apiVersion: apps/v1 kind: DaemonSet metadata: annotations: deprecated.daemonset.template.generation: "1" creationTimestamp: "2025-12-05T13:04:38Z" generation: 1 name: ovn-controller namespace: openstack ownerReferences: - apiVersion: ovn.openstack.org/v1beta1 blockOwnerDeletion: true controller: true kind: OVNController name: ovncontroller uid: 2c5f30c8-edb3-417d-9feb-d3ad430c2a0b resourceVersion: "30615" uid: 153a742a-6f94-42d6-a196-0f850585e5ab spec: revisionHistoryLimit: 10 selector: matchLabels: service: ovn-controller template: metadata: creationTimestamp: null labels: service: ovn-controller spec: containers: - command: - ovn-controller - --pidfile - unix:/run/openvswitch/db.sock - --certificate=/etc/pki/tls/certs/ovndb.crt - --private-key=/etc/pki/tls/private/ovndb.key - --ca-cert=/etc/pki/tls/certs/ovndbca.crt env: - name: CONFIG_HASH value: n598h674h57ch685h57fh658h9fhdch597h5ch579h578h5dbh66ch67dhdh565h68dh76h97hb7h697h5dfh56dh554h55fh669h679h68dh577h5d7h5f7q image: quay.io/podified-antelope-centos9/openstack-ovn-controller@sha256:ebeb25c4a4ce978c741d166518070e05f0fd81c143bdc680ee1d8f5985ec8d6c imagePullPolicy: IfNotPresent lifecycle: preStop: exec: command: - /usr/share/ovn/scripts/ovn-ctl - stop_controller livenessProbe: exec: command: - /usr/local/bin/container-scripts/ovn_controller_liveness.sh failureThreshold: 3 initialDelaySeconds: 30 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 5 name: ovn-controller readinessProbe: exec: command: - /usr/local/bin/container-scripts/ovn_controller_readiness.sh failureThreshold: 3 initialDelaySeconds: 30 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 5 resources: {} securityContext: capabilities: add: - NET_ADMIN - SYS_ADMIN - SYS_NICE privileged: true runAsUser: 0 terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /var/run/openvswitch name: var-run - mountPath: /var/run/ovn name: var-run-ovn - mountPath: /var/log/ovn name: var-log-ovn - mountPath: /usr/local/bin/container-scripts name: scripts readOnly: true - mountPath: /etc/pki/tls/certs/ovndb.crt name: ovn-controller-tls-certs readOnly: true subPath: tls.crt - mountPath: /etc/pki/tls/private/ovndb.key name: ovn-controller-tls-certs readOnly: true subPath: tls.key - mountPath: /etc/pki/tls/certs/ovndbca.crt name: ovn-controller-tls-certs readOnly: true subPath: ca.crt - mountPath: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem name: combined-ca-bundle readOnly: true subPath: tls-ca-bundle.pem dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: ovncontroller-ovncontroller serviceAccountName: ovncontroller-ovncontroller terminationGracePeriodSeconds: 30 volumes: - hostPath: path: /var/home/core/openstack/etc/ovs type: DirectoryOrCreate name: etc-ovs - hostPath: path: /var/home/core/openstack/var/run/openvswitch type: DirectoryOrCreate name: var-run - hostPath: path: /var/home/core/openstack/var/log/openvswitch type: DirectoryOrCreate name: var-log - hostPath: path: /var/home/core/openstack/var/lib/openvswitch type: DirectoryOrCreate name: var-lib - hostPath: path: /var/home/core/openstack/var/run/ovn type: DirectoryOrCreate name: var-run-ovn - hostPath: path: /var/home/core/openstack/var/log/ovn type: DirectoryOrCreate name: var-log-ovn - configMap: defaultMode: 493 name: ovncontroller-scripts name: scripts - name: ovn-controller-tls-certs secret: defaultMode: 256 secretName: cert-ovncontroller-ovndbs - name: combined-ca-bundle secret: defaultMode: 292 secretName: combined-ca-bundle updateStrategy: rollingUpdate: maxSurge: 0 maxUnavailable: 1 type: RollingUpdate status: currentNumberScheduled: 1 desiredNumberScheduled: 1 numberAvailable: 1 numberMisscheduled: 0 numberReady: 1 observedGeneration: 1 updatedNumberScheduled: 1