fix: update ovn chart close to upstream (#2023)



Reviewed-by: Mohammed Naser <mnaser@vexxhost.com>
diff --git a/.charts.yml b/.charts.yml
index bdb8155..3cc5376 100644
--- a/.charts.yml
+++ b/.charts.yml
@@ -175,6 +175,10 @@
     version: 0.1.13
     repository: *openstack_helm_infra_repository
     dependencies: *openstack_helm_dependencies
+    patches:
+      gerrit:
+        review.opendev.org:
+          - 933333
   - name: placement
     version: 0.3.9
     repository: *openstack_helm_repository
diff --git a/charts/ovn/templates/bin/_ovn-controller-init.sh.tpl b/charts/ovn/templates/bin/_ovn-controller-init.sh.tpl
index b196021..1d303c8 100644
--- a/charts/ovn/templates/bin/_ovn-controller-init.sh.tpl
+++ b/charts/ovn/templates/bin/_ovn-controller-init.sh.tpl
@@ -144,7 +144,13 @@
 ovs-vsctl set open . external-ids:ovn-encap-type="{{ .Values.conf.ovn_encap_type }}"
 ovs-vsctl set open . external-ids:ovn-bridge="{{ .Values.conf.ovn_bridge }}"
 ovs-vsctl set open . external-ids:ovn-bridge-mappings="{{ .Values.conf.ovn_bridge_mappings }}"
-ovs-vsctl set open . external-ids:ovn-cms-options="${OVN_CMS_OPTIONS}"
+
+GW_ENABLED=$(cat /tmp/gw-enabled/gw-enabled)
+if [[ ${GW_ENABLED} == {{ .Values.labels.ovn_controller_gw.node_selector_value }} ]]; then
+  ovs-vsctl set open . external-ids:ovn-cms-options={{ .Values.conf.ovn_cms_options_gw_enabled }}
+else
+  ovs-vsctl set open . external-ids:ovn-cms-options={{ .Values.conf.ovn_cms_options }}
+fi
 
 {{ if .Values.conf.ovn_bridge_datapath_type -}}
 ovs-vsctl set open . external-ids:ovn-bridge-datapath-type="{{ .Values.conf.ovn_bridge_datapath_type }}"
diff --git a/charts/ovn/templates/daemonset-controller-gw.yaml b/charts/ovn/templates/daemonset-controller-gw.yaml
deleted file mode 100644
index fa71635..0000000
--- a/charts/ovn/templates/daemonset-controller-gw.yaml
+++ /dev/null
@@ -1,190 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-   http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "controllerGatewayReadinessProbeTemplate" }}
-exec:
-  command:
-    - /usr/bin/ovn-kube-util
-    - readiness-probe
-    - -t
-    - ovn-controller
-{{- end }}
-
-{{- if .Values.manifests.daemonset_ovn_controller_gw }}
-{{- $envAll := . }}
-
-{{- $configMapName := "ovn-etc" }}
-{{- $serviceAccountName := "ovn-controller-gw" }}
-{{ tuple $envAll "ovn_controller_gw" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-kind: DaemonSet
-apiVersion: apps/v1
-metadata:
-  name: ovn-controller-gw
-  annotations:
-    {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
-    configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
-  labels:
-{{ tuple $envAll "ovn" "ovn_controller_gw" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-spec:
-  selector:
-    matchLabels:
-{{ tuple $envAll "ovn" "ovn_controller_gw" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
-  template:
-    metadata:
-      labels:
-{{ tuple $envAll "ovn" "ovn_controller_gw" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-      annotations:
-{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
-        configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
-        configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
-    spec:
-      serviceAccountName: {{ $serviceAccountName }}
-      hostNetwork: true
-      dnsPolicy: {{ .Values.pod.dns_policy }}
-      nodeSelector:
-        {{ .Values.labels.ovn_controller_gw.node_selector_key }}: {{ .Values.labels.ovn_controller_gw.node_selector_value }}
-      initContainers:
-{{- tuple $envAll "ovn_controller_gw" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
-        - name: controller-init
-{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
-{{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "controller_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
-          command:
-            - /tmp/ovn-controller-init.sh
-          env:
-            - name: OVN_CMS_OPTIONS
-              value: {{ .Values.conf.ovn_cms_options_gw_enabled | quote }}
-            - name: NODE_NAME
-              valueFrom:
-                fieldRef:
-                  fieldPath: spec.nodeName
-          volumeMounts:
-            - name: ovn-bin
-              mountPath: /tmp/ovn-controller-init.sh
-              subPath: ovn-controller-init.sh
-              readOnly: true
-            - name: run-openvswitch
-              mountPath: /run/openvswitch
-            - name: ovn-etc
-              mountPath: /tmp/auto_bridge_add
-              subPath: auto_bridge_add
-              readOnly: true
-      containers:
-        - name: controller
-          command:
-            - /root/ovnkube.sh
-            - ovn-controller
-{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
-{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-{{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "controller" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
-{{ dict "envAll" . "component" "ovn_controller_gw" "container" "controller" "type" "readiness" "probeTemplate" (include "controllerGatewayReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
-          env:
-            - name: OVN_DAEMONSET_VERSION
-              value: "3"
-            - name: OVN_LOGLEVEL_CONTROLLER
-              value: "-vconsole:info -vfile:info"
-            - name: OVN_KUBERNETES_NAMESPACE
-              valueFrom:
-                fieldRef:
-                  fieldPath: metadata.namespace
-            - name: OVN_KUBERNETES_NB_STATEFULSET
-              value: ovn-ovsdb-nb
-            - name: OVN_KUBERNETES_SB_STATEFULSET
-              value: ovn-ovsdb-sb
-            - name: OVN_SSL_ENABLE
-              value: "no"
-          volumeMounts:
-            - name: run-openvswitch
-              mountPath: /var/run/ovn
-            - name: run-openvswitch
-              mountPath: /var/run/openvswitch
-            - name: logs
-              mountPath: /var/log/ovn
-        {{- if .Values.pod.sidecars.vector }}
-        - name: vector
-{{ tuple $envAll "vector" | include "helm-toolkit.snippets.image" | indent 10 }}
-{{ tuple $envAll $envAll.Values.pod.resources.ovn_controller_gw.vector | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-{{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "vector" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
-          command:
-            - vector
