apiVersion: v1 items: - apiVersion: v1 kind: Pod metadata: creationTimestamp: "2025-08-07T18:35:18Z" generateName: baremetal-operator-controller-manager-5d78dd5d98- generation: 1 labels: control-plane: controller-manager pod-template-hash: 5d78dd5d98 webhook: metal3-io-v1alpha1-baremetalhost name: baremetal-operator-controller-manager-5d78dd5d98-jnzxm namespace: baremetal-operator-system ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: baremetal-operator-controller-manager-5d78dd5d98 uid: 635aa938-c809-4ad8-aec1-958ce3c0edd4 resourceVersion: "4894" uid: 9107993b-f181-4a65-be9f-dadbd0174fee spec: containers: - args: - --enable-leader-election - --tls-min-version=TLS13 command: - /baremetal-operator env: - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace envFrom: - configMapRef: name: ironic-gm56htb55b image: 192.168.111.1:5000/localimages/baremetal-operator:main imagePullPolicy: Always livenessProbe: failureThreshold: 10 httpGet: path: /healthz port: 9440 scheme: HTTP initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 2 name: manager ports: - containerPort: 9443 name: webhook-server protocol: TCP - containerPort: 8443 name: https protocol: TCP readinessProbe: failureThreshold: 10 httpGet: path: /readyz port: 9440 scheme: HTTP initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 2 resources: {} securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL privileged: false runAsGroup: 65532 runAsUser: 65532 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /opt/metal3/certs/ca name: cacert readOnly: true - mountPath: /opt/metal3/auth/ironic name: ironic-credentials readOnly: true - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-6fh9d readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true nodeName: kind-control-plane preemptionPolicy: PreemptLowerPriority priority: 0 restartPolicy: Always schedulerName: default-scheduler securityContext: runAsNonRoot: true seccompProfile: type: RuntimeDefault serviceAccount: baremetal-operator-controller-manager serviceAccountName: baremetal-operator-controller-manager terminationGracePeriodSeconds: 10 tolerations: - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - name: cacert secret: defaultMode: 420 secretName: ironic-cacert - name: ironic-credentials secret: defaultMode: 420 secretName: ironic-credentials-f6mfd5hmt6 - name: cert secret: defaultMode: 420 secretName: bmo-webhook-server-cert - name: kube-api-access-6fh9d projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:35:35Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:35:18Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T19:41:34Z" message: 'containers with unready status: [manager]' reason: ContainersNotReady status: "False" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T19:41:34Z" message: 'containers with unready status: [manager]' reason: ContainersNotReady status: "False" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:35:18Z" status: "True" type: PodScheduled containerStatuses: - containerID: containerd://60758b6566696a48173a37d5260a3c78b035263a835da6995a1d8d76be014731 image: 192.168.111.1:5000/localimages/baremetal-operator:main imageID: 192.168.111.1:5000/localimages/baremetal-operator@sha256:b0041c9ab0e328ac384a29f35cc06276f587019ea5192396afffe790bf1896b5 lastState: terminated: containerID: containerd://60758b6566696a48173a37d5260a3c78b035263a835da6995a1d8d76be014731 exitCode: 1 finishedAt: "2025-08-07T19:41:28Z" reason: Error startedAt: "2025-08-07T19:40:37Z" name: manager ready: false resources: {} restartCount: 11 started: false state: waiting: message: back-off 5m0s restarting failed container=manager pod=baremetal-operator-controller-manager-5d78dd5d98-jnzxm_baremetal-operator-system(9107993b-f181-4a65-be9f-dadbd0174fee) reason: CrashLoopBackOff user: linux: gid: 65532 supplementalGroups: - 65532 uid: 65532 volumeMounts: - mountPath: /opt/metal3/certs/ca name: cacert readOnly: true recursiveReadOnly: Disabled - mountPath: /opt/metal3/auth/ironic name: ironic-credentials readOnly: true recursiveReadOnly: Disabled - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-6fh9d readOnly: true recursiveReadOnly: Disabled hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 10.244.0.13 podIPs: - ip: 10.244.0.13 qosClass: BestEffort startTime: "2025-08-07T18:35:18Z" - apiVersion: v1 kind: Pod metadata: creationTimestamp: "2025-08-07T18:34:30Z" generateName: capi-kubeadm-bootstrap-controller-manager-7869595956- generation: 1 labels: cluster.x-k8s.io/provider: bootstrap-kubeadm control-plane: controller-manager pod-template-hash: "7869595956" name: capi-kubeadm-bootstrap-controller-manager-7869595956-kj9zn namespace: capi-kubeadm-bootstrap-system ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: capi-kubeadm-bootstrap-controller-manager-7869595956 uid: 91bfefb5-650b-40ce-93a1-5015ebbcf66c resourceVersion: "4815" uid: 64d03314-2f96-4888-908b-6f1c566a9a37 spec: containers: - args: - --leader-elect - --diagnostics-address=:8443 - --insecure-diagnostics=false - --feature-gates=MachinePool=true,KubeadmBootstrapFormatIgnition=false,PriorityQueue=false - --bootstrap-token-ttl=15m command: - /manager env: - name: POD_NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name - name: POD_UID valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.uid image: registry.k8s.io/cluster-api/kubeadm-bootstrap-controller:v1.11.0-beta.2 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 httpGet: path: /healthz port: healthz scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 name: manager ports: - containerPort: 9443 name: webhook-server protocol: TCP - containerPort: 9440 name: healthz protocol: TCP - containerPort: 8443 name: metrics protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: /readyz port: healthz scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 resources: {} securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL privileged: false runAsGroup: 65532 runAsUser: 65532 terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-v58hc readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true nodeName: kind-control-plane preemptionPolicy: PreemptLowerPriority priority: 0 restartPolicy: Always schedulerName: default-scheduler securityContext: runAsNonRoot: true seccompProfile: type: RuntimeDefault serviceAccount: capi-kubeadm-bootstrap-manager serviceAccountName: capi-kubeadm-bootstrap-manager terminationGracePeriodSeconds: 10 tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master - effect: NoSchedule key: node-role.kubernetes.io/control-plane - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - name: cert secret: defaultMode: 420 secretName: capi-kubeadm-bootstrap-webhook-service-cert - name: kube-api-access-v58hc projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:43Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:30Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T18:50:55Z" message: 'containers with unready status: [manager]' reason: ContainersNotReady status: "False" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T18:50:55Z" message: 'containers with unready status: [manager]' reason: ContainersNotReady status: "False" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:30Z" status: "True" type: PodScheduled containerStatuses: - containerID: containerd://4a7d9c1a87338bca5c9b7c98e080b968bfd32c178ea6cad375109126d6abebe3 image: registry.k8s.io/cluster-api/kubeadm-bootstrap-controller:v1.11.0-beta.2 imageID: registry.k8s.io/cluster-api/kubeadm-bootstrap-controller@sha256:dc86dc036cc67572aaaacec5e3ee74973c0dba906915a2790d03d483d02f9205 lastState: terminated: containerID: containerd://4a7d9c1a87338bca5c9b7c98e080b968bfd32c178ea6cad375109126d6abebe3 exitCode: 1 finishedAt: "2025-08-07T19:40:17Z" message: | I0807 19:40:17.857592 1 envvar.go:172] "Feature gate default state" feature="WatchListClient" enabled=false I0807 19:40:17.864361 1 envvar.go:172] "Feature gate default state" feature="ClientsAllowCBOR" enabled=false I0807 19:40:17.864395 1 envvar.go:172] "Feature gate default state" feature="ClientsPreferCBOR" enabled=false I0807 19:40:17.865178 1 envvar.go:172] "Feature gate default state" feature="InformerResourceVersion" enabled=false I0807 19:40:17.865205 1 envvar.go:172] "Feature gate default state" feature="InOrderInformers" enabled=true E0807 19:40:17.881098 1 main.go:293] "unable to start manager" err="failed to determine if *v1.Secret is namespaced: failed to get restmapping: failed to get server groups: Get \"https://10.96.0.1:443/api\": dial tcp 10.96.0.1:443: connect: connection refused" logger="setup" reason: Error startedAt: "2025-08-07T19:40:16Z" name: manager ready: false resources: {} restartCount: 16 started: false state: waiting: message: back-off 5m0s restarting failed container=manager