apiVersion: apps/v1 kind: DaemonSet metadata: annotations: deprecated.daemonset.template.generation: "1" creationTimestamp: "2025-10-11T10:53:01Z" generation: 1 name: ovn-controller namespace: openstack ownerReferences: - apiVersion: ovn.openstack.org/v1beta1 blockOwnerDeletion: true controller: true kind: OVNController name: ovncontroller uid: 03efddb7-9133-4e85-abfb-a97dae0db64c resourceVersion: "37715" uid: 6ce38038-bc80-4d8f-86b5-42a78b0b18fb spec: revisionHistoryLimit: 10 selector: matchLabels: service: ovn-controller template: metadata: creationTimestamp: null labels: service: ovn-controller spec: containers: - command: - ovn-controller - --pidfile - unix:/run/openvswitch/db.sock - --certificate=/etc/pki/tls/certs/ovndb.crt - --private-key=/etc/pki/tls/private/ovndb.key - --ca-cert=/etc/pki/tls/certs/ovndbca.crt env: - name: CONFIG_HASH value: n5bbh647h97h55bh79h5cbh8bh54fh658h558hc9h594hb7h686h59h5c9h64bhf6h94h5d9h68h59bh59bh5cdh5f5h8fh77h64chf4h5dfh57dh9q image: quay.io/podified-antelope-centos9/openstack-ovn-controller@sha256:d76f7d6620930cc2e9ac070492bbeb525f83ce5ff4947463e3784bf1ce04a857 imagePullPolicy: IfNotPresent lifecycle: preStop: exec: command: - /usr/share/ovn/scripts/ovn-ctl - stop_controller livenessProbe: exec: command: - /usr/local/bin/container-scripts/ovn_controller_liveness.sh failureThreshold: 3 initialDelaySeconds: 30 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 5 name: ovn-controller readinessProbe: exec: command: - /usr/local/bin/container-scripts/ovn_controller_readiness.sh failureThreshold: 3 initialDelaySeconds: 30 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 5 resources: {} securityContext: capabilities: add: - NET_ADMIN - SYS_ADMIN - SYS_NICE privileged: true runAsUser: 0 terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /var/run/openvswitch name: var-run - mountPath: /var/run/ovn name: var-run-ovn - mountPath: /var/log/ovn name: var-log-ovn - mountPath: /usr/local/bin/container-scripts name: scripts readOnly: true - mountPath: /etc/pki/tls/certs/ovndb.crt name: ovn-controller-tls-certs readOnly: true subPath: tls.crt - mountPath: /etc/pki/tls/private/ovndb.key name: ovn-controller-tls-certs readOnly: true subPath: tls.key - mountPath: /etc/pki/tls/certs/ovndbca.crt name: ovn-controller-tls-certs readOnly: true subPath: ca.crt - mountPath: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem name: combined-ca-bundle readOnly: true subPath: tls-ca-bundle.pem dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: ovncontroller-ovncontroller serviceAccountName: ovncontroller-ovncontroller terminationGracePeriodSeconds: 30 volumes: - hostPath: path: /var/home/core/openstack/etc/ovs type: DirectoryOrCreate name: etc-ovs - hostPath: path: /var/home/core/openstack/var/run/openvswitch type: DirectoryOrCreate name: var-run - hostPath: path: /var/home/core/openstack/var/log/openvswitch type: DirectoryOrCreate name: var-log - hostPath: path: /var/home/core/openstack/var/lib/openvswitch type: DirectoryOrCreate name: var-lib - hostPath: path: /var/home/core/openstack/var/run/ovn type: DirectoryOrCreate name: var-run-ovn - hostPath: path: /var/home/core/openstack/var/log/ovn type: DirectoryOrCreate name: var-log-ovn - configMap: defaultMode: 493 name: ovncontroller-scripts name: scripts - name: ovn-controller-tls-certs secret: defaultMode: 256 secretName: cert-ovncontroller-ovndbs - name: combined-ca-bundle secret: defaultMode: 292 secretName: combined-ca-bundle updateStrategy: rollingUpdate: maxSurge: 0 maxUnavailable: 1 type: RollingUpdate status: currentNumberScheduled: 3 desiredNumberScheduled: 3 numberAvailable: 3 numberMisscheduled: 0 numberReady: 3 observedGeneration: 1 updatedNumberScheduled: 3