-            - --config
-            - /etc/vector/vector.toml
-          volumeMounts:
-            - name: vector-config
-              mountPath: /etc/vector
-            - name: logs
-              mountPath: /logs
-            - name: vector-data
-              mountPath: /var/lib/vector
-        {{- end }}
-        {{- if .Values.pod.sidecars.ovn_logging_parser }}
-        - name: log-parser
-{{ tuple $envAll "ovn_logging_parser" | include "helm-toolkit.snippets.image" | indent 10 }}
-{{ tuple $envAll $envAll.Values.pod.resources.ovn_controller_gw.ovn_logging_parser | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-{{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "ovn_logging_parser" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
-          command:
-            - /tmp/ovn-network-logging-parser.sh
-            - start
-          env:
-            - name: VECTOR_HTTP_ENDPOINT
-              value: http://localhost:5001
-          ports:
-            - name: http
-              containerPort: {{ tuple "ovn_logging_parser" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
-              protocol: TCP
-          volumeMounts:
-            - name: neutron-etc
-              mountPath: /etc/neutron/neutron.conf
-              subPath: neutron.conf
-              readOnly: true
-            - name: ovn-bin
-              mountPath: /tmp/ovn-network-logging-parser.sh
-              subPath: ovn-network-logging-parser.sh
-              readOnly: true
-            - name: ovn-etc
-              mountPath: /etc/neutron/neutron-ovn-network-logging-parser-uwsgi.ini
-              subPath: neutron-ovn-network-logging-parser-uwsgi.ini
-              readOnly: true
-        {{- end }}
-      volumes:
-        - name: ovn-bin
-          configMap:
-            name: ovn-bin
-            defaultMode: 0777
-        - name: run-openvswitch
-          hostPath:
-            path: /run/openvswitch
-            type: DirectoryOrCreate
-        - name: ovn-etc
-          secret:
-            secretName: {{ $configMapName }}
-            defaultMode: 0444
-        - name: logs
-          hostPath:
-            path: /var/log/ovn
-            type: DirectoryOrCreate
-        {{- if .Values.pod.sidecars.vector }}
-        - name: vector-config
-          secret:
-            secretName: ovn-vector-config
-        - name: vector-data
-          emptyDir: {}
-        {{- end }}
-        {{- if .Values.pod.sidecars.ovn_logging_parser }}
-        - name: neutron-etc
-          secret:
-            secretName: neutron-etc
-            defaultMode: 0444
-        {{- end }}
-{{- end }}
diff --git a/charts/ovn/templates/daemonset-controller.yaml b/charts/ovn/templates/daemonset-controller.yaml
index a1245d5..82b70f7 100644
--- a/charts/ovn/templates/daemonset-controller.yaml
+++ b/charts/ovn/templates/daemonset-controller.yaml
@@ -26,7 +26,33 @@
 
 {{- $configMapName := "ovn-etc" }}
 {{- $serviceAccountName := "ovn-controller" }}
+{{- $serviceAccountNamespace := $envAll.Release.Namespace }}
 {{ tuple $envAll "ovn_controller" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ovn-controller-list-nodes-role-{{ $serviceAccountNamespace }}
+rules:
+- apiGroups: [""]
+  resources: ["nodes"]
+  verbs: ["list", "get"]
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: ovn-controller-list-nodes-rolebinding-{{ $serviceAccountNamespace }}
+subjects:
+- kind: ServiceAccount
+  name: {{ $serviceAccountName }}
+  namespace: {{ $serviceAccountNamespace }}
+roleRef:
+  kind: ClusterRole
+  name: ovn-controller-list-nodes-role-{{ $serviceAccountNamespace }}
+  apiGroup: rbac.authorization.k8s.io
+
 ---
 kind: DaemonSet
 apiVersion: apps/v1
@@ -36,15 +62,15 @@
     {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
     configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
   labels:
-{{ tuple $envAll "ovn" "ovn_controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
+{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
 spec:
   selector:
     matchLabels:
-{{ tuple $envAll "ovn" "ovn_controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
+{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
   template:
     metadata:
       labels:
-{{ tuple $envAll "ovn" "ovn_controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
+{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
       annotations:
 {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
         configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
@@ -59,14 +85,28 @@
         {{ .Values.labels.ovn_controller.node_selector_key }}: {{ .Values.labels.ovn_controller.node_selector_value }}
       initContainers:
 {{- tuple $envAll "ovn_controller" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
+        - name: get-gw-enabled
+{{ tuple $envAll "ovn_controller_kubectl" | include "helm-toolkit.snippets.image" | indent 10 }}
+          command:
+            - /bin/bash
+            - -c
+            - |
+              kubectl get node ${NODENAME} -o jsonpath='{.metadata.labels.{{ .Values.labels.ovn_controller_gw.node_selector_key }}}' > /tmp/gw-enabled/gw-enabled
+          env:
+            - name: NODENAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: spec.nodeName
+          volumeMounts:
+            - name: gw-enabled
+              mountPath: /tmp/gw-enabled
+              readOnly: false
         - name: controller-init
 {{ dict "envAll" $envAll "application" "ovn_controller" "container" "controller_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
 {{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
           command:
             - /tmp/ovn-controller-init.sh
           env:
-            - name: OVN_CMS_OPTIONS
-              value: {{ .Values.conf.ovn_cms_options | quote }}
             - name: NODE_NAME
               valueFrom:
                 fieldRef:
@@ -82,6 +122,9 @@
               mountPath: /tmp/auto_bridge_add
               subPath: auto_bridge_add
               readOnly: true
+            - name: gw-enabled
+              mountPath: /tmp/gw-enabled
+              readOnly: true
       containers:
         - name: controller
 {{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
@@ -108,13 +151,57 @@
               value: "no"
           volumeMounts:
             - name: run-openvswitch
-              mountPath: /var/run/ovn
