diff --git a/manifests/archivebox/all.yaml b/manifests/archivebox/all.yaml index bb54e66..24945d9 100644 --- a/manifests/archivebox/all.yaml +++ b/manifests/archivebox/all.yaml @@ -1,425 +1,426 @@ apiVersion: v1 items: -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-07-30T14:08:20Z" - generateName: archivebox-65cb6b4494- - labels: - app: archivebox - pod-template-hash: 65cb6b4494 - name: archivebox-65cb6b4494-pw82w - namespace: archivebox - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: archivebox-65cb6b4494 - uid: f0db71e8-7219-4ead-ab70-a53c27246337 - resourceVersion: "20356604" - uid: 0d27df94-a77d-4d6f-bbd7-99c530836986 - spec: - containers: - - args: - - server - - --quick-init - - 0.0.0.0:8000 - env: - - name: ADMIN_USERNAME - value: admin - - name: ADMIN_PASSWORD - value: password - - name: PUID - value: "1000" - - name: PGID - value: "1000" - - name: PUBLIC_INDEX - value: "False" - image: archivebox/archivebox:latest - imagePullPolicy: Always - name: archivebox - ports: - - containerPort: 8000 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /data - name: data - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-2qsl2 - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: data - persistentVolumeClaim: - claimName: archivebox-data - - name: kube-api-access-2qsl2 - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:26Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-07-30T14:08:20Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:26Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:26Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-07-30T14:08:20Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://d16f2b4d9429b667b53221d5e786c54833ce179ace81e93471faf1c57a1ce1fa - image: docker.io/archivebox/archivebox:latest - imageID: docker.io/archivebox/archivebox@sha256:fdf2936192aa1e909b0c3f286f60174efa24078555be4b6b90a07f2cef1d4909 - lastState: - terminated: - containerID: containerd://5a9e91a0b024182e5683aaa94e2e9a73291f571627faff31950a23bc7e93c8cc - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:41Z" - name: archivebox - ready: true - restartCount: 4 - started: true - state: - running: - startedAt: "2025-08-24T01:02:26Z" - volumeMounts: - - mountPath: /data - name: data - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-2qsl2 - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.45 - podIPs: - - ip: 10.244.0.45 - qosClass: BestEffort - startTime: "2025-07-30T14:08:20Z" -- apiVersion: v1 - kind: Service - metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"archivebox","namespace":"archivebox"},"spec":{"ports":[{"port":80,"protocol":"TCP","targetPort":8000}],"selector":{"app":"archivebox"},"type":"ClusterIP"}} - creationTimestamp: "2025-07-30T10:43:06Z" - name: archivebox - namespace: archivebox - resourceVersion: "10496169" - uid: 96391171-c088-4f30-9130-dffeb949bd89 - spec: - clusterIP: 10.100.92.6 - clusterIPs: - - 10.100.92.6 - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - nodePort: 30455 - port: 80 - protocol: TCP - targetPort: 8000 - selector: - app: archivebox - sessionAffinity: None - type: NodePort - status: - loadBalancer: {} -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "2" - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"archivebox","namespace":"archivebox"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"archivebox"}},"template":{"metadata":{"labels":{"app":"archivebox"}},"spec":{"containers":[{"args":["server","--quick-init","0.0.0.0:8000"],"env":[{"name":"ADMIN_USERNAME","value":"admin"},{"name":"ADMIN_PASSWORD","value":"password"},{"name":"PUID","value":"1000"},{"name":"PGID","value":"1000"}],"image":"archivebox/archivebox:latest","name":"archivebox","ports":[{"containerPort":8000}],"volumeMounts":[{"mountPath":"/data","name":"data"}]}],"volumes":[{"name":"data","persistentVolumeClaim":{"claimName":"archivebox-data"}}]}}}} - creationTimestamp: "2025-07-30T10:43:06Z" - generation: 2 - name: archivebox - namespace: archivebox - resourceVersion: "12273808" - uid: fe49bebd-eb2d-469a-9650-67fb5f6fa47f - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app: archivebox - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - creationTimestamp: null - labels: - app: archivebox - spec: - containers: - - args: - - server - - --quick-init - - 0.0.0.0:8000 - env: - - name: ADMIN_USERNAME - value: admin - - name: ADMIN_PASSWORD - value: password - - name: PUID - value: "1000" - - name: PGID - value: "1000" - - name: PUBLIC_INDEX - value: "False" - image: archivebox/archivebox:latest - imagePullPolicy: Always - name: archivebox - ports: - - containerPort: 8000 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /data - name: data - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: - - name: data - persistentVolumeClaim: - claimName: archivebox-data - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-07-30T10:43:06Z" - lastUpdateTime: "2025-07-30T14:08:23Z" - message: ReplicaSet "archivebox-65cb6b4494" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - - lastTransitionTime: "2025-08-24T01:02:26Z" - lastUpdateTime: "2025-08-24T01:02:26Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - observedGeneration: 2 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "2" - creationTimestamp: "2025-07-30T14:08:20Z" - generation: 1 - labels: - app: archivebox - pod-template-hash: 65cb6b4494 - name: archivebox-65cb6b4494 - namespace: archivebox - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: archivebox - uid: fe49bebd-eb2d-469a-9650-67fb5f6fa47f - resourceVersion: "12273807" - uid: f0db71e8-7219-4ead-ab70-a53c27246337 - spec: - replicas: 1 - selector: - matchLabels: + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-07-30T14:08:20Z' + generateName: archivebox-65cb6b4494- + labels: app: archivebox pod-template-hash: 65cb6b4494 - template: - metadata: - creationTimestamp: null - labels: + name: archivebox-65cb6b4494-pw82w + namespace: archivebox + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: archivebox-65cb6b4494 + uid: f0db71e8-7219-4ead-ab70-a53c27246337 + resourceVersion: '20356604' + uid: 0d27df94-a77d-4d6f-bbd7-99c530836986 + spec: + containers: + - args: + - server + - --quick-init + - 0.0.0.0:8000 + env: + - name: ADMIN_USERNAME + value: admin + - name: ADMIN_PASSWORD + value: password + - name: PUID + value: '1000' + - name: PGID + value: '1000' + - name: PUBLIC_INDEX + value: 'False' + image: archivebox/archivebox:latest + imagePullPolicy: Always + name: archivebox + ports: + - containerPort: 8000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-2qsl2 + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: data + persistentVolumeClaim: + claimName: archivebox-data + - name: kube-api-access-2qsl2 + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:26Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-07-30T14:08:20Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:26Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:26Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-07-30T14:08:20Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://d16f2b4d9429b667b53221d5e786c54833ce179ace81e93471faf1c57a1ce1fa + image: docker.io/archivebox/archivebox:latest + imageID: docker.io/archivebox/archivebox@sha256:fdf2936192aa1e909b0c3f286f60174efa24078555be4b6b90a07f2cef1d4909 + lastState: + terminated: + containerID: containerd://5a9e91a0b024182e5683aaa94e2e9a73291f571627faff31950a23bc7e93c8cc + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:41Z' + name: archivebox + ready: true + restartCount: 4 + started: true + state: + running: + startedAt: '2025-08-24T01:02:26Z' + volumeMounts: + - mountPath: /data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-2qsl2 + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.45 + podIPs: + - ip: 10.244.0.45 + qosClass: BestEffort + startTime: '2025-07-30T14:08:20Z' + - apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"archivebox","namespace":"archivebox"},"spec":{"ports":[{"port":80,"protocol":"TCP","targetPort":8000}],"selector":{"app":"archivebox"},"type":"ClusterIP"}} + + ' + creationTimestamp: '2025-07-30T10:43:06Z' + name: archivebox + namespace: archivebox + resourceVersion: '10496169' + uid: 96391171-c088-4f30-9130-dffeb949bd89 + spec: + clusterIP: 10.100.92.6 + clusterIPs: + - 10.100.92.6 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - nodePort: 30455 + port: 80 + protocol: TCP + targetPort: 8000 + selector: + app: archivebox + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '2' + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"archivebox","namespace":"archivebox"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"archivebox"}},"template":{"metadata":{"labels":{"app":"archivebox"}},"spec":{"containers":[{"args":["server","--quick-init","0.0.0.0:8000"],"env":[{"name":"ADMIN_USERNAME","value":"admin"},{"name":"ADMIN_PASSWORD","value":"password"},{"name":"PUID","value":"1000"},{"name":"PGID","value":"1000"}],"image":"archivebox/archivebox:latest","name":"archivebox","ports":[{"containerPort":8000}],"volumeMounts":[{"mountPath":"/data","name":"data"}]}],"volumes":[{"name":"data","persistentVolumeClaim":{"claimName":"archivebox-data"}}]}}}} + + ' + creationTimestamp: '2025-07-30T10:43:06Z' + generation: 2 + name: archivebox + namespace: archivebox + resourceVersion: '12273808' + uid: fe49bebd-eb2d-469a-9650-67fb5f6fa47f + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: archivebox + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: archivebox + spec: + containers: + - args: + - server + - --quick-init + - 0.0.0.0:8000 + env: + - name: ADMIN_USERNAME + value: admin + - name: ADMIN_PASSWORD + value: password + - name: PUID + value: '1000' + - name: PGID + value: '1000' + - name: PUBLIC_INDEX + value: 'False' + image: archivebox/archivebox:latest + imagePullPolicy: Always + name: archivebox + ports: + - containerPort: 8000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /data + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: data + persistentVolumeClaim: + claimName: archivebox-data + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-07-30T10:43:06Z' + lastUpdateTime: '2025-07-30T14:08:23Z' + message: ReplicaSet "archivebox-65cb6b4494" has successfully progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + - lastTransitionTime: '2025-08-24T01:02:26Z' + lastUpdateTime: '2025-08-24T01:02:26Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + observedGeneration: 2 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '2' + creationTimestamp: '2025-07-30T14:08:20Z' + generation: 1 + labels: + app: archivebox + pod-template-hash: 65cb6b4494 + name: archivebox-65cb6b4494 + namespace: archivebox + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: archivebox + uid: fe49bebd-eb2d-469a-9650-67fb5f6fa47f + resourceVersion: '12273807' + uid: f0db71e8-7219-4ead-ab70-a53c27246337 + spec: + replicas: 1 + selector: + matchLabels: app: archivebox pod-template-hash: 65cb6b4494 - spec: - containers: - - args: - - server - - --quick-init - - 0.0.0.0:8000 - env: - - name: ADMIN_USERNAME - value: admin - - name: ADMIN_PASSWORD - value: password - - name: PUID - value: "1000" - - name: PGID - value: "1000" - - name: PUBLIC_INDEX - value: "False" - image: archivebox/archivebox:latest - imagePullPolicy: Always - name: archivebox - ports: - - containerPort: 8000 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /data - name: data - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: - - name: data - persistentVolumeClaim: - claimName: archivebox-data - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "1" - creationTimestamp: "2025-07-30T10:43:06Z" - generation: 2 - labels: - app: archivebox - pod-template-hash: "7676465958" - name: archivebox-7676465958 - namespace: archivebox - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: archivebox - uid: fe49bebd-eb2d-469a-9650-67fb5f6fa47f - resourceVersion: "10513981" - uid: c41f43f5-be34-4534-845f-e03ad7235a4a - spec: - replicas: 0 - selector: - matchLabels: + template: + metadata: + creationTimestamp: null + labels: + app: archivebox + pod-template-hash: 65cb6b4494 + spec: + containers: + - args: + - server + - --quick-init + - 0.0.0.0:8000 + env: + - name: ADMIN_USERNAME + value: admin + - name: ADMIN_PASSWORD + value: password + - name: PUID + value: '1000' + - name: PGID + value: '1000' + - name: PUBLIC_INDEX + value: 'False' + image: archivebox/archivebox:latest + imagePullPolicy: Always + name: archivebox + ports: + - containerPort: 8000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /data + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: data + persistentVolumeClaim: + claimName: archivebox-data + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '1' + creationTimestamp: '2025-07-30T10:43:06Z' + generation: 2 + labels: app: archivebox - pod-template-hash: "7676465958" - template: - metadata: - creationTimestamp: null - labels: - app: archivebox - pod-template-hash: "7676465958" - spec: - containers: - - args: - - server - - --quick-init - - 0.0.0.0:8000 - env: - - name: ADMIN_USERNAME - value: admin - - name: ADMIN_PASSWORD - value: password - - name: PUID - value: "1000" - - name: PGID - value: "1000" - image: archivebox/archivebox:latest - imagePullPolicy: Always + pod-template-hash: '7676465958' + name: archivebox-7676465958 + namespace: archivebox + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment name: archivebox - ports: - - containerPort: 8000 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /data - name: data - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: - - name: data - persistentVolumeClaim: - claimName: archivebox-data - status: - observedGeneration: 2 - replicas: 0 + uid: fe49bebd-eb2d-469a-9650-67fb5f6fa47f + resourceVersion: '10513981' + uid: c41f43f5-be34-4534-845f-e03ad7235a4a + spec: + replicas: 0 + selector: + matchLabels: + app: archivebox + pod-template-hash: '7676465958' + template: + metadata: + creationTimestamp: null + labels: + app: archivebox + pod-template-hash: '7676465958' + spec: + containers: + - args: + - server + - --quick-init + - 0.0.0.0:8000 + env: + - name: ADMIN_USERNAME + value: admin + - name: ADMIN_PASSWORD + value: password + - name: PUID + value: '1000' + - name: PGID + value: '1000' + image: archivebox/archivebox:latest + imagePullPolicy: Always + name: archivebox + ports: + - containerPort: 8000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /data + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: data + persistentVolumeClaim: + claimName: archivebox-data + status: + observedGeneration: 2 + replicas: 0 kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/audiobookshelf/all.yaml b/manifests/audiobookshelf/all.yaml index a130500..732e9f4 100644 --- a/manifests/audiobookshelf/all.yaml +++ b/manifests/audiobookshelf/all.yaml @@ -1,349 +1,73 @@ apiVersion: v1 items: -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-09-10T11:36:22Z" - generateName: audiobookshelf-8dffc7697- - labels: - app: audiobookshelf - pod-template-hash: 8dffc7697 - name: audiobookshelf-8dffc7697-52dqg - namespace: audiobookshelf - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: audiobookshelf-8dffc7697 - uid: e3a73abf-aa71-4b39-8d0f-ac2d45b60903 - resourceVersion: "20356588" - uid: 8b3c2b39-f1ec-4085-a2a9-1c1c518a5278 - spec: - containers: - - env: - - name: TZ - value: Europe/Budapest - image: ghcr.io/advplyr/audiobookshelf:latest - imagePullPolicy: Always - name: app - ports: - - containerPort: 80 - name: http - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /config - name: config - - mountPath: /metadata - name: metadata - - mountPath: /audiobooks - name: audiobooks - - mountPath: /podcasts - name: podcasts - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-xh72l - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: config - persistentVolumeClaim: - claimName: abs-config - - name: metadata - persistentVolumeClaim: - claimName: abs-metadata - - name: audiobooks - persistentVolumeClaim: - claimName: abs-audiobooks - - name: podcasts - persistentVolumeClaim: - claimName: abs-podcasts - - name: kube-api-access-xh72l - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-09-10T11:36:36Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-09-10T11:36:29Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-09-10T11:36:36Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-09-10T11:36:36Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-09-10T11:36:29Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://452f0be29c5d5af3007ba5052c97b62d6d033639239b366ab28f72c73708fb55 - image: ghcr.io/advplyr/audiobookshelf:latest - imageID: ghcr.io/advplyr/audiobookshelf@sha256:dd4a3079d26bfe9f0ea63de3e3eff483dfa25fef05ef850a5a9d121dca3794b2 - lastState: {} - name: app - ready: true - restartCount: 0 - started: true - state: - running: - startedAt: "2025-09-10T11:36:36Z" - volumeMounts: - - mountPath: /config - name: config - - mountPath: /metadata - name: metadata - - mountPath: /audiobooks - name: audiobooks - - mountPath: /podcasts - name: podcasts - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-xh72l - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.100 - podIPs: - - ip: 10.244.0.100 - qosClass: BestEffort - startTime: "2025-09-10T11:36:29Z" -- apiVersion: v1 - kind: Service - metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"audiobookshelf","namespace":"audiobookshelf"},"spec":{"ports":[{"name":"http","nodePort":31378,"port":80,"targetPort":"http"}],"selector":{"app":"audiobookshelf"},"type":"NodePort"}} - creationTimestamp: "2025-09-10T11:36:22Z" - name: audiobookshelf - namespace: audiobookshelf - resourceVersion: "14471402" - uid: 400237d9-0f3a-4c2b-9fee-a66f173fe8a4 - spec: - clusterIP: 10.108.247.202 - clusterIPs: - - 10.108.247.202 - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: http - nodePort: 31378 - port: 80 - protocol: TCP - targetPort: http - selector: - app: audiobookshelf - sessionAffinity: None - type: NodePort - status: - loadBalancer: {} -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "1" - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"audiobookshelf","namespace":"audiobookshelf"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"audiobookshelf"}},"template":{"metadata":{"labels":{"app":"audiobookshelf"}},"spec":{"containers":[{"env":[{"name":"TZ","value":"Europe/Budapest"}],"image":"ghcr.io/advplyr/audiobookshelf:latest","name":"app","ports":[{"containerPort":80,"name":"http"}],"volumeMounts":[{"mountPath":"/config","name":"config"},{"mountPath":"/metadata","name":"metadata"},{"mountPath":"/audiobooks","name":"audiobooks"},{"mountPath":"/podcasts","name":"podcasts"}]}],"securityContext":{"fsGroup":1000},"volumes":[{"name":"config","persistentVolumeClaim":{"claimName":"abs-config"}},{"name":"metadata","persistentVolumeClaim":{"claimName":"abs-metadata"}},{"name":"audiobooks","persistentVolumeClaim":{"claimName":"abs-audiobooks"}},{"name":"podcasts","persistentVolumeClaim":{"claimName":"abs-podcasts"}}]}}}} - creationTimestamp: "2025-09-10T11:36:22Z" - generation: 1 - name: audiobookshelf - namespace: audiobookshelf - resourceVersion: "14471527" - uid: 03ee593f-d009-4ebd-97b7-d73cb764aedc - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app: audiobookshelf - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - creationTimestamp: null - labels: - app: audiobookshelf - spec: - containers: - - env: - - name: TZ - value: Europe/Budapest - image: ghcr.io/advplyr/audiobookshelf:latest - imagePullPolicy: Always - name: app - ports: - - containerPort: 80 - name: http - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /config - name: config - - mountPath: /metadata - name: metadata - - mountPath: /audiobooks - name: audiobooks - - mountPath: /podcasts - name: podcasts - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - terminationGracePeriodSeconds: 30 - volumes: - - name: config - persistentVolumeClaim: - claimName: abs-config - - name: metadata - persistentVolumeClaim: - claimName: abs-metadata - - name: audiobooks - persistentVolumeClaim: - claimName: abs-audiobooks - - name: podcasts - persistentVolumeClaim: - claimName: abs-podcasts - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-09-10T11:36:36Z" - lastUpdateTime: "2025-09-10T11:36:36Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - - lastTransitionTime: "2025-09-10T11:36:22Z" - lastUpdateTime: "2025-09-10T11:36:36Z" - message: ReplicaSet "audiobookshelf-8dffc7697" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "1" - creationTimestamp: "2025-09-10T11:36:22Z" - generation: 1 - labels: - app: audiobookshelf - pod-template-hash: 8dffc7697 - name: audiobookshelf-8dffc7697 - namespace: audiobookshelf - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: audiobookshelf - uid: 03ee593f-d009-4ebd-97b7-d73cb764aedc - resourceVersion: "14471526" - uid: e3a73abf-aa71-4b39-8d0f-ac2d45b60903 - spec: - replicas: 1 - selector: - matchLabels: + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-09-10T11:36:22Z' + generateName: audiobookshelf-8dffc7697- + labels: app: audiobookshelf pod-template-hash: 8dffc7697 - template: - metadata: - creationTimestamp: null - labels: - app: audiobookshelf - pod-template-hash: 8dffc7697 - spec: - containers: + name: audiobookshelf-8dffc7697-52dqg + namespace: audiobookshelf + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: audiobookshelf-8dffc7697 + uid: e3a73abf-aa71-4b39-8d0f-ac2d45b60903 + resourceVersion: '20356588' + uid: 8b3c2b39-f1ec-4085-a2a9-1c1c518a5278 + spec: + containers: - env: - - name: TZ - value: Europe/Budapest + - name: TZ + value: Europe/Budapest image: ghcr.io/advplyr/audiobookshelf:latest imagePullPolicy: Always name: app ports: - - containerPort: 80 - name: http - protocol: TCP + - containerPort: 80 + name: http + protocol: TCP resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /config - name: config - - mountPath: /metadata - name: metadata - - mountPath: /audiobooks - name: audiobooks - - mountPath: /podcasts - name: podcasts - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - terminationGracePeriodSeconds: 30 - volumes: + - mountPath: /config + name: config + - mountPath: /metadata + name: metadata + - mountPath: /audiobooks + name: audiobooks + - mountPath: /podcasts + name: podcasts + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-xh72l + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: - name: config persistentVolumeClaim: claimName: abs-config @@ -356,12 +80,289 @@ items: - name: podcasts persistentVolumeClaim: claimName: abs-podcasts - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 + - name: kube-api-access-xh72l + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-09-10T11:36:36Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-09-10T11:36:29Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-09-10T11:36:36Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-09-10T11:36:36Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-09-10T11:36:29Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://452f0be29c5d5af3007ba5052c97b62d6d033639239b366ab28f72c73708fb55 + image: ghcr.io/advplyr/audiobookshelf:latest + imageID: ghcr.io/advplyr/audiobookshelf@sha256:dd4a3079d26bfe9f0ea63de3e3eff483dfa25fef05ef850a5a9d121dca3794b2 + lastState: {} + name: app + ready: true + restartCount: 0 + started: true + state: + running: + startedAt: '2025-09-10T11:36:36Z' + volumeMounts: + - mountPath: /config + name: config + - mountPath: /metadata + name: metadata + - mountPath: /audiobooks + name: audiobooks + - mountPath: /podcasts + name: podcasts + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-xh72l + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.100 + podIPs: + - ip: 10.244.0.100 + qosClass: BestEffort + startTime: '2025-09-10T11:36:29Z' + - apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"audiobookshelf","namespace":"audiobookshelf"},"spec":{"ports":[{"name":"http","nodePort":31378,"port":80,"targetPort":"http"}],"selector":{"app":"audiobookshelf"},"type":"NodePort"}} + + ' + creationTimestamp: '2025-09-10T11:36:22Z' + name: audiobookshelf + namespace: audiobookshelf + resourceVersion: '14471402' + uid: 400237d9-0f3a-4c2b-9fee-a66f173fe8a4 + spec: + clusterIP: 10.108.247.202 + clusterIPs: + - 10.108.247.202 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + nodePort: 31378 + port: 80 + protocol: TCP + targetPort: http + selector: + app: audiobookshelf + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '1' + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"audiobookshelf","namespace":"audiobookshelf"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"audiobookshelf"}},"template":{"metadata":{"labels":{"app":"audiobookshelf"}},"spec":{"containers":[{"env":[{"name":"TZ","value":"Europe/Budapest"}],"image":"ghcr.io/advplyr/audiobookshelf:latest","name":"app","ports":[{"containerPort":80,"name":"http"}],"volumeMounts":[{"mountPath":"/config","name":"config"},{"mountPath":"/metadata","name":"metadata"},{"mountPath":"/audiobooks","name":"audiobooks"},{"mountPath":"/podcasts","name":"podcasts"}]}],"securityContext":{"fsGroup":1000},"volumes":[{"name":"config","persistentVolumeClaim":{"claimName":"abs-config"}},{"name":"metadata","persistentVolumeClaim":{"claimName":"abs-metadata"}},{"name":"audiobooks","persistentVolumeClaim":{"claimName":"abs-audiobooks"}},{"name":"podcasts","persistentVolumeClaim":{"claimName":"abs-podcasts"}}]}}}} + + ' + creationTimestamp: '2025-09-10T11:36:22Z' + generation: 1 + name: audiobookshelf + namespace: audiobookshelf + resourceVersion: '14471527' + uid: 03ee593f-d009-4ebd-97b7-d73cb764aedc + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: audiobookshelf + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: audiobookshelf + spec: + containers: + - env: + - name: TZ + value: Europe/Budapest + image: ghcr.io/advplyr/audiobookshelf:latest + imagePullPolicy: Always + name: app + ports: + - containerPort: 80 + name: http + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: config + - mountPath: /metadata + name: metadata + - mountPath: /audiobooks + name: audiobooks + - mountPath: /podcasts + name: podcasts + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + terminationGracePeriodSeconds: 30 + volumes: + - name: config + persistentVolumeClaim: + claimName: abs-config + - name: metadata + persistentVolumeClaim: + claimName: abs-metadata + - name: audiobooks + persistentVolumeClaim: + claimName: abs-audiobooks + - name: podcasts + persistentVolumeClaim: + claimName: abs-podcasts + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-09-10T11:36:36Z' + lastUpdateTime: '2025-09-10T11:36:36Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + - lastTransitionTime: '2025-09-10T11:36:22Z' + lastUpdateTime: '2025-09-10T11:36:36Z' + message: ReplicaSet "audiobookshelf-8dffc7697" has successfully progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '1' + creationTimestamp: '2025-09-10T11:36:22Z' + generation: 1 + labels: + app: audiobookshelf + pod-template-hash: 8dffc7697 + name: audiobookshelf-8dffc7697 + namespace: audiobookshelf + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: audiobookshelf + uid: 03ee593f-d009-4ebd-97b7-d73cb764aedc + resourceVersion: '14471526' + uid: e3a73abf-aa71-4b39-8d0f-ac2d45b60903 + spec: + replicas: 1 + selector: + matchLabels: + app: audiobookshelf + pod-template-hash: 8dffc7697 + template: + metadata: + creationTimestamp: null + labels: + app: audiobookshelf + pod-template-hash: 8dffc7697 + spec: + containers: + - env: + - name: TZ + value: Europe/Budapest + image: ghcr.io/advplyr/audiobookshelf:latest + imagePullPolicy: Always + name: app + ports: + - containerPort: 80 + name: http + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: config + - mountPath: /metadata + name: metadata + - mountPath: /audiobooks + name: audiobooks + - mountPath: /podcasts + name: podcasts + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + terminationGracePeriodSeconds: 30 + volumes: + - name: config + persistentVolumeClaim: + claimName: abs-config + - name: metadata + persistentVolumeClaim: + claimName: abs-metadata + - name: audiobooks + persistentVolumeClaim: + claimName: abs-audiobooks + - name: podcasts + persistentVolumeClaim: + claimName: abs-podcasts + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/calibre/all.yaml b/manifests/calibre/all.yaml index d4797ae..20bf6c4 100644 --- a/manifests/calibre/all.yaml +++ b/manifests/calibre/all.yaml @@ -1,4509 +1,220 @@ apiVersion: v1 items: -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-06-17T13:21:57Z" - generateName: calibre-web-6b6dfc59c4- - labels: - app: calibre-web - pod-template-hash: 6b6dfc59c4 - name: calibre-web-6b6dfc59c4-h4tkw - namespace: calibre - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: calibre-web-6b6dfc59c4 - uid: b5ed681e-c167-4e4e-b932-38f2fd9d964c - resourceVersion: "20356528" - uid: a2f9dd49-868f-49b6-adbc-b644af7735a4 - spec: - containers: - - env: - - name: PUID - value: "1000" - - name: PGID - value: "1000" - - name: TZ - value: Europe/Budapest - image: lscr.io/linuxserver/calibre-web:latest - imagePullPolicy: Always - name: calibre-web - ports: - - containerPort: 8083 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /books - name: books - - mountPath: /config - name: config - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-sqr4d - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - hostPath: - path: /srv/media/books - type: Directory - name: books - - emptyDir: {} - name: config - - name: kube-api-access-sqr4d - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:24Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-06-17T13:21:57Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:24Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:24Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-06-17T13:21:57Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://f51c0ddea03fc78fbbf6f793bf335a9a47200cf93949ffe881b4aa2133eac3af - image: lscr.io/linuxserver/calibre-web:latest - imageID: lscr.io/linuxserver/calibre-web@sha256:d5dbb466c743871d490bd29e1ff4ec9b8f1520fdd8154e897f297a3af3805503 - lastState: - terminated: - containerID: containerd://1edde2759fe9c15bb34394b1e0b03718f0c0f25a319237900a64bd16d2128c10 - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:45Z" - name: calibre-web - ready: true - restartCount: 7 - started: true - state: - running: - startedAt: "2025-08-24T01:02:24Z" - volumeMounts: - - mountPath: /books - name: books - - mountPath: /config - name: config - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-sqr4d - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.41 - podIPs: - - ip: 10.244.0.41 - qosClass: BestEffort - startTime: "2025-06-17T13:21:57Z" -- apiVersion: v1 - kind: Pod - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-06-18T14:54:33+02:00" - creationTimestamp: "2025-06-18T12:55:00Z" - generateName: paperless-ngx-7f7bb6c858- - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 7f7bb6c858 - name: paperless-ngx-7f7bb6c858-9c2qm - namespace: calibre - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: paperless-ngx-7f7bb6c858 - uid: b2fae29f-60fb-46e2-b013-1c118b36b328 - resourceVersion: "20356635" - uid: e6123e16-bef8-4ac3-aa1a-d190fb0b65e3 - spec: - containers: - - command: - - gunicorn - - -c - - /usr/src/paperless/gunicorn.conf.py - - paperless.asgi:application - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-webserver - ports: - - containerPort: 8000 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9f8bk - readOnly: true - - command: - - python3 - - manage.py - - document_consumer - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /mnt/library/consume/incoming - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-consumer - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - mountPath: /mnt/library/consume - name: books - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9f8bk - readOnly: true - - command: - - celery - - --app - - paperless - - worker - - --loglevel - - INFO - - -f - - /dev/stdout - - --without-mingle - - --without-gossip - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9f8bk - readOnly: true - - command: - - celery - - --app - - paperless - - beat - - --loglevel - - INFO - - -f - - /dev/stdout - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery-beat - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9f8bk - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - initContainers: - - command: - - sh - - -c - - mkdir -p /mnt/library/consume - env: - - name: PAPERLESS_URL - value: https://search.experlab.xyz - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - image: busybox - imagePullPolicy: Always - name: init-consume-dir - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /mnt/library - name: library - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9f8bk - readOnly: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - runAsGroup: 1000 - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - emptyDir: {} - name: consume - - name: log - persistentVolumeClaim: - claimName: paperless-ngx-log - - emptyDir: {} - name: library - - name: data - persistentVolumeClaim: - claimName: paperless-ngx-data - - emptyDir: {} - name: celerydata - - emptyDir: {} - name: temp - - configMap: - defaultMode: 420 - items: - - key: pureftpd.conf - path: pureftpd.conf - name: paperless-ngx-config - name: ftpd-config - - hostPath: - path: /home/server/books - type: Directory - name: books - - name: kube-api-access-9f8bk - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:03Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-06-18T12:55:02Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:38Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:38Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-06-18T12:55:00Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://ff69e05a4e231f05f2aecb3c0e26dad26cbe268eddfd7b02fbf067102ccfbb63 - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imageID: ghcr.io/paperless-ngx/paperless-ngx@sha256:275b8ef0b0d9026cff6f04fbf79b28077fb08fe7f33c52bd73531cfc692b361a - lastState: - terminated: - containerID: containerd://4bf24af896bb394c69e304f062d347285a2ff5de03fa46a9ce55bc119aba88f4 - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:32Z" - name: paperless-ngx-celery - ready: true - restartCount: 10 - started: true - state: - running: - startedAt: "2025-08-24T01:02:04Z" - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9f8bk - readOnly: true - recursiveReadOnly: Disabled - - containerID: containerd://60d758399ca2e7045fec526ec48837792900c512560d66c32910ee8235133b89 - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imageID: ghcr.io/paperless-ngx/paperless-ngx@sha256:275b8ef0b0d9026cff6f04fbf79b28077fb08fe7f33c52bd73531cfc692b361a - lastState: - terminated: - containerID: containerd://0758b74c41e2b5427445e4e1a6c525b2933b4068d846efc13af66522abd16849 - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:32Z" - name: paperless-ngx-celery-beat - ready: true - restartCount: 11 - started: true - state: - running: - startedAt: "2025-08-24T01:02:04Z" - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9f8bk - readOnly: true - recursiveReadOnly: Disabled - - containerID: containerd://7b476c9d289eeffd299e6ac48ec5b1fdf1cd9cb48b122d15cec91037ff450e87 - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imageID: ghcr.io/paperless-ngx/paperless-ngx@sha256:275b8ef0b0d9026cff6f04fbf79b28077fb08fe7f33c52bd73531cfc692b361a - lastState: - terminated: - containerID: containerd://23f642c6369c3eba923591b6080a3cb058ace018d4bad571f9d61edfb286ee82 - exitCode: 1 - finishedAt: "2025-08-24T01:02:17Z" - reason: Error - startedAt: "2025-08-24T01:02:04Z" - name: paperless-ngx-consumer - ready: true - restartCount: 14 - started: true - state: - running: - startedAt: "2025-08-24T01:02:37Z" - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - mountPath: /mnt/library/consume - name: books - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9f8bk - readOnly: true - recursiveReadOnly: Disabled - - containerID: containerd://7fc020382df8b34e3138dd4d6003974f3bf9693eba9469af22ecda9cdc88f682 - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imageID: ghcr.io/paperless-ngx/paperless-ngx@sha256:275b8ef0b0d9026cff6f04fbf79b28077fb08fe7f33c52bd73531cfc692b361a - lastState: - terminated: - containerID: containerd://6022a31e28b743c7dd23ac798bade801b3474eed9f934218a4af35ab9839d54f - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:31Z" - name: paperless-ngx-webserver - ready: true - restartCount: 33 - started: true - state: - running: - startedAt: "2025-08-24T01:02:03Z" - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9f8bk - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - initContainerStatuses: - - containerID: containerd://1bac12759b6ae87c7334d94d4f964e7cccae93c34ca76c84c99ea35c9834fbc2 - image: docker.io/library/busybox:latest - imageID: docker.io/library/busybox@sha256:ab33eacc8251e3807b85bb6dba570e4698c3998eca6f0fc2ccb60575a563ea74 - lastState: {} - name: init-consume-dir - ready: true - restartCount: 0 - started: false - state: - terminated: - containerID: containerd://1bac12759b6ae87c7334d94d4f964e7cccae93c34ca76c84c99ea35c9834fbc2 - exitCode: 0 - finishedAt: "2025-08-24T01:02:02Z" - reason: Completed - startedAt: "2025-08-24T01:02:02Z" - volumeMounts: - - mountPath: /mnt/library - name: library - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9f8bk - readOnly: true - recursiveReadOnly: Disabled - phase: Running - podIP: 10.244.0.30 - podIPs: - - ip: 10.244.0.30 - qosClass: BestEffort - startTime: "2025-06-18T12:55:00Z" -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-06-04T22:00:28Z" - generateName: paperless-ngx-postgresql- - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 17.0.0 - apps.kubernetes.io/pod-index: "0" - controller-revision-hash: paperless-ngx-postgresql-5f5df87cb9 - helm.sh/chart: postgresql-16.1.0 - statefulset.kubernetes.io/pod-name: paperless-ngx-postgresql-0 - name: paperless-ngx-postgresql-0 - namespace: calibre - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: StatefulSet - name: paperless-ngx-postgresql - uid: c0cda9fd-6512-472c-9175-d068c9f75227 - resourceVersion: "20356495" - uid: 6054f99a-25b9-4cc1-a25d-5952feacd02f - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: postgresql - topologyKey: kubernetes.io/hostname - weight: 1 - automountServiceAccountToken: false - containers: - - env: - - name: BITNAMI_DEBUG - value: "false" - - name: POSTGRESQL_PORT_NUMBER - value: "5432" - - name: POSTGRESQL_VOLUME_DIR - value: /bitnami/postgresql - - name: PGDATA - value: /bitnami/postgresql/data - - name: POSTGRES_USER - value: paperless - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: POSTGRES_POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: postgres-password - name: paperless-ngx-postgresql - - name: POSTGRES_DATABASE - value: paperless - - name: POSTGRESQL_ENABLE_LDAP - value: "no" - - name: POSTGRESQL_ENABLE_TLS - value: "no" - - name: POSTGRESQL_LOG_HOSTNAME - value: "false" - - name: POSTGRESQL_LOG_CONNECTIONS - value: "false" - - name: POSTGRESQL_LOG_DISCONNECTIONS - value: "false" - - name: POSTGRESQL_PGAUDIT_LOG_CATALOG - value: "off" - - name: POSTGRESQL_CLIENT_MIN_MESSAGES - value: error - - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES - value: pgaudit - image: docker.io/bitnami/postgresql:17.0.0-debian-12-r9 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - /bin/sh - - -c - - exec pg_isready -U "paperless" -d "dbname=paperless" -h 127.0.0.1 -p 5432 - failureThreshold: 6 - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: postgresql - ports: - - containerPort: 5432 - name: tcp-postgresql - protocol: TCP - readinessProbe: - exec: - command: - - /bin/sh - - -c - - -e - - | - exec pg_isready -U "paperless" -d "dbname=paperless" -h 127.0.0.1 -p 5432 - [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] - failureThreshold: 6 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: - limits: - cpu: 150m - ephemeral-storage: 2Gi - memory: 192Mi - requests: - cpu: 100m - ephemeral-storage: 50Mi - memory: 128Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - readOnlyRootFilesystem: true - runAsGroup: 1001 - runAsNonRoot: true - runAsUser: 1001 - seLinuxOptions: {} - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /tmp - name: empty-dir - subPath: tmp-dir - - mountPath: /opt/bitnami/postgresql/conf - name: empty-dir - subPath: app-conf-dir - - mountPath: /opt/bitnami/postgresql/tmp - name: empty-dir - subPath: app-tmp-dir - - mountPath: /dev/shm - name: dshm - - mountPath: /bitnami/postgresql - name: data - dnsPolicy: ClusterFirst - enableServiceLinks: true - hostname: paperless-ngx-postgresql-0 - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1001 - fsGroupChangePolicy: Always - serviceAccount: paperless-ngx-postgresql - serviceAccountName: paperless-ngx-postgresql - subdomain: paperless-ngx-postgresql-hl - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: data - persistentVolumeClaim: - claimName: data-paperless-ngx-postgresql-0 - - emptyDir: {} - name: empty-dir - - emptyDir: - medium: Memory - name: dshm - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:00Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-06-04T22:00:28Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:10Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:10Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-06-04T22:00:28Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://fd595ed9adecc2b01fb2b4229c7507a0949dccfb4f37c489260ec987997b33ec - image: docker.io/bitnami/postgresql:17.0.0-debian-12-r9 - imageID: docker.io/bitnami/postgresql@sha256:d885ac2771636b2bdf0ee8595f8e1d2f9b5290505cabebb25c55c63f51e67841 - lastState: - terminated: - containerID: containerd://275486108e945dedbfa2b48bdede508b5c883b2d304ba75f68fa66cc84797380 - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:35Z" - name: postgresql - ready: true - restartCount: 7 - started: true - state: - running: - startedAt: "2025-08-24T01:01:59Z" - volumeMounts: - - mountPath: /tmp - name: empty-dir - - mountPath: /opt/bitnami/postgresql/conf - name: empty-dir - - mountPath: /opt/bitnami/postgresql/tmp - name: empty-dir - - mountPath: /dev/shm - name: dshm - - mountPath: /bitnami/postgresql - name: data - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.31 - podIPs: - - ip: 10.244.0.31 - qosClass: Burstable - startTime: "2025-06-04T22:00:28Z" -- apiVersion: v1 - kind: Pod - metadata: - annotations: - checksum/configmap: 86bcc953bb473748a3d3dc60b7c11f34e60c93519234d4c37f42e22ada559d47 - checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9 - checksum/scripts: 560c33ff34d845009b51830c332aa05fa211444d1877d3526d3599be7543aaa5 - checksum/secret: 1e28e5ae561812b3504142ef19d3676b5a8439e7ca16e5a6481316fd591f1fff - creationTimestamp: "2025-06-04T22:00:28Z" - generateName: paperless-ngx-redis-master- - labels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - app.kubernetes.io/version: 7.4.1 - apps.kubernetes.io/pod-index: "0" - controller-revision-hash: paperless-ngx-redis-master-7b59b75674 - helm.sh/chart: redis-20.2.1 - statefulset.kubernetes.io/pod-name: paperless-ngx-redis-master-0 - name: paperless-ngx-redis-master-0 - namespace: calibre - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: StatefulSet - name: paperless-ngx-redis-master - uid: 20083127-788c-4add-8cf4-bf0c0b561d9f - resourceVersion: "20356598" - uid: 3de39093-839a-4b14-8b07-6d0d505881fe - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: redis - topologyKey: kubernetes.io/hostname - weight: 1 - automountServiceAccountToken: false - containers: - - args: - - -c - - /opt/bitnami/scripts/start-scripts/start-master.sh - command: - - /bin/bash - env: - - name: BITNAMI_DEBUG - value: "false" - - name: REDIS_REPLICATION_MODE - value: master - - name: ALLOW_EMPTY_PASSWORD - value: "no" - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - key: redis-password - name: paperless-ngx-redis - - name: REDIS_TLS_ENABLED - value: "no" - - name: REDIS_PORT - value: "6379" - image: docker.io/bitnami/redis:7.4.1-debian-12-r0 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - sh - - -c - - /health/ping_liveness_local.sh 5 - failureThreshold: 5 - initialDelaySeconds: 20 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 6 - name: redis - ports: - - containerPort: 6379 - name: redis - protocol: TCP - readinessProbe: - exec: - command: - - sh - - -c - - /health/ping_readiness_local.sh 1 - failureThreshold: 5 - initialDelaySeconds: 20 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 2 - resources: - limits: - cpu: 150m - ephemeral-storage: 2Gi - memory: 192Mi - requests: - cpu: 100m - ephemeral-storage: 50Mi - memory: 128Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsGroup: 1001 - runAsNonRoot: true - runAsUser: 1001 - seLinuxOptions: {} - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /opt/bitnami/scripts/start-scripts - name: start-scripts - - mountPath: /health - name: health - - mountPath: /data - name: redis-data - - mountPath: /opt/bitnami/redis/mounted-etc - name: config - - mountPath: /opt/bitnami/redis/etc/ - name: empty-dir - subPath: app-conf-dir - - mountPath: /tmp - name: empty-dir - subPath: tmp-dir - dnsPolicy: ClusterFirst - enableServiceLinks: true - hostname: paperless-ngx-redis-master-0 - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1001 - fsGroupChangePolicy: Always - serviceAccount: paperless-ngx-redis-master - serviceAccountName: