apiVersion: apps/v1 kind: DaemonSet metadata: annotations: deprecated.daemonset.template.generation: "1" meta.helm.sh/release-name: neutron meta.helm.sh/release-namespace: openstack openstackhelm.openstack.org/release_uuid: "" creationTimestamp: "2026-03-02T21:55:03Z" generation: 1 labels: app.kubernetes.io/managed-by: Helm application: neutron component: ovn-metadata-agent release_group: neutron name: neutron-ovn-metadata-agent-default namespace: openstack resourceVersion: "17038" uid: 063144c2-1b55-48f9-9653-83ce61fdac11 spec: revisionHistoryLimit: 10 selector: matchLabels: application: neutron component: ovn-metadata-agent release_group: neutron template: metadata: annotations: configmap-bin-hash: 2c33379755f34d61bf1564e4617ff1b826c4e048b81792dae5498b72e444bf6d configmap-etc-hash: dc018c6cef6f5a4141750a60e0e24def37d48850b5ef5afa0b496f585eff7f8e openstackhelm.openstack.org/release_uuid: "" creationTimestamp: null labels: application: neutron component: ovn-metadata-agent release_group: neutron spec: containers: - command: - /tmp/neutron-ovn-metadata-agent.sh env: - name: RPC_PROBE_TIMEOUT value: "60" - name: RPC_PROBE_RETRIES value: "2" image: harbor.atmosphere.dev/ghcr.io/vexxhost/neutron:2023.1@sha256:2caa92a818bbb4c23caffc6a24d05309120fe4ea75b929f844228d16e514ce69 imagePullPolicy: IfNotPresent livenessProbe: exec: command: - python - /tmp/health-probe.py - --config-file - /etc/neutron/neutron.conf - --config-file - /etc/neutron/ovn_metadata_agent.ini - --liveness-probe - --use-fqdn failureThreshold: 3 initialDelaySeconds: 120 periodSeconds: 600 successThreshold: 1 timeoutSeconds: 580 name: neutron-ovn-metadata-agent readinessProbe: exec: command: - python - /tmp/health-probe.py - --config-file - /etc/neutron/neutron.conf - --config-file - /etc/neutron/ovn_metadata_agent.ini - --use-fqdn failureThreshold: 3 initialDelaySeconds: 30 periodSeconds: 190 successThreshold: 1 timeoutSeconds: 185 resources: {} securityContext: privileged: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /tmp name: pod-tmp - mountPath: /var/lib/neutron name: pod-var-neutron - mountPath: /tmp/neutron-ovn-metadata-agent.sh name: neutron-bin readOnly: true subPath: neutron-ovn-metadata-agent.sh - mountPath: /tmp/health-probe.py name: neutron-bin readOnly: true subPath: health-probe.py - mountPath: /etc/neutron/neutron.conf name: neutron-etc readOnly: true subPath: neutron.conf - mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini name: neutron-etc readOnly: true subPath: ml2_conf.ini - mountPath: /etc/neutron/ovn_metadata_agent.ini name: neutron-etc readOnly: true subPath: ovn_metadata_agent.ini - mountPath: /etc/sudoers.d/kolla_neutron_sudoers name: neutron-etc readOnly: true subPath: neutron_sudoers - mountPath: /etc/neutron/rootwrap.conf name: neutron-etc readOnly: true subPath: rootwrap.conf - mountPath: /etc/neutron/rootwrap.d/debug.filters name: neutron-etc readOnly: true subPath: debug.filters - mountPath: /etc/neutron/rootwrap.d/dhcp.filters name: neutron-etc readOnly: true subPath: dhcp.filters - mountPath: /etc/neutron/rootwrap.d/dibbler.filters name: neutron-etc readOnly: true subPath: dibbler.filters - mountPath: /etc/neutron/rootwrap.d/ebtables.filters name: neutron-etc readOnly: true subPath: ebtables.filters - mountPath: /etc/neutron/rootwrap.d/ipset-firewall.filters name: neutron-etc readOnly: true subPath: ipset-firewall.filters - mountPath: /etc/neutron/rootwrap.d/iptables-firewall.filters name: neutron-etc readOnly: true subPath: iptables-firewall.filters - mountPath: /etc/neutron/rootwrap.d/l3.filters name: neutron-etc readOnly: true subPath: l3.filters - mountPath: /etc/neutron/rootwrap.d/linuxbridge-plugin.filters name: neutron-etc