-            - name: run-openvswitch
-              mountPath: /var/run/openvswitch
+              mountPath: /run/openvswitch
             - name: logs
               mountPath: /var/log/ovn
-            - name: run-ovn
+            - name: run-openvswitch
               mountPath: /run/ovn
+        {{- if .Values.pod.sidecars.vector }}
+        - name: vector
+{{ tuple $envAll "vector" | include "helm-toolkit.snippets.image" | indent 10 }}
+{{ tuple $envAll $envAll.Values.pod.resources.vector | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+{{ dict "envAll" $envAll "application" "ovn_controller" "container" "vector" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
+          command:
+            - vector
+            - --config
+            - /etc/vector/vector.toml
+          volumeMounts:
+            - name: vector-config
+              mountPath: /etc/vector
+            - name: logs
+              mountPath: /logs
+            - name: vector-data
+              mountPath: /var/lib/vector
+        {{- end }}
+        {{- if .Values.pod.sidecars.ovn_logging_parser }}
+        - name: log-parser
+{{ tuple $envAll "ovn_logging_parser" | include "helm-toolkit.snippets.image" | indent 10 }}
+{{ tuple $envAll $envAll.Values.pod.resources.ovn_logging_parser | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+{{ dict "envAll" $envAll "application" "ovn_controller" "container" "ovn_logging_parser" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
+          command:
+            - /tmp/ovn-network-logging-parser.sh
+            - start
+          env:
+            - name: VECTOR_HTTP_ENDPOINT
+              value: http://localhost:5001
+          ports:
+            - name: http
+              containerPort: {{ tuple "ovn_logging_parser" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+              protocol: TCP
+          volumeMounts:
+            - name: neutron-etc
+              mountPath: /etc/neutron/neutron.conf
+              subPath: neutron.conf
+              readOnly: true
+            - name: ovn-bin
+              mountPath: /tmp/ovn-network-logging-parser.sh
+              subPath: ovn-network-logging-parser.sh
+              readOnly: true
+            - name: ovn-etc
+              mountPath: /etc/neutron/neutron-ovn-network-logging-parser-uwsgi.ini
+              subPath: neutron-ovn-network-logging-parser-uwsgi.ini
+              readOnly: true
+        {{- end }}
       volumes:
         - name: ovn-bin
           configMap:
@@ -136,4 +223,19 @@
           hostPath:
             path: /run/ovn
             type: DirectoryOrCreate
+        - name: gw-enabled
+          emptyDir: {}
+        {{- if .Values.pod.sidecars.vector }}
+        - name: vector-config
+          secret:
+            secretName: ovn-vector-config
+        - name: vector-data
+          emptyDir: {}
+        {{- end }}
+        {{- if .Values.pod.sidecars.ovn_logging_parser }}
+        - name: neutron-etc
+          secret:
+            secretName: neutron-etc
+            defaultMode: 0444
+        {{- end }}
 {{- end }}
diff --git a/charts/ovn/values.yaml b/charts/ovn/values.yaml
index b70e886..8c99d50 100644
--- a/charts/ovn/values.yaml
+++ b/charts/ovn/values.yaml
@@ -24,6 +24,7 @@
     ovn_ovsdb_sb: docker.io/openstackhelm/ovn:ubuntu_focal
     ovn_northd: docker.io/openstackhelm/ovn:ubuntu_focal
     ovn_controller: docker.io/openstackhelm/ovn:ubuntu_focal
+    ovn_controller_kubectl: docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy
     dep_check: quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal
     image_repo_sync: docker.io/library/docker:17.07.0
     vector: docker.io/timberio/vector:0.39.0-debian
@@ -49,7 +50,7 @@
     node_selector_key: openvswitch
     node_selector_value: enabled
   ovn_controller_gw:
-    node_selector_key: openstack-control-plane
+    node_selector_key: l3-agent
     node_selector_value: enabled
 
 volume:
@@ -121,14 +122,6 @@
         controller:
           readOnlyRootFilesystem: true
           privileged: true
-    ovn_controller_gw:
-      container:
-        controller_init:
-          readOnlyRootFilesystem: true
-          privileged: true
-        controller:
-          readOnlyRootFilesystem: true
-          privileged: true
         ovn_logging_parser:
           allowPrivilegeEscalation: false
           readOnlyRootFilesystem: true
@@ -144,8 +137,6 @@
       enabled: false
     ovn_controller:
       enabled: false
-    ovn_controller_gw:
-      enabled: false
   affinity:
     anti:
       type:
@@ -221,10 +212,6 @@
           enabled: true
           min_ready_seconds: 0
           max_unavailable: 1
-        ovn_controller_gw:
-          enabled: true
-          min_ready_seconds: 0
-          max_unavailable: 1
   resources:
     enabled: false
     ovs:
@@ -256,28 +243,20 @@
         limits:
           memory: "1024Mi"
           cpu: "2000m"
-      ovn_controller_gw:
-        requests:
-          memory: "128Mi"
-          cpu: "100m"
-        limits:
-          memory: "1024Mi"
-          cpu: "2000m"
-    ovn_controller_gw:
-      ovn_logging_parser:
-        requests:
-          memory: "128Mi"
-          cpu: "100m"
-        limits:
-          memory: "256Mi"
-          cpu: "500m"
-      vector:
-        requests:
-          memory: "128Mi"
-          cpu: "100m"
-        limits:
-          memory: "256Mi"
-          cpu: "500m"
+    ovn_logging_parser:
+      requests:
+        memory: "128Mi"
+        cpu: "100m"
+      limits:
+        memory: "256Mi"
+        cpu: "500m"
+    vector:
+      requests:
+        memory: "128Mi"
+        cpu: "100m"
+      limits:
+        memory: "256Mi"
+        cpu: "500m"
     jobs:
       image_repo_sync:
         requests:
@@ -385,9 +364,6 @@
   ovn_controller:
     ingress:
       - {}
-  ovn_controller_gw:
-    ingress:
-      - {}
     egress:
       - {}
 
@@ -413,10 +389,6 @@
       services:
         - endpoint: internal
           service: ovn-ovsdb-sb
-    ovn_controller_gw:
-      services:
-        - endpoint: internal
-          service: ovn-ovsdb-sb
       pod:
         - requireSameNode: true
           labels:
@@ -437,6 +409,5 @@
   statefulset_ovn_ovsdb_sb: true
   deployment_ovn_northd: true
   daemonset_ovn_controller: true
-  daemonset_ovn_controller_gw: true
   job_image_repo_sync: true
 ...