paperless-ngx-redis-master - subdomain: paperless-ngx-redis-headless - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: redis-data - persistentVolumeClaim: - claimName: redis-data-paperless-ngx-redis-master-0 - - configMap: - defaultMode: 493 - name: paperless-ngx-redis-scripts - name: start-scripts - - configMap: - defaultMode: 493 - name: paperless-ngx-redis-health - name: health - - configMap: - defaultMode: 420 - name: paperless-ngx-redis-configuration - name: config - - emptyDir: {} - name: empty-dir - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:10Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-06-04T22:00:28Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:32Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:32Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-06-04T22:00:28Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://87fe6b7f1b27643d8d65b79fbf1d143e629c53aedaf470a891721a62ab1a0902 - image: docker.io/bitnami/redis:7.4.1-debian-12-r0 - imageID: docker.io/bitnami/redis@sha256:df8d9405ab4ec7fc2e6aa6c0f0bed55ccf863dc15128b53b98ab90b9663f7ff0 - lastState: - terminated: - containerID: containerd://d0b755060f452610a9f7ce2bef7fc2160b155138c917bd7ad84d7415c2e7b3c6 - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:42Z" - name: redis - ready: true - restartCount: 7 - started: true - state: - running: - startedAt: "2025-08-24T01:02:10Z" - volumeMounts: - - mountPath: /opt/bitnami/scripts/start-scripts - name: start-scripts - - mountPath: /health - name: health - - mountPath: /data - name: redis-data - - mountPath: /opt/bitnami/redis/mounted-etc - name: config - - mountPath: /opt/bitnami/redis/etc/ - name: empty-dir - - mountPath: /tmp - name: empty-dir - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.51 - podIPs: - - ip: 10.244.0.51 - qosClass: Burstable - startTime: "2025-06-04T22:00:28Z" -- apiVersion: v1 - kind: Service - metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"calibre-web","namespace":"calibre"},"spec":{"ports":[{"nodePort":31083,"port":8083,"protocol":"TCP","targetPort":8083}],"selector":{"app":"calibre-web"},"type":"NodePort"}} - creationTimestamp: "2025-05-28T21:16:28Z" - name: calibre-web - namespace: calibre - resourceVersion: "3793614" - uid: c0f62125-34e4-41f7-9e99-a8932a72ba6d - spec: - clusterIP: 10.100.190.211 - clusterIPs: - - 10.100.190.211 - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - nodePort: 31083 - port: 8083 - protocol: TCP - targetPort: 8083 - selector: - app: calibre-web - sessionAffinity: None - type: NodePort - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-06-04T22:00:28Z" - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: paperless-ngx - app.kubernetes.io/version: 2.13.4 - helm.sh/chart: paperless-ngx-0.2.23 - name: paperless-ngx - namespace: calibre - resourceVersion: "4703842" - uid: 8ef42926-63b1-443b-892e-34c435e01af2 - spec: - clusterIP: 10.103.117.13 - clusterIPs: - - 10.103.117.13 - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: http - nodePort: 30505 - port: 8000 - protocol: TCP - targetPort: http - selector: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - sessionAffinity: None - type: NodePort - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-06-04T22:00:28Z" - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 17.0.0 - helm.sh/chart: postgresql-16.1.0 - name: paperless-ngx-postgresql - namespace: calibre - resourceVersion: "4703843" - uid: a787f724-d7b1-4b07-819a-293558a75a10 - spec: - clusterIP: 10.98.55.52 - clusterIPs: - - 10.98.55.52 - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: tcp-postgresql - port: 5432 - protocol: TCP - targetPort: tcp-postgresql - selector: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: postgresql - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-06-04T22:00:28Z" - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 17.0.0 - helm.sh/chart: postgresql-16.1.0 - name: paperless-ngx-postgresql-hl - namespace: calibre - resourceVersion: "4703834" - uid: 0f23d612-07b8-41d7-8955-e4d1c5ad1ce4 - spec: - clusterIP: None - clusterIPs: - - None - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: tcp-postgresql - port: 5432 - protocol: TCP - targetPort: tcp-postgresql - publishNotReadyAddresses: true - selector: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: postgresql - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-06-04T22:00:28Z" - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - app.kubernetes.io/version: 7.4.1 - helm.sh/chart: redis-20.2.1 - name: paperless-ngx-redis-headless - namespace: calibre - resourceVersion: "4703832" - uid: 1c6c5013-228a-439b-9f6c-36b6903803ea - spec: - clusterIP: None - clusterIPs: - - None - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: tcp-redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: redis - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-06-04T22:00:28Z" - labels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - app.kubernetes.io/version: 7.4.1 - helm.sh/chart: redis-20.2.1 - name: paperless-ngx-redis-master - namespace: calibre - resourceVersion: "4703849" - uid: d668cfe9-3cfe-49c1-aefe-b550e2bbf4cc - spec: - clusterIP: 10.96.179.197 - clusterIPs: - - 10.96.179.197 - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: tcp-redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app.kubernetes.io/component: master - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: redis - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-05-31T17:40:23Z" - labels: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - app.kubernetes.io/version: 7.4.2 - helm.sh/chart: redis-20.7.0 - name: paperless-ngx-redis-replicas - namespace: calibre - resourceVersion: "4157276" - uid: b79067eb-619d-4b2b-8d46-dfca0e5513c2 - spec: - clusterIP: 10.105.127.173 - clusterIPs: - - 10.105.127.173 - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: tcp-redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: redis - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "1" - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app":"calibre-web"},"name":"calibre-web","namespace":"calibre"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"calibre-web"}},"template":{"metadata":{"labels":{"app":"calibre-web"}},"spec":{"containers":[{"env":[{"name":"PUID","value":"1000"},{"name":"PGID","value":"1000"},{"name":"TZ","value":"Europe/Budapest"}],"image":"lscr.io/linuxserver/calibre-web:latest","name":"calibre-web","ports":[{"containerPort":8083}],"volumeMounts":[{"mountPath":"/books","name":"books"},{"mountPath":"/config","name":"config"}]}],"volumes":[{"hostPath":{"path":"/srv/media/books","type":"Directory"},"name":"books"},{"emptyDir":{},"name":"config"}]}}}} - creationTimestamp: "2025-05-28T21:34:10Z" - generation: 1 - labels: - app: calibre-web - name: calibre-web - namespace: calibre - resourceVersion: "12273790" - uid: 49a7c5c1-a366-4360-9b8c-dcf5c69168f8 - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app: calibre-web - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - creationTimestamp: null - labels: - app: calibre-web - spec: - containers: - - env: - - name: PUID - value: "1000" - - name: PGID - value: "1000" - - name: TZ - value: Europe/Budapest - image: lscr.io/linuxserver/calibre-web:latest - imagePullPolicy: Always - name: calibre-web - ports: - - containerPort: 8083 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /books - name: books - - mountPath: /config - name: config - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: - - hostPath: - path: /srv/media/books - type: Directory - name: books - - emptyDir: {} - name: config - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-05-28T21:34:10Z" - lastUpdateTime: "2025-05-28T21:34:12Z" - message: ReplicaSet "calibre-web-6b6dfc59c4" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - - lastTransitionTime: "2025-08-24T01:02:24Z" - lastUpdateTime: "2025-08-24T01:02:24Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "9" - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-06-04T22:00:28Z" - generation: 20 - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: paperless-ngx - app.kubernetes.io/version: 2.13.4 - helm.sh/chart: paperless-ngx-0.2.23 - name: paperless-ngx - namespace: calibre - resourceVersion: "12273859" - uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - strategy: - type: Recreate - template: - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-06-18T14:54:33+02:00" - creationTimestamp: null - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - spec: - containers: - - command: - - gunicorn - - -c - - /usr/src/paperless/gunicorn.conf.py - - paperless.asgi:application - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-webserver - ports: - - containerPort: 8000 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - command: - - python3 - - manage.py - - document_consumer - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /mnt/library/consume/incoming - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-consumer - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - mountPath: /mnt/library/consume - name: books - - command: - - celery - - --app - - paperless - - worker - - --loglevel - - INFO - - -f - - /dev/stdout - - --without-mingle - - --without-gossip - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - - command: - - celery - - --app - - paperless - - beat - - --loglevel - - INFO - - -f - - /dev/stdout - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery-beat - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - mkdir -p /mnt/library/consume - env: - - name: PAPERLESS_URL - value: https://search.experlab.xyz - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - image: busybox - imagePullPolicy: Always - name: init-consume-dir - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /mnt/library - name: library - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - runAsGroup: 1000 - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: consume - - name: log - persistentVolumeClaim: - claimName: paperless-ngx-log - - emptyDir: {} - name: library - - name: data - persistentVolumeClaim: - claimName: paperless-ngx-data - - emptyDir: {} - name: celerydata - - emptyDir: {} - name: temp - - configMap: - defaultMode: 420 - items: - - key: pureftpd.conf - path: pureftpd.conf - name: paperless-ngx-config - name: ftpd-config - - hostPath: - path: /home/server/books - type: Directory - name: books - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-06-04T22:00:28Z" - lastUpdateTime: "2025-06-18T12:55:15Z" - message: ReplicaSet "paperless-ngx-7f7bb6c858" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - - lastTransitionTime: "2025-08-24T01:02:38Z" - lastUpdateTime: "2025-08-24T01:02:38Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - observedGeneration: 20 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "1" - creationTimestamp: "2025-05-28T21:34:10Z" - generation: 1 - labels: - app: calibre-web - pod-template-hash: 6b6dfc59c4 - name: calibre-web-6b6dfc59c4 - namespace: calibre - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: calibre-web - uid: 49a7c5c1-a366-4360-9b8c-dcf5c69168f8 - resourceVersion: "12273788" - uid: b5ed681e-c167-4e4e-b932-38f2fd9d964c - spec: - replicas: 1 - selector: - matchLabels: + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-06-17T13:21:57Z' + generateName: calibre-web-6b6dfc59c4- + labels: app: calibre-web pod-template-hash: 6b6dfc59c4 - template: - metadata: - creationTimestamp: null - labels: - app: calibre-web - pod-template-hash: 6b6dfc59c4 - spec: - containers: + name: calibre-web-6b6dfc59c4-h4tkw + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: calibre-web-6b6dfc59c4 + uid: b5ed681e-c167-4e4e-b932-38f2fd9d964c + resourceVersion: '20356528' + uid: a2f9dd49-868f-49b6-adbc-b644af7735a4 + spec: + containers: - env: - - name: PUID - value: "1000" - - name: PGID - value: "1000" - - name: TZ - value: Europe/Budapest + - name: PUID + value: '1000' + - name: PGID + value: '1000' + - name: TZ + value: Europe/Budapest image: lscr.io/linuxserver/calibre-web:latest imagePullPolicy: Always name: calibre-web ports: - - containerPort: 8083 - protocol: TCP + - containerPort: 8083 + protocol: TCP resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /books - name: books - - mountPath: /config - name: config - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: + - mountPath: /books + name: books + - mountPath: /config + name: config + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-sqr4d + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: - hostPath: path: /srv/media/books type: Directory name: books - emptyDir: {} name: config - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "2" - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-06-18T12:04:49Z" - generation: 2 - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 547f4c4777 - name: paperless-ngx-547f4c4777 - namespace: calibre - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: paperless-ngx - uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d - resourceVersion: "6503593" - uid: 0cb3e0c1-0a40-4f80-8cb6-d3198822fe25 - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 547f4c4777 - template: - metadata: - creationTimestamp: null - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 547f4c4777 - spec: - containers: - - command: - - gunicorn - - -c - - /usr/src/paperless/gunicorn.conf.py - - paperless.asgi:application - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://paperless.domain - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-webserver - ports: - - containerPort: 8000 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - command: - - python3 - - manage.py - - document_consumer - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://paperless.domain - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-consumer - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - command: - - celery - - --app - - paperless - - worker - - --loglevel - - INFO - - -f - - /dev/stdout - - --without-mingle - - --without-gossip - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://paperless.domain - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - - command: - - celery - - --app - - paperless - - beat - - --loglevel - - INFO - - -f - - /dev/stdout - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://paperless.domain - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery-beat - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - mkdir -p /mnt/library/consume - image: busybox - imagePullPolicy: Always - name: init-consume-dir - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /mnt/library - name: library - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - runAsGroup: 1000 - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: consume - - name: log - persistentVolumeClaim: - claimName: paperless-ngx-log - - emptyDir: {} - name: library - - name: data - persistentVolumeClaim: - claimName: paperless-ngx-data - - emptyDir: {} - name: celerydata - - emptyDir: {} - name: temp - - configMap: + - name: kube-api-access-sqr4d + projected: defaultMode: 420 - items: - - key: pureftpd.conf - path: pureftpd.conf - name: paperless-ngx-config - name: ftpd-config - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "1" - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-06-04T22:00:28Z" - generation: 4 - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: "5658985667" - name: paperless-ngx-5658985667 - namespace: calibre - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: paperless-ngx - uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d - resourceVersion: "6503023" - uid: 071da3de-78bb-43c8-96e8-2703590ca706 - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: "5658985667" - template: - metadata: - creationTimestamp: null - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: "5658985667" - spec: - containers: - - command: - - gunicorn - - -c - - /usr/src/paperless/gunicorn.conf.py - - paperless.asgi:application - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://paperless.domain - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-webserver - ports: - - containerPort: 8000 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:24Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-06-17T13:21:57Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:24Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:24Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-06-17T13:21:57Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://f51c0ddea03fc78fbbf6f793bf335a9a47200cf93949ffe881b4aa2133eac3af + image: lscr.io/linuxserver/calibre-web:latest + imageID: lscr.io/linuxserver/calibre-web@sha256:d5dbb466c743871d490bd29e1ff4ec9b8f1520fdd8154e897f297a3af3805503 + lastState: + terminated: + containerID: containerd://1edde2759fe9c15bb34394b1e0b03718f0c0f25a319237900a64bd16d2128c10 + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:45Z' + name: calibre-web + ready: true + restartCount: 7 + started: true + state: + running: + startedAt: '2025-08-24T01:02:24Z' volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - command: - - python3 - - manage.py - - document_consumer - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://paperless.domain - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-consumer - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - command: - - celery - - --app - - paperless - - worker - - --loglevel - - INFO - - -f - - /dev/stdout - - --without-mingle - - --without-gossip - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://paperless.domain - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - - command: - - celery - - --app - - paperless - - beat - - --loglevel - - INFO - - -f - - /dev/stdout - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://paperless.domain - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery-beat - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - runAsGroup: 1000 - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: consume - - name: log - persistentVolumeClaim: - claimName: paperless-ngx-log - - emptyDir: {} - name: library - - name: data - persistentVolumeClaim: - claimName: paperless-ngx-data - - emptyDir: {} - name: celerydata - - emptyDir: {} - name: temp - - configMap: - defaultMode: 420 - items: - - key: pureftpd.conf - path: pureftpd.conf - name: paperless-ngx-config - name: ftpd-config - status: - observedGeneration: 4 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "4" - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-06-18T12:16:45Z" - generation: 2 - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 56f96586d4 - name: paperless-ngx-56f96586d4 - namespace: calibre - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: paperless-ngx - uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d - resourceVersion: "6504569" - uid: 48deb1fa-df94-46ab-8c39-832aa5f2f8fa - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 56f96586d4 - template: - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-06-18T14:16:20+02:00" - creationTimestamp: null - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 56f96586d4 - spec: - containers: - - command: - - gunicorn - - -c - - /usr/src/paperless/gunicorn.conf.py - - paperless.asgi:application - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-webserver - ports: - - containerPort: 8000 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - command: - - python3 - - manage.py - - document_consumer - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-consumer - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - mountPath: /mnt/library/consume - name: books - - command: - - celery - - --app - - paperless - - worker - - --loglevel - - INFO - - -f - - /dev/stdout - - --without-mingle - - --without-gossip - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - - command: - - celery - - --app - - paperless - - beat - - --loglevel - - INFO - - -f - - /dev/stdout - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery-beat - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - mkdir -p /mnt/library/consume - env: - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: busybox - imagePullPolicy: Always - name: init-consume-dir - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /mnt/library - name: library - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - runAsGroup: 1000 - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: consume - - name: log - persistentVolumeClaim: - claimName: paperless-ngx-log - - emptyDir: {} - name: library - - name: data - persistentVolumeClaim: - claimName: paperless-ngx-data - - emptyDir: {} - name: celerydata - - emptyDir: {} - name: temp - - configMap: - defaultMode: 420 - items: - - key: pureftpd.conf - path: pureftpd.conf - name: paperless-ngx-config - name: ftpd-config - - hostPath: - path: /home/server/books - type: Directory - name: books - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "6" - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-06-18T12:23:21Z" - generation: 6 - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 58cd75b45 - name: paperless-ngx-58cd75b45 - namespace: calibre - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: paperless-ngx - uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d - resourceVersion: "6507047" - uid: ea3bf2dc-e653-4fde-9f2c-3a6eeb01a25a - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 58cd75b45 - template: - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-06-18T14:22:54+02:00" - creationTimestamp: null - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 58cd75b45 - spec: - containers: - - command: - - gunicorn - - -c - - /usr/src/paperless/gunicorn.conf.py - - paperless.asgi:application - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-webserver - ports: - - containerPort: 8000 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - command: - - python3 - - manage.py - - document_consumer - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-consumer - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - mountPath: /mnt/library/consume - name: books - - command: - - celery - - --app - - paperless - - worker - - --loglevel - - INFO - - -f - - /dev/stdout - - --without-mingle - - --without-gossip - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - - command: - - celery - - --app - - paperless - - beat - - --loglevel - - INFO - - -f - - /dev/stdout - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery-beat - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - mkdir -p /mnt/library/consume - env: - - name: PAPERLESS_URL - value: https://search.experlab.xyz - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - image: busybox - imagePullPolicy: Always - name: init-consume-dir - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /mnt/library - name: library - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - runAsGroup: 1000 - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: consume - - name: log - persistentVolumeClaim: - claimName: paperless-ngx-log - - emptyDir: {} - name: library - - name: data - persistentVolumeClaim: - claimName: paperless-ngx-data - - emptyDir: {} - name: celerydata - - emptyDir: {} - name: temp - - configMap: - defaultMode: 420 - items: - - key: pureftpd.conf - path: pureftpd.conf - name: paperless-ngx-config - name: ftpd-config - - hostPath: - path: /home/server/books - type: Directory - name: books - status: - observedGeneration: 6 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "7" - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-06-18T12:44:36Z" - generation: 2 - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 6b76f4744f - name: paperless-ngx-6b76f4744f - namespace: calibre - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: paperless-ngx - uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d - resourceVersion: "6507297" - uid: 6facac65-3ad8-4a93-805d-cb2fdfe6ec07 - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 6b76f4744f - template: - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-06-18T14:22:54+02:00" - creationTimestamp: null - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 6b76f4744f - spec: - containers: - - command: - - gunicorn - - -c - - /usr/src/paperless/gunicorn.conf.py - - paperless.asgi:application - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-webserver - ports: - - containerPort: 8000 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - command: - - python3 - - manage.py - - document_consumer - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /mnt/library/consume - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-consumer - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - mountPath: /mnt/library/consume - name: books - - command: - - celery - - --app - - paperless - - worker - - --loglevel - - INFO - - -f - - /dev/stdout - - --without-mingle - - --without-gossip - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - - command: - - celery - - --app - - paperless - - beat - - --loglevel - - INFO - - -f - - /dev/stdout - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery-beat - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - mkdir -p /mnt/library/consume - env: - - name: PAPERLESS_URL - value: https://search.experlab.xyz - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - image: busybox - imagePullPolicy: Always - name: init-consume-dir - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /mnt/library - name: library - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - runAsGroup: 1000 - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: consume - - name: log - persistentVolumeClaim: - claimName: paperless-ngx-log - - emptyDir: {} - name: library - - name: data - persistentVolumeClaim: - claimName: paperless-ngx-data - - emptyDir: {} - name: celerydata - - emptyDir: {} - name: temp - - configMap: - defaultMode: 420 - items: - - key: pureftpd.conf - path: pureftpd.conf - name: paperless-ngx-config - name: ftpd-config - - hostPath: - path: /home/server/books - type: Directory - name: books - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "9" - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-06-18T12:55:00Z" - generation: 1 - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 7f7bb6c858 - name: paperless-ngx-7f7bb6c858 - namespace: calibre - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: paperless-ngx - uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d - resourceVersion: "12273858" - uid: b2fae29f-60fb-46e2-b013-1c118b36b328 - spec: - replicas: 1 - selector: - matchLabels: + - mountPath: /books + name: books + - mountPath: /config + name: config + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-sqr4d + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.41 + podIPs: + - ip: 10.244.0.41 + qosClass: BestEffort + startTime: '2025-06-17T13:21:57Z' + - apiVersion: v1 + kind: Pod + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-06-18T14:54:33+02:00' + creationTimestamp: '2025-06-18T12:55:00Z' + generateName: paperless-ngx-7f7bb6c858- + labels: app.kubernetes.io/instance: paperless-ngx app.kubernetes.io/name: paperless-ngx pod-template-hash: 7f7bb6c858 - template: - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-06-18T14:54:33+02:00" - creationTimestamp: null - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 7f7bb6c858 - spec: - containers: + name: paperless-ngx-7f7bb6c858-9c2qm + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: paperless-ngx-7f7bb6c858 + uid: b2fae29f-60fb-46e2-b013-1c118b36b328 + resourceVersion: '20356635' + uid: e6123e16-bef8-4ac3-aa1a-d190fb0b65e3 + spec: + containers: - command: - - gunicorn - - -c - - /usr/src/paperless/gunicorn.conf.py - - paperless.asgi:application + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 imagePullPolicy: IfNotPresent livenessProbe: @@ -4517,9 +228,9 @@ items: timeoutSeconds: 1 name: paperless-ngx-webserver ports: - - containerPort: 8000 - name: http - protocol: TCP + - containerPort: 8000 + name: http + protocol: TCP readinessProbe: failureThreshold: 3 httpGet: @@ -4534,70 +245,73 @@ items: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true - command: - - python3 - - manage.py - - document_consumer + - python3 + - manage.py + - document_consumer env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /mnt/library/consume/incoming - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /mnt/library/consume/incoming + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 imagePullPolicy: IfNotPresent livenessProbe: exec: command: - - cat - - /proc/1/cmdline + - cat + - /proc/1/cmdline failureThreshold: 3 periodSeconds: 10 successThreshold: 1 @@ -4606,8 +320,8 @@ items: readinessProbe: exec: command: - - cat - - /proc/1/cmdline + - cat + - /proc/1/cmdline failureThreshold: 3 periodSeconds: 10 successThreshold: 1 @@ -4617,79 +331,82 @@ items: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - mountPath: /mnt/library/consume - name: books + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true - command: - - celery - - --app - - paperless - - worker - - --loglevel - - INFO - - -f - - /dev/stdout - - --without-mingle - - --without-gossip + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 imagePullPolicy: IfNotPresent livenessProbe: exec: command: - - cat - - /proc/1/cmdline + - cat + - /proc/1/cmdline failureThreshold: 3 periodSeconds: 10 successThreshold: 1 @@ -4698,8 +415,8 @@ items: readinessProbe: exec: command: - - cat - - /proc/1/cmdline + - cat + - /proc/1/cmdline failureThreshold: 3 periodSeconds: 10 successThreshold: 1 @@ -4709,75 +426,78 @@ items: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true - command: - - celery - - --app - - paperless - - beat - - --loglevel - - INFO - - -f - - /dev/stdout + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 imagePullPolicy: IfNotPresent livenessProbe: exec: command: - - cat - - /proc/1/cmdline + - cat + - /proc/1/cmdline failureThreshold: 3 periodSeconds: 10 successThreshold: 1 @@ -4786,8 +506,8 @@ items: readinessProbe: exec: command: - - cat - - /proc/1/cmdline + - cat + - /proc/1/cmdline failureThreshold: 3 periodSeconds: 10 successThreshold: 1 @@ -4797,32 +517,36 @@ items: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - dnsPolicy: ClusterFirst - initContainers: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + initContainers: - command: - - sh - - -c - - mkdir -p /mnt/library/consume + - sh + - -c + - mkdir -p /mnt/library/consume env: - - name: PAPERLESS_URL - value: https://search.experlab.xyz - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume + - name: PAPERLESS_URL + value: https://search.experlab.xyz + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume image: busybox imagePullPolicy: Always name: init-consume-dir @@ -4830,20 +554,37 @@ items: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /mnt/library - name: library - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - runAsGroup: 1000 - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - terminationGracePeriodSeconds: 30 - volumes: + - mountPath: /mnt/library + name: library + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: - emptyDir: {} name: consume - name: log @@ -4861,1424 +602,247 @@ items: - configMap: defaultMode: 420 items: - - key: pureftpd.conf - path: pureftpd.conf + - key: pureftpd.conf + path: pureftpd.conf name: paperless-ngx-config name: ftpd-config - hostPath: path: /home/server/books type: Directory name: books - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "8" - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-06-18T12:46:41Z" - generation: 2 - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 986f9c689 - name: paperless-ngx-986f9c689 - namespace: calibre - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: paperless-ngx - uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d - resourceVersion: "6508111" - uid: b52186c4-c7f2-462a-bd8d-f420d42e1907 - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 986f9c689 - template: - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-06-18T14:22:54+02:00" - creationTimestamp: null - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: 986f9c689 - spec: - containers: - - command: - - gunicorn - - -c - - /usr/src/paperless/gunicorn.conf.py - - paperless.asgi:application - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-webserver - ports: - - containerPort: 8000 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - command: - - python3 - - manage.py - - document_consumer - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /mnt/library/consume/paperless - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-consumer - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - mountPath: /mnt/library/consume - name: books - - command: - - celery - - --app - - paperless - - worker - - --loglevel - - INFO - - -f - - /dev/stdout - - --without-mingle - - --without-gossip - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - - command: - - celery - - --app - - paperless - - beat - - --loglevel - - INFO - - -f - - /dev/stdout - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery-beat - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - mkdir -p /mnt/library/consume - env: - - name: PAPERLESS_URL - value: https://search.experlab.xyz - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - image: busybox - imagePullPolicy: Always - name: init-consume-dir - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /mnt/library - name: library - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - runAsGroup: 1000 - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: consume - - name: log - persistentVolumeClaim: - claimName: paperless-ngx-log - - emptyDir: {} - name: library - - name: data - persistentVolumeClaim: - claimName: paperless-ngx-data - - emptyDir: {} - name: celerydata - - emptyDir: {} - name: temp - - configMap: + - name: kube-api-access-9f8bk + projected: defaultMode: 420 - items: - - key: pureftpd.conf - path: pureftpd.conf - name: paperless-ngx-config - name: ftpd-config - - hostPath: - path: /home/server/books - type: Directory - name: books - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "3" - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-06-18T12:10:57Z" - generation: 2 - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: bf69f45c6 - name: paperless-ngx-bf69f45c6 - namespace: calibre - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: paperless-ngx - uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d - resourceVersion: "6504180" - uid: 7cccb155-8bc0-44aa-9033-b038c7222c79 - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: bf69f45c6 - template: - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-06-18T14:10:32+02:00" - creationTimestamp: null - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: bf69f45c6 - spec: - containers: - - command: - - gunicorn - - -c - - /usr/src/paperless/gunicorn.conf.py - - paperless.asgi:application - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:03Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-06-18T12:55:02Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:38Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:38Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-06-18T12:55:00Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://ff69e05a4e231f05f2aecb3c0e26dad26cbe268eddfd7b02fbf067102ccfbb63 image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-webserver - ports: - - containerPort: 8000 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - command: - - python3 - - manage.py - - document_consumer - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-consumer - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - command: - - celery - - --app - - paperless - - worker - - --loglevel - - INFO - - -f - - /dev/stdout - - --without-mingle - - --without-gossip - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 + imageID: ghcr.io/paperless-ngx/paperless-ngx@sha256:275b8ef0b0d9026cff6f04fbf79b28077fb08fe7f33c52bd73531cfc692b361a + lastState: + terminated: + containerID: containerd://4bf24af896bb394c69e304f062d347285a2ff5de03fa46a9ce55bc119aba88f4 + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:32Z' name: paperless-ngx-celery - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File + ready: true + restartCount: 10 + started: true + state: + running: + startedAt: '2025-08-24T01:02:04Z' volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - - command: - - celery - - --app - - paperless - - beat - - --loglevel - - INFO - - -f - - /dev/stdout - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://60d758399ca2e7045fec526ec48837792900c512560d66c32910ee8235133b89 image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 + imageID: ghcr.io/paperless-ngx/paperless-ngx@sha256:275b8ef0b0d9026cff6f04fbf79b28077fb08fe7f33c52bd73531cfc692b361a + lastState: + terminated: + containerID: containerd://0758b74c41e2b5427445e4e1a6c525b2933b4068d846efc13af66522abd16849 + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:32Z' name: paperless-ngx-celery-beat - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File + ready: true + restartCount: 11 + started: true + state: + running: + startedAt: '2025-08-24T01:02:04Z' volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - mkdir -p /mnt/library/consume - env: - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: busybox - imagePullPolicy: Always - name: init-consume-dir - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /mnt/library - name: library - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - runAsGroup: 1000 - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: consume - - name: log - persistentVolumeClaim: - claimName: paperless-ngx-log - - emptyDir: {} - name: library - - name: data - persistentVolumeClaim: - claimName: paperless-ngx-data - - emptyDir: {} - name: celerydata - - emptyDir: {} - name: temp - - configMap: - defaultMode: 420 - items: - - key: pureftpd.conf - path: pureftpd.conf - name: paperless-ngx-config - name: ftpd-config - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "5" - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-06-18T12:20:11Z" - generation: 2 - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: c569cf5c9 - name: paperless-ngx-c569cf5c9 - namespace: calibre - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: paperless-ngx - uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d - resourceVersion: "6504926" - uid: 9e756219-7100-4e9d-aaba-1876d030cf88 - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: c569cf5c9 - template: - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-06-18T14:19:44+02:00" - creationTimestamp: null - labels: - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: paperless-ngx - pod-template-hash: c569cf5c9 - spec: - containers: - - command: - - gunicorn - - -c - - /usr/src/paperless/gunicorn.conf.py - - paperless.asgi:application - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume/incoming - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://7b476c9d289eeffd299e6ac48ec5b1fdf1cd9cb48b122d15cec91037ff450e87 image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-webserver - ports: - - containerPort: 8000 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: / - port: http - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - command: - - python3 - - manage.py - - document_consumer - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume/incoming - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 + imageID: ghcr.io/paperless-ngx/paperless-ngx@sha256:275b8ef0b0d9026cff6f04fbf79b28077fb08fe7f33c52bd73531cfc692b361a + lastState: + terminated: + containerID: containerd://23f642c6369c3eba923591b6080a3cb058ace018d4bad571f9d61edfb286ee82 + exitCode: 1 + finishedAt: '2025-08-24T01:02:17Z' + reason: Error + startedAt: '2025-08-24T01:02:04Z' name: paperless-ngx-consumer - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File + ready: true + restartCount: 14 + started: true + state: + running: + startedAt: '2025-08-24T01:02:37Z' volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: data - - mountPath: /mnt/library/consume - name: books - - command: - - celery - - --app - - paperless - - worker - - --loglevel - - INFO - - -f - - /dev/stdout - - --without-mingle - - --without-gossip - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume/incoming - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://7fc020382df8b34e3138dd4d6003974f3bf9693eba9469af22ecda9cdc88f682 image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File + imageID: ghcr.io/paperless-ngx/paperless-ngx@sha256:275b8ef0b0d9026cff6f04fbf79b28077fb08fe7f33c52bd73531cfc692b361a + lastState: + terminated: + containerID: containerd://6022a31e28b743c7dd23ac798bade801b3474eed9f934218a4af35ab9839d54f + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:31Z' + name: paperless-ngx-webserver + ready: true + restartCount: 33 + started: true + state: + running: + startedAt: '2025-08-24T01:02:03Z' volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - - command: - - celery - - --app - - paperless - - beat - - --loglevel - - INFO - - -f - - /dev/stdout - env: - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379 - - name: PAPERLESS_ADMIN_USER - value: admin - - name: PAPERLESS_ADMIN_PASSWORD - value: admin - - name: PAPERLESS_ADMIN_MAIL - value: no@mail.cf - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_OCR_LANGUAGES - value: deu+eng - - name: PAPERLESS_CONSUMER_RECURSIVE - value: "true" - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume/incoming - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_LOGGING_DIR - value: /var/log/paperless - - name: PAPERLESS_URL - value: https://search.experlab.xyz - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: paperless-ngx-celery-beat - readinessProbe: - exec: - command: - - cat - - /proc/1/cmdline - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/paperless/consume - name: consume - - mountPath: /mnt/library - name: library - - mountPath: /tmp/ - name: temp - - mountPath: /var/log/paperless - name: log - - mountPath: /var/paperless/data - name: celerydata - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - mkdir -p /mnt/library/consume - env: - - name: PAPERLESS_URL - value: https://search.experlab.xyz - - name: PAPERLESS_CONSUMPTION_DIR - value: /mnt/library/consume/incoming - image: busybox - imagePullPolicy: Always + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + initContainerStatuses: + - containerID: containerd://1bac12759b6ae87c7334d94d4f964e7cccae93c34ca76c84c99ea35c9834fbc2 + image: docker.io/library/busybox:latest + imageID: docker.io/library/busybox@sha256:ab33eacc8251e3807b85bb6dba570e4698c3998eca6f0fc2ccb60575a563ea74 + lastState: {} name: init-consume-dir - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File + ready: true + restartCount: 0 + started: false + state: + terminated: + containerID: containerd://1bac12759b6ae87c7334d94d4f964e7cccae93c34ca76c84c99ea35c9834fbc2 + exitCode: 0 + finishedAt: '2025-08-24T01:02:02Z' + reason: Completed + startedAt: '2025-08-24T01:02:02Z' volumeMounts: - - mountPath: /mnt/library - name: library - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - runAsGroup: 1000 - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: consume - - name: log - persistentVolumeClaim: - claimName: paperless-ngx-log - - emptyDir: {} - name: library - - name: data - persistentVolumeClaim: - claimName: paperless-ngx-data - - emptyDir: {} - name: celerydata - - emptyDir: {} - name: temp - - configMap: - defaultMode: 420 - items: - - key: pureftpd.conf - path: pureftpd.conf - name: paperless-ngx-config - name: ftpd-config - - hostPath: - path: /home/server/books - type: Directory - name: books - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: StatefulSet - metadata: - annotations: - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-06-04T22:00:28Z" - generation: 1 - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 17.0.0 - helm.sh/chart: postgresql-16.1.0 - name: paperless-ngx-postgresql - namespace: calibre - resourceVersion: "12151547" - uid: c0cda9fd-6512-472c-9175-d068c9f75227 - spec: - persistentVolumeClaimRetentionPolicy: - whenDeleted: Retain - whenScaled: Retain - podManagementPolicy: OrderedReady - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: + - mountPath: /mnt/library + name: library + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true + recursiveReadOnly: Disabled + phase: Running + podIP: 10.244.0.30 + podIPs: + - ip: 10.244.0.30 + qosClass: BestEffort + startTime: '2025-06-18T12:55:00Z' + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-06-04T22:00:28Z' + generateName: paperless-ngx-postgresql- + labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - serviceName: paperless-ngx-postgresql-hl - template: - metadata: - creationTimestamp: null - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 17.0.0 - helm.sh/chart: postgresql-16.1.0 - name: paperless-ngx-postgresql - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: + app.kubernetes.io/version: 17.0.0 + apps.kubernetes.io/pod-index: '0' + controller-revision-hash: paperless-ngx-postgresql-5f5df87cb9 + helm.sh/chart: postgresql-16.1.0 + statefulset.kubernetes.io/pod-name: paperless-ngx-postgresql-0 + name: paperless-ngx-postgresql-0 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: StatefulSet + name: paperless-ngx-postgresql + uid: c0cda9fd-6512-472c-9175-d068c9f75227 + resourceVersion: '20356495' + uid: 6054f99a-25b9-4cc1-a25d-5952feacd02f + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchLabels: @@ -6287,56 +851,56 @@ items: app.kubernetes.io/name: postgresql topologyKey: kubernetes.io/hostname weight: 1 - automountServiceAccountToken: false - containers: + automountServiceAccountToken: false + containers: - env: - - name: BITNAMI_DEBUG - value: "false" - - name: POSTGRESQL_PORT_NUMBER - value: "5432" - - name: POSTGRESQL_VOLUME_DIR - value: /bitnami/postgresql - - name: PGDATA - value: /bitnami/postgresql/data - - name: POSTGRES_USER - value: paperless - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: POSTGRES_POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: postgres-password - name: paperless-ngx-postgresql - - name: POSTGRES_DATABASE - value: paperless - - name: POSTGRESQL_ENABLE_LDAP - value: "no" - - name: POSTGRESQL_ENABLE_TLS - value: "no" - - name: POSTGRESQL_LOG_HOSTNAME - value: "false" - - name: POSTGRESQL_LOG_CONNECTIONS - value: "false" - - name: POSTGRESQL_LOG_DISCONNECTIONS - value: "false" - - name: POSTGRESQL_PGAUDIT_LOG_CATALOG - value: "off" - - name: POSTGRESQL_CLIENT_MIN_MESSAGES - value: error - - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES - value: pgaudit + - name: BITNAMI_DEBUG + value: 'false' + - name: POSTGRESQL_PORT_NUMBER + value: '5432' + - name: POSTGRESQL_VOLUME_DIR + value: /bitnami/postgresql + - name: PGDATA + value: /bitnami/postgresql/data + - name: POSTGRES_USER + value: paperless + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: POSTGRES_POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: postgres-password + name: paperless-ngx-postgresql + - name: POSTGRES_DATABASE + value: paperless + - name: POSTGRESQL_ENABLE_LDAP + value: 'no' + - name: POSTGRESQL_ENABLE_TLS + value: 'no' + - name: POSTGRESQL_LOG_HOSTNAME + value: 'false' + - name: POSTGRESQL_LOG_CONNECTIONS + value: 'false' + - name: POSTGRESQL_LOG_DISCONNECTIONS + value: 'false' + - name: POSTGRESQL_PGAUDIT_LOG_CATALOG + value: 'off' + - name: POSTGRESQL_CLIENT_MIN_MESSAGES + value: error + - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES + value: pgaudit image: docker.io/bitnami/postgresql:17.0.0-debian-12-r9 imagePullPolicy: IfNotPresent livenessProbe: exec: command: - - /bin/sh - - -c - - exec pg_isready -U "paperless" -d "dbname=paperless" -h 127.0.0.1 - -p 5432 + - /bin/sh + - -c + - exec pg_isready -U "paperless" -d "dbname=paperless" -h 127.0.0.1 + -p 5432 failureThreshold: 6 initialDelaySeconds: 30 periodSeconds: 10 @@ -6344,18 +908,22 @@ items: timeoutSeconds: 5 name: postgresql ports: - - containerPort: 5432 - name: tcp-postgresql - protocol: TCP + - containerPort: 5432 + name: tcp-postgresql + protocol: TCP readinessProbe: exec: command: - - /bin/sh - - -c - - -e - - | - exec pg_isready -U "paperless" -d "dbname=paperless" -h 127.0.0.1 -p 5432 - [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] + - /bin/sh + - -c + - -e + - 'exec pg_isready -U "paperless" -d "dbname=paperless" -h 127.0.0.1 + -p 5432 + + [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized + ] + + ' failureThreshold: 6 initialDelaySeconds: 5 periodSeconds: 10 @@ -6374,7 +942,7 @@ items: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL privileged: false readOnlyRootFilesystem: true runAsGroup: 1001 @@ -6386,114 +954,147 @@ items: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /tmp - name: empty-dir - subPath: tmp-dir - - mountPath: /opt/bitnami/postgresql/conf - name: empty-dir - subPath: app-conf-dir - - mountPath: /opt/bitnami/postgresql/tmp - name: empty-dir - subPath: app-tmp-dir - - mountPath: /dev/shm - name: dshm - - mountPath: /bitnami/postgresql - name: data - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1001 - fsGroupChangePolicy: Always - serviceAccount: paperless-ngx-postgresql - serviceAccountName: paperless-ngx-postgresql - terminationGracePeriodSeconds: 30 - volumes: + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + subPath: app-conf-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + subPath: app-tmp-dir + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + dnsPolicy: ClusterFirst + enableServiceLinks: true + hostname: paperless-ngx-postgresql-0 + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: paperless-ngx-postgresql + serviceAccountName: paperless-ngx-postgresql + subdomain: paperless-ngx-postgresql-hl + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: data + persistentVolumeClaim: + claimName: data-paperless-ngx-postgresql-0 - emptyDir: {} name: empty-dir - emptyDir: medium: Memory name: dshm - updateStrategy: - rollingUpdate: - partition: 0 - type: RollingUpdate - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - creationTimestamp: null - name: data - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 8Gi - volumeMode: Filesystem - status: - phase: Pending - status: - availableReplicas: 1 - collisionCount: 0 - currentReplicas: 1 - currentRevision: paperless-ngx-postgresql-5f5df87cb9 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 - updateRevision: paperless-ngx-postgresql-5f5df87cb9 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: StatefulSet - metadata: - annotations: - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-06-04T22:00:28Z" - generation: 1 - labels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - app.kubernetes.io/version: 7.4.1 - helm.sh/chart: redis-20.2.1 - name: paperless-ngx-redis-master - namespace: calibre - resourceVersion: "12273833" - uid: 20083127-788c-4add-8cf4-bf0c0b561d9f - spec: - persistentVolumeClaimRetentionPolicy: - whenDeleted: Retain - whenScaled: Retain - podManagementPolicy: OrderedReady - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:00Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-06-04T22:00:28Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:10Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:10Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-06-04T22:00:28Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://fd595ed9adecc2b01fb2b4229c7507a0949dccfb4f37c489260ec987997b33ec + image: docker.io/bitnami/postgresql:17.0.0-debian-12-r9 + imageID: docker.io/bitnami/postgresql@sha256:d885ac2771636b2bdf0ee8595f8e1d2f9b5290505cabebb25c55c63f51e67841 + lastState: + terminated: + containerID: containerd://275486108e945dedbfa2b48bdede508b5c883b2d304ba75f68fa66cc84797380 + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:35Z' + name: postgresql + ready: true + restartCount: 7 + started: true + state: + running: + startedAt: '2025-08-24T01:01:59Z' + volumeMounts: + - mountPath: /tmp + name: empty-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.31 + podIPs: + - ip: 10.244.0.31 + qosClass: Burstable + startTime: '2025-06-04T22:00:28Z' + - apiVersion: v1 + kind: Pod + metadata: + annotations: + checksum/configmap: 86bcc953bb473748a3d3dc60b7c11f34e60c93519234d4c37f42e22ada559d47 + checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9 + checksum/scripts: 560c33ff34d845009b51830c332aa05fa211444d1877d3526d3599be7543aaa5 + checksum/secret: 1e28e5ae561812b3504142ef19d3676b5a8439e7ca16e5a6481316fd591f1fff + creationTimestamp: '2025-06-04T22:00:28Z' + generateName: paperless-ngx-redis-master- + labels: app.kubernetes.io/component: master app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: redis - serviceName: paperless-ngx-redis-headless - template: - metadata: - annotations: - checksum/configmap: 86bcc953bb473748a3d3dc60b7c11f34e60c93519234d4c37f42e22ada559d47 - checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9 - checksum/scripts: 560c33ff34d845009b51830c332aa05fa211444d1877d3526d3599be7543aaa5 - checksum/secret: 1e28e5ae561812b3504142ef19d3676b5a8439e7ca16e5a6481316fd591f1fff - creationTimestamp: null - labels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - app.kubernetes.io/version: 7.4.1 - helm.sh/chart: redis-20.2.1 - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: + app.kubernetes.io/version: 7.4.1 + apps.kubernetes.io/pod-index: '0' + controller-revision-hash: paperless-ngx-redis-master-7b59b75674 + helm.sh/chart: redis-20.2.1 + statefulset.kubernetes.io/pod-name: paperless-ngx-redis-master-0 + name: paperless-ngx-redis-master-0 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: StatefulSet + name: paperless-ngx-redis-master + uid: 20083127-788c-4add-8cf4-bf0c0b561d9f + resourceVersion: '20356598' + uid: 3de39093-839a-4b14-8b07-6d0d505881fe + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchLabels: @@ -6502,37 +1103,37 @@ items: app.kubernetes.io/name: redis topologyKey: kubernetes.io/hostname weight: 1 - automountServiceAccountToken: false - containers: + automountServiceAccountToken: false + containers: - args: - - -c - - /opt/bitnami/scripts/start-scripts/start-master.sh + - -c + - /opt/bitnami/scripts/start-scripts/start-master.sh command: - - /bin/bash + - /bin/bash env: - - name: BITNAMI_DEBUG - value: "false" - - name: REDIS_REPLICATION_MODE - value: master - - name: ALLOW_EMPTY_PASSWORD - value: "no" - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - key: redis-password - name: paperless-ngx-redis - - name: REDIS_TLS_ENABLED - value: "no" - - name: REDIS_PORT - value: "6379" + - name: BITNAMI_DEBUG + value: 'false' + - name: REDIS_REPLICATION_MODE + value: master + - name: ALLOW_EMPTY_PASSWORD + value: 'no' + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + key: redis-password + name: paperless-ngx-redis + - name: REDIS_TLS_ENABLED + value: 'no' + - name: REDIS_PORT + value: '6379' image: docker.io/bitnami/redis:7.4.1-debian-12-r0 imagePullPolicy: IfNotPresent livenessProbe: exec: command: - - sh - - -c - - /health/ping_liveness_local.sh 5 + - sh + - -c + - /health/ping_liveness_local.sh 5 failureThreshold: 5 initialDelaySeconds: 20 periodSeconds: 5 @@ -6540,15 +1141,15 @@ items: timeoutSeconds: 6 name: redis ports: - - containerPort: 6379 - name: redis - protocol: TCP + - containerPort: 6379 + name: redis + protocol: TCP readinessProbe: exec: command: - - sh - - -c - - /health/ping_readiness_local.sh 1 + - sh + - -c + - /health/ping_readiness_local.sh 1 failureThreshold: 5 initialDelaySeconds: 20 periodSeconds: 5 @@ -6567,7 +1168,7 @@ items: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true @@ -6578,31 +1179,48 @@ items: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /opt/bitnami/scripts/start-scripts - name: start-scripts - - mountPath: /health - name: health - - mountPath: /data - name: redis-data - - mountPath: /opt/bitnami/redis/mounted-etc - name: config - - mountPath: /opt/bitnami/redis/etc/ - name: empty-dir - subPath: app-conf-dir - - mountPath: /tmp - name: empty-dir - subPath: tmp-dir - dnsPolicy: ClusterFirst - enableServiceLinks: true - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1001 - fsGroupChangePolicy: Always - serviceAccount: paperless-ngx-redis-master - serviceAccountName: paperless-ngx-redis-master - terminationGracePeriodSeconds: 30 - volumes: + - mountPath: /opt/bitnami/scripts/start-scripts + name: start-scripts + - mountPath: /health + name: health + - mountPath: /data + name: redis-data + - mountPath: /opt/bitnami/redis/mounted-etc + name: config + - mountPath: /opt/bitnami/redis/etc/ + name: empty-dir + subPath: app-conf-dir + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + dnsPolicy: ClusterFirst + enableServiceLinks: true + hostname: paperless-ngx-redis-master-0 + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: paperless-ngx-redis-master + serviceAccountName: paperless-ngx-redis-master + subdomain: paperless-ngx-redis-headless + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: redis-data + persistentVolumeClaim: + claimName: redis-data-paperless-ngx-redis-master-0 - configMap: defaultMode: 493 name: paperless-ngx-redis-scripts @@ -6617,371 +1235,5768 @@ items: name: config - emptyDir: {} name: empty-dir - updateStrategy: - type: RollingUpdate - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - creationTimestamp: null - labels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: redis - name: redis-data - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 8Gi - volumeMode: Filesystem - status: - phase: Pending - status: - availableReplicas: 1 - collisionCount: 0 - currentReplicas: 1 - currentRevision: paperless-ngx-redis-master-7b59b75674 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 - updateRevision: paperless-ngx-redis-master-7b59b75674 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: StatefulSet - metadata: - annotations: - meta.helm.sh/release-name: paperless-ngx - meta.helm.sh/release-namespace: calibre - creationTimestamp: "2025-05-31T17:40:23Z" - generation: 2 - labels: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - app.kubernetes.io/version: 7.4.2 - helm.sh/chart: redis-20.7.0 - name: paperless-ngx-redis-replicas - namespace: calibre - resourceVersion: "4158124" - uid: b5466b45-c24a-480f-9b05-7f2c783b1e51 - spec: - persistentVolumeClaimRetentionPolicy: - whenDeleted: Retain - whenScaled: Retain - podManagementPolicy: OrderedReady - replicas: 0 - revisionHistoryLimit: 10 - selector: - matchLabels: + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:10Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-06-04T22:00:28Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:32Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:32Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-06-04T22:00:28Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://87fe6b7f1b27643d8d65b79fbf1d143e629c53aedaf470a891721a62ab1a0902 + image: docker.io/bitnami/redis:7.4.1-debian-12-r0 + imageID: docker.io/bitnami/redis@sha256:df8d9405ab4ec7fc2e6aa6c0f0bed55ccf863dc15128b53b98ab90b9663f7ff0 + lastState: + terminated: + containerID: containerd://d0b755060f452610a9f7ce2bef7fc2160b155138c917bd7ad84d7415c2e7b3c6 + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:42Z' + name: redis + ready: true + restartCount: 7 + started: true + state: + running: + startedAt: '2025-08-24T01:02:10Z' + volumeMounts: + - mountPath: /opt/bitnami/scripts/start-scripts + name: start-scripts + - mountPath: /health + name: health + - mountPath: /data + name: redis-data + - mountPath: /opt/bitnami/redis/mounted-etc + name: config + - mountPath: /opt/bitnami/redis/etc/ + name: empty-dir + - mountPath: /tmp + name: empty-dir + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.51 + podIPs: + - ip: 10.244.0.51 + qosClass: Burstable + startTime: '2025-06-04T22:00:28Z' + - apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"calibre-web","namespace":"calibre"},"spec":{"ports":[{"nodePort":31083,"port":8083,"protocol":"TCP","targetPort":8083}],"selector":{"app":"calibre-web"},"type":"NodePort"}} + + ' + creationTimestamp: '2025-05-28T21:16:28Z' + name: calibre-web + namespace: calibre + resourceVersion: '3793614' + uid: c0f62125-34e4-41f7-9e99-a8932a72ba6d + spec: + clusterIP: 10.100.190.211 + clusterIPs: + - 10.100.190.211 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - nodePort: 31083 + port: 8083 + protocol: TCP + targetPort: 8083 + selector: + app: calibre-web + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-06-04T22:00:28Z' + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: paperless-ngx + app.kubernetes.io/version: 2.13.4 + helm.sh/chart: paperless-ngx-0.2.23 + name: paperless-ngx + namespace: calibre + resourceVersion: '4703842' + uid: 8ef42926-63b1-443b-892e-34c435e01af2 + spec: + clusterIP: 10.103.117.13 + clusterIPs: + - 10.103.117.13 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + nodePort: 30505 + port: 8000 + protocol: TCP + targetPort: http + selector: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-06-04T22:00:28Z' + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.0.0 + helm.sh/chart: postgresql-16.1.0 + name: paperless-ngx-postgresql + namespace: calibre + resourceVersion: '4703843' + uid: a787f724-d7b1-4b07-819a-293558a75a10 + spec: + clusterIP: 10.98.55.52 + clusterIPs: + - 10.98.55.52 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-postgresql + port: 5432 + protocol: TCP + targetPort: tcp-postgresql + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: postgresql + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-06-04T22:00:28Z' + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.0.0 + helm.sh/chart: postgresql-16.1.0 + name: paperless-ngx-postgresql-hl + namespace: calibre + resourceVersion: '4703834' + uid: 0f23d612-07b8-41d7-8955-e4d1c5ad1ce4 + spec: + clusterIP: None + clusterIPs: + - None + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-postgresql + port: 5432 + protocol: TCP + targetPort: tcp-postgresql + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: postgresql + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-06-04T22:00:28Z' + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: redis + app.kubernetes.io/version: 7.4.1 + helm.sh/chart: redis-20.2.1 + name: paperless-ngx-redis-headless + namespace: calibre + resourceVersion: '4703832' + uid: 1c6c5013-228a-439b-9f6c-36b6903803ea + spec: + clusterIP: None + clusterIPs: + - None + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: redis + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-06-04T22:00:28Z' + labels: + app.kubernetes.io/component: master + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: redis + app.kubernetes.io/version: 7.4.1 + helm.sh/chart: redis-20.2.1 + name: paperless-ngx-redis-master + namespace: calibre + resourceVersion: '4703849' + uid: d668cfe9-3cfe-49c1-aefe-b550e2bbf4cc + spec: + clusterIP: 10.96.179.197 + clusterIPs: + - 10.96.179.197 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app.kubernetes.io/component: master + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: redis + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-05-31T17:40:23Z' + labels: + app.kubernetes.io/component: replica + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: redis + app.kubernetes.io/version: 7.4.2 + helm.sh/chart: redis-20.7.0 + name: paperless-ngx-redis-replicas + namespace: calibre + resourceVersion: '4157276' + uid: b79067eb-619d-4b2b-8d46-dfca0e5513c2 + spec: + clusterIP: 10.105.127.173 + clusterIPs: + - 10.105.127.173 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-redis + port: 6379 + protocol: TCP + targetPort: redis + selector: app.kubernetes.io/component: replica app.kubernetes.io/instance: paperless-ngx app.kubernetes.io/name: redis - serviceName: paperless-ngx-redis-headless - template: - metadata: - annotations: - checksum/configmap: 2a9ab4a5432825504d910f022638674ce88eaefe9f9f595ad8bc107377d104fb - checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9 - checksum/scripts: 88b08bb17a6fc68de6bb7ca8e132b5d9ed1ef6ff30ba3ef79b2d6a20e2e51f89 - checksum/secret: a884a56b53cb20a6fda4f0220d11d862227b453b59adc3efa6dac54106e578cf - creationTimestamp: null - labels: - app.kubernetes.io/component: replica + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '1' + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app":"calibre-web"},"name":"calibre-web","namespace":"calibre"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"calibre-web"}},"template":{"metadata":{"labels":{"app":"calibre-web"}},"spec":{"containers":[{"env":[{"name":"PUID","value":"1000"},{"name":"PGID","value":"1000"},{"name":"TZ","value":"Europe/Budapest"}],"image":"lscr.io/linuxserver/calibre-web:latest","name":"calibre-web","ports":[{"containerPort":8083}],"volumeMounts":[{"mountPath":"/books","name":"books"},{"mountPath":"/config","name":"config"}]}],"volumes":[{"hostPath":{"path":"/srv/media/books","type":"Directory"},"name":"books"},{"emptyDir":{},"name":"config"}]}}}} + + ' + creationTimestamp: '2025-05-28T21:34:10Z' + generation: 1 + labels: + app: calibre-web + name: calibre-web + namespace: calibre + resourceVersion: '12273790' + uid: 49a7c5c1-a366-4360-9b8c-dcf5c69168f8 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: calibre-web + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: calibre-web + spec: + containers: + - env: + - name: PUID + value: '1000' + - name: PGID + value: '1000' + - name: TZ + value: Europe/Budapest + image: lscr.io/linuxserver/calibre-web:latest + imagePullPolicy: Always + name: calibre-web + ports: + - containerPort: 8083 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /books + name: books + - mountPath: /config + name: config + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: /srv/media/books + type: Directory + name: books + - emptyDir: {} + name: config + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-05-28T21:34:10Z' + lastUpdateTime: '2025-05-28T21:34:12Z' + message: ReplicaSet "calibre-web-6b6dfc59c4" has successfully progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + - lastTransitionTime: '2025-08-24T01:02:24Z' + lastUpdateTime: '2025-08-24T01:02:24Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '9' + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-06-04T22:00:28Z' + generation: 20 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: paperless-ngx + app.kubernetes.io/version: 2.13.4 + helm.sh/chart: paperless-ngx-0.2.23 + name: paperless-ngx + namespace: calibre + resourceVersion: '12273859' + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - app.kubernetes.io/version: 7.4.2 - helm.sh/chart: redis-20.7.0 - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: paperless-ngx - app.kubernetes.io/name: redis - topologyKey: kubernetes.io/hostname - weight: 1 - automountServiceAccountToken: false - containers: - - args: - - -c - - /opt/bitnami/scripts/start-scripts/start-replica.sh - command: - - /bin/bash - env: - - name: BITNAMI_DEBUG - value: "false" - - name: REDIS_REPLICATION_MODE - value: replica - - name: REDIS_MASTER_HOST - value: paperless-ngx-redis-master-0.paperless-ngx-redis-headless.calibre.svc.cluster.local - - name: REDIS_MASTER_PORT_NUMBER - value: "6379" - - name: ALLOW_EMPTY_PASSWORD - value: "no" - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - key: redis-password - name: paperless-ngx-redis - - name: REDIS_MASTER_PASSWORD - valueFrom: - secretKeyRef: - key: redis-password - name: paperless-ngx-redis - - name: REDIS_TLS_ENABLED - value: "no" - - name: REDIS_PORT - value: "6379" - image: docker.io/bitnami/redis:7.4.2-debian-12-r0 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - sh - - -c - - /health/ping_liveness_local_and_master.sh 5 - failureThreshold: 5 - initialDelaySeconds: 20 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 6 - name: redis - ports: - - containerPort: 6379 - name: redis - protocol: TCP - readinessProbe: - exec: - command: - - sh - - -c - - /health/ping_readiness_local_and_master.sh 1 - failureThreshold: 5 - initialDelaySeconds: 20 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 2 - resources: - limits: - cpu: 150m - ephemeral-storage: 2Gi - memory: 192Mi - requests: - cpu: 100m - ephemeral-storage: 