apiVersion: apps/v1
kind: DaemonSet
metadata:
  annotations:
    configmap-bin-hash: 8fa5a078892b220e202c7a44d607e233aa3a01389e55fd7efb7383833c34418d
    deprecated.daemonset.template.generation: "1"
    meta.helm.sh/release-name: ovn
    meta.helm.sh/release-namespace: openstack
    openstackhelm.openstack.org/release_uuid: ""
  creationTimestamp: "2026-04-27T01:56:50Z"
  generation: 1
  labels:
    app.kubernetes.io/managed-by: Helm
    application: ovn
    component: ovn-controller
    release_group: ovn
  name: ovn-controller-default
  namespace: openstack
  resourceVersion: "17643"
  uid: d8dfa56a-6e78-4af1-9525-27f490b8c949
spec:
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      application: ovn
      component: ovn-controller
      release_group: ovn
  template:
    metadata:
      annotations:
        configmap-bin-hash: 3aa556ad27944df77b9719face81c2580e75df13709d13a9eaa07cb388ad9f4a
        configmap-etc-hash: 43326782f43b5f4c7ccdc53d68e182585462b9e348d55719fd2a3cc05819d93b
        openstackhelm.openstack.org/release_uuid: ""
      creationTimestamp: null
      labels:
        application: ovn
        component: ovn-controller
        release_group: ovn
    spec:
      containers:
      - command:
        - /root/ovnkube.sh
        - ovn-controller
        env:
        - name: OVS_USER_ID
          value: openvswitch
        - name: OVN_DAEMONSET_VERSION
          value: "3"
        - name: OVN_LOGLEVEL_CONTROLLER
          value: -vconsole:info -vfile:info
        - name: OVN_KUBERNETES_NAMESPACE
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: metadata.namespace
        - name: OVN_KUBERNETES_NB_STATEFULSET
          value: ovn-ovsdb-nb
        - name: OVN_KUBERNETES_SB_STATEFULSET
          value: ovn-ovsdb-sb
        - name: OVN_SSL_ENABLE
          value: "no"
        image: harbor.atmosphere.dev/ghcr.io/vexxhost/ovn:v24.03.7-3@sha256:deb1966eff94d8da072a3647db63546722094deb3ef34b6b464609bcba61887a
        imagePullPolicy: IfNotPresent
        name: controller
        readinessProbe:
          exec:
            command:
            - /usr/bin/ovn-kube-util
            - readiness-probe
            - -t
            - ovn-controller
          failureThreshold: 3
          initialDelaySeconds: 30
          periodSeconds: 60
          successThreshold: 1
          timeoutSeconds: 30
        resources: {}
        securityContext:
          privileged: true
          readOnlyRootFilesystem: true
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /run/openvswitch
          name: run-openvswitch
        - mountPath: /var/log/ovn
          name: logs
        - mountPath: /run/ovn
          name: run-openvswitch
      - command:
        - vector
        - --config
        - /etc/vector/vector.toml
        image: harbor.atmosphere.dev/docker.io/timberio/vector:0.38.0-debian
        imagePullPolicy: IfNotPresent
        name: vector
        resources: {}
        securityContext:
          allowPrivilegeEscalation: false
          readOnlyRootFilesystem: true
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /etc/vector
          name: vector-config
        - mountPath: /logs
          name: logs
        - mountPath: /var/lib/vector
          name: vector-data
      - command:
        - /tmp/ovn-network-logging-parser.sh
        - start
        env:
        - name: VECTOR_HTTP_ENDPOINT
          value: http://localhost:5001
        image: harbor.atmosphere.dev/ghcr.io/vexxhost/neutron:2024.2@sha256:f4ff237d8549daee0e29b03a25e36c4a2610423697bd647b9dae885f8f38428c
        imagePullPolicy: IfNotPresent
        name: log-parser
        ports:
        - containerPort: 9697
          name: http
          protocol: TCP
        resources: {}
        securityContext:
          allowPrivilegeEscalation: false
          readOnlyRootFilesystem: true
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /etc/neutron/neutron.conf
          name: neutron-etc
          readOnly: true
          subPath: neutron.conf
        - mountPath: /tmp/ovn-network-logging-parser.sh
          name: ovn-bin
          readOnly: true
          subPath: ovn-network-logging-parser.sh
        - mountPath: /etc/neutron/neutron-ovn-network-logging-parser-uwsgi.ini
          name: ovn-etc