diff --git a/charts/patches/ovn/0000-upstream-893739.patch b/charts/patches/ovn/0000-upstream-893739.patch
deleted file mode 100644
index 248da7e..0000000
--- a/charts/patches/ovn/0000-upstream-893739.patch
+++ /dev/null
@@ -1,398 +0,0 @@
-From d44a05f9adf485697ba0aa9189ec72495ac62e69 Mon Sep 17 00:00:00 2001
-From: root <okozachenko1203@gmail.com>
-Date: Wed, 06 Sep 2023 00:10:39 +1000
-Subject: [PATCH] Distinguish ovn controller and gateway
-
-Change-Id: If98d28b540c59c2632a6eda259c04c3cef128af3
----
-
-diff --git a/ovn/templates/bin/_ovn-controller-init.sh.tpl b/ovn/templates/bin/_ovn-controller-init.sh.tpl
-index 55cc2ec..e64413e 100644
---- a/ovn/templates/bin/_ovn-controller-init.sh.tpl
-+++ b/ovn/templates/bin/_ovn-controller-init.sh.tpl
-@@ -117,13 +117,7 @@
- ovs-vsctl set open . external-ids:ovn-encap-type="{{ .Values.conf.ovn_encap_type }}"
- ovs-vsctl set open . external-ids:ovn-bridge="{{ .Values.conf.ovn_bridge }}"
- ovs-vsctl set open . external-ids:ovn-bridge-mappings="{{ .Values.conf.ovn_bridge_mappings }}"
--
--GW_ENABLED=$(cat /tmp/gw-enabled/gw-enabled)
--if [[ ${GW_ENABLED} == enabled ]]; then
--  ovs-vsctl set open . external-ids:ovn-cms-options={{ .Values.conf.ovn_cms_options_gw_enabled }}
--else
--  ovs-vsctl set open . external-ids:ovn-cms-options={{ .Values.conf.ovn_cms_options }}
--fi
-+ovs-vsctl set open . external-ids:ovn-cms-options="${OVN_CMS_OPTIONS}"
- 
- # Configure hostname
- {{- if .Values.pod.use_fqdn.compute }}
-diff --git a/ovn/templates/daemonset-controller-gw.yaml b/ovn/templates/daemonset-controller-gw.yaml
-new file mode 100644
-index 0000000..383451f
---- /dev/null
-+++ b/ovn/templates/daemonset-controller-gw.yaml
-@@ -0,0 +1,116 @@
-+{{/*
-+Licensed under the Apache License, Version 2.0 (the "License");
-+you may not use this file except in compliance with the License.
-+You may obtain a copy of the License at
-+
-+   http://www.apache.org/licenses/LICENSE-2.0
-+
-+Unless required by applicable law or agreed to in writing, software
-+distributed under the License is distributed on an "AS IS" BASIS,
-+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-+See the License for the specific language governing permissions and
-+limitations under the License.
-+*/}}
-+
-+{{- if .Values.manifests.daemonset_ovn_controller_gw }}
-+{{- $envAll := . }}
-+
-+{{- $configMapName := "ovn-etc" }}
-+{{- $serviceAccountName := "ovn-controller-gw" }}
-+{{ tuple $envAll "ovn_controller_gw" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
-+---
-+kind: DaemonSet
-+apiVersion: apps/v1
-+metadata:
-+  name: ovn-controller-gw
-+  annotations:
-+    {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
-+    configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
-+  labels:
-+{{ tuple $envAll "ovn" "ovn_controller_gw" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-+spec:
-+  selector:
-+    matchLabels:
-+{{ tuple $envAll "ovn" "ovn_controller_gw" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
-+  template:
-+    metadata:
-+      labels:
-+{{ tuple $envAll "ovn" "ovn_controller_gw" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-+      annotations:
-+{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
-+        configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
-+        configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
-+    spec:
-+      serviceAccountName: {{ $serviceAccountName }}
-+      hostNetwork: true
-+      dnsPolicy: {{ .Values.pod.dns_policy }}
-+      nodeSelector:
-+        {{ .Values.labels.ovn_controller_gw.node_selector_key }}: {{ .Values.labels.ovn_controller_gw.node_selector_value }}
-+      initContainers:
-+{{- tuple $envAll "ovn_controller_gw" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
-+        - name: controller-init
-+{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
-+{{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "controller_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
-+          command:
-+            - /tmp/ovn-controller-init.sh
-+          env:
-+            - name: OVN_CMS_OPTIONS
-+              value: {{ .Values.conf.ovn_cms_options_gw_enabled | quote }}
-+          volumeMounts:
-+            - name: ovn-bin
-+              mountPath: /tmp/ovn-controller-init.sh
-+              subPath: ovn-controller-init.sh
-+              readOnly: true
-+            - name: run-openvswitch
-+              mountPath: /run/openvswitch
-+            - name: ovn-etc
-+              mountPath: /tmp/auto_bridge_add
-+              subPath: auto_bridge_add
-+              readOnly: true
-+      containers:
-+        - name: controller
-+{{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
-+{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-+{{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "controller" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
-+          command:
-+            - /tmp/ovn-controller.sh
-+            - start
-+          lifecycle:
-+            preStop:
-+              exec:
-+                command:
-+                  - /tmp/ovn-controller.sh
-+                  - stop