readOnly: true subPath: linuxbridge-plugin.filters - mountPath: /etc/neutron/rootwrap.d/netns-cleanup.filters name: neutron-etc readOnly: true subPath: netns-cleanup.filters - mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters name: neutron-etc readOnly: true subPath: openvswitch-plugin.filters - mountPath: /etc/neutron/rootwrap.d/privsep.filters name: neutron-etc readOnly: true subPath: privsep.filters - mountPath: /var/lib/neutron/openstack-helm name: socket - mountPath: /run/netns mountPropagation: Bidirectional name: host-run-netns dnsPolicy: ClusterFirstWithHostNet hostNetwork: true initContainers: - command: - kubernetes-entrypoint env: - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name - name: NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - name: INTERFACE_NAME value: eth0 - name: PATH value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/ - name: DEPENDENCY_SERVICE value: openstack:nova-metadata,openstack:neutron-server - name: DEPENDENCY_DAEMONSET - name: DEPENDENCY_CONTAINER - name: DEPENDENCY_POD_JSON value: '[{"labels":{"application":"ovn","component":"ovn-controller"},"requireSameNode":true}]' - name: DEPENDENCY_CUSTOM_RESOURCE image: harbor.atmosphere.dev/ghcr.io/vexxhost/kubernetes-entrypoint:edge@sha256:8921b64b87af184a1421dd856b2703bcf3cff9f50863cd0d18371cf964a87bd3 imagePullPolicy: IfNotPresent name: init resources: {} securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true runAsUser: 65534 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File - command: - /tmp/neutron-metadata-agent-init.sh env: - name: NEUTRON_USER_UID value: "42424" image: harbor.atmosphere.dev/ghcr.io/vexxhost/neutron:2023.1@sha256:2caa92a818bbb4c23caffc6a24d05309120fe4ea75b929f844228d16e514ce69 imagePullPolicy: IfNotPresent name: neutron-metadata-agent-init resources: {} securityContext: readOnlyRootFilesystem: true runAsUser: 0 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /run/openvswitch name: run-openvswitch - mountPath: /tmp name: pod-tmp - mountPath: /tmp/neutron-metadata-agent-init.sh name: neutron-bin readOnly: true subPath: neutron-metadata-agent-init.sh - mountPath: /etc/neutron/neutron.conf name: neutron-etc readOnly: true subPath: neutron.conf - mountPath: /var/lib/neutron/openstack-helm name: socket - command: - /tmp/neutron-ovn-init.sh image: harbor.atmosphere.dev/ghcr.io/vexxhost/neutron:2023.1@sha256:2caa92a818bbb4c23caffc6a24d05309120fe4ea75b929f844228d16e514ce69 imagePullPolicy: IfNotPresent name: ovn-neutron-init resources: {} securityContext: readOnlyRootFilesystem: true runAsUser: 0 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /tmp name: pod-tmp - mountPath: /tmp/neutron-ovn-init.sh name: neutron-bin readOnly: true subPath: neutron-ovn-init.sh nodeSelector: openvswitch: enabled restartPolicy: Always schedulerName: default-scheduler securityContext: runAsUser: 42424 serviceAccount: neutron-ovn-metadata-agent serviceAccountName: neutron-ovn-metadata-agent shareProcessNamespace: true terminationGracePeriodSeconds: 30 volumes: - emptyDir: {} name: pod-tmp - emptyDir: {} name: pod-var-neutron - hostPath: path: /run/openvswitch type: "" name: run-openvswitch - configMap: defaultMode: 365 name: neutron-bin name: neutron-bin - name: neutron-etc secret: defaultMode: 292 secretName: neutron-ovn-metadata-agent-default - hostPath: path: /var/lib/neutron/openstack-helm type: "" name: socket - hostPath: path: /run/netns type: "" name: host-run-netns updateStrategy: rollingUpdate: maxSurge: 0 maxUnavailable: 1 type: RollingUpdate status: currentNumberScheduled: 1 desiredNumberScheduled: 1 numberAvailable: 1 numberMisscheduled: 0 numberReady: 1 observedGeneration: 1 updatedNumberScheduled: 1