aac90a image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: sbdb ready: true restartCount: 0 started: true state: running: startedAt: "2025-10-11T10:27:56Z" volumeMounts: - mountPath: /ovnkube-lib name: ovnkube-script-lib - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /run/ovn/ name: run-ovn - mountPath: /var/log/ovn name: node-log - mountPath: /env name: env-overrides - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true recursiveReadOnly: Disabled hostIP: 192.168.34.12 hostIPs: - ip: 192.168.34.12 initContainerStatuses: - containerID: cri-o://b3aed0e6bbc92472d45e0f8800eaeb8e8e1992c8df1659a9f1421e62f43ff048 image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 imageID: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b05c14f2032f7ba3017e9bcb6b3be4e7eaed8223e30a721b46b24f9cdcbd6a95 lastState: {} name: kubecfg-setup ready: true restartCount: 0 started: false state: terminated: containerID: cri-o://b3aed0e6bbc92472d45e0f8800eaeb8e8e1992c8df1659a9f1421e62f43ff048 exitCode: 0 finishedAt: "2025-10-11T10:27:53Z" reason: Completed startedAt: "2025-10-11T10:27:53Z" volumeMounts: - mountPath: /etc/ovn/ name: etc-openvswitch - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-h2g8t readOnly: true recursiveReadOnly: Disabled phase: Running podIP: 192.168.34.12 podIPs: - ip: 192.168.34.12 qosClass: Burstable startTime: "2025-10-11T10:27:52Z" kind: PodList metadata: resourceVersion: "64825"