-+          volumeMounts:
-+            - name: ovn-bin
-+              mountPath: /tmp/ovn-controller.sh
-+              subPath: ovn-controller.sh
-+              readOnly: true
-+            - name: run-openvswitch
-+              mountPath: /run/openvswitch
-+            - name: logs
-+              mountPath: /var/log/ovn
-+            - name: run-ovn
-+              mountPath: /run/ovn
-+      volumes:
-+        - name: ovn-bin
-+          configMap:
-+            name: ovn-bin
-+            defaultMode: 0777
-+        - name: run-openvswitch
-+          hostPath:
-+            path: /run/openvswitch
-+            type: DirectoryOrCreate
-+        - name: ovn-etc
-+          secret:
-+            secretName: {{ $configMapName }}
-+            defaultMode: 0444
-+        - name: logs
-+          hostPath:
-+            path: /var/log/ovn
-+            type: DirectoryOrCreate
-+        - name: run-ovn
-+          hostPath:
-+            path: /run/ovn
-+            type: DirectoryOrCreate
-+{{- end }}
-diff --git a/ovn/templates/daemonset-controller.yaml b/ovn/templates/daemonset-controller.yaml
-index f27903f..ada19c9 100644
---- a/ovn/templates/daemonset-controller.yaml
-+++ b/ovn/templates/daemonset-controller.yaml
-@@ -12,38 +12,12 @@
- limitations under the License.
- */}}
- 
--{{- if .Values.manifests.daemonset_controller }}
-+{{- if .Values.manifests.daemonset_ovn_controller }}
- {{- $envAll := . }}
- 
- {{- $configMapName := "ovn-etc" }}
- {{- $serviceAccountName := "ovn-controller" }}
--{{- $serviceAccountNamespace := $envAll.Release.Namespace }}
- {{ tuple $envAll "ovn_controller" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
--
-----
--apiVersion: rbac.authorization.k8s.io/v1
--kind: ClusterRole
--metadata:
--  name: ovn-controller-list-nodes-role-{{ $serviceAccountNamespace }}
--rules:
--- apiGroups: [""]
--  resources: ["nodes"]
--  verbs: ["list", "get"]
--
-----
--apiVersion: rbac.authorization.k8s.io/v1
--kind: ClusterRoleBinding
--metadata:
--  name: ovn-controller-list-nodes-rolebinding-{{ $serviceAccountNamespace }}
--subjects:
--- kind: ServiceAccount
--  name: {{ $serviceAccountName }}
--  namespace: {{ $serviceAccountNamespace }}
--roleRef:
--  kind: ClusterRole
--  name: ovn-controller-list-nodes-role-{{ $serviceAccountNamespace }}
--  apiGroup: rbac.authorization.k8s.io
--
- ---
- kind: DaemonSet
- apiVersion: apps/v1
-@@ -53,15 +27,15 @@
-     {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
-     configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
-   labels:
--{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-+{{ tuple $envAll "ovn" "ovn_controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
- spec:
-   selector:
-     matchLabels:
--{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
-+{{ tuple $envAll "ovn" "ovn_controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
-   template:
-     metadata:
-       labels:
--{{ tuple $envAll "ovn" "ovn-controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-+{{ tuple $envAll "ovn" "ovn_controller" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-       annotations:
- {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
-         configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
-@@ -71,32 +45,19 @@
-       hostNetwork: true
-       hostPID: true
-       hostIPC: true
--      dnsPolicy: ClusterFirstWithHostNet
-+      dnsPolicy: {{ .Values.pod.dns_policy }}
-       nodeSelector:
-         {{ .Values.labels.ovn_controller.node_selector_key }}: {{ .Values.labels.ovn_controller.node_selector_value }}
-       initContainers:
- {{- tuple $envAll "ovn_controller" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
--        - name: get-gw-enabled
--{{ tuple $envAll "ovn_controller_kubectl" | include "helm-toolkit.snippets.image" | indent 10 }}
--          command:
--            - /bin/bash
--            - -c
--            - |
--              kubectl get node ${NODENAME} -o jsonpath='{.metadata.labels.l3-agent}' > /tmp/gw-enabled/gw-enabled
--          env:
--            - name: NODENAME
--              valueFrom:
--                fieldRef:
--                  fieldPath: spec.nodeName
--          volumeMounts:
--            - name: gw-enabled
--              mountPath: /tmp/gw-enabled
--              readOnly: false
-         - name: controller-init
- {{ dict "envAll" $envAll "application" "ovn_controller" "container" "controller_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
- {{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
-           command:
-             - /tmp/ovn-controller-init.sh
-+          env:
-+            - name: OVN_CMS_OPTIONS
-+              value: {{ .Values.conf.ovn_cms_options | quote }}
-           volumeMounts:
-             - name: ovn-bin
-               mountPath: /tmp/ovn-controller-init.sh
-@@ -108,9 +69,6 @@
-               mountPath: /tmp/auto_bridge_add
-               subPath: auto_bridge_add
-               readOnly: true
--            - name: gw-enabled
--              mountPath: /tmp/gw-enabled
--              readOnly: true
-       containers:
