apiVersion: apps/v1 kind: StatefulSet metadata: creationTimestamp: "2025-10-11T10:53:31Z" generation: 1 name: ovn-northd namespace: openstack ownerReferences: - apiVersion: ovn.openstack.org/v1beta1 blockOwnerDeletion: true controller: true kind: OVNNorthd name: ovnnorthd uid: bb6c5357-37ad-456f-86a4-ba6ad2177b93 resourceVersion: "37352" uid: 4abcedde-6fa3-4cd3-b085-08d2f69ea184 spec: persistentVolumeClaimRetentionPolicy: whenDeleted: Retain whenScaled: Retain podManagementPolicy: Parallel replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: service: ovn-northd serviceName: ovn-northd template: metadata: creationTimestamp: null labels: service: ovn-northd spec: affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchExpressions: - key: service operator: In values: - ovn-northd topologyKey: kubernetes.io/hostname weight: 100 containers: - args: - -vfile:off - -vconsole:info - --n-threads=1 - --ovnnb-db=ssl:ovsdbserver-nb-0.openstack.svc.cluster.local:6641,ssl:ovsdbserver-nb-1.openstack.svc.cluster.local:6641,ssl:ovsdbserver-nb-2.openstack.svc.cluster.local:6641 - --ovnsb-db=ssl:ovsdbserver-sb-0.openstack.svc.cluster.local:6642,ssl:ovsdbserver-sb-1.openstack.svc.cluster.local:6642,ssl:ovsdbserver-sb-2.openstack.svc.cluster.local:6642 - --certificate=/etc/pki/tls/certs/ovndb.crt - --private-key=/etc/pki/tls/private/ovndb.key - --ca-cert=/etc/pki/tls/certs/ovndbca.crt command: - /usr/bin/ovn-northd env: - name: OVN_RUNDIR value: /tmp - name: certs value: n568h66bh67dh56dh5c6h685hf9h5c8h64dhb5h8bh576h594h5b7h5chc5h5fbh688h5c8h596hcbh598h79hd7h54fhdfh596h586h557h64ch55dh647q - name: ovnnorthd-config value: n5c8h7ch56bh8dh8hc4h5dch9dh68h6bhb7h598h549h5dbh66fh6bh5b4h5cch5d6h55ch57fhfch588h89h5ddh5d6h65bh65bh8dhc4h67dh569q - name: ovnnorthd-scripts value: n664hd8h66ch58dh64hc9h66bhd4h558h697h67bh557hdch664h567h669h555h696h556h556h5fh5bh569hbh665h9dh4h9bh564hc8h5b7h5c4q - name: tls-ca-bundle.pem value: nbch567h66h9bh68h5b7hbfh78h67ch74hd8h695h5b4h96h74h68bh68fh5c9h566h694h688h6dh6ch58dh86hfch55dh599h58ch54bh58ch5b7q image: quay.io/podified-antelope-centos9/openstack-ovn-northd@sha256:ea164961ad30453ad0301c6b73364e1f1024f689634c88dd98265f9c7048e31d imagePullPolicy: IfNotPresent livenessProbe: exec: command: - /usr/local/bin/container-scripts/status_check.sh failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 1 name: ovn-northd readinessProbe: exec: command: - /usr/local/bin/container-scripts/status_check.sh failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 1 resources: {} securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL runAsNonRoot: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /usr/local/bin/container-scripts name: scripts readOnly: true - mountPath: /tmp name: ovn-rundir - mountPath: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem name: combined-ca-bundle readOnly: true subPath: tls-ca-bundle.pem - mountPath: /etc/pki/tls/certs/ovndb.crt name: ovn-northd-tls-certs readOnly: true subPath: tls.crt - mountPath: /etc/pki/tls/private/ovndb.key name: ovn-northd-tls-certs readOnly: true subPath: tls.key - mountPath: /etc/pki/tls/certs/ovndbca.crt name: ovn-northd-tls-certs readOnly: true subPath: ca.crt - command: - /app/openstack-network-exporter env: - name: OPENSTACK_NETWORK_EXPORTER_YAML value: /etc/config/openstack-network-exporter.yaml image: quay.io/openstack-k8s-operators/openstack-network-exporter@sha256:ecd56e6733c475f2d441344fd98f288c3eac0261ba113695fec7520a954ccbc7 imagePullPolicy: IfNotPresent name: openstack-network-exporter resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /tmp name: ovn-rundir - mountPath: /etc/config name: config readOnly: true - mountPath: /etc/pki/tls/certs/ovnmetrics.crt name: metrics-certs-tls-certs readOnly: true subPath: tls.crt - mountPath: /etc/pki/tls/private/ovnmetrics.key name: metrics-certs-tls-certs readOnly: true subPath: tls.key - mountPath: /etc/pki/tls/certs/ovndbca.crt name: metrics-certs-tls-certs readOnly: true subPath: ca.crt dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: ovnnorthd-ovnnorthd serviceAccountName: ovnnorthd-ovnnorthd terminationGracePeriodSeconds: 30 volumes: - configMap: defaultMode: 493 name: ovnnorthd-scripts name: scripts - emptyDir: {} name: ovn-rundir - configMap: defaultMode: 493 name: ovnnorthd-config name: config - name: combined-ca-bundle secret: defaultMode: 292 secretName: combined-ca-bundle - name: ovn-northd-tls-certs secret: defaultMode: 256 secretName: cert-ovnnorthd-ovndbs - name: metrics-certs-tls-certs secret: defaultMode: 256 secretName: cert-ovn-metrics updateStrategy: rollingUpdate: partition: 0 type: RollingUpdate status: availableReplicas: 1 collisionCount: 0 currentReplicas: 1 currentRevision: ovn-northd-6447859c54 observedGeneration: 1 readyReplicas: 1 replicas: 1 updateRevision: ovn-northd-6447859c54 updatedReplicas: 1