containers:
- args:
- -leader-elect
command:
- /manager
env:
- name: WATCH_NAMESPACE
- name: VAULT_ADDRESS
value: http://192.168.1.3:8200
- name: VAULT_AUTH_METHOD
value: kubernetes
- name: VAULT_TOKEN_PATH
- name: VAULT_KUBERNETES_PATH
value: auth/kubernetes
- name: VAULT_KUBERNETES_ROLE
value: vault-secrets-operator
- name: VAULT_APP_ROLE_PATH
value: auth/approle
- name: VAULT_RECONCILIATION_TIME
value: '60'
image: ricoberger/vault-secrets-operator:1.14.5
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: http
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
name: vault-secrets-operator
ports:
- containerPort: 8080
name: http-metrics
protocol: TCP
- containerPort: 8081
name: http
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /readyz
port: http
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources:
requests:
cpu: 50m
memory: 128Mi
securityContext: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-9sw4f
readOnly: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
nodeName: sed-infra-server-master-mcg58ax2-aa1e3892
preemptionPolicy: PreemptLowerPriority
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: vault-secrets-operator
serviceAccountName: vault-secrets-operator
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: kube-api-access-9sw4f
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 3607
path: token
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt
- downwardAPI:
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
path: namespace
vault-secrets-operator-84dd57c64f-g77m8
app.kubernetes.io/instance: vault-secrets-operator
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: vault-secrets-operator
helm.sh/chart: vault-secrets-operator-1.14.5
pod-template-hash: 84dd57c64f
cni.projectcalico.org/podIP:
cni.projectcalico.org/podIPs:
Spec
Status
conditions:
- lastProbeTime: null
lastTransitionTime: '2024-10-22T19:12:38Z'
status: 'True'
type: Initialized
- lastProbeTime: null
lastTransitionTime: '2025-10-19T11:18:47Z'
status: 'True'
type: Ready
- lastProbeTime: null
lastTransitionTime: '2025-10-19T11:18:47Z'
status: 'True'
type: ContainersReady
- lastProbeTime: null
lastTransitionTime: '2024-10-22T19:12:38Z'
status: 'True'
type: PodScheduled
containerStatuses:
- containerID: containerd://f23ab9bb725af1137977ad3840e6831c9f21d03814ccc7d7d8f03f85921aa766
image: docker.io/ricoberger/vault-secrets-operator:1.14.5
imageID: docker.io/ricoberger/vault-secrets-operator@sha256:b171bfe74328f286fe7505fd6a23aef68e2d45f602be78ae89b96bcf884becd8
lastState:
terminated:
containerID: containerd://ed0831f95e10997c5bfbf2689e9af835c35e017003d6c38ab11519279c5dd4ed
exitCode: 1
finishedAt: '2025-10-19T11:13:34Z'
reason: Error
startedAt: '2025-10-19T11:13:31Z'
name: vault-secrets-operator
ready: true
restartCount: 114
started: true
state:
running:
startedAt: '2025-10-19T11:18:36Z'
hostIP: 192.168.1.3
phase: Running
podIP: 172.18.117.200
podIPs:
- ip: 172.18.117.200
qosClass: Burstable
startTime: '2024-10-22T19:12:38Z'
Events
| Type | Reason | Age | From | Message |
|---|---|---|---|---|
| No events found. | ||||