-         - name: controller
- {{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
-@@ -157,6 +115,4 @@
-           hostPath:
-             path: /run/ovn
-             type: DirectoryOrCreate
--        - name: gw-enabled
--          emptyDir: {}
- {{- end }}
-diff --git a/ovn/templates/statefulset-ovsdb-nb.yaml b/ovn/templates/statefulset-ovsdb-nb.yaml
-index 95a33b1..0495816 100644
---- a/ovn/templates/statefulset-ovsdb-nb.yaml
-+++ b/ovn/templates/statefulset-ovsdb-nb.yaml
-@@ -58,7 +58,7 @@
-             - name: OVS_DATABASE
-               value: nb
-             - name: OVS_PORT
--              value: "{{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}"
-+              value: {{ tuple "ovn-ovsdb-nb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
-           command:
-             - /tmp/ovsdb-server.sh
-             - start
-diff --git a/ovn/templates/statefulset-ovsdb-sb.yaml b/ovn/templates/statefulset-ovsdb-sb.yaml
-index d300d3f..9e7b667 100644
---- a/ovn/templates/statefulset-ovsdb-sb.yaml
-+++ b/ovn/templates/statefulset-ovsdb-sb.yaml
-@@ -58,7 +58,7 @@
-             - name: OVS_DATABASE
-               value: sb
-             - name: OVS_PORT
--              value: "{{ tuple "ovn-ovsdb-sb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}"
-+              value: {{ tuple "ovn-ovsdb-sb" "internal" "ovsdb" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
-           command:
-             - /tmp/ovsdb-server.sh
-             - start
-diff --git a/ovn/values.yaml b/ovn/values.yaml
-index 8c3dc5a..7d342ad 100644
---- a/ovn/values.yaml
-+++ b/ovn/values.yaml
-@@ -24,7 +24,6 @@
-     ovn_ovsdb_sb: docker.io/openstackhelm/ovn:ubuntu_focal
-     ovn_northd: docker.io/openstackhelm/ovn:ubuntu_focal
-     ovn_controller: docker.io/openstackhelm/ovn:ubuntu_focal
--    ovn_controller_kubectl: docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy
-     dep_check: quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal
-     image_repo_sync: docker.io/library/docker:17.07.0
-   pull_policy: "IfNotPresent"
-@@ -47,6 +46,9 @@
-   ovn_controller:
-     node_selector_key: openvswitch
-     node_selector_value: enabled
-+  ovn_controller_gw:
-+    node_selector_key: openstack-control-plane
-+    node_selector_value: enabled
- 
- volume:
-   ovn_ovsdb_nb:
-@@ -99,6 +101,14 @@
-         controller:
-           readOnlyRootFilesystem: true
-           privileged: true
-+    ovn_controller_gw:
-+      container:
-+        controller_init:
-+          readOnlyRootFilesystem: true
-+          privileged: true
-+        controller:
-+          readOnlyRootFilesystem: true
-+          privileged: true
-   tolerations:
-     ovn_ovsdb_nb:
-       enabled: false
-@@ -108,6 +118,8 @@
-       enabled: false
-     ovn_controller:
-       enabled: false
-+    ovn_controller_gw:
-+      enabled: false
-   affinity:
-     anti:
-       type:
-@@ -155,6 +167,10 @@
-           enabled: true
-           min_ready_seconds: 0
-           max_unavailable: 1
-+        ovn_controller_gw:
-+          enabled: true
-+          min_ready_seconds: 0
-+          max_unavailable: 1
-   resources:
-     enabled: false
-     ovs:
-@@ -186,6 +202,13 @@
-         limits:
-           memory: "1024Mi"
-           cpu: "2000m"
-+      ovn_controller_gw:
-+        requests:
-+          memory: "128Mi"
-+          cpu: "100m"
-+        limits:
-+          memory: "1024Mi"
-+          cpu: "2000m"
-     jobs:
-       image_repo_sync:
-         requests:
-@@ -273,6 +296,9 @@
-   ovn_controller:
-     ingress:
-       - {}
-+  ovn_controller_gw:
-+    ingress:
-+      - {}
-     egress:
-       - {}
- 
-@@ -298,6 +324,10 @@
-       services:
-         - endpoint: internal
-           service: ovn-ovsdb-sb
-+    ovn_controller_gw:
-+      services:
-+        - endpoint: internal
-+          service: ovn-ovsdb-sb
-       pod:
-         - requireSameNode: true
-           labels:
-@@ -312,12 +342,12 @@
-   configmap_bin: true
-   configmap_etc: true
-   deployment_northd: true
--  daemonset_controller: true
-   service_ovn_ovsdb_nb: true
-   service_ovn_ovsdb_sb: true
-   statefulset_ovn_ovsdb_nb: true
-   statefulset_ovn_ovsdb_sb: true
-   deployment_ovn_northd: true
-   daemonset_ovn_controller: true
-+  daemonset_ovn_controller_gw: true
-   job_image_repo_sync: true
- ...
diff --git a/charts/patches/ovn/0001-switch-to-ovn-kubernetes.patch b/charts/patches/ovn/0001-switch-to-ovn-kubernetes.patch
index 149542c..35719dd 100644
--- a/charts/patches/ovn/0001-switch-to-ovn-kubernetes.patch
+++ b/charts/patches/ovn/0001-switch-to-ovn-kubernetes.patch
@@ -130,98 +130,6 @@
 -  ovn-controller.sh: |
 -{{ tuple "bin/_ovn-controller.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
  {{- end }}
-diff --git a/ovn/templates/daemonset-controller-gw.yaml b/ovn/templates/daemonset-controller-gw.yaml
-index 8255f6a4..a0da8b0b 100644
---- a/ovn/templates/daemonset-controller-gw.yaml
-+++ b/ovn/templates/daemonset-controller-gw.yaml
-@@ -12,6 +12,15 @@ See the License for the specific language governing permissions and
- limitations under the License.