          readOnly: true
          subPath: neutron-ovn-network-logging-parser-uwsgi.ini
      dnsPolicy: ClusterFirstWithHostNet
      hostIPC: true
      hostNetwork: true
      hostPID: true
      initContainers:
      - command:
        - kubernetes-entrypoint
        env:
        - name: POD_NAME
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: metadata.name
        - name: NAMESPACE
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: metadata.namespace
        - name: INTERFACE_NAME
          value: eth0
        - name: PATH
          value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/
        - name: DEPENDENCY_SERVICE
          value: openstack:ovn-ovsdb-sb
        - name: DEPENDENCY_DAEMONSET
        - name: DEPENDENCY_CONTAINER
        - name: DEPENDENCY_POD_JSON
          value: '[{"labels":{"application":"openvswitch","component":"server"},"requireSameNode":true}]'
        - name: DEPENDENCY_CUSTOM_RESOURCE
        image: harbor.atmosphere.dev/ghcr.io/vexxhost/kubernetes-entrypoint:edge@sha256:8921b64b87af184a1421dd856b2703bcf3cff9f50863cd0d18371cf964a87bd3
        imagePullPolicy: IfNotPresent
        name: init
        resources: {}
        securityContext:
          allowPrivilegeEscalation: false
          readOnlyRootFilesystem: true
          runAsUser: 65534
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
      - command:
        - /bin/bash
        - -c
        - |
          kubectl get node ${NODENAME} -o jsonpath='{.metadata.labels.openstack-control-plane}' > /tmp/gw-enabled/gw-enabled
        env:
        - name: NODENAME
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: spec.nodeName
        image: harbor.atmosphere.dev/ghcr.io/vexxhost/ovn:v24.03.7-3@sha256:deb1966eff94d8da072a3647db63546722094deb3ef34b6b464609bcba61887a
        imagePullPolicy: IfNotPresent
        name: get-gw-enabled
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /tmp/gw-enabled
          name: gw-enabled
      - command:
        - /tmp/ovn-controller-init.sh
        env:
        - name: NODE_NAME
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: spec.nodeName
        image: harbor.atmosphere.dev/ghcr.io/vexxhost/ovn:v24.03.7-3@sha256:deb1966eff94d8da072a3647db63546722094deb3ef34b6b464609bcba61887a
        imagePullPolicy: IfNotPresent
        name: controller-init
        resources: {}
        securityContext:
          privileged: true
          readOnlyRootFilesystem: true
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /tmp/ovn-controller-init.sh
          name: ovn-bin
          readOnly: true
          subPath: ovn-controller-init.sh
        - mountPath: /run/openvswitch
          name: run-openvswitch
        - mountPath: /tmp/auto_bridge_add
          name: ovn-etc
          readOnly: true
          subPath: auto_bridge_add
        - mountPath: /tmp/gw-enabled
          name: gw-enabled
          readOnly: true
      nodeSelector:
        openvswitch: enabled
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      serviceAccount: ovn-controller
      serviceAccountName: ovn-controller
      terminationGracePeriodSeconds: 30
      volumes:
      - configMap:
          defaultMode: 511
          name: ovn-controller-default-bin
        name: ovn-bin
      - hostPath:
          path: /run/openvswitch
          type: DirectoryOrCreate
        name: run-openvswitch
      - name: ovn-etc
        secret:
          defaultMode: 292
          secretName: ovn-controller-default-etc
      - hostPath:
          path: /var/log/ovn
          type: DirectoryOrCreate
        name: logs
      - hostPath:
          path: /run/ovn
          type: DirectoryOrCreate
        name: run-ovn
      - emptyDir: {}
        name: gw-enabled
      - name: vector-config
        secret:
          defaultMode: 420
          secretName: ovn-vector-config
      - emptyDir: {}
        name: vector-data
      - name: neutron-etc
        secret:
          defaultMode: 292
          secretName: neutron-etc
  updateStrategy:
    rollingUpdate:
      maxSurge: 0
      maxUnavailable: 1
    type: RollingUpdate
status:
  currentNumberScheduled: 1
  desiredNumberScheduled: 1
  numberAvailable: 1
  numberMisscheduled: 0
  numberReady: 1
  observedGeneration: 1
  updatedNumberScheduled: 1