pod=capi-kubeadm-bootstrap-controller-manager-7869595956-kj9zn_capi-kubeadm-bootstrap-system(64d03314-2f96-4888-908b-6f1c566a9a37) reason: CrashLoopBackOff user: linux: gid: 65532 supplementalGroups: - 65532 uid: 65532 volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-v58hc readOnly: true recursiveReadOnly: Disabled hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 10.244.0.10 podIPs: - ip: 10.244.0.10 qosClass: BestEffort startTime: "2025-08-07T18:34:30Z" - apiVersion: v1 kind: Pod metadata: creationTimestamp: "2025-08-07T18:34:30Z" generateName: capi-kubeadm-control-plane-controller-manager-54859ddf46- generation: 1 labels: cluster.x-k8s.io/provider: control-plane-kubeadm control-plane: controller-manager pod-template-hash: 54859ddf46 name: capi-kubeadm-control-plane-controller-manager-54859ddf46-kzwxl namespace: capi-kubeadm-control-plane-system ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: capi-kubeadm-control-plane-controller-manager-54859ddf46 uid: fa4185bc-d051-4f1a-8546-be6145043435 resourceVersion: "4784" uid: 62e8f534-190b-4d71-b7a6-7eed5aa3253c spec: containers: - args: - --leader-elect - --diagnostics-address=:8443 - --insecure-diagnostics=false - --feature-gates=MachinePool=true,ClusterTopology=false,KubeadmBootstrapFormatIgnition=false,PriorityQueue=false command: - /manager env: - name: POD_NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name - name: POD_UID valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.uid image: registry.k8s.io/cluster-api/kubeadm-control-plane-controller:v1.11.0-beta.2 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 httpGet: path: /healthz port: healthz scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 name: manager ports: - containerPort: 9443 name: webhook-server protocol: TCP - containerPort: 9440 name: healthz protocol: TCP - containerPort: 8443 name: metrics protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: /readyz port: healthz scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 resources: {} securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL privileged: false runAsGroup: 65532 runAsUser: 65532 terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-z4pf4 readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true nodeName: kind-control-plane preemptionPolicy: PreemptLowerPriority priority: 0 restartPolicy: Always schedulerName: default-scheduler securityContext: runAsNonRoot: true seccompProfile: type: RuntimeDefault serviceAccount: capi-kubeadm-control-plane-manager serviceAccountName: capi-kubeadm-control-plane-manager terminationGracePeriodSeconds: 10 tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master - effect: NoSchedule key: node-role.kubernetes.io/control-plane - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - name: cert secret: defaultMode: 420 secretName: capi-kubeadm-control-plane-webhook-service-cert - name: kube-api-access-z4pf4 projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:39Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:30Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T19:27:22Z" message: 'containers with unready status: [manager]' reason: ContainersNotReady status: "False" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T19:27:22Z" message: 'containers with unready status: [manager]' reason: ContainersNotReady status: "False" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:30Z" status: "True" type: PodScheduled containerStatuses: - containerID: containerd://e2823c9146965376f0e0020b501b03aa1333ce85bdec1c4745316f4f60e2f91d image: registry.k8s.io/cluster-api/kubeadm-control-plane-controller:v1.11.0-beta.2 imageID: registry.k8s.io/cluster-api/kubeadm-control-plane-controller@sha256:125840477545e10c1c9d3e4e688dac234274385f57a7b2ca71e225157fc78457 lastState: terminated: containerID: containerd://e2823c9146965376f0e0020b501b03aa1333ce85bdec1c4745316f4f60e2f91d exitCode: 128 finishedAt: "2025-08-07T19:39:58Z" message: 'failed to create containerd task: failed to create shim task: context deadline exceeded' reason: StartError startedAt: "1970-01-01T00:00:00Z" name: manager ready: false resources: {} restartCount: 18 started: false state: waiting: message: back-off 5m0s restarting failed container=manager pod=capi-kubeadm-control-plane-controller-manager-54859ddf46-kzwxl_capi-kubeadm-control-plane-system(62e8f534-190b-4d71-b7a6-7eed5aa3253c) reason: CrashLoopBackOff user: linux: gid: 65532 supplementalGroups: - 65532 uid: 65532 volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-z4pf4 readOnly: true recursiveReadOnly: Disabled hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 10.244.0.9 podIPs: - ip: 10.244.0.9 qosClass: BestEffort startTime: "2025-08-07T18:34:30Z" - apiVersion: v1 kind: Pod metadata: creationTimestamp: "2025-08-07T18:34:29Z" generateName: capi-controller-manager-547c4dcb49- generation: 1 labels: cluster.x-k8s.io/provider: cluster-api control-plane: controller-manager pod-template-hash: 547c4dcb49 name: capi-controller-manager-547c4dcb49-8blgw namespace: capi-system ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: capi-controller-manager-547c4dcb49 uid: 0540d62c-f1ea-4ec8-8d89-04893a60031a resourceVersion: "4849" uid: b7c9a5d1-eb32-4173-a438-398fa30c2f9f spec: containers: - args: - --leader-elect - --diagnostics-address=:8443 - --insecure-diagnostics=false - --feature-gates=MachinePool=true,ClusterResourceSet=true,ClusterTopology=false,RuntimeSDK=false,MachineSetPreflightChecks=true,MachineWaitForVolumeDetachConsiderVolumeAttachments=true,PriorityQueue=false command: - /manager env: - name: POD_NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name - name: POD_UID valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.uid image: registry.k8s.io/cluster-api/cluster-api-controller:v1.11.0-beta.2 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 httpGet: path: /healthz port: healthz scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 name: manager ports: - containerPort: 9443 name: webhook-server protocol: TCP - containerPort: 9440 name: healthz protocol: TCP - containerPort: 8443 name: metrics protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: /readyz port: healthz scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 resources: {} securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL privileged: false runAsGroup: 65532 runAsUser: 65532 terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-llq8z readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true nodeName: kind-control-plane preemptionPolicy: PreemptLowerPriority priority: 0 restartPolicy: Always schedulerName: default-scheduler securityContext: runAsNonRoot: true seccompProfile: type: RuntimeDefault serviceAccount: capi-manager serviceAccountName: capi-manager terminationGracePeriodSeconds: 10 tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master - effect: NoSchedule key: node-role.kubernetes.io/control-plane - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - name: cert secret: defaultMode: 420 secretName: capi-webhook-service-cert - name: kube-api-access-llq8z projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:35Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:29Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T18:50:56Z" message: 'containers with unready status: [manager]' reason: ContainersNotReady status: "False" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T18:50:56Z" message: 'containers with unready status: [manager]' reason: ContainersNotReady status: "False" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:29Z" status: "True" type: PodScheduled containerStatuses: - containerID: containerd://68da2c4c7621fdd0b54d9ea3e361a1cfb84583f376cbf99ca6beead7a334f0ef image: registry.k8s.io/cluster-api/cluster-api-controller:v1.11.0-beta.2 imageID: registry.k8s.io/cluster-api/cluster-api-controller@sha256:11a86e5056384f15b544ecd77f551ce9faabb06800b34513007da5d2b75cc085 lastState: terminated: containerID: containerd://68da2c4c7621fdd0b54d9ea3e361a1cfb84583f376cbf99ca6beead7a334f0ef exitCode: 1 finishedAt: "2025-08-07T19:40:17Z" message: | W0807 19:40:17.857378 1 feature_gate.go:352] Setting GA feature gate ClusterResourceSet=true. It will be removed in a future release. I0807 19:40:17.877494 1 envvar.go:172] "Feature gate default state" feature="ClientsAllowCBOR" enabled=false I0807 19:40:17.877976 1 envvar.go:172] "Feature gate default state" feature="ClientsPreferCBOR" enabled=false I0807 19:40:17.877989 1 envvar.go:172] "Feature gate default state" feature="InformerResourceVersion" enabled=false I0807 19:40:17.877997 1 envvar.go:172] "Feature gate default state" feature="InOrderInformers" enabled=true I0807 19:40:17.878005 1 envvar.go:172] "Feature gate default state" feature="WatchListClient" enabled=false E0807 19:40:17.910000 1 main.go:351] "Unable to start manager" err="failed to