- */}}
- 
-+{{- define "controllerGatewayReadinessProbeTemplate" }}
-+exec:
-+  command:
-+    - /usr/bin/ovn-kube-util
-+    - readiness-probe
-+    - -t
-+    - ovn-controller
-+{{- end }}
-+
- {{- if .Values.manifests.daemonset_ovn_controller_gw }}
- {{- $envAll := . }}
- 
-@@ -56,6 +65,10 @@ spec:
-           env:
-             - name: OVN_CMS_OPTIONS
-               value: {{ .Values.conf.ovn_cms_options_gw_enabled | quote }}
-+            - name: NODE_NAME
-+              valueFrom:
-+                fieldRef:
-+                  fieldPath: spec.nodeName
-           volumeMounts:
-             - name: ovn-bin
-               mountPath: /tmp/ovn-controller-init.sh
-@@ -69,29 +82,35 @@ spec:
-               readOnly: true
-       containers:
-         - name: controller
-+          command:
-+            - /root/ovnkube.sh
-+            - ovn-controller
- {{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
- {{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- {{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "controller" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
--          command:
--            - /tmp/ovn-controller.sh
--            - start
--          lifecycle:
--            preStop:
--              exec:
--                command:
--                  - /tmp/ovn-controller.sh
--                  - stop
-+{{ dict "envAll" . "component" "ovn_controller_gw" "container" "controller" "type" "readiness" "probeTemplate" (include "controllerGatewayReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
-+          env:
-+            - name: OVN_DAEMONSET_VERSION
-+              value: "3"
-+            - name: OVN_LOGLEVEL_CONTROLLER
-+              value: "-vconsole:info -vfile:info"
-+            - name: OVN_KUBERNETES_NAMESPACE
-+              valueFrom:
-+                fieldRef:
-+                  fieldPath: metadata.namespace
-+            - name: OVN_KUBERNETES_NB_STATEFULSET
-+              value: ovn-ovsdb-nb
-+            - name: OVN_KUBERNETES_SB_STATEFULSET
-+              value: ovn-ovsdb-sb
-+            - name: OVN_SSL_ENABLE
-+              value: "no"
-           volumeMounts:
--            - name: ovn-bin
--              mountPath: /tmp/ovn-controller.sh
--              subPath: ovn-controller.sh
--              readOnly: true
-             - name: run-openvswitch
--              mountPath: /run/openvswitch
-+              mountPath: /var/run/ovn
-+            - name: run-openvswitch
-+              mountPath: /var/run/openvswitch
-             - name: logs
-               mountPath: /var/log/ovn
--            - name: run-ovn
--              mountPath: /run/ovn
-       volumes:
-         - name: ovn-bin
-           configMap:
-@@ -109,8 +128,4 @@ spec:
-           hostPath:
-             path: /var/log/ovn
-             type: DirectoryOrCreate
--        - name: run-ovn
--          hostPath:
--            path: /run/ovn
--            type: DirectoryOrCreate
- {{- end }}
 diff --git a/ovn/templates/daemonset-controller.yaml b/ovn/templates/daemonset-controller.yaml
 index 4cd5d9b2..fae94512 100644
 --- a/ovn/templates/daemonset-controller.yaml
@@ -242,10 +150,11 @@
  {{- if .Values.manifests.daemonset_ovn_controller }}
  {{- $envAll := . }}
  
-@@ -59,6 +68,10 @@ spec:
-           env:
-             - name: OVN_CMS_OPTIONS
-               value: {{ .Values.conf.ovn_cms_options | quote }}
+@@ -106,6 +106,11 @@ spec:
+ {{ tuple $envAll "ovn_controller" | include "helm-toolkit.snippets.image" | indent 10 }}
+           command:
+             - /tmp/ovn-controller-init.sh
++          env:
 +            - name: NODE_NAME
 +              valueFrom:
 +                fieldRef:
@@ -253,7 +162,7 @@
            volumeMounts:
              - name: ovn-bin
                mountPath: /tmp/ovn-controller-init.sh
-@@ -76,21 +89,29 @@ spec:
+@@ -117,17 +122,23 @@ spec:
  {{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
  {{ dict "envAll" $envAll "application" "ovn_controller" "container" "controller" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
            command:
@@ -289,13 +198,15 @@
 -              subPath: ovn-controller.sh
 -              readOnly: true
              - name: run-openvswitch
--              mountPath: /run/openvswitch
-+              mountPath: /var/run/ovn
-+            - name: run-openvswitch
-+              mountPath: /var/run/openvswitch
+@@ -154,7 +154,7 @@ spec:
+               mountPath: /run/openvswitch
              - name: logs
                mountPath: /var/log/ovn
-             - name: run-ovn
+-            - name: run-ovn
++            - name: run-openvswitch
+               mountPath: /run/ovn
+         {{- if .Values.pod.sidecars.vector }}
+         - name: vector
 diff --git a/ovn/templates/deployment-northd.yaml b/ovn/templates/deployment-northd.yaml
 index e3afdd05..ae31b357 100644
 --- a/ovn/templates/deployment-northd.yaml
diff --git a/charts/patches/ovn/0002-add-logging-parser.patch b/charts/patches/ovn/0002-add-logging-parser.patch
index 8394063..69a74a0 100644
--- a/charts/patches/ovn/0002-add-logging-parser.patch
+++ b/charts/patches/ovn/0002-add-logging-parser.patch
@@ -69,19 +69,19 @@
  {{- end }}
  {{- end }}
  
-diff --git a/ovn/templates/daemonset-controller-gw.yaml b/ovn/templates/daemonset-controller-gw.yaml
-index eb309c5e..3ecd81dc 100644
