apiVersion: v1
kind: Pod
metadata:
annotations:
cni.projectcalico.org/podIP: ''
cni.projectcalico.org/podIPs: ''
creationTimestamp: '2024-10-22T19:12:38Z'
generateName: vault-secrets-operator-84dd57c64f-
labels:
app.kubernetes.io/instance: vault-secrets-operator
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: vault-secrets-operator
helm.sh/chart: vault-secrets-operator-1.14.5
pod-template-hash: 84dd57c64f
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
.: {}
f:cni.projectcalico.org/podIP: {}
f:cni.projectcalico.org/podIPs: {}
manager: calico
operation: Update
time: '2024-10-22T19:12:39Z'
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:generateName: {}
f:labels:
.: {}
f:app.kubernetes.io/instance: {}
f:app.kubernetes.io/managed-by: {}
f:app.kubernetes.io/name: {}
f:helm.sh/chart: {}
f:pod-template-hash: {}
f:ownerReferences:
.: {}
k:{"uid":"b2dcac2d-76a4-40b7-a899-63424458b65b"}:
.: {}
f:apiVersion: {}
f:blockOwnerDeletion: {}
f:controller: {}
f:kind: {}
f:name: {}
f:uid: {}
f:spec:
f:containers:
k:{"name":"vault-secrets-operator"}:
.: {}
f:args: {}
f:command: {}
f:env:
.: {}
k:{"name":"VAULT_ADDRESS"}:
.: {}
f:name: {}
f:value: {}
k:{"name":"VAULT_APP_ROLE_PATH"}:
.: {}
f:name: {}
f:value: {}
k:{"name":"VAULT_AUTH_METHOD"}:
.: {}
f:name: {}
f:value: {}
k:{"name":"VAULT_KUBERNETES_PATH"}:
.: {}
f:name: {}
f:value: {}
k:{"name":"VAULT_KUBERNETES_ROLE"}:
.: {}
f:name: {}
f:value: {}
k:{"name":"VAULT_RECONCILIATION_TIME"}:
.: {}
f:name: {}
f:value: {}
k:{"name":"VAULT_TOKEN_PATH"}:
.: {}
f:name: {}
k:{"name":"WATCH_NAMESPACE"}:
.: {}
f:name: {}
f:image: {}
f:imagePullPolicy: {}
f:livenessProbe:
.: {}
f:failureThreshold: {}
f:httpGet:
.: {}
f:path: {}
f:port: {}
f:scheme: {}
f:periodSeconds: {}
f:successThreshold: {}
f:timeoutSeconds: {}
f:name: {}
f:ports:
.: {}
k:{"containerPort":8080,"protocol":"TCP"}:
.: {}
f:containerPort: {}
f:name: {}
f:protocol: {}
k:{"containerPort":8081,"protocol":"TCP"}:
.: {}
f:containerPort: {}
f:name: {}
f:protocol: {}
f:readinessProbe:
.: {}
f:failureThreshold: {}
f:httpGet:
.: {}
f:path: {}
f:port: {}
f:scheme: {}
f:periodSeconds: {}
f:successThreshold: {}
f:timeoutSeconds: {}
f:resources:
.: {}
f:requests:
.: {}
f:cpu: {}
f:memory: {}
f:securityContext: {}
f:terminationMessagePath: {}
f:terminationMessagePolicy: {}
f:dnsPolicy: {}
f:enableServiceLinks: {}
f:restartPolicy: {}
f:schedulerName: {}
f:securityContext: {}
f:serviceAccount: {}
f:serviceAccountName: {}
f:terminationGracePeriodSeconds: {}
f:status:
f:conditions:
k:{"type":"ContainersReady"}:
.: {}
f:lastProbeTime: {}
f:lastTransitionTime: {}
f:status: {}
f:type: {}
k:{"type":"Initialized"}:
.: {}
f:lastProbeTime: {}
f:lastTransitionTime: {}
f:status: {}
f:type: {}
k:{"type":"Ready"}:
.: {}
f:lastProbeTime: {}
f:lastTransitionTime: {}
f:status: {}
f:type: {}
f:containerStatuses: {}
f:hostIP: {}
f:phase: {}
f:podIP: {}
f:podIPs:
.: {}
k:{"ip":"172.18.117.200"}:
.: {}
f:ip: {}
f:startTime: {}
manager: k3s
operation: Update
time: '2025-10-19T11:18:47Z'
name: vault-secrets-operator-84dd57c64f-g77m8
namespace: vault-secrets-operator
ownerReferences:
- apiVersion: apps/v1
blockOwnerDeletion: true
controller: true
kind: ReplicaSet
name: vault-secrets-operator-84dd57c64f
uid: b2dcac2d-76a4-40b7-a899-63424458b65b
resourceVersion: '3508216467'
uid: b7ff5f72-e406-4df0-a806-61c71f0a5344
spec:
containers:
- args:
- -leader-elect
command:
- /manager
env:
- name: WATCH_NAMESPACE
- name: VAULT_ADDRESS
value: http://192.168.1.3:8200
- name: VAULT_AUTH_METHOD
value: kubernetes
- name: VAULT_TOKEN_PATH
- name: VAULT_KUBERNETES_PATH
value: auth/kubernetes
- name: VAULT_KUBERNETES_ROLE
value: vault-secrets-operator
- name: VAULT_APP_ROLE_PATH
value: auth/approle
- name: VAULT_RECONCILIATION_TIME
value: '60'
image: ricoberger/vault-secrets-operator:1.14.5
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: http
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
name: vault-secrets-operator
ports:
- containerPort: 8080
name: http-metrics
protocol: TCP
- containerPort: 8081
name: http
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /readyz
port: http
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources:
requests:
cpu: 50m
memory: 128Mi
securityContext: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-9sw4f
readOnly: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
nodeName: sed-infra-server-master-mcg58ax2-aa1e3892
preemptionPolicy: PreemptLowerPriority
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: vault-secrets-operator
serviceAccountName: vault-secrets-operator
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: kube-api-access-9sw4f
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 3607
path: token
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt
- downwardAPI:
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
path: namespace
status:
conditions:
- lastProbeTime: null
lastTransitionTime: '2024-10-22T19:12:38Z'
status: 'True'
type: Initialized
- lastProbeTime: null
lastTransitionTime: '2025-10-19T11:18:47Z'
status: 'True'
type: Ready
- lastProbeTime: null
lastTransitionTime: '2025-10-19T11:18:47Z'
status: 'True'
type: ContainersReady
- lastProbeTime: null
lastTransitionTime: '2024-10-22T19:12:38Z'
status: 'True'
type: PodScheduled
containerStatuses:
- containerID: containerd://f23ab9bb725af1137977ad3840e6831c9f21d03814ccc7d7d8f03f85921aa766
image: docker.io/ricoberger/vault-secrets-operator:1.14.5
imageID: docker.io/ricoberger/vault-secrets-operator@sha256:b171bfe74328f286fe7505fd6a23aef68e2d45f602be78ae89b96bcf884becd8
lastState:
terminated:
containerID: containerd://ed0831f95e10997c5bfbf2689e9af835c35e017003d6c38ab11519279c5dd4ed
exitCode: 1
finishedAt: '2025-10-19T11:13:34Z'
reason: Error
startedAt: '2025-10-19T11:13:31Z'
name: vault-secrets-operator
ready: true
restartCount: 114
started: true
state:
running:
startedAt: '2025-10-19T11:18:36Z'
hostIP: 192.168.1.3
phase: Running
podIP: 172.18.117.200
podIPs:
- ip: 172.18.117.200
qosClass: Burstable
startTime: '2024-10-22T19:12:38Z'