get the Kubernetes version: Get \"https://10.96.0.1:443/version?timeout=32s\": dial tcp 10.96.0.1:443: connect: connection refused" logger="setup" reason: Error startedAt: "2025-08-07T19:40:16Z" name: manager ready: false resources: {} restartCount: 16 started: false state: waiting: message: back-off 5m0s restarting failed container=manager pod=capi-controller-manager-547c4dcb49-8blgw_capi-system(b7c9a5d1-eb32-4173-a438-398fa30c2f9f) reason: CrashLoopBackOff user: linux: gid: 65532 supplementalGroups: - 65532 uid: 65532 volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-llq8z readOnly: true recursiveReadOnly: Disabled hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 10.244.0.8 podIPs: - ip: 10.244.0.8 qosClass: BestEffort startTime: "2025-08-07T18:34:29Z" - apiVersion: v1 kind: Pod metadata: creationTimestamp: "2025-08-07T18:34:31Z" generateName: capm3-controller-manager-7c55c54dc4- generation: 1 labels: cluster.x-k8s.io/provider: infrastructure-metal3 control-plane: controller-manager controller-tools.k8s.io: "1.0" pod-template-hash: 7c55c54dc4 name: capm3-controller-manager-7c55c54dc4-rj98s namespace: capm3-system ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: capm3-controller-manager-7c55c54dc4 uid: 4d59b3cb-0b00-411e-becb-3a647bc8c9e0 resourceVersion: "4906" uid: 11f01a8f-6bac-466d-8035-6969849e2f01 spec: containers: - args: - --webhook-port=9443 - --enableBMHNameBasedPreallocation=false - --diagnostics-address=:8443 - --insecure-diagnostics=false - --tls-min-version=VersionTLS13 command: - /manager env: - name: POD_NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace envFrom: - configMapRef: name: capm3-capm3fasttrack-configmap image: 192.168.111.1:5000/localimages/cluster-api-provider-metal3:main imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 httpGet: path: /healthz port: healthz scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 name: manager ports: - containerPort: 9443 name: webhook-server protocol: TCP - containerPort: 9440 name: healthz protocol: TCP - containerPort: 8443 name: metrics protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: /readyz port: healthz scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 resources: {} securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL privileged: false runAsGroup: 65532 runAsUser: 65532 terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-28m6k readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true nodeName: kind-control-plane preemptionPolicy: PreemptLowerPriority priority: 0 restartPolicy: Always schedulerName: default-scheduler securityContext: runAsNonRoot: true seccompProfile: type: RuntimeDefault serviceAccount: capm3-manager serviceAccountName: capm3-manager terminationGracePeriodSeconds: 10 tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master - effect: NoSchedule key: node-role.kubernetes.io/control-plane - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - name: cert secret: defaultMode: 420 secretName: capm3-webhook-service-cert - name: kube-api-access-28m6k projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:45Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:31Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T19:41:48Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T19:41:48Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:31Z" status: "True" type: PodScheduled containerStatuses: - containerID: containerd://e8f90a4bc10936d1282ea13255acb23b9c9b7550350ab21c7257376919c54d0d image: 192.168.111.1:5000/localimages/cluster-api-provider-metal3:main imageID: 192.168.111.1:5000/localimages/cluster-api-provider-metal3@sha256:d19a68aba884443be533ac4bdb2ae5c81284c568084e499bcd316e848f108051 lastState: terminated: containerID: containerd://11089486e9371ec8013b6358b4032ece72298fdea4dfc0f513e66da932cdb1d0 exitCode: 2 finishedAt: "2025-08-07T19:41:24Z" reason: Error startedAt: "2025-08-07T19:40:49Z" name: manager ready: true resources: {} restartCount: 17 started: true state: running: startedAt: "2025-08-07T19:41:31Z" user: linux: gid: 65532 supplementalGroups: - 65532 uid: 65532 volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-28m6k readOnly: true recursiveReadOnly: Disabled hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 10.244.0.11 podIPs: - ip: 10.244.0.11 qosClass: BestEffort startTime: "2025-08-07T18:34:31Z" - apiVersion: v1 kind: Pod metadata: annotations: prometheus.io/path: /metrics prometheus.io/port: "9402" prometheus.io/scrape: "true" creationTimestamp: "2025-08-07T18:34:16Z" generateName: cert-manager-69f748766f- generation: 1 labels: app: cert-manager app.kubernetes.io/component: controller app.kubernetes.io/instance: cert-manager app.kubernetes.io/name: cert-manager app.kubernetes.io/version: v1.18.2 pod-template-hash: 69f748766f name: cert-manager-69f748766f-64qxk namespace: cert-manager ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: cert-manager-69f748766f uid: a7055f60-4dba-4466-a85b-b139303db4c4 resourceVersion: "4875" uid: c20a377b-d8d5-42c8-9b8b-0ea84ffa0380 spec: containers: - args: - --v=2 - --cluster-resource-namespace=$(POD_NAMESPACE) - --leader-election-namespace=kube-system - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.18.2 - --max-concurrent-challenges=60 env: - name: POD_NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace image: quay.io/jetstack/cert-manager-controller:v1.18.2 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 8 httpGet: path: /livez port: http-healthz scheme: HTTP initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 15 name: cert-manager-controller ports: - containerPort: 9402 name: http-metrics protocol: TCP - containerPort: 9403 name: http-healthz protocol: TCP resources: {} securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-w8w54 readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: false nodeName: kind-control-plane nodeSelector: kubernetes.io/os: linux preemptionPolicy: PreemptLowerPriority priority: 0 restartPolicy: Always schedulerName: default-scheduler securityContext: runAsNonRoot: true seccompProfile: type: RuntimeDefault serviceAccount: cert-manager serviceAccountName: cert-manager terminationGracePeriodSeconds: 30 tolerations: - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - name: kube-api-access-w8w54 projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:19Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:16Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T19:40:37Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T19:40:37Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:16Z" status: "True" type: PodScheduled containerStatuses: - containerID: containerd://cc0450a42fde08592dcb8a6cbdca365671ed3e19ed9f0c9042b140daebc9d1b8 image: quay.io/jetstack/cert-manager-controller:v1.18.2 imageID: quay.io/jetstack/cert-manager-controller@sha256:81316365dc0b713eddddfbf9b8907b2939676e6c0e12beec0f9625f202a36d16 lastState: terminated: containerID: containerd://5ae182b43874aa49288c72d01aa80221c2835cd2112d2357b4fd92dc5f86350a exitCode: 137 finishedAt: "2025-08-07T19:40:10Z" reason: OOMKilled startedAt: "2025-08-07T19:36:52Z" name: cert-manager-controller ready: true resources: {} restartCount: 9 started: true state: running: startedAt: "2025-08-07T19:40:36Z" user: linux: gid: 0 supplementalGroups: - 0 uid: 1000 volumeMounts: - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-w8w54 readOnly: true recursiveReadOnly: Disabled hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 10.244.0.6 podIPs: - ip: 10.244.0.6 qosClass: BestEffort startTime: "2025-08-07T18:34:16Z" - apiVersion: v1 kind: Pod metadata: annotations: prometheus.io/path: /metrics prometheus.io/port: "9402" prometheus.io/scrape: "true" creationTimestamp: "2025-08-07T18:34:16Z" generateName: cert-manager-cainjector-7cf6557c49- generation: 1 labels: app: cainjector app.kubernetes.io/component: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/name: cainjector app.kubernetes.io/version: v1.18.2 pod-template-hash: 7cf6557c49 name: cert-manager-cainjector-7cf6557c49-tsk7t namespace: cert-manager ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: cert-manager-cainjector-7cf6557c49 uid: 31ceb5b2-393a-4f2f-9bcd-4520c7cc8103 resourceVersion: "4983" uid: 5c6dc941-c67a-439a-9781-db5c662565a0 spec: containers: - args: - --v=2 - --leader-election-namespace=kube-system env: - name: POD_NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace image: quay.io/jetstack/cert-manager-cainjector:v1.18.2 imagePullPolicy: IfNotPresent name: cert-manager-cainjector ports: - containerPort: 9402 name: http-metrics protocol: TCP resources: {} securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-85t22 readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: false nodeName: kind-control-plane nodeSelector: kubernetes.io/os: linux preemptionPolicy: PreemptLowerPriority priority: 0 restartPolicy: Always schedulerName: default-scheduler securityContext: runAsNonRoot: true seccompProfile: type: RuntimeDefault serviceAccount: cert-manager-cainjector serviceAccountName: cert-manager-cainjector terminationGracePeriodSeconds: 30 tolerations: - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - name: kube-api-access-85t22 projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:22Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:16Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T19:43:14Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T19:43:14Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:16Z" status: "True" type: PodScheduled containerStatuses: - containerID: containerd://b51101bac285d0288783b7aa031f25c5466e915d8dabbb58bc9e192d152c4253 image: quay.io/jetstack/cert-manager-cainjector:v1.18.2 imageID: quay.io/jetstack/cert-manager-cainjector@sha256:af59e01ad9756a1034fbf948330e75702e5d79b3577f323f6a9947707ba262fc lastState: terminated: containerID: containerd://43075b57b69265a32f3d798c1f9ca384f05f19a0a863a9268a667729cae35b00 exitCode: 1 finishedAt: "2025-08-07T19:40:17Z" reason: Error startedAt: "2025-08-07T19:37:14Z" name: cert-manager-cainjector ready: true resources: {} restartCount: 12 started: true state: running: startedAt: "2025-08-07T19:43:11Z" user: linux: gid: 0 supplementalGroups: - 0 uid: 1000 volumeMounts: - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-85t22 readOnly: true recursiveReadOnly: Disabled hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 10.244.0.5 podIPs: - ip: 10.244.0.5 qosClass: BestEffort startTime: "2025-08-07T18:34:16Z" - apiVersion: v1 kind: Pod metadata: annotations: prometheus.io/path: /metrics prometheus.io/port: "9402" prometheus.io/scrape: "true" creationTimestamp: "2025-08-07T18:34:16Z" generateName: cert-manager-webhook-58f4cff74d- generation: 1 labels: app: webhook app.kubernetes.io/component: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/name: webhook app.kubernetes.io/version: v1.18.2 pod-template-hash: 58f4cff74d name: cert-manager-webhook-58f4cff74d-rglpd namespace: cert-manager ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: cert-manager-webhook-58f4cff74d uid: a7111d61-ae9e-4df7-817b-fae1b2171492 resourceVersion: "4882" uid: e369b484-63bc-41e1-b0cf-77cd1ae4a3ca spec: containers: - args: - --v=2 - --secure-port=10250 - --dynamic-serving-ca-secret-namespace=$(POD_NAMESPACE) - --dynamic-serving-ca-secret-name=cert-manager-webhook-ca - --dynamic-serving-dns-names=cert-manager-webhook - --dynamic-serving-dns-names=cert-manager-webhook.$(POD_NAMESPACE) - --dynamic-serving-dns-names=cert-manager-webhook.$(POD_NAMESPACE).svc env: - name: POD_NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace image: quay.io/jetstack/cert-manager-webhook:v1.18.2 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 httpGet: path: /livez port: healthcheck scheme: HTTP initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 name: cert-manager-webhook ports: - containerPort: 10250 name: https protocol: TCP - containerPort: 6080 name: healthcheck protocol: TCP - containerPort: 9402 name: http-metrics protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: /healthz port: healthcheck scheme: HTTP initialDelaySeconds: 5 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 1 resources: {} securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-kkfjh readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: false nodeName: kind-control-plane nodeSelector: kubernetes.io/os: linux preemptionPolicy: PreemptLowerPriority priority: 0 restartPolicy: Always schedulerName: default-scheduler securityContext: runAsNonRoot: true seccompProfile: type: RuntimeDefault serviceAccount: cert-manager-webhook serviceAccountName: cert-manager-webhook terminationGracePeriodSeconds: 30 tolerations: - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - name: kube-api-access-kkfjh projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:20Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:16Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T19:41:26Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T19:41:26Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:16Z" status: "True" type: PodScheduled containerStatuses: - containerID: containerd://f911d6798b5585072833b2d00f5ca4c6a531ce938d5daea351694609347394df image: quay.io/jetstack/cert-manager-webhook:v1.18.2 imageID: quay.io/jetstack/cert-manager-webhook@sha256:9431f0d8b5103b06cc6138564f471ac02c6b2638c2fa399d81e28a01d817ae73 lastState: terminated: containerID: containerd://b2a81e629fd393050c82df6c9fab40d4586244dff182e362ca17b47b2fbd8525 exitCode: 2 finishedAt: "2025-08-07T19:32:24Z" reason: Error startedAt: "2025-08-07T19:30:50Z" name: cert-manager-webhook ready: true resources: {} restartCount: 11 started: true state: running: startedAt: "2025-08-07T19:40:16Z" user: linux: gid: 0 supplementalGroups: - 0 uid: 1000 volumeMounts: - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-kkfjh readOnly: true recursiveReadOnly: Disabled hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 10.244.0.7 podIPs: - ip: 10.244.0.7 qosClass: BestEffort startTime: "2025-08-07T18:34:16Z" - apiVersion: v1 kind: Pod metadata: creationTimestamp: "2025-08-07T18:33:40Z" generateName: coredns-674b8bbfcf- generation: 1 labels: k8s-app: kube-dns pod-template-hash: 674b8bbfcf name: coredns-674b8bbfcf-2jx5r namespace: kube-system ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: coredns-674b8bbfcf uid: 22cb31d9-4656-41e3-ab4b-3f3976337015 resourceVersion: "4795" uid: c197bfbe-4eb0-40dc-856b-7354e9e668ec spec: affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchExpressions: - key: k8s-app operator: In values: - kube-dns topologyKey: kubernetes.io/hostname weight: 100 containers: - args: - -conf - /etc/coredns/Corefile image: registry.k8s.io/coredns/coredns:v1.12.0 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 5 httpGet: path: /health port: 8080 scheme: HTTP initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 name: coredns ports: - containerPort: 53 name: dns protocol: UDP - containerPort: 53 name: dns-tcp protocol: TCP - containerPort: 9153 name: metrics protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: /ready port: 8181 scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 resources: limits: memory: 170Mi requests: cpu: 100m memory: 70Mi securityContext: allowPrivilegeEscalation: false capabilities: add: - NET_BIND_SERVICE drop: - ALL readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /etc/coredns name: config-volume readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-9c9kf readOnly: true dnsPolicy: Default enableServiceLinks: true nodeName: kind-control-plane nodeSelector: kubernetes.io/os: linux preemptionPolicy: PreemptLowerPriority priority: 2000000000 priorityClassName: system-cluster-critical restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: coredns serviceAccountName: coredns terminationGracePeriodSeconds: 30 tolerations: - key: CriticalAddonsOnly operator: Exists - effect: NoSchedule key: node-role.kubernetes.io/control-plane - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - configMap: defaultMode: 420 items: - key: Corefile path: Corefile name: coredns name: config-volume - name: kube-api-access-9c9kf projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:04Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:01Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T19:40:14Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T19:40:14Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:01Z" status: "True" type: PodScheduled containerStatuses: - allocatedResources: cpu: 100m memory: 70Mi containerID: containerd://0319695652aaaaa5a0619d732ac5ff0cceb2532a69438392f0a32aa4439f321e image: registry.k8s.io/coredns/coredns:v1.12.0 imageID: sha256:1cf5f116067c67da67f97bff78c4bbc76913f59057c18627b96facaced73ea0b lastState: terminated: containerID: containerd://2af11ff269b1665b0a029d6d55e3e3e5e82676288910dd9c32b891523442ff8d exitCode: 0 finishedAt: "2025-08-07T19:24:54Z" reason: Completed startedAt: "2025-08-07T19:01:27Z" name: coredns ready: true resources: limits: memory: 170Mi requests: cpu: 100m memory: 70Mi restartCount: 2 started: true state: running: startedAt: "2025-08-07T19:25:11Z" user: linux: gid: 65532 supplementalGroups: - 65532 uid: 65532 volumeMounts: - mountPath: /etc/coredns name: config-volume readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-9c9kf readOnly: true recursiveReadOnly: Disabled hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 10.244.0.3 podIPs: - ip: 10.244.0.3 qosClass: Burstable startTime: "2025-08-07T18:34:01Z" - apiVersion: v1 kind: Pod metadata: creationTimestamp: "2025-08-07T18:33:40Z" generateName: coredns-674b8bbfcf- generation: 1 labels: k8s-app: kube-dns pod-template-hash: 674b8bbfcf name: coredns-674b8bbfcf-vg5nw namespace: kube-system ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: coredns-674b8bbfcf uid: 22cb31d9-4656-41e3-ab4b-3f3976337015 resourceVersion: "4789" uid: b537d0bb-b05e-4791-9e13-dc7f593b35d5 spec: affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchExpressions: - key: k8s-app operator: In values: - kube-dns topologyKey: kubernetes.io/hostname weight: 100 containers: - args: - -conf - /etc/coredns/Corefile image: registry.k8s.io/coredns/coredns:v1.12.0 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 5 httpGet: path: /health port: 8080 scheme: HTTP initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 name: coredns ports: - containerPort: 53 name: dns protocol: UDP - containerPort: 53 name: dns-tcp protocol: TCP - containerPort: 9153 name: metrics protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: /ready port: 8181 scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 resources: limits: memory: 170Mi requests: cpu: 100m memory: 70Mi securityContext: allowPrivilegeEscalation: false capabilities: add: - NET_BIND_SERVICE drop: - ALL readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /etc/coredns name: config-volume readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-sbfqz readOnly: true dnsPolicy: Default enableServiceLinks: true nodeName: kind-control-plane nodeSelector: kubernetes.io/os: linux preemptionPolicy: PreemptLowerPriority priority: 2000000000 priorityClassName: system-cluster-critical restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: coredns serviceAccountName: coredns terminationGracePeriodSeconds: 30 tolerations: - key: CriticalAddonsOnly operator: Exists - effect: NoSchedule key: node-role.kubernetes.io/control-plane - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - configMap: defaultMode: 420 items: - key: Corefile path: Corefile name: coredns name: config-volume - name: kube-api-access-sbfqz projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:04Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:01Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T19:40:14Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T19:40:14Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:01Z" status: "True" type: PodScheduled containerStatuses: - allocatedResources: cpu: 100m memory: 70Mi containerID: containerd://c3e7874fd548939fc318b66159278ad466fb6daf4f1b0c5b243410ac4091836a image: registry.k8s.io/coredns/coredns:v1.12.0 imageID: sha256:1cf5f116067c67da67f97bff78c4bbc76913f59057c18627b96facaced73ea0b lastState: terminated: containerID: containerd://82588957527ee071ecb6529c46b1d51ba9ea057b17059e14c2cf8ee6bf15b4fb exitCode: 0 finishedAt: "2025-08-07T19:24:53Z" reason: Completed startedAt: "2025-08-07T19:01:27Z" name: coredns ready: true resources: limits: memory: 170Mi requests: cpu: 100m memory: 70Mi restartCount: 3 started: true state: running: startedAt: "2025-08-07T19:25:09Z" user: linux: gid: 65532 supplementalGroups: - 65532 uid: 65532 volumeMounts: - mountPath: /etc/coredns name: config-volume readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-sbfqz readOnly: true recursiveReadOnly: Disabled hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 10.244.0.4 podIPs: - ip: 10.244.0.4 qosClass: Burstable startTime: "2025-08-07T18:34:01Z" - apiVersion: v1 kind: Pod metadata: annotations: kubeadm.kubernetes.io/etcd.advertise-client-urls: https://172.18.0.2:2379 kubernetes.io/config.hash: 444ba759b2b79b60e396a0ff1797866d kubernetes.io/config.mirror: 444ba759b2b79b60e396a0ff1797866d kubernetes.io/config.seen: "2025-08-07T18:33:12.698333294Z" kubernetes.io/config.source: file creationTimestamp: "2025-08-07T18:33:22Z" generation: 1 labels: component: etcd tier: control-plane name: etcd-kind-control-plane namespace: kube-system ownerReferences: - apiVersion: v1 controller: true kind: Node name: kind-control-plane uid: c42d0e79-017d-40db-a0d4-ba10db347e28 resourceVersion: "4694" uid: 7ff8c8fd-2efd-40fc-ba55-96e0e0d8a7c6 spec: containers: - command: - etcd - --advertise-client-urls=https://172.18.0.2:2379 - --cert-file=/etc/kubernetes/pki/etcd/server.crt - --client-cert-auth=true - --data-dir=/var/lib/etcd - --experimental-initial-corrupt-check=true - --experimental-watch-progress-notify-interval=5s - --initial-advertise-peer-urls=https://172.18.0.2:2380 - --initial-cluster=kind-control-plane=https://172.18.0.2:2380 - --key-file=/etc/kubernetes/pki/etcd/server.key - --listen-client-urls=https://127.0.0.1:2379,https://172.18.0.2:2379 - --listen-metrics-urls=http://127.0.0.1:2381 - --listen-peer-urls=https://172.18.0.2:2380 - --name=kind-control-plane - --peer-cert-file=/etc/kubernetes/pki/etcd/peer.crt - --peer-client-cert-auth=true - --peer-key-file=/etc/kubernetes/pki/etcd/peer.key - --peer-trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt - --snapshot-count=10000 - --trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt image: registry.k8s.io/etcd:3.5.21-0 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 8 httpGet: host: 127.0.0.1 path: /livez port: 2381 scheme: HTTP initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 15 name: etcd readinessProbe: failureThreshold: 3 httpGet: host: 127.0.0.1 path: /readyz port: 2381 scheme: HTTP periodSeconds: 1 successThreshold: 1 timeoutSeconds: 15 resources: requests: cpu: 100m memory: 100Mi startupProbe: failureThreshold: 24 httpGet: host: 127.0.0.1 path: /readyz port: 2381 scheme: HTTP initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 15 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /var/lib/etcd name: etcd-data - mountPath: /etc/kubernetes/pki/etcd name: etcd-certs dnsPolicy: ClusterFirst enableServiceLinks: true hostNetwork: true nodeName: kind-control-plane preemptionPolicy: PreemptLowerPriority priority: 2000001000 priorityClassName: system-node-critical restartPolicy: Always schedulerName: default-scheduler securityContext: seccompProfile: type: RuntimeDefault terminationGracePeriodSeconds: 30 tolerations: - effect: NoExecute operator: Exists volumes: - hostPath: path: /etc/kubernetes/pki/etcd type: DirectoryOrCreate name: etcd-certs - hostPath: path: /var/lib/etcd type: DirectoryOrCreate name: etcd-data status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:35Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:35Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T19:30:48Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T19:30:48Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:35Z" status: "True" type: PodScheduled containerStatuses: - allocatedResources: cpu: 100m memory: 100Mi containerID: containerd://5dde8a4ac7b0cd92f432233fa9c18a0aa0ea65a2cced48d75275e152b874b53b image: registry.k8s.io/etcd:3.5.21-0 imageID: sha256:499038711c0816eda03a1ad96a8eb0440c005baa6949698223c6176b7f5077e1 lastState: {} name: etcd ready: true resources: requests: cpu: 100m memory: 100Mi restartCount: 0 started: true state: running: startedAt: "2025-08-07T18:33:15Z" user: linux: gid: 0 supplementalGroups: - 0 uid: 0 hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 172.18.0.2 podIPs: - ip: 172.18.0.2 qosClass: Burstable startTime: "2025-08-07T18:33:35Z" - apiVersion: v1 kind: Pod metadata: creationTimestamp: "2025-08-07T18:33:39Z" generateName: kindnet- generation: 1 labels: app: kindnet controller-revision-hash: 6cd6f98bf8 k8s-app: kindnet pod-template-generation: "1" tier: node name: kindnet-jf575 namespace: kube-system ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: DaemonSet name: kindnet uid: f9255fd4-39f0-4711-8f60-30fc6e705caf resourceVersion: "480" uid: 806ae7db-ada7-4730-a5fc-34fffb34055c spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchFields: - key: metadata.name operator: In values: - kind-control-plane containers: - env: - name: HOST_IP valueFrom: fieldRef: apiVersion: v1 fieldPath: status.hostIP - name: POD_IP valueFrom: fieldRef: apiVersion: v1 fieldPath: status.podIP - name: POD_SUBNET value: 10.244.0.0/16 - name: CONTROL_PLANE_ENDPOINT value: kind-control-plane:6443 image: docker.io/kindest/kindnetd:v20250512-df8de77b imagePullPolicy: IfNotPresent name: kindnet-cni resources: limits: cpu: 100m memory: 50Mi requests: cpu: 100m memory: 50Mi securityContext: capabilities: add: - NET_RAW - NET_ADMIN privileged: false terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /etc/cni/net.d name: cni-cfg - mountPath: /run/xtables.lock name: xtables-lock - mountPath: /lib/modules name: lib-modules readOnly: true - mountPath: /var/run/nri name: nri-plugin - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-b7nkg readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true hostNetwork: true nodeName: kind-control-plane nodeSelector: kubernetes.io/os: linux preemptionPolicy: PreemptLowerPriority priority: 0 restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: kindnet serviceAccountName: kindnet terminationGracePeriodSeconds: 30 tolerations: - operator: Exists - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists - effect: NoSchedule key: node.kubernetes.io/disk-pressure operator: Exists - effect: NoSchedule key: node.kubernetes.io/memory-pressure operator: Exists - effect: NoSchedule key: node.kubernetes.io/pid-pressure operator: Exists - effect: NoSchedule key: node.kubernetes.io/unschedulable operator: Exists - effect: NoSchedule key: node.kubernetes.io/network-unavailable operator: Exists volumes: - hostPath: path: /etc/cni/net.d type: "" name: cni-cfg - hostPath: path: /run/xtables.lock type: FileOrCreate name: xtables-lock - hostPath: path: /lib/modules type: "" name: lib-modules - hostPath: path: /var/run/nri type: "" name: nri-plugin - name: kube-api-access-b7nkg projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:51Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:45Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:51Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:51Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:45Z" status: "True" type: PodScheduled containerStatuses: - allocatedResources: cpu: 100m memory: 50Mi containerID: containerd://a2547f09b1cc88f528bd0a193ee75034048e7d4716678740177a4b7a524fb060 image: docker.io/kindest/kindnetd:v20250512-df8de77b imageID: sha256:409467f978b4a30fe717012736557d637f66371452c3b279c02b943b367a141c lastState: {} name: kindnet-cni ready: true resources: limits: cpu: 100m memory: 50Mi requests: cpu: 100m memory: 50Mi restartCount: 0 started: true state: running: startedAt: "2025-08-07T18:33:50Z" user: linux: gid: 0 supplementalGroups: - 0 uid: 0 volumeMounts: - mountPath: /etc/cni/net.d name: cni-cfg - mountPath: /run/xtables.lock name: xtables-lock - mountPath: /lib/modules name: lib-modules readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/nri name: nri-plugin - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-b7nkg readOnly: true recursiveReadOnly: Disabled hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 172.18.0.2 podIPs: - ip: 172.18.0.2 qosClass: Guaranteed startTime: "2025-08-07T18:33:45Z" - apiVersion: v1 kind: Pod metadata: annotations: kubeadm.kubernetes.io/kube-apiserver.advertise-address.endpoint: 172.18.0.2:6443 kubernetes.io/config.hash: 75a0bc7b89677560f162b4a4c8ec91c5 kubernetes.io/config.mirror: 75a0bc7b89677560f162b4a4c8ec91c5 kubernetes.io/config.seen: "2025-08-07T18:33:12.698338565Z" kubernetes.io/config.source: file creationTimestamp: "2025-08-07T18:33:20Z" generation: 1 labels: component: kube-apiserver tier: control-plane name: kube-apiserver-kind-control-plane namespace: kube-system ownerReferences: - apiVersion: v1 controller: true kind: Node name: kind-control-plane uid: c42d0e79-017d-40db-a0d4-ba10db347e28 resourceVersion: "4870" uid: 27877de0-44fd-4c9e-88eb-a8dba805dd6d spec: containers: - command: - kube-apiserver - --advertise-address=172.18.0.2 - --allow-privileged=true - --authorization-mode=Node,RBAC - --client-ca-file=/etc/kubernetes/pki/ca.crt - --enable-admission-plugins=NodeRestriction - --enable-bootstrap-token-auth=true - --etcd-cafile=/etc/kubernetes/pki/etcd/ca.crt - --etcd-certfile=/etc/kubernetes/pki/apiserver-etcd-client.crt - --etcd-keyfile=/etc/kubernetes/pki/apiserver-etcd-client.key - --etcd-servers=https://127.0.0.1:2379 - --kubelet-client-certificate=/etc/kubernetes/pki/apiserver-kubelet-client.crt - --kubelet-client-key=/etc/kubernetes/pki/apiserver-kubelet-client.key - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname - --proxy-client-cert-file=/etc/kubernetes/pki/front-proxy-client.crt - --proxy-client-key-file=/etc/kubernetes/pki/front-proxy-client.key - --requestheader-allowed-names=front-proxy-client - --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt - --requestheader-extra-headers-prefix=X-Remote-Extra- - --requestheader-group-headers=X-Remote-Group - --requestheader-username-headers=X-Remote-User - --runtime-config= - --secure-port=6443 - --service-account-issuer=https://kubernetes.default.svc.cluster.local - --service-account-key-file=/etc/kubernetes/pki/sa.pub - --service-account-signing-key-file=/etc/kubernetes/pki/sa.key - --service-cluster-ip-range=10.96.0.0/16 - --tls-cert-file=/etc/kubernetes/pki/apiserver.crt - --tls-private-key-file=/etc/kubernetes/pki/apiserver.key image: registry.k8s.io/kube-apiserver:v1.33.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 8 httpGet: host: 172.18.0.2 path: /livez port: 6443 scheme: HTTPS initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 15 name: kube-apiserver readinessProbe: failureThreshold: 3 httpGet: host: 172.18.0.2 path: /readyz port: 6443 scheme: HTTPS periodSeconds: 1 successThreshold: 1 timeoutSeconds: 15 resources: requests: cpu: 250m startupProbe: failureThreshold: 24 httpGet: host: 172.18.0.2 path: /livez port: 6443 scheme: HTTPS initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 15 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /etc/ssl/certs name: ca-certs readOnly: true - mountPath: /etc/ca-certificates name: etc-ca-certificates readOnly: true - mountPath: /etc/kubernetes/pki name: k8s-certs readOnly: true - mountPath: /usr/local/share/ca-certificates name: usr-local-share-ca-certificates readOnly: true - mountPath: /usr/share/ca-certificates name: usr-share-ca-certificates readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true hostNetwork: true nodeName: kind-control-plane preemptionPolicy: PreemptLowerPriority priority: 2000001000 priorityClassName: system-node-critical restartPolicy: Always schedulerName: default-scheduler securityContext: seccompProfile: type: RuntimeDefault terminationGracePeriodSeconds: 30 tolerations: - effect: NoExecute operator: Exists volumes: - hostPath: path: /etc/ssl/certs type: DirectoryOrCreate name: ca-certs - hostPath: path: /etc/ca-certificates type: DirectoryOrCreate name: etc-ca-certificates - hostPath: path: /etc/kubernetes/pki type: DirectoryOrCreate name: k8s-certs - hostPath: path: /usr/local/share/ca-certificates type: DirectoryOrCreate name: usr-local-share-ca-certificates - hostPath: path: /usr/share/ca-certificates type: DirectoryOrCreate name: usr-share-ca-certificates status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:35Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:35Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T19:40:40Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T19:40:40Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:35Z" status: "True" type: PodScheduled containerStatuses: - allocatedResources: cpu: 250m containerID: containerd://8acd658df5f9d69ed7e4a38c79d3439966088195eeec35d513ff98204193313e image: registry.k8s.io/kube-apiserver-amd64:v1.33.1 imageID: sha256:c6ab243b29f82a6ce269a5342bfd9ea3d0d4ef0f2bb7e98c6ac0bde1aeafab66 lastState: terminated: containerID: containerd://e35bd1e4e0b4f75cb312887a5df12b8794e6afe61c74b52e4cd9161b29a8c1c4 exitCode: 255 finishedAt: "2025-08-07T19:40:16Z" reason: Error startedAt: "2025-08-07T19:32:25Z" name: kube-apiserver ready: true resources: requests: cpu: 250m restartCount: 6 started: true state: running: startedAt: "2025-08-07T19:40:17Z" user: linux: gid: 0 supplementalGroups: - 0 uid: 0 hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 172.18.0.2 podIPs: - ip: 172.18.0.2 qosClass: Burstable startTime: "2025-08-07T18:33:35Z" - apiVersion: v1 kind: Pod metadata: annotations: kubernetes.io/config.hash: bbaa5f0699b235e6ef7911e1a061c8cb kubernetes.io/config.mirror: bbaa5f0699b235e6ef7911e1a061c8cb kubernetes.io/config.seen: "2025-08-07T18:33:12.698339849Z" kubernetes.io/config.source: file creationTimestamp: "2025-08-07T18:33:20Z" generation: 1 labels: component: kube-controller-manager tier: control-plane name: kube-controller-manager-kind-control-plane namespace: kube-system ownerReferences: - apiVersion: v1 controller: true kind: Node name: kind-control-plane uid: c42d0e79-017d-40db-a0d4-ba10db347e28 resourceVersion: "5005" uid: 51e5064b-c140-42b1-89ef-154ba367b812 spec: containers: - command: - kube-controller-manager - --allocate-node-cidrs=true - --authentication-kubeconfig=/etc/kubernetes/controller-manager.conf - --authorization-kubeconfig=/etc/kubernetes/controller-manager.conf - --bind-address=127.0.0.1 - --client-ca-file=/etc/kubernetes/pki/ca.crt - --cluster-cidr=10.244.0.0/16 - --cluster-name=kind - --cluster-signing-cert-file=/etc/kubernetes/pki/ca.crt - --cluster-signing-key-file=/etc/kubernetes/pki/ca.key - --controllers=*,bootstrapsigner,tokencleaner - --enable-hostpath-provisioner=true - --kubeconfig=/etc/kubernetes/controller-manager.conf - --leader-elect=true - --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt - --root-ca-file=/etc/kubernetes/pki/ca.crt - --service-account-private-key-file=/etc/kubernetes/pki/sa.key - --service-cluster-ip-range=10.96.0.0/16 - --use-service-account-credentials=true image: registry.k8s.io/kube-controller-manager:v1.33.