---- a/ovn/templates/daemonset-controller-gw.yaml
-+++ b/ovn/templates/daemonset-controller-gw.yaml
-@@ -111,6 +111,52 @@ spec:
-               mountPath: /var/run/openvswitch
-             - name: logs
+diff --git a/ovn/templates/daemonset-controller.yaml b/ovn/templates/daemonset-controller.yaml
+index e421794f..843cbeaa 100644
+--- a/ovn/templates/daemonset-controller.yaml
++++ b/ovn/templates/daemonset-controller.yaml
+@@ -156,6 +156,52 @@ spec:
                mountPath: /var/log/ovn
+             - name: run-ovn
+               mountPath: /run/ovn
 +        {{- if .Values.pod.sidecars.vector }}
 +        - name: vector
 +{{ tuple $envAll "vector" | include "helm-toolkit.snippets.image" | indent 10 }}
-+{{ tuple $envAll $envAll.Values.pod.resources.ovn_controller_gw.vector | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-+{{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "vector" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
++{{ tuple $envAll $envAll.Values.pod.resources.vector | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
++{{ dict "envAll" $envAll "application" "ovn_controller" "container" "vector" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
 +          command:
 +            - vector
 +            - --config
@@ -97,8 +97,8 @@
 +        {{- if .Values.pod.sidecars.ovn_logging_parser }}
 +        - name: log-parser
 +{{ tuple $envAll "ovn_logging_parser" | include "helm-toolkit.snippets.image" | indent 10 }}
-+{{ tuple $envAll $envAll.Values.pod.resources.ovn_controller_gw.ovn_logging_parser | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-+{{ dict "envAll" $envAll "application" "ovn_controller_gw" "container" "ovn_logging_parser" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
++{{ tuple $envAll $envAll.Values.pod.resources.ovn_logging_parser | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
++{{ dict "envAll" $envAll "application" "ovn_controller" "container" "ovn_logging_parser" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
 +          command:
 +            - /tmp/ovn-network-logging-parser.sh
 +            - start
@@ -126,10 +126,10 @@
        volumes:
          - name: ovn-bin
            configMap:
-@@ -128,4 +174,17 @@ spec:
-           hostPath:
-             path: /var/log/ovn
+@@ -225,4 +225,17 @@
              type: DirectoryOrCreate
+         - name: gw-enabled
+           emptyDir: {}
 +        {{- if .Values.pod.sidecars.vector }}
 +        - name: vector-config
 +          secret:
@@ -256,25 +256,24 @@
    tolerations:
      ovn_ovsdb_nb:
        enabled: false
-@@ -237,6 +263,21 @@ pod:
+@@ -237,6 +263,20 @@ pod:
          limits:
            memory: "1024Mi"
            cpu: "2000m"
-+    ovn_controller_gw:
-+      ovn_logging_parser:
-+        requests:
-+          memory: "128Mi"
-+          cpu: "100m"
-+        limits:
-+          memory: "256Mi"
-+          cpu: "500m"
-+      vector:
-+        requests:
-+          memory: "128Mi"
-+          cpu: "100m"
-+        limits:
-+          memory: "256Mi"
-+          cpu: "500m"
++    ovn_logging_parser:
++      requests:
++        memory: "128Mi"
++        cpu: "100m"
++      limits:
++        memory: "256Mi"
++        cpu: "500m"
++    vector:
++      requests:
++        memory: "128Mi"
++        cpu: "100m"
++      limits:
++        memory: "256Mi"
++        cpu: "500m"
      jobs:
        image_repo_sync:
          requests:
diff --git a/molecule/aio/group_vars/all/molecule.yml b/molecule/aio/group_vars/all/molecule.yml
index 898f142..7cb93a8 100644
--- a/molecule/aio/group_vars/all/molecule.yml
+++ b/molecule/aio/group_vars/all/molecule.yml
@@ -125,8 +125,6 @@
       ovn_ovsdb_nb: 1
       ovn_ovsdb_sb: 1
       ovn_northd: 1
-  manifests:
-    daemonset_ovn_controller: false
 
 coredns_helm_values:
   replicaCount: 1
diff --git a/roles/defaults/vars/main.yml b/roles/defaults/vars/main.yml
index 2c48556..6fe507e 100644
--- a/roles/defaults/vars/main.yml
+++ b/roles/defaults/vars/main.yml
@@ -186,6 +186,7 @@
   openvswitch_db_server: "registry.atmosphere.dev/library/openvswitch:{{ atmosphere_release }}"
   openvswitch_vswitchd: "registry.atmosphere.dev/library/openvswitch:{{ atmosphere_release }}"
   ovn_controller: "registry.atmosphere.dev/library/ovn-host:{{ atmosphere_release }}"
+  ovn_controller_kubectl: "registry.atmosphere.dev/library/ovn-host:{{ atmosphere_release }}"
   ovn_logging_parser: "registry.atmosphere.dev/library/neutron:{{ atmosphere_release }}"
   ovn_northd: "registry.atmosphere.dev/library/ovn-central:{{ atmosphere_release }}"
   ovn_ovsdb_nb: "registry.atmosphere.dev/library/ovn-central:{{ atmosphere_release }}"
diff --git a/roles/ovn/vars/main.yml b/roles/ovn/vars/main.yml
index f03bd3b..994894f 100644
--- a/roles/ovn/vars/main.yml
+++ b/roles/ovn/vars/main.yml
@@ -25,8 +25,8 @@
     ovn_northd:
       node_selector_key: openstack-control-plane
       node_selector_value: enabled
-    ovn_controller:
-      node_selector_key: openstack-compute-node
+    ovn_controller_gw:
+      node_selector_key: openstack-control-plane
       node_selector_value: enabled
   volume:
     ovn_ovsdb_nb:
@@ -34,12 +34,6 @@
     ovn_ovsdb_sb:
       size: 20Gi
   pod:
-    labels:
-      ovn_controller_gw:
-        type: gw
-      ovn_controller:
-        type: hv
-
     replicas:
       ovn_ovsdb_nb: 3
       ovn_ovsdb_sb: 3