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 8 httpGet: host: 127.0.0.1 path: /healthz port: 10257 scheme: HTTPS initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 15 name: kube-controller-manager resources: requests: cpu: 200m startupProbe: failureThreshold: 24 httpGet: host: 127.0.0.1 path: /healthz port: 10257 scheme: HTTPS initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 15 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /etc/ssl/certs name: ca-certs readOnly: true - mountPath: /etc/ca-certificates name: etc-ca-certificates readOnly: true - mountPath: /usr/libexec/kubernetes/kubelet-plugins/volume/exec name: flexvolume-dir - mountPath: /etc/kubernetes/pki name: k8s-certs readOnly: true - mountPath: /etc/kubernetes/controller-manager.conf name: kubeconfig readOnly: true - mountPath: /usr/local/share/ca-certificates name: usr-local-share-ca-certificates readOnly: true - mountPath: /usr/share/ca-certificates name: usr-share-ca-certificates readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true hostNetwork: true nodeName: kind-control-plane preemptionPolicy: PreemptLowerPriority priority: 2000001000 priorityClassName: system-node-critical restartPolicy: Always schedulerName: default-scheduler securityContext: seccompProfile: type: RuntimeDefault terminationGracePeriodSeconds: 30 tolerations: - effect: NoExecute operator: Exists volumes: - hostPath: path: /etc/ssl/certs type: DirectoryOrCreate name: ca-certs - hostPath: path: /etc/ca-certificates type: DirectoryOrCreate name: etc-ca-certificates - hostPath: path: /usr/libexec/kubernetes/kubelet-plugins/volume/exec type: DirectoryOrCreate name: flexvolume-dir - hostPath: path: /etc/kubernetes/pki type: DirectoryOrCreate name: k8s-certs - hostPath: path: /etc/kubernetes/controller-manager.conf type: FileOrCreate name: kubeconfig - hostPath: path: /usr/local/share/ca-certificates type: DirectoryOrCreate name: usr-local-share-ca-certificates - hostPath: path: /usr/share/ca-certificates type: DirectoryOrCreate name: usr-share-ca-certificates status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:35Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:35Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T19:43:38Z" message: 'containers with unready status: [kube-controller-manager]' reason: ContainersNotReady status: "False" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T19:43:38Z" message: 'containers with unready status: [kube-controller-manager]' reason: ContainersNotReady status: "False" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:35Z" status: "True" type: PodScheduled containerStatuses: - allocatedResources: cpu: 200m containerID: containerd://06c7250d58e75df9b64b0907a00dec05a1befec7890189a28037635dd43ab177 image: registry.k8s.io/kube-controller-manager-amd64:v1.33.1 imageID: sha256:ef43894fa110c389f7286f4d5a3ea176072c95280efeca60d6a79617cdbbf3e4 lastState: terminated: containerID: containerd://06c7250d58e75df9b64b0907a00dec05a1befec7890189a28037635dd43ab177 exitCode: 1 finishedAt: "2025-08-07T19:43:35Z" reason: Error startedAt: "2025-08-07T19:42:03Z" name: kube-controller-manager ready: false resources: requests: cpu: 200m restartCount: 11 started: false state: waiting: message: back-off 1m20s restarting failed container=kube-controller-manager pod=kube-controller-manager-kind-control-plane_kube-system(bbaa5f0699b235e6ef7911e1a061c8cb) reason: CrashLoopBackOff user: linux: gid: 0 supplementalGroups: - 0 uid: 0 hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 172.18.0.2 podIPs: - ip: 172.18.0.2 qosClass: Burstable startTime: "2025-08-07T18:33:35Z" - apiVersion: v1 kind: Pod metadata: creationTimestamp: "2025-08-07T18:33:39Z" generateName: kube-proxy- generation: 1 labels: controller-revision-hash: 84c68674f8 k8s-app: kube-proxy pod-template-generation: "1" name: kube-proxy-8dk7f namespace: kube-system ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: DaemonSet name: kube-proxy uid: 205dc9a6-ac52-4e2a-8861-fc042afb94de resourceVersion: "472" uid: ac91cce9-907a-4dd3-855b-d5faf1f4512a spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchFields: - key: metadata.name operator: In values: - kind-control-plane containers: - command: - /usr/local/bin/kube-proxy - --config=/var/lib/kube-proxy/config.conf - --hostname-override=$(NODE_NAME) env: - name: NODE_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName image: registry.k8s.io/kube-proxy:v1.33.1 imagePullPolicy: IfNotPresent name: kube-proxy resources: {} securityContext: privileged: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /var/lib/kube-proxy name: kube-proxy - mountPath: /run/xtables.lock name: xtables-lock - mountPath: /lib/modules name: lib-modules readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dvznl readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true hostNetwork: true nodeName: kind-control-plane nodeSelector: kubernetes.io/os: linux preemptionPolicy: PreemptLowerPriority priority: 2000001000 priorityClassName: system-node-critical restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: kube-proxy serviceAccountName: kube-proxy terminationGracePeriodSeconds: 30 tolerations: - operator: Exists - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists - effect: NoSchedule key: node.kubernetes.io/disk-pressure operator: Exists - effect: NoSchedule key: node.kubernetes.io/memory-pressure operator: Exists - effect: NoSchedule key: node.kubernetes.io/pid-pressure operator: Exists - effect: NoSchedule key: node.kubernetes.io/unschedulable operator: Exists - effect: NoSchedule key: node.kubernetes.io/network-unavailable operator: Exists volumes: - configMap: defaultMode: 420 name: kube-proxy name: kube-proxy - hostPath: path: /run/xtables.lock type: FileOrCreate name: xtables-lock - hostPath: path: /lib/modules type: "" name: lib-modules - name: kube-api-access-dvznl projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:48Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:45Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:48Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:48Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:45Z" status: "True" type: PodScheduled containerStatuses: - containerID: containerd://c13492221b6301b68bff2358c8a3c5fcb76c390a2315355129729206e936e566 image: registry.k8s.io/kube-proxy-amd64:v1.33.1 imageID: sha256:b79c189b052cdbe0e837d0caa6faf1d9fd696d8664fcc462f67d9ea51f26fef2 lastState: {} name: kube-proxy ready: true resources: {} restartCount: 0 started: true state: running: startedAt: "2025-08-07T18:33:47Z" user: linux: gid: 0 supplementalGroups: - 0 uid: 0 volumeMounts: - mountPath: /var/lib/kube-proxy name: kube-proxy - mountPath: /run/xtables.lock name: xtables-lock - mountPath: /lib/modules name: lib-modules readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dvznl readOnly: true recursiveReadOnly: Disabled hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 172.18.0.2 podIPs: - ip: 172.18.0.2 qosClass: BestEffort startTime: "2025-08-07T18:33:45Z" - apiVersion: v1 kind: Pod metadata: annotations: kubernetes.io/config.hash: 6b832fb3c1c8f5f8a2600b5f80e4a681 kubernetes.io/config.mirror: 6b832fb3c1c8f5f8a2600b5f80e4a681 kubernetes.io/config.seen: "2025-08-07T18:33:12.698340882Z" kubernetes.io/config.source: file creationTimestamp: "2025-08-07T18:33:21Z" generation: 1 labels: component: kube-scheduler tier: control-plane name: kube-scheduler-kind-control-plane namespace: kube-system ownerReferences: - apiVersion: v1 controller: true kind: Node name: kind-control-plane uid: c42d0e79-017d-40db-a0d4-ba10db347e28 resourceVersion: "4897" uid: 40634ec5-bafd-4eb4-9a4b-a2397ea073b5 spec: containers: - command: - kube-scheduler - --authentication-kubeconfig=/etc/kubernetes/scheduler.conf - --authorization-kubeconfig=/etc/kubernetes/scheduler.conf - --bind-address=127.0.0.1 - --kubeconfig=/etc/kubernetes/scheduler.conf - --leader-elect=true image: registry.k8s.io/kube-scheduler:v1.33.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 8 httpGet: host: 127.0.0.1 path: /livez port: 10259 scheme: HTTPS initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 15 name: kube-scheduler readinessProbe: failureThreshold: 3 httpGet: host: 127.0.0.1 path: /readyz port: 10259 scheme: HTTPS periodSeconds: 1 successThreshold: 1 timeoutSeconds: 15 resources: requests: cpu: 100m startupProbe: failureThreshold: 24 httpGet: host: 127.0.0.1 path: /livez port: 10259 scheme: HTTPS initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 15 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /etc/kubernetes/scheduler.conf name: kubeconfig readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true hostNetwork: true nodeName: kind-control-plane preemptionPolicy: PreemptLowerPriority priority: 2000001000 priorityClassName: system-node-critical restartPolicy: Always schedulerName: default-scheduler securityContext: seccompProfile: type: RuntimeDefault terminationGracePeriodSeconds: 30 tolerations: - effect: NoExecute operator: Exists volumes: - hostPath: path: /etc/kubernetes/scheduler.conf type: FileOrCreate name: kubeconfig status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:35Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:35Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T19:41:26Z" message: 'containers with unready status: [kube-scheduler]' reason: ContainersNotReady status: "False" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T19:41:26Z" message: 'containers with unready status: [kube-scheduler]' reason: ContainersNotReady status: "False" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:33:35Z" status: "True" type: PodScheduled containerStatuses: - allocatedResources: cpu: 100m containerID: containerd://67eed8120a29f8405458d5f1bf08235e993f80eb1f7486f832d4d6822f555894 image: registry.k8s.io/kube-scheduler-amd64:v1.33.1 imageID: sha256:398c985c0d950becc8dcdab5877a8a517ffeafca0792b3fe5f1acff218aeac49 lastState: terminated: containerID: containerd://67eed8120a29f8405458d5f1bf08235e993f80eb1f7486f832d4d6822f555894 exitCode: 1 finishedAt: "2025-08-07T19:41:25Z" reason: Error startedAt: "2025-08-07T19:38:47Z" name: kube-scheduler ready: false resources: requests: cpu: 100m restartCount: 11 started: false state: waiting: message: back-off 5m0s restarting failed container=kube-scheduler pod=kube-scheduler-kind-control-plane_kube-system(6b832fb3c1c8f5f8a2600b5f80e4a681) reason: CrashLoopBackOff user: linux: gid: 0 supplementalGroups: - 0 uid: 0 hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 172.18.0.2 podIPs: - ip: 172.18.0.2 qosClass: Burstable startTime: "2025-08-07T18:33:35Z" - apiVersion: v1 kind: Pod metadata: creationTimestamp: "2025-08-07T18:33:40Z" generateName: local-path-provisioner-7dc846544d- generation: 1 labels: app: local-path-provisioner pod-template-hash: 7dc846544d name: local-path-provisioner-7dc846544d-l85vk namespace: local-path-storage ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: local-path-provisioner-7dc846544d uid: cfe5a0e0-6fa7-40e3-b7ed-87775cb2ebad resourceVersion: "4872" uid: 1fd30117-d2e8-4816-b819-0e9d6ced6443 spec: containers: - command: - local-path-provisioner - --debug - start - --helper-image - docker.io/kindest/local-path-helper:v20241212-8ac705d0 - --config - /etc/config/config.json env: - name: POD_NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - name: CONFIG_MOUNT_PATH value: /etc/config/ image: docker.io/kindest/local-path-provisioner:v20250214-acbabc1a imagePullPolicy: IfNotPresent name: local-path-provisioner resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /etc/config/ name: config-volume - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-rnd7n readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true nodeName: kind-control-plane nodeSelector: kubernetes.io/os: linux preemptionPolicy: PreemptLowerPriority priority: 0 restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: local-path-provisioner-service-account serviceAccountName: local-path-provisioner-service-account terminationGracePeriodSeconds: 30 tolerations: - effect: NoSchedule key: node-role.kubernetes.io/control-plane operator: Equal - effect: NoSchedule key: node-role.kubernetes.io/master operator: Equal - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - configMap: defaultMode: 420 name: local-path-config name: config-volume - name: kube-api-access-rnd7n projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:05Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:01Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T19:40:49Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T19:40:49Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:01Z" status: "True" type: PodScheduled containerStatuses: - containerID: containerd://8c93a8eb09ba4ff4a13c1805193b744a82dcfded16c20eec37c2aa931c61cfb7 image: docker.io/kindest/local-path-provisioner:v20250214-acbabc1a imageID: sha256:bbb6209cc873b9b4095bd014b4687512eea2bd7b246f9ec06f4f6f0be14d9fb6 lastState: terminated: containerID: containerd://0999b29ad63672bb32a5e7b5f6984486dbc4a24fa7ec1790c8bafbca085068ab exitCode: 1 finishedAt: "2025-08-07T19:40:16Z" reason: Error startedAt: "2025-08-07T19:37:16Z" name: local-path-provisioner ready: true resources: {} restartCount: 6 started: true state: running: startedAt: "2025-08-07T19:40:45Z" user: linux: gid: 0 supplementalGroups: - 0 uid: 0 volumeMounts: - mountPath: /etc/config/ name: config-volume - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-rnd7n readOnly: true recursiveReadOnly: Disabled hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 10.244.0.2 podIPs: - ip: 10.244.0.2 qosClass: BestEffort startTime: "2025-08-07T18:34:01Z" - apiVersion: v1 kind: Pod metadata: creationTimestamp: "2025-08-07T18:34:31Z" generateName: ipam-controller-manager-597487d686- generation: 1 labels: cluster.x-k8s.io/provider: ipam-metal3 control-plane: controller-manager controller-tools.k8s.io: "1.0" pod-template-hash: 597487d686 name: ipam-controller-manager-597487d686-dft7m namespace: metal3-ipam-system ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: ipam-controller-manager-597487d686 uid: da8f10cc-619c-4005-8275-5d83cd203e16 resourceVersion: "5012" uid: 778e2c3f-4d20-4db6-991a-b4c044177513 spec: containers: - args: - --webhook-port=9443 - --diagnostics-address=:8443 - --insecure-diagnostics=false - --tls-min-version=VersionTLS13 command: - /manager env: - name: POD_NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace image: 192.168.111.1:5000/localimages/ip-address-manager:main imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 httpGet: path: /healthz port: healthz scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 name: manager ports: - containerPort: 9443 name: ipam-webhook protocol: TCP - containerPort: 9440 name: healthz protocol: TCP - containerPort: 8443 name: metrics protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: /readyz port: healthz scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 resources: {} securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL privileged: false runAsGroup: 65532 runAsUser: 65532 terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-ggczw readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true nodeName: kind-control-plane preemptionPolicy: PreemptLowerPriority priority: 0 restartPolicy: Always schedulerName: default-scheduler securityContext: runAsNonRoot: true seccompProfile: type: RuntimeDefault serviceAccount: ipam-manager serviceAccountName: ipam-manager terminationGracePeriodSeconds: 10 tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master - effect: NoSchedule key: node-role.kubernetes.io/control-plane - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - name: cert secret: defaultMode: 420 secretName: ipam-webhook-service-cert - name: kube-api-access-ggczw projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace status: conditions: - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:47Z" status: "True" type: PodReadyToStartContainers - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:31Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2025-08-07T19:43:50Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2025-08-07T19:43:50Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2025-08-07T18:34:31Z" status: "True" type: PodScheduled containerStatuses: - containerID: containerd://42c44bb604d5efd8ee51b70235b84e71b812a92eeeb43224d12fdaaaa43f6bd1 image: 192.168.111.1:5000/localimages/ip-address-manager:main imageID: 192.168.111.1:5000/localimages/ip-address-manager@sha256:fdf86bc2decdfdad1ec4eeb6d71790d79bdede70fe23ed823e4d5327c5e00fa2 lastState: terminated: containerID: containerd://d82050e7162d019f8f3f82ae3d086faa55bee92eb3ee076aa979c8a5f05e6160 exitCode: 137 finishedAt: "2025-08-07T19:38:28Z" reason: OOMKilled startedAt: "2025-08-07T19:36:39Z" name: manager ready: true resources: {} restartCount: 20 started: true state: running: startedAt: "2025-08-07T19:43:38Z" user: linux: gid: 65532 supplementalGroups: - 65532 uid: 65532 volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true recursiveReadOnly: Disabled - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-ggczw readOnly: true recursiveReadOnly: Disabled hostIP: 172.18.0.2 hostIPs: - ip: 172.18.0.2 phase: Running podIP: 10.244.0.12 podIPs: - ip: 10.244.0.12 qosClass: BestEffort startTime: "2025-08-07T18:34:31Z" kind: List metadata: resourceVersion: ""