50Mi - memory: 128Mi + app.kubernetes.io/name: paperless-ngx + strategy: + type: Recreate + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-06-18T14:54:33+02:00' + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /mnt/library/consume/incoming + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + env: + - name: PAPERLESS_URL + value: https://search.experlab.xyz + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsGroup: 1001 + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 runAsNonRoot: true - runAsUser: 1001 - seLinuxOptions: {} + runAsUser: 1000 seccompProfile: type: RuntimeDefault - startupProbe: - failureThreshold: 22 - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: redis - timeoutSeconds: 5 - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /opt/bitnami/scripts/start-scripts - name: start-scripts - - mountPath: /health - name: health - - mountPath: /data + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + - hostPath: + path: /home/server/books + type: Directory + name: books + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-06-04T22:00:28Z' + lastUpdateTime: '2025-06-18T12:55:15Z' + message: ReplicaSet "paperless-ngx-7f7bb6c858" has successfully progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + - lastTransitionTime: '2025-08-24T01:02:38Z' + lastUpdateTime: '2025-08-24T01:02:38Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + observedGeneration: 20 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '1' + creationTimestamp: '2025-05-28T21:34:10Z' + generation: 1 + labels: + app: calibre-web + pod-template-hash: 6b6dfc59c4 + name: calibre-web-6b6dfc59c4 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: calibre-web + uid: 49a7c5c1-a366-4360-9b8c-dcf5c69168f8 + resourceVersion: '12273788' + uid: b5ed681e-c167-4e4e-b932-38f2fd9d964c + spec: + replicas: 1 + selector: + matchLabels: + app: calibre-web + pod-template-hash: 6b6dfc59c4 + template: + metadata: + creationTimestamp: null + labels: + app: calibre-web + pod-template-hash: 6b6dfc59c4 + spec: + containers: + - env: + - name: PUID + value: '1000' + - name: PGID + value: '1000' + - name: TZ + value: Europe/Budapest + image: lscr.io/linuxserver/calibre-web:latest + imagePullPolicy: Always + name: calibre-web + ports: + - containerPort: 8083 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /books + name: books + - mountPath: /config + name: config + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: /srv/media/books + type: Directory + name: books + - emptyDir: {} + name: config + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '2' + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-06-18T12:04:49Z' + generation: 2 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 547f4c4777 + name: paperless-ngx-547f4c4777 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: '6503593' + uid: 0cb3e0c1-0a40-4f80-8cb6-d3198822fe25 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 547f4c4777 + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 547f4c4777 + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://paperless.domain + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://paperless.domain + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://paperless.domain + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://paperless.domain + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '1' + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-06-04T22:00:28Z' + generation: 4 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: '5658985667' + name: paperless-ngx-5658985667 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: '6503023' + uid: 071da3de-78bb-43c8-96e8-2703590ca706 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: '5658985667' + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: '5658985667' + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://paperless.domain + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://paperless.domain + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://paperless.domain + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://paperless.domain + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + status: + observedGeneration: 4 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '4' + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-06-18T12:16:45Z' + generation: 2 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 56f96586d4 + name: paperless-ngx-56f96586d4 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: '6504569' + uid: 48deb1fa-df94-46ab-8c39-832aa5f2f8fa + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 56f96586d4 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-06-18T14:16:20+02:00' + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 56f96586d4 + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + env: + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + - hostPath: + path: /home/server/books + type: Directory + name: books + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '6' + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-06-18T12:23:21Z' + generation: 6 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 58cd75b45 + name: paperless-ngx-58cd75b45 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: '6507047' + uid: ea3bf2dc-e653-4fde-9f2c-3a6eeb01a25a + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 58cd75b45 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-06-18T14:22:54+02:00' + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 58cd75b45 + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + env: + - name: PAPERLESS_URL + value: https://search.experlab.xyz + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + - hostPath: + path: /home/server/books + type: Directory + name: books + status: + observedGeneration: 6 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '7' + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-06-18T12:44:36Z' + generation: 2 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 6b76f4744f + name: paperless-ngx-6b76f4744f + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: '6507297' + uid: 6facac65-3ad8-4a93-805d-cb2fdfe6ec07 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 6b76f4744f + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-06-18T14:22:54+02:00' + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 6b76f4744f + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /mnt/library/consume + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + env: + - name: PAPERLESS_URL + value: https://search.experlab.xyz + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + - hostPath: + path: /home/server/books + type: Directory + name: books + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '9' + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-06-18T12:55:00Z' + generation: 1 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 7f7bb6c858 + name: paperless-ngx-7f7bb6c858 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: '12273858' + uid: b2fae29f-60fb-46e2-b013-1c118b36b328 + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 7f7bb6c858 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-06-18T14:54:33+02:00' + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 7f7bb6c858 + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /mnt/library/consume/incoming + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + env: + - name: PAPERLESS_URL + value: https://search.experlab.xyz + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + - hostPath: + path: /home/server/books + type: Directory + name: books + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '8' + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-06-18T12:46:41Z' + generation: 2 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 986f9c689 + name: paperless-ngx-986f9c689 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: '6508111' + uid: b52186c4-c7f2-462a-bd8d-f420d42e1907 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 986f9c689 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-06-18T14:22:54+02:00' + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 986f9c689 + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /mnt/library/consume/paperless + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + env: + - name: PAPERLESS_URL + value: https://search.experlab.xyz + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + - hostPath: + path: /home/server/books + type: Directory + name: books + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '3' + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-06-18T12:10:57Z' + generation: 2 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: bf69f45c6 + name: paperless-ngx-bf69f45c6 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: '6504180' + uid: 7cccb155-8bc0-44aa-9033-b038c7222c79 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: bf69f45c6 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-06-18T14:10:32+02:00' + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: bf69f45c6 + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + env: + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '5' + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-06-18T12:20:11Z' + generation: 2 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: c569cf5c9 + name: paperless-ngx-c569cf5c9 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: '6504926' + uid: 9e756219-7100-4e9d-aaba-1876d030cf88 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: c569cf5c9 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-06-18T14:19:44+02:00' + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: c569cf5c9 + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume/incoming + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume/incoming + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume/incoming + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: 'true' + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume/incoming + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + env: + - name: PAPERLESS_URL + value: https://search.experlab.xyz + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume/incoming + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + - hostPath: + path: /home/server/books + type: Directory + name: books + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: StatefulSet + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-06-04T22:00:28Z' + generation: 1 + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.0.0 + helm.sh/chart: postgresql-16.1.0 + name: paperless-ngx-postgresql + namespace: calibre + resourceVersion: '12151547' + uid: c0cda9fd-6512-472c-9175-d068c9f75227 + spec: + persistentVolumeClaimRetentionPolicy: + whenDeleted: Retain + whenScaled: Retain + podManagementPolicy: OrderedReady + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: postgresql + serviceName: paperless-ngx-postgresql-hl + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.0.0 + helm.sh/chart: postgresql-16.1.0 + name: paperless-ngx-postgresql + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: postgresql + topologyKey: kubernetes.io/hostname + weight: 1 + automountServiceAccountToken: false + containers: + - env: + - name: BITNAMI_DEBUG + value: 'false' + - name: POSTGRESQL_PORT_NUMBER + value: '5432' + - name: POSTGRESQL_VOLUME_DIR + value: /bitnami/postgresql + - name: PGDATA + value: /bitnami/postgresql/data + - name: POSTGRES_USER + value: paperless + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: POSTGRES_POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: postgres-password + name: paperless-ngx-postgresql + - name: POSTGRES_DATABASE + value: paperless + - name: POSTGRESQL_ENABLE_LDAP + value: 'no' + - name: POSTGRESQL_ENABLE_TLS + value: 'no' + - name: POSTGRESQL_LOG_HOSTNAME + value: 'false' + - name: POSTGRESQL_LOG_CONNECTIONS + value: 'false' + - name: POSTGRESQL_LOG_DISCONNECTIONS + value: 'false' + - name: POSTGRESQL_PGAUDIT_LOG_CATALOG + value: 'off' + - name: POSTGRESQL_CLIENT_MIN_MESSAGES + value: error + - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES + value: pgaudit + image: docker.io/bitnami/postgresql:17.0.0-debian-12-r9 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - /bin/sh + - -c + - exec pg_isready -U "paperless" -d "dbname=paperless" -h 127.0.0.1 + -p 5432 + failureThreshold: 6 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: postgresql + ports: + - containerPort: 5432 + name: tcp-postgresql + protocol: TCP + readinessProbe: + exec: + command: + - /bin/sh + - -c + - -e + - 'exec pg_isready -U "paperless" -d "dbname=paperless" -h 127.0.0.1 + -p 5432 + + [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized + ] + + ' + failureThreshold: 6 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: + cpu: 150m + ephemeral-storage: 2Gi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + subPath: app-conf-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + subPath: app-tmp-dir + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: paperless-ngx-postgresql + serviceAccountName: paperless-ngx-postgresql + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: empty-dir + - emptyDir: + medium: Memory + name: dshm + updateStrategy: + rollingUpdate: + partition: 0 + type: RollingUpdate + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + creationTimestamp: null + name: data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + volumeMode: Filesystem + status: + phase: Pending + status: + availableReplicas: 1 + collisionCount: 0 + currentReplicas: 1 + currentRevision: paperless-ngx-postgresql-5f5df87cb9 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updateRevision: paperless-ngx-postgresql-5f5df87cb9 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: StatefulSet + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-06-04T22:00:28Z' + generation: 1 + labels: + app.kubernetes.io/component: master + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: redis + app.kubernetes.io/version: 7.4.1 + helm.sh/chart: redis-20.2.1 + name: paperless-ngx-redis-master + namespace: calibre + resourceVersion: '12273833' + uid: 20083127-788c-4add-8cf4-bf0c0b561d9f + spec: + persistentVolumeClaimRetentionPolicy: + whenDeleted: Retain + whenScaled: Retain + podManagementPolicy: OrderedReady + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: master + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: redis + serviceName: paperless-ngx-redis-headless + template: + metadata: + annotations: + checksum/configmap: 86bcc953bb473748a3d3dc60b7c11f34e60c93519234d4c37f42e22ada559d47 + checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9 + checksum/scripts: 560c33ff34d845009b51830c332aa05fa211444d1877d3526d3599be7543aaa5 + checksum/secret: 1e28e5ae561812b3504142ef19d3676b5a8439e7ca16e5a6481316fd591f1fff + creationTimestamp: null + labels: + app.kubernetes.io/component: master + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: redis + app.kubernetes.io/version: 7.4.1 + helm.sh/chart: redis-20.2.1 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: master + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: redis + topologyKey: kubernetes.io/hostname + weight: 1 + automountServiceAccountToken: false + containers: + - args: + - -c + - /opt/bitnami/scripts/start-scripts/start-master.sh + command: + - /bin/bash + env: + - name: BITNAMI_DEBUG + value: 'false' + - name: REDIS_REPLICATION_MODE + value: master + - name: ALLOW_EMPTY_PASSWORD + value: 'no' + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + key: redis-password + name: paperless-ngx-redis + - name: REDIS_TLS_ENABLED + value: 'no' + - name: REDIS_PORT + value: '6379' + image: docker.io/bitnami/redis:7.4.1-debian-12-r0 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - sh + - -c + - /health/ping_liveness_local.sh 5 + failureThreshold: 5 + initialDelaySeconds: 20 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 6 + name: redis + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - sh + - -c + - /health/ping_readiness_local.sh 1 + failureThreshold: 5 + initialDelaySeconds: 20 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 2 + resources: + limits: + cpu: 150m + ephemeral-storage: 2Gi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/bitnami/scripts/start-scripts + name: start-scripts + - mountPath: /health + name: health + - mountPath: /data + name: redis-data + - mountPath: /opt/bitnami/redis/mounted-etc + name: config + - mountPath: /opt/bitnami/redis/etc/ + name: empty-dir + subPath: app-conf-dir + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: paperless-ngx-redis-master + serviceAccountName: paperless-ngx-redis-master + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 493 + name: paperless-ngx-redis-scripts + name: start-scripts + - configMap: + defaultMode: 493 + name: paperless-ngx-redis-health + name: health + - configMap: + defaultMode: 420 + name: paperless-ngx-redis-configuration + name: config + - emptyDir: {} + name: empty-dir + updateStrategy: + type: RollingUpdate + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: master + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: redis name: redis-data - - mountPath: /opt/bitnami/redis/mounted-etc - name: config - - mountPath: /opt/bitnami/redis/etc - name: empty-dir - subPath: app-conf-dir - - mountPath: /tmp - name: empty-dir - subPath: tmp-dir - dnsPolicy: ClusterFirst - enableServiceLinks: true - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1001 - fsGroupChangePolicy: Always - serviceAccount: paperless-ngx-redis-replica - serviceAccountName: paperless-ngx-redis-replica - terminationGracePeriodSeconds: 30 - volumes: - - configMap: - defaultMode: 493 - name: paperless-ngx-redis-scripts - name: start-scripts - - configMap: - defaultMode: 493 - name: paperless-ngx-redis-health - name: health - - configMap: - defaultMode: 420 - name: paperless-ngx-redis-configuration - name: config - - emptyDir: {} - name: empty-dir - updateStrategy: - type: RollingUpdate - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - creationTimestamp: null - labels: + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + volumeMode: Filesystem + status: + phase: Pending + status: + availableReplicas: 1 + collisionCount: 0 + currentReplicas: 1 + currentRevision: paperless-ngx-redis-master-7b59b75674 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updateRevision: paperless-ngx-redis-master-7b59b75674 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: StatefulSet + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: '2025-05-31T17:40:23Z' + generation: 2 + labels: + app.kubernetes.io/component: replica + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: redis + app.kubernetes.io/version: 7.4.2 + helm.sh/chart: redis-20.7.0 + name: paperless-ngx-redis-replicas + namespace: calibre + resourceVersion: '4158124' + uid: b5466b45-c24a-480f-9b05-7f2c783b1e51 + spec: + persistentVolumeClaimRetentionPolicy: + whenDeleted: Retain + whenScaled: Retain + podManagementPolicy: OrderedReady + replicas: 0 + revisionHistoryLimit: 10 + selector: + matchLabels: app.kubernetes.io/component: replica app.kubernetes.io/instance: paperless-ngx app.kubernetes.io/name: redis - name: redis-data - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 8Gi - volumeMode: Filesystem - status: - phase: Pending - status: - availableReplicas: 0 - collisionCount: 0 - currentRevision: paperless-ngx-redis-replicas-65c5bb7f74 - observedGeneration: 2 - replicas: 0 - updateRevision: paperless-ngx-redis-replicas-65c5bb7f74 -- apiVersion: batch/v1 - kind: Job - metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"batch/v1","kind":"Job","metadata":{"annotations":{},"name":"paperless-ngx-migrate-debug","namespace":"calibre"},"spec":{"template":{"spec":{"containers":[{"command":["sh","-c","python3 manage.py migrate \u0026\u0026 echo \"MIGRATE_SUCCEEDED\" \u0026\u0026 sleep 300\n"],"env":[{"name":"PAPERLESS_DBENGINE","value":"postgresql"},{"name":"PAPERLESS_DBHOST","value":"paperless-ngx-postgresql"},{"name":"PAPERLESS_DBPORT","value":"5432"},{"name":"DB_USER","value":"paperless"},{"name":"PAPERLESS_DBNAME","value":"paperless"},{"name":"PAPERLESS_DBPASS","valueFrom":{"secretKeyRef":{"key":"password","name":"paperless-ngx-postgresql"}}},{"name":"PAPERLESS_REDIS","value":"redis://:changeme@paperless-ngx-redis-headless:6379/0"},{"name":"PAPERLESS_MEDIA_ROOT","value":"/mnt/library"},{"name":"PAPERLESS_DATA_DIR","value":"/var/paperless/data"},{"name":"PAPERLESS_CONSUMPTION_DIR","value":"/var/paperless/consume"}],"image":"ghcr.io/paperless-ngx/paperless-ngx:2.13.4","name":"migrate","volumeMounts":[{"mountPath":"/mnt/library","name":"media"},{"mountPath":"/var/paperless/data","name":"data"},{"mountPath":"/var/paperless/consume","name":"consume"}]}],"restartPolicy":"Never","volumes":[{"name":"media","persistentVolumeClaim":{"claimName":"paperless-ngx-media"}},{"name":"data","persistentVolumeClaim":{"claimName":"paperless-ngx-data"}},{"name":"consume","persistentVolumeClaim":{"claimName":"paperless-ngx-consumption"}}]}}}} - creationTimestamp: "2025-06-04T22:05:44Z" - generation: 1 - labels: - batch.kubernetes.io/controller-uid: 365f0456-4706-48fc-8fcd-cfb001cadf2a - batch.kubernetes.io/job-name: paperless-ngx-migrate-debug - controller-uid: 365f0456-4706-48fc-8fcd-cfb001cadf2a - job-name: paperless-ngx-migrate-debug - name: paperless-ngx-migrate-debug - namespace: calibre - resourceVersion: "4705040" - uid: 365f0456-4706-48fc-8fcd-cfb001cadf2a - spec: - backoffLimit: 6 - completionMode: NonIndexed - completions: 1 - manualSelector: false - parallelism: 1 - podReplacementPolicy: TerminatingOrFailed - selector: - matchLabels: + serviceName: paperless-ngx-redis-headless + template: + metadata: + annotations: + checksum/configmap: 2a9ab4a5432825504d910f022638674ce88eaefe9f9f595ad8bc107377d104fb + checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9 + checksum/scripts: 88b08bb17a6fc68de6bb7ca8e132b5d9ed1ef6ff30ba3ef79b2d6a20e2e51f89 + checksum/secret: a884a56b53cb20a6fda4f0220d11d862227b453b59adc3efa6dac54106e578cf + creationTimestamp: null + labels: + app.kubernetes.io/component: replica + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: redis + app.kubernetes.io/version: 7.4.2 + helm.sh/chart: redis-20.7.0 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: replica + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: redis + topologyKey: kubernetes.io/hostname + weight: 1 + automountServiceAccountToken: false + containers: + - args: + - -c + - /opt/bitnami/scripts/start-scripts/start-replica.sh + command: + - /bin/bash + env: + - name: BITNAMI_DEBUG + value: 'false' + - name: REDIS_REPLICATION_MODE + value: replica + - name: REDIS_MASTER_HOST + value: paperless-ngx-redis-master-0.paperless-ngx-redis-headless.calibre.svc.cluster.local + - name: REDIS_MASTER_PORT_NUMBER + value: '6379' + - name: ALLOW_EMPTY_PASSWORD + value: 'no' + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + key: redis-password + name: paperless-ngx-redis + - name: REDIS_MASTER_PASSWORD + valueFrom: + secretKeyRef: + key: redis-password + name: paperless-ngx-redis + - name: REDIS_TLS_ENABLED + value: 'no' + - name: REDIS_PORT + value: '6379' + image: docker.io/bitnami/redis:7.4.2-debian-12-r0 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - sh + - -c + - /health/ping_liveness_local_and_master.sh 5 + failureThreshold: 5 + initialDelaySeconds: 20 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 6 + name: redis + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - sh + - -c + - /health/ping_readiness_local_and_master.sh 1 + failureThreshold: 5 + initialDelaySeconds: 20 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 2 + resources: + limits: + cpu: 150m + ephemeral-storage: 2Gi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + startupProbe: + failureThreshold: 22 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: redis + timeoutSeconds: 5 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/bitnami/scripts/start-scripts + name: start-scripts + - mountPath: /health + name: health + - mountPath: /data + name: redis-data + - mountPath: /opt/bitnami/redis/mounted-etc + name: config + - mountPath: /opt/bitnami/redis/etc + name: empty-dir + subPath: app-conf-dir + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: paperless-ngx-redis-replica + serviceAccountName: paperless-ngx-redis-replica + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 493 + name: paperless-ngx-redis-scripts + name: start-scripts + - configMap: + defaultMode: 493 + name: paperless-ngx-redis-health + name: health + - configMap: + defaultMode: 420 + name: paperless-ngx-redis-configuration + name: config + - emptyDir: {} + name: empty-dir + updateStrategy: + type: RollingUpdate + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: replica + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: redis + name: redis-data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + volumeMode: Filesystem + status: + phase: Pending + status: + availableReplicas: 0 + collisionCount: 0 + currentRevision: paperless-ngx-redis-replicas-65c5bb7f74 + observedGeneration: 2 + replicas: 0 + updateRevision: paperless-ngx-redis-replicas-65c5bb7f74 + - apiVersion: batch/v1 + kind: Job + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"batch/v1","kind":"Job","metadata":{"annotations":{},"name":"paperless-ngx-migrate-debug","namespace":"calibre"},"spec":{"template":{"spec":{"containers":[{"command":["sh","-c","python3 + manage.py migrate \u0026\u0026 echo \"MIGRATE_SUCCEEDED\" \u0026\u0026 sleep + 300\n"],"env":[{"name":"PAPERLESS_DBENGINE","value":"postgresql"},{"name":"PAPERLESS_DBHOST","value":"paperless-ngx-postgresql"},{"name":"PAPERLESS_DBPORT","value":"5432"},{"name":"DB_USER","value":"paperless"},{"name":"PAPERLESS_DBNAME","value":"paperless"},{"name":"PAPERLESS_DBPASS","valueFrom":{"secretKeyRef":{"key":"password","name":"paperless-ngx-postgresql"}}},{"name":"PAPERLESS_REDIS","value":"redis://:changeme@paperless-ngx-redis-headless:6379/0"},{"name":"PAPERLESS_MEDIA_ROOT","value":"/mnt/library"},{"name":"PAPERLESS_DATA_DIR","value":"/var/paperless/data"},{"name":"PAPERLESS_CONSUMPTION_DIR","value":"/var/paperless/consume"}],"image":"ghcr.io/paperless-ngx/paperless-ngx:2.13.4","name":"migrate","volumeMounts":[{"mountPath":"/mnt/library","name":"media"},{"mountPath":"/var/paperless/data","name":"data"},{"mountPath":"/var/paperless/consume","name":"consume"}]}],"restartPolicy":"Never","volumes":[{"name":"media","persistentVolumeClaim":{"claimName":"paperless-ngx-media"}},{"name":"data","persistentVolumeClaim":{"claimName":"paperless-ngx-data"}},{"name":"consume","persistentVolumeClaim":{"claimName":"paperless-ngx-consumption"}}]}}}} + + ' + creationTimestamp: '2025-06-04T22:05:44Z' + generation: 1 + labels: batch.kubernetes.io/controller-uid: 365f0456-4706-48fc-8fcd-cfb001cadf2a - suspend: false - template: - metadata: - creationTimestamp: null - labels: + batch.kubernetes.io/job-name: paperless-ngx-migrate-debug + controller-uid: 365f0456-4706-48fc-8fcd-cfb001cadf2a + job-name: paperless-ngx-migrate-debug + name: paperless-ngx-migrate-debug + namespace: calibre + resourceVersion: '4705040' + uid: 365f0456-4706-48fc-8fcd-cfb001cadf2a + spec: + backoffLimit: 6 + completionMode: NonIndexed + completions: 1 + manualSelector: false + parallelism: 1 + podReplacementPolicy: TerminatingOrFailed + selector: + matchLabels: batch.kubernetes.io/controller-uid: 365f0456-4706-48fc-8fcd-cfb001cadf2a - batch.kubernetes.io/job-name: paperless-ngx-migrate-debug - controller-uid: 365f0456-4706-48fc-8fcd-cfb001cadf2a - job-name: paperless-ngx-migrate-debug - spec: - containers: - - command: - - sh - - -c - - | - python3 manage.py migrate && echo "MIGRATE_SUCCEEDED" && sleep 300 - env: - - name: PAPERLESS_DBENGINE - value: postgresql - - name: PAPERLESS_DBHOST - value: paperless-ngx-postgresql - - name: PAPERLESS_DBPORT - value: "5432" - - name: DB_USER - value: paperless - - name: PAPERLESS_DBNAME - value: paperless - - name: PAPERLESS_DBPASS - valueFrom: - secretKeyRef: - key: password - name: paperless-ngx-postgresql - - name: PAPERLESS_REDIS - value: redis://:changeme@paperless-ngx-redis-headless:6379/0 - - name: PAPERLESS_MEDIA_ROOT - value: /mnt/library - - name: PAPERLESS_DATA_DIR - value: /var/paperless/data - - name: PAPERLESS_CONSUMPTION_DIR - value: /var/paperless/consume - image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 - imagePullPolicy: IfNotPresent - name: migrate - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /mnt/library - name: media - - mountPath: /var/paperless/data - name: data - - mountPath: /var/paperless/consume - name: consume - dnsPolicy: ClusterFirst - restartPolicy: Never - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: - - name: media - persistentVolumeClaim: - claimName: paperless-ngx-media - - name: data - persistentVolumeClaim: - claimName: paperless-ngx-data - - name: consume - persistentVolumeClaim: - claimName: paperless-ngx-consumption - status: - completionTime: "2025-06-04T22:10:51Z" - conditions: - - lastProbeTime: "2025-06-04T22:10:51Z" - lastTransitionTime: "2025-06-04T22:10:51Z" - message: Reached expected number of succeeded pods - reason: CompletionsReached - status: "True" - type: SuccessCriteriaMet - - lastProbeTime: "2025-06-04T22:10:51Z" - lastTransitionTime: "2025-06-04T22:10:51Z" - message: Reached expected number of succeeded pods - reason: CompletionsReached - status: "True" - type: Complete - ready: 0 - startTime: "2025-06-04T22:05:44Z" - succeeded: 1 - terminating: 0 - uncountedTerminatedPods: {} + suspend: false + template: + metadata: + creationTimestamp: null + labels: + batch.kubernetes.io/controller-uid: 365f0456-4706-48fc-8fcd-cfb001cadf2a + batch.kubernetes.io/job-name: paperless-ngx-migrate-debug + controller-uid: 365f0456-4706-48fc-8fcd-cfb001cadf2a + job-name: paperless-ngx-migrate-debug + spec: + containers: + - command: + - sh + - -c + - 'python3 manage.py migrate && echo "MIGRATE_SUCCEEDED" && sleep + 300 + + ' + env: + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: '5432' + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379/0 + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_CONSUMPTION_DIR + value: /var/paperless/consume + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + name: migrate + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: media + - mountPath: /var/paperless/data + name: data + - mountPath: /var/paperless/consume + name: consume + dnsPolicy: ClusterFirst + restartPolicy: Never + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: media + persistentVolumeClaim: + claimName: paperless-ngx-media + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - name: consume + persistentVolumeClaim: + claimName: paperless-ngx-consumption + status: + completionTime: '2025-06-04T22:10:51Z' + conditions: + - lastProbeTime: '2025-06-04T22:10:51Z' + lastTransitionTime: '2025-06-04T22:10:51Z' + message: Reached expected number of succeeded pods + reason: CompletionsReached + status: 'True' + type: SuccessCriteriaMet + - lastProbeTime: '2025-06-04T22:10:51Z' + lastTransitionTime: '2025-06-04T22:10:51Z' + message: Reached expected number of succeeded pods + reason: CompletionsReached + status: 'True' + type: Complete + ready: 0 + startTime: '2025-06-04T22:05:44Z' + succeeded: 1 + terminating: 0 + uncountedTerminatedPods: {} kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/demo/all.yaml b/manifests/demo/all.yaml index ded9522..55012f4 100644 --- a/manifests/demo/all.yaml +++ b/manifests/demo/all.yaml @@ -1,5 +1,4 @@ apiVersion: v1 items: [] kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/gitea/all.yaml b/manifests/gitea/all.yaml index a2be15e..693ceea 100644 --- a/manifests/gitea/all.yaml +++ b/manifests/gitea/all.yaml @@ -1,1417 +1,51 @@ apiVersion: v1 items: -- apiVersion: v1 - kind: Pod - metadata: - annotations: - checksum/config: 0b2c10182d51aa707a84b0fdf2c72cbb3d71ff230d325aa9ff22a49e8ce21ffc - creationTimestamp: "2025-10-27T21:04:07Z" - generateName: gitea-58df85bccc- - labels: - app: gitea - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: gitea - app.kubernetes.io/version: 1.24.6 - helm.sh/chart: gitea-12.4.0 - pod-template-hash: 58df85bccc - version: 1.24.6 - name: gitea-58df85bccc-7kcln - namespace: gitea - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: gitea-58df85bccc - uid: 03ab4ff6-6209-41d4-a909-2917160eb74f - resourceVersion: "20406217" - uid: e37fa9e6-400d-4a1c-87da-9e00a971cb59 - spec: - containers: - - env: - - name: SSH_LISTEN_PORT - value: "22" - - name: SSH_PORT - value: "22" - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: TMPDIR - value: /tmp/gitea - - name: HOME - value: /data/gitea/git - image: docker.gitea.com/gitea:1.24.6-rootless - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 10 - initialDelaySeconds: 200 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: http - timeoutSeconds: 1 - name: gitea - ports: - - containerPort: 22 - name: ssh - protocol: TCP - - containerPort: 3000 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: http - timeoutSeconds: 1 - resources: {} - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9mvwz - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - initContainers: - - command: - - /usr/sbinx/init_directory_structure.sh - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - image: docker.gitea.com/gitea:1.24.6-rootless - imagePullPolicy: IfNotPresent - name: init-directories - resources: - requests: - cpu: 100m - memory: 128Mi - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /usr/sbinx - name: init - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9mvwz - readOnly: true - - command: - - /usr/sbinx/config_environment.sh - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: TMP_EXISTING_ENVS_FILE - value: /tmp/existing-envs - - name: ENV_TO_INI_MOUNT_POINT - value: /env-to-ini-mounts - image: docker.gitea.com/gitea:1.24.6-rootless - imagePullPolicy: IfNotPresent - name: init-app-ini - resources: - requests: - cpu: 100m - memory: 128Mi - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /usr/sbinx - name: config - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - - mountPath: /env-to-ini-mounts/inlines/ - name: inline-config-sources - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9mvwz - readOnly: true - - command: - - /usr/sbinx/configure_gitea.sh - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: HOME - value: /data/gitea/git - - name: GITEA_ADMIN_USERNAME - value: admin - - name: GITEA_ADMIN_PASSWORD - value: Kalapszar222& - - name: GITEA_ADMIN_PASSWORD_MODE - value: keepUpdated - image: docker.gitea.com/gitea:1.24.6-rootless - imagePullPolicy: IfNotPresent - name: configure-gitea - resources: - requests: - cpu: 100m - memory: 128Mi - securityContext: - runAsUser: 1000 - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /usr/sbinx - name: init - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9mvwz - readOnly: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 60 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: init - secret: - defaultMode: 110 - secretName: gitea-init - - name: config - secret: - defaultMode: 110 - secretName: gitea - - name: inline-config-sources - secret: - defaultMode: 420 - secretName: gitea-inline-config - - emptyDir: {} - name: temp - - name: data - persistentVolumeClaim: - claimName: gitea-shared-storage - - name: kube-api-access-9mvwz - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:04:15Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:05:14Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:05:36Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:05:36Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:04:07Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://35892078e5216d9936f94563209c8bb8e71d3de7cafa9d5a7090b09670080d2c - image: docker.gitea.com/gitea:1.24.6-rootless - imageID: docker.gitea.com/gitea@sha256:91f2b27e080739f0d19dba716c3214f17257c632cf762e545b44ca577e37052c - lastState: {} - name: gitea - ready: true - restartCount: 0 - started: true - state: - running: - startedAt: "2025-10-27T21:05:14Z" - volumeMounts: - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9mvwz - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - initContainerStatuses: - - containerID: containerd://70fe58eaf134c7d5ee60dd62e425eae04043fa18d30b337892f4d9f6bfd60de7 - image: docker.gitea.com/gitea:1.24.6-rootless - imageID: docker.gitea.com/gitea@sha256:91f2b27e080739f0d19dba716c3214f17257c632cf762e545b44ca577e37052c - lastState: {} - name: init-directories - ready: true - restartCount: 0 - started: false - state: - terminated: - containerID: containerd://70fe58eaf134c7d5ee60dd62e425eae04043fa18d30b337892f4d9f6bfd60de7 - exitCode: 0 - finishedAt: "2025-10-27T21:04:15Z" - reason: Completed - startedAt: "2025-10-27T21:04:15Z" - volumeMounts: - - mountPath: /usr/sbinx - name: init - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9mvwz - readOnly: true - recursiveReadOnly: Disabled - - containerID: containerd://126062f79f43c7068b8b8dbf5046fd97fe58254a4c94e2c24e9049835c22d149 - image: docker.gitea.com/gitea:1.24.6-rootless - imageID: docker.gitea.com/gitea@sha256:91f2b27e080739f0d19dba716c3214f17257c632cf762e545b44ca577e37052c - lastState: {} - name: init-app-ini - ready: true - restartCount: 0 - started: false - state: - terminated: - containerID: containerd://126062f79f43c7068b8b8dbf5046fd97fe58254a4c94e2c24e9049835c22d149 - exitCode: 0 - finishedAt: "2025-10-27T21:04:18Z" - reason: Completed - startedAt: "2025-10-27T21:04:17Z" - volumeMounts: - - mountPath: /usr/sbinx - name: config - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - - mountPath: /env-to-ini-mounts/inlines/ - name: inline-config-sources - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9mvwz - readOnly: true - recursiveReadOnly: Disabled - - containerID: containerd://60f9696c64cc4cea04a1de70f306511209af7d84bbda8c76142db877a58ccbe1 - image: docker.gitea.com/gitea:1.24.6-rootless - imageID: docker.gitea.com/gitea@sha256:91f2b27e080739f0d19dba716c3214f17257c632cf762e545b44ca577e37052c - lastState: {} - name: configure-gitea - ready: true - restartCount: 3 - started: false - state: - terminated: - containerID: containerd://60f9696c64cc4cea04a1de70f306511209af7d84bbda8c76142db877a58ccbe1 - exitCode: 0 - finishedAt: "2025-10-27T21:05:14Z" - reason: Completed - startedAt: "2025-10-27T21:05:01Z" - volumeMounts: - - mountPath: /usr/sbinx - name: init - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9mvwz - readOnly: true - recursiveReadOnly: Disabled - phase: Running - podIP: 10.244.0.150 - podIPs: - - ip: 10.244.0.150 - qosClass: Burstable - startTime: "2025-10-27T21:04:07Z" -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-10-27T21:04:38Z" - generateName: gitea-postgresql- - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 17.6.0 - apps.kubernetes.io/pod-index: "0" - controller-revision-hash: gitea-postgresql-57587479cf - helm.sh/chart: postgresql-16.7.27 - statefulset.kubernetes.io/pod-name: gitea-postgresql-0 - name: gitea-postgresql-0 - namespace: gitea - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: StatefulSet - name: gitea-postgresql - uid: 8d3cecd0-9602-45f4-b97b-a003b102f43d - resourceVersion: "20406135" - uid: 37fa35f8-7b3d-4a22-ab1a-c1414da34072 - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: gitea - app.kubernetes.io/name: postgresql - topologyKey: kubernetes.io/hostname - weight: 1 - automountServiceAccountToken: false - containers: - - env: - - name: BITNAMI_DEBUG - value: "false" - - name: POSTGRESQL_PORT_NUMBER - value: "5432" - - name: POSTGRESQL_VOLUME_DIR - value: /bitnami/postgresql - - name: PGDATA - value: /bitnami/postgresql/data - - name: POSTGRES_USER - value: gitea - - name: POSTGRES_PASSWORD_FILE - value: /opt/bitnami/postgresql/secrets/password - - name: POSTGRES_POSTGRES_PASSWORD_FILE - value: /opt/bitnami/postgresql/secrets/postgres-password - - name: POSTGRES_DATABASE - value: gitea - - name: POSTGRESQL_ENABLE_LDAP - value: "no" - - name: POSTGRESQL_ENABLE_TLS - value: "no" - - name: POSTGRESQL_LOG_HOSTNAME - value: "false" - - name: POSTGRESQL_LOG_CONNECTIONS - value: "false" - - name: POSTGRESQL_LOG_DISCONNECTIONS - value: "false" - - name: POSTGRESQL_PGAUDIT_LOG_CATALOG - value: "off" - - name: POSTGRESQL_CLIENT_MIN_MESSAGES - value: error - - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES - value: pgaudit - image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - /bin/sh - - -c - - exec pg_isready -U "gitea" -d "dbname=gitea" -h 127.0.0.1 -p 5432 - failureThreshold: 6 - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: postgresql - ports: - - containerPort: 5432 - name: tcp-postgresql - protocol: TCP - readinessProbe: - exec: - command: - - /bin/sh - - -c - - -e - - | - exec pg_isready -U "gitea" -d "dbname=gitea" -h 127.0.0.1 -p 5432 - [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] - failureThreshold: 6 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: - limits: - cpu: 150m - ephemeral-storage: 2Gi - memory: 192Mi - requests: - cpu: 100m - ephemeral-storage: 50Mi - memory: 128Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - readOnlyRootFilesystem: true - runAsGroup: 1001 - runAsNonRoot: true - runAsUser: 1001 - seLinuxOptions: {} - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /tmp - name: empty-dir - subPath: tmp-dir - - mountPath: /opt/bitnami/postgresql/conf - name: empty-dir - subPath: app-conf-dir - - mountPath: /opt/bitnami/postgresql/tmp - name: empty-dir - subPath: app-tmp-dir - - mountPath: /opt/bitnami/postgresql/secrets/ - name: postgresql-password - - mountPath: /dev/shm - name: dshm - - mountPath: /bitnami/postgresql - name: data - dnsPolicy: ClusterFirst - enableServiceLinks: true - hostname: gitea-postgresql-0 - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1001 - fsGroupChangePolicy: Always - serviceAccount: gitea-postgresql - serviceAccountName: gitea-postgresql - subdomain: gitea-postgresql-hl - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: data - persistentVolumeClaim: - claimName: data-gitea-postgresql-0 - - emptyDir: {} - name: empty-dir - - name: postgresql-password - secret: - defaultMode: 420 - secretName: gitea-postgresql - - emptyDir: - medium: Memory - name: dshm - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:04:39Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:04:38Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:04:50Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:04:50Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:04:38Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://cec8de025f81b2b58d146b25d29ed923a34dd4b98f2c47c0b2c3fcce8e6ecce3 - image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 - imageID: docker.io/bitnami/postgresql@sha256:5cf757a084469da93ca39a294c9ec7c1aaf2d2a5f728001676ece1a9607fa57f - lastState: {} - name: postgresql - ready: true - restartCount: 0 - started: true - state: - running: - startedAt: "2025-10-27T21:04:39Z" - volumeMounts: - - mountPath: /tmp - name: empty-dir - - mountPath: /opt/bitnami/postgresql/conf - name: empty-dir - - mountPath: /opt/bitnami/postgresql/tmp - name: empty-dir - - mountPath: /opt/bitnami/postgresql/secrets/ - name: postgresql-password - - mountPath: /dev/shm - name: dshm - - mountPath: /bitnami/postgresql - name: data - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.152 - podIPs: - - ip: 10.244.0.152 - qosClass: Burstable - startTime: "2025-10-27T21:04:38Z" -- apiVersion: v1 - kind: Pod - metadata: - annotations: - checksum/configmap: c8cdc0c4c772ac3192446a08bf401c29f1e39f33614657d36e4bb1692e34b39f - checksum/health: e3a0f06458110f02986bb8df4391c43567355d3582dd02f25447184391196fbc - checksum/scripts: 791de9ea7b477455268cda3e85c8e58a1505e8d19ff8e851d78a246cb185a0f7 - checksum/secret: 4b8cbd9693e7e45452b3b3213bc382ab02b9fb0a82991bfb0fec1e5e1193b9cd - creationTimestamp: "2025-10-27T21:04:08Z" - generateName: gitea-valkey-primary- - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: valkey - app.kubernetes.io/version: 8.1.3 - apps.kubernetes.io/pod-index: "0" - controller-revision-hash: gitea-valkey-primary-7d55f7b7b9 - helm.sh/chart: valkey-3.0.31 - statefulset.kubernetes.io/pod-name: gitea-valkey-primary-0 - name: gitea-valkey-primary-0 - namespace: gitea - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: StatefulSet - name: gitea-valkey-primary - uid: 40481ba9-b808-4215-b738-4a9a7f5dffb6 - resourceVersion: "20406063" - uid: f19d18c6-f00e-4e70-a071-fb1499eb4f58 - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: gitea - app.kubernetes.io/name: valkey - topologyKey: kubernetes.io/hostname - weight: 1 - automountServiceAccountToken: false - containers: - - args: - - -c - - /opt/bitnami/scripts/start-scripts/start-primary.sh - command: - - /bin/bash - env: - - name: BITNAMI_DEBUG - value: "false" - - name: VALKEY_REPLICATION_MODE - value: primary - - name: ALLOW_EMPTY_PASSWORD - value: "no" - - name: VALKEY_PASSWORD_FILE - value: /opt/bitnami/valkey/secrets/valkey-password - - name: VALKEY_TLS_ENABLED - value: "no" - - name: VALKEY_PORT - value: "6379" - image: docker.io/bitnami/valkey:8.1.1-debian-12-r0 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - sh - - -c - - /health/ping_liveness_local.sh 5 - failureThreshold: 5 - initialDelaySeconds: 20 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 6 - name: valkey - ports: - - containerPort: 6379 - name: redis - protocol: TCP - readinessProbe: - exec: - command: - - sh - - -c - - /health/ping_readiness_local.sh 1 - failureThreshold: 5 - initialDelaySeconds: 20 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 2 - resources: - limits: - cpu: 150m - ephemeral-storage: 2Gi - memory: 192Mi - requests: - cpu: 100m - ephemeral-storage: 50Mi - memory: 128Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsGroup: 1001 - runAsNonRoot: true - runAsUser: 1001 - seLinuxOptions: {} - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /opt/bitnami/scripts/start-scripts - name: start-scripts - - mountPath: /health - name: health - - mountPath: /opt/bitnami/valkey/secrets/ - name: valkey-password - - mountPath: /data - name: valkey-data - - mountPath: /opt/bitnami/valkey/mounted-etc - name: config - - mountPath: /opt/bitnami/valkey/etc/ - name: empty-dir - subPath: app-conf-dir - - mountPath: /tmp - name: empty-dir - subPath: tmp-dir - dnsPolicy: ClusterFirst - enableServiceLinks: true - hostname: gitea-valkey-primary-0 - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1001 - fsGroupChangePolicy: Always - serviceAccount: gitea-valkey-primary - serviceAccountName: gitea-valkey-primary - subdomain: gitea-valkey-headless - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: valkey-data - persistentVolumeClaim: - claimName: valkey-data-gitea-valkey-primary-0 - - configMap: - defaultMode: 493 - name: gitea-valkey-scripts - name: start-scripts - - configMap: - defaultMode: 493 - name: gitea-valkey-health - name: health - - name: valkey-password - secret: - defaultMode: 420 - items: - - key: valkey-password - path: valkey-password - secretName: gitea-valkey - - configMap: - defaultMode: 420 - name: gitea-valkey-configuration - name: config - - emptyDir: {} - name: empty-dir - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:04:09Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:04:08Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:04:30Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:04:30Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:04:08Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://a8530f8b9c5dc9905955c60edec435613cce624c29ad8aa703313b9f3609797e - image: docker.io/bitnami/valkey:8.1.1-debian-12-r0 - imageID: docker.io/bitnami/valkey@sha256:b6b1c4944b12dc6d644bb553695350138f63172232d9d323486136aded59e5b6 - lastState: {} - name: valkey - ready: true - restartCount: 0 - started: true - state: - running: - startedAt: "2025-10-27T21:04:09Z" - volumeMounts: - - mountPath: /opt/bitnami/scripts/start-scripts - name: start-scripts - - mountPath: /health - name: health - - mountPath: /opt/bitnami/valkey/secrets/ - name: valkey-password - - mountPath: /data - name: valkey-data - - mountPath: /opt/bitnami/valkey/mounted-etc - name: config - - mountPath: /opt/bitnami/valkey/etc/ - name: empty-dir - - mountPath: /tmp - name: empty-dir - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.151 - podIPs: - - ip: 10.244.0.151 - qosClass: Burstable - startTime: "2025-10-27T21:04:08Z" -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: gitea - meta.helm.sh/release-namespace: gitea - creationTimestamp: "2025-05-23T19:53:33Z" - labels: - app: gitea - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: gitea - app.kubernetes.io/version: 1.24.6 - helm.sh/chart: gitea-12.4.0 - version: 1.24.6 - name: gitea-http - namespace: gitea - resourceVersion: "20405938" - uid: 0777d7be-068b-42c6-a59f-3264c0fdfc4a - spec: - clusterIP: 10.101.238.182 - clusterIPs: - - 10.101.238.182 - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: http - nodePort: 30081 - port: 3000 - protocol: TCP - targetPort: 3000 - selector: - app.kubernetes.io/instance: gitea - app.kubernetes.io/name: gitea - sessionAffinity: None - type: NodePort - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: gitea - meta.helm.sh/release-namespace: gitea - creationTimestamp: "2025-05-23T19:53:33Z" - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 17.6.0 - helm.sh/chart: postgresql-16.7.27 - name: gitea-postgresql - namespace: gitea - resourceVersion: "20405929" - uid: c1d52177-9299-462d-a487-b48b506f8f8d - spec: - clusterIP: 10.105.180.86 - clusterIPs: - - 10.105.180.86 - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: tcp-postgresql - port: 5432 - protocol: TCP - targetPort: tcp-postgresql - selector: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: gitea - app.kubernetes.io/name: postgresql - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: gitea - meta.helm.sh/release-namespace: gitea - creationTimestamp: "2025-05-23T19:53:33Z" - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 17.6.0 - helm.sh/chart: postgresql-16.7.27 - name: gitea-postgresql-hl - namespace: gitea - resourceVersion: "20405926" - uid: 5dc925e4-afd5-44ea-b5d7-d8c19fe5432a - spec: - clusterIP: None - clusterIPs: - - None - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: tcp-postgresql - port: 5432 - protocol: TCP - targetPort: tcp-postgresql - publishNotReadyAddresses: true - selector: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: gitea - app.kubernetes.io/name: postgresql - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: gitea - meta.helm.sh/release-namespace: gitea - creationTimestamp: "2025-05-23T19:53:33Z" - labels: - app: gitea - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: gitea - app.kubernetes.io/version: 1.24.6 - helm.sh/chart: gitea-12.4.0 - version: 1.24.6 - name: gitea-ssh - namespace: gitea - resourceVersion: "20405941" - uid: 398bb2ce-1748-41ef-8391-418b5292b6a8 - spec: - clusterIP: None - clusterIPs: - - None - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: ssh - port: 22 - protocol: TCP - targetPort: 22 - selector: - app.kubernetes.io/instance: gitea - app.kubernetes.io/name: gitea - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: gitea - meta.helm.sh/release-namespace: gitea - creationTimestamp: "2025-05-23T19:53:33Z" - labels: - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: valkey - app.kubernetes.io/part-of: valkey - app.kubernetes.io/version: 8.1.3 - helm.sh/chart: valkey-3.0.31 - name: gitea-valkey-headless - namespace: gitea - resourceVersion: "20405932" - uid: 9feead00-753c-404d-b777-560ab2c374ad - spec: - clusterIP: None - clusterIPs: - - None - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: tcp-redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app.kubernetes.io/instance: gitea - app.kubernetes.io/name: valkey - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: gitea - meta.helm.sh/release-namespace: gitea - creationTimestamp: "2025-05-23T19:53:33Z" - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: valkey - app.kubernetes.io/part-of: valkey - app.kubernetes.io/version: 8.1.3 - helm.sh/chart: valkey-3.0.31 - name: gitea-valkey-primary - namespace: gitea - resourceVersion: "20405935" - uid: 0645d25e-19c2-4cc7-b861-a5953f3eb68b - spec: - clusterIP: 10.98.74.122 - clusterIPs: - - 10.98.74.122 - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: tcp-redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: gitea - app.kubernetes.io/name: valkey - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "4" - meta.helm.sh/release-name: gitea - meta.helm.sh/release-namespace: gitea - creationTimestamp: "2025-05-23T19:53:33Z" - generation: 4 - labels: - app: gitea - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: gitea - app.kubernetes.io/version: 1.24.6 - helm.sh/chart: gitea-12.4.0 - version: 1.24.6 - name: gitea - namespace: gitea - resourceVersion: "20406235" - uid: a95418e5-ec60-4e9a-a542-bf95ac8a3973 - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app.kubernetes.io/instance: gitea - app.kubernetes.io/name: gitea - strategy: - rollingUpdate: - maxSurge: 100% - maxUnavailable: 0 - type: RollingUpdate - template: - metadata: - annotations: - checksum/config: 0b2c10182d51aa707a84b0fdf2c72cbb3d71ff230d325aa9ff22a49e8ce21ffc - creationTimestamp: null - labels: - app: gitea - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: gitea - app.kubernetes.io/version: 1.24.6 - helm.sh/chart: gitea-12.4.0 - version: 1.24.6 - spec: - containers: - - env: - - name: SSH_LISTEN_PORT - value: "22" - - name: SSH_PORT - value: "22" - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: TMPDIR - value: /tmp/gitea - - name: HOME - value: /data/gitea/git - image: docker.gitea.com/gitea:1.24.6-rootless - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 10 - initialDelaySeconds: 200 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: http - timeoutSeconds: 1 - name: gitea - ports: - - containerPort: 22 - name: ssh - protocol: TCP - - containerPort: 3000 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: http - timeoutSeconds: 1 - resources: {} - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - dnsPolicy: ClusterFirst - initContainers: - - command: - - /usr/sbinx/init_directory_structure.sh - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - image: docker.gitea.com/gitea:1.24.6-rootless - imagePullPolicy: IfNotPresent - name: init-directories - resources: - requests: - cpu: 100m - memory: 128Mi - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /usr/sbinx - name: init - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - - command: - - /usr/sbinx/config_environment.sh - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: TMP_EXISTING_ENVS_FILE - value: /tmp/existing-envs - - name: ENV_TO_INI_MOUNT_POINT - value: /env-to-ini-mounts - image: docker.gitea.com/gitea:1.24.6-rootless - imagePullPolicy: IfNotPresent - name: init-app-ini - resources: - requests: - cpu: 100m - memory: 128Mi - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /usr/sbinx - name: config - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - - mountPath: /env-to-ini-mounts/inlines/ - name: inline-config-sources - - command: - - /usr/sbinx/configure_gitea.sh - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: HOME - value: /data/gitea/git - - name: GITEA_ADMIN_USERNAME - value: admin - - name: GITEA_ADMIN_PASSWORD - value: Kalapszar222& - - name: GITEA_ADMIN_PASSWORD_MODE - value: keepUpdated - image: docker.gitea.com/gitea:1.24.6-rootless - imagePullPolicy: IfNotPresent - name: configure-gitea - resources: - requests: - cpu: 100m - memory: 128Mi - securityContext: - runAsUser: 1000 - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /usr/sbinx - name: init - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - terminationGracePeriodSeconds: 60 - volumes: - - name: init - secret: - defaultMode: 110 - secretName: gitea-init - - name: config - secret: - defaultMode: 110 - secretName: gitea - - name: inline-config-sources - secret: - defaultMode: 420 - secretName: gitea-inline-config - - emptyDir: {} - name: temp - - name: data - persistentVolumeClaim: - claimName: gitea-shared-storage - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-08-24T01:03:10Z" - lastUpdateTime: "2025-08-24T01:03:10Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - - lastTransitionTime: "2025-05-23T19:53:33Z" - lastUpdateTime: "2025-10-27T21:05:36Z" - message: ReplicaSet "gitea-58df85bccc" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - observedGeneration: 4 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "4" - meta.helm.sh/release-name: gitea - meta.helm.sh/release-namespace: gitea - creationTimestamp: "2025-10-27T21:04:07Z" - generation: 1 - labels: - app: gitea - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: gitea - app.kubernetes.io/version: 1.24.6 - helm.sh/chart: gitea-12.4.0 - pod-template-hash: 58df85bccc - version: 1.24.6 - name: gitea-58df85bccc - namespace: gitea - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: gitea - uid: a95418e5-ec60-4e9a-a542-bf95ac8a3973 - resourceVersion: "20406222" - uid: 03ab4ff6-6209-41d4-a909-2917160eb74f - spec: - replicas: 1 - selector: - matchLabels: + - apiVersion: v1 + kind: Pod + metadata: + annotations: + checksum/config: 0b2c10182d51aa707a84b0fdf2c72cbb3d71ff230d325aa9ff22a49e8ce21ffc + creationTimestamp: '2025-10-27T21:04:07Z' + generateName: gitea-58df85bccc- + labels: + app: gitea app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.24.6 + helm.sh/chart: gitea-12.4.0 pod-template-hash: 58df85bccc - template: - metadata: - annotations: - checksum/config: 0b2c10182d51aa707a84b0fdf2c72cbb3d71ff230d325aa9ff22a49e8ce21ffc - creationTimestamp: null - labels: - app: gitea - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: gitea - app.kubernetes.io/version: 1.24.6 - helm.sh/chart: gitea-12.4.0 - pod-template-hash: 58df85bccc - version: 1.24.6 - spec: - containers: + version: 1.24.6 + name: gitea-58df85bccc-7kcln + namespace: gitea + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: gitea-58df85bccc + uid: 03ab4ff6-6209-41d4-a909-2917160eb74f + resourceVersion: '20406217' + uid: e37fa9e6-400d-4a1c-87da-9e00a971cb59 + spec: + containers: - env: - - name: SSH_LISTEN_PORT - value: "22" - - name: SSH_PORT - value: "22" - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: TMPDIR - value: /tmp/gitea - - name: HOME - value: /data/gitea/git + - name: SSH_LISTEN_PORT + value: '22' + - name: SSH_PORT + value: '22' + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMPDIR + value: /tmp/gitea + - name: HOME + value: /data/gitea/git image: docker.gitea.com/gitea:1.24.6-rootless imagePullPolicy: IfNotPresent livenessProbe: @@ -1424,12 +58,12 @@ items: timeoutSeconds: 1 name: gitea ports: - - containerPort: 22 - name: ssh - protocol: TCP - - containerPort: 3000 - name: http - protocol: TCP + - containerPort: 22 + name: ssh + protocol: TCP + - containerPort: 3000 + name: http + protocol: TCP readinessProbe: failureThreshold: 3 initialDelaySeconds: 5 @@ -1443,23 +77,27 @@ items: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - dnsPolicy: ClusterFirst - initContainers: + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9mvwz + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + initContainers: - command: - - /usr/sbinx/init_directory_structure.sh + - /usr/sbinx/init_directory_structure.sh env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea image: docker.gitea.com/gitea:1.24.6-rootless imagePullPolicy: IfNotPresent name: init-directories @@ -1471,27 +109,30 @@ items: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /usr/sbinx - name: init - - mountPath: /tmp - name: temp - - mountPath: /data - name: data + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9mvwz + readOnly: true - command: - - /usr/sbinx/config_environment.sh + - /usr/sbinx/config_environment.sh env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: TMP_EXISTING_ENVS_FILE - value: /tmp/existing-envs - - name: ENV_TO_INI_MOUNT_POINT - value: /env-to-ini-mounts + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMP_EXISTING_ENVS_FILE + value: /tmp/existing-envs + - name: ENV_TO_INI_MOUNT_POINT + value: /env-to-ini-mounts image: docker.gitea.com/gitea:1.24.6-rootless imagePullPolicy: IfNotPresent name: init-app-ini @@ -1503,33 +144,36 @@ items: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /usr/sbinx - name: config - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - - mountPath: /env-to-ini-mounts/inlines/ - name: inline-config-sources + - mountPath: /usr/sbinx + name: config + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /env-to-ini-mounts/inlines/ + name: inline-config-sources + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9mvwz + readOnly: true - command: - - /usr/sbinx/configure_gitea.sh + - /usr/sbinx/configure_gitea.sh env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: HOME - value: /data/gitea/git - - name: GITEA_ADMIN_USERNAME - value: admin - - name: GITEA_ADMIN_PASSWORD - value: Kalapszar222& - - name: GITEA_ADMIN_PASSWORD_MODE - value: keepUpdated + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + - name: GITEA_ADMIN_USERNAME + value: admin + - name: GITEA_ADMIN_PASSWORD + value: Kalapszar222& + - name: GITEA_ADMIN_PASSWORD_MODE + value: keepUpdated image: docker.gitea.com/gitea:1.24.6-rootless imagePullPolicy: IfNotPresent name: configure-gitea @@ -1542,18 +186,35 @@ items: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /usr/sbinx - name: init - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - terminationGracePeriodSeconds: 60 - volumes: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9mvwz + readOnly: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 60 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: - name: init secret: defaultMode: 110 @@ -1571,758 +232,187 @@ items: - name: data persistentVolumeClaim: claimName: gitea-shared-storage - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "2" - meta.helm.sh/release-name: gitea - meta.helm.sh/release-namespace: gitea - creationTimestamp: "2025-05-23T20:12:30Z" - generation: 2 - labels: - app: gitea - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: gitea - app.kubernetes.io/version: 1.23.8 - helm.sh/chart: gitea-0.0.0 - pod-template-hash: 59f49bbd77 - version: 1.23.8 - name: gitea-59f49bbd77 - namespace: gitea - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: gitea - uid: a95418e5-ec60-4e9a-a542-bf95ac8a3973 - resourceVersion: "3159329" - uid: 9b250d58-9f3e-4b82-872f-78ab196dc1cd - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/instance: gitea - app.kubernetes.io/name: gitea - pod-template-hash: 59f49bbd77 - template: - metadata: - annotations: - checksum/config: 153514c0c27436c85f9e699b6dabd2b261144631eb1d02dcab43c14b4b08eacd - creationTimestamp: null - labels: - app: gitea - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: gitea - app.kubernetes.io/version: 1.23.8 - helm.sh/chart: gitea-0.0.0 - pod-template-hash: 59f49bbd77 - version: 1.23.8 - spec: - containers: - - env: - - name: SSH_LISTEN_PORT - value: "2222" - - name: SSH_PORT - value: "22" - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: TMPDIR - value: /tmp/gitea - - name: HOME - value: /data/gitea/git - image: docker.gitea.com/gitea:1.23.8-rootless - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 10 - initialDelaySeconds: 200 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: http - timeoutSeconds: 1 - name: gitea - ports: - - containerPort: 2222 - name: ssh - protocol: TCP - - containerPort: 3000 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: http - timeoutSeconds: 1 - resources: {} - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - dnsPolicy: ClusterFirst - initContainers: - - command: - - /usr/sbinx/init_directory_structure.sh - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - image: docker.gitea.com/gitea:1.23.8-rootless - imagePullPolicy: IfNotPresent - name: init-directories - resources: - requests: - cpu: 100m - memory: 128Mi - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /usr/sbinx - name: init - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - - command: - - /usr/sbinx/config_environment.sh - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: TMP_EXISTING_ENVS_FILE - value: /tmp/existing-envs - - name: ENV_TO_INI_MOUNT_POINT - value: /env-to-ini-mounts - image: docker.gitea.com/gitea:1.23.8-rootless - imagePullPolicy: IfNotPresent - name: init-app-ini - resources: - requests: - cpu: 100m - memory: 128Mi - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /usr/sbinx - name: config - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - - mountPath: /env-to-ini-mounts/inlines/ - name: inline-config-sources - - command: - - /usr/sbinx/configure_gitea.sh - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: HOME - value: /data/gitea/git - - name: GITEA_ADMIN_USERNAME - value: admin - - name: GITEA_ADMIN_PASSWORD - value: Kalapszar222& - - name: GITEA_ADMIN_PASSWORD_MODE - value: keepUpdated - image: docker.gitea.com/gitea:1.23.8-rootless - imagePullPolicy: IfNotPresent - name: configure-gitea - resources: - requests: - cpu: 100m - memory: 128Mi - securityContext: - runAsUser: 1000 - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /usr/sbinx - name: init - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - terminationGracePeriodSeconds: 60 - volumes: - - name: init - secret: - defaultMode: 110 - secretName: gitea-init - - name: config - secret: - defaultMode: 110 - secretName: gitea - - name: inline-config-sources - secret: + - name: kube-api-access-9mvwz + projected: defaultMode: 420 - secretName: gitea-inline-config - - emptyDir: {} - name: temp - - name: data - persistentVolumeClaim: - claimName: gitea-shared-storage - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "1" - meta.helm.sh/release-name: gitea - meta.helm.sh/release-namespace: gitea - creationTimestamp: "2025-05-23T19:53:33Z" - generation: 2 - labels: - app: gitea - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: gitea - app.kubernetes.io/version: 1.23.8 - helm.sh/chart: gitea-0.0.0 - pod-template-hash: 654b4569cd - version: 1.23.8 - name: gitea-654b4569cd - namespace: gitea - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: gitea - uid: a95418e5-ec60-4e9a-a542-bf95ac8a3973 - resourceVersion: "3157886" - uid: 6831c5b8-0793-4130-891d-4f84e7ecddbf - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/instance: gitea - app.kubernetes.io/name: gitea - pod-template-hash: 654b4569cd - template: - metadata: - annotations: - checksum/config: 153514c0c27436c85f9e699b6dabd2b261144631eb1d02dcab43c14b4b08eacd - creationTimestamp: null - labels: - app: gitea - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: gitea - app.kubernetes.io/version: 1.23.8 - helm.sh/chart: gitea-0.0.0 - pod-template-hash: 654b4569cd - version: 1.23.8 - spec: - containers: - - env: - - name: SSH_LISTEN_PORT - value: "2222" - - name: SSH_PORT - value: "22" - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: TMPDIR - value: /tmp/gitea - - name: HOME - value: /data/gitea/git - image: docker.gitea.com/gitea:1.23.8-rootless - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 10 - initialDelaySeconds: 200 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: http - timeoutSeconds: 1 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:04:15Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:05:14Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:05:36Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:05:36Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:04:07Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://35892078e5216d9936f94563209c8bb8e71d3de7cafa9d5a7090b09670080d2c + image: docker.gitea.com/gitea:1.24.6-rootless + imageID: docker.gitea.com/gitea@sha256:91f2b27e080739f0d19dba716c3214f17257c632cf762e545b44ca577e37052c + lastState: {} name: gitea - ports: - - containerPort: 2222 - name: ssh - protocol: TCP - - containerPort: 3000 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: http - timeoutSeconds: 1 - resources: {} - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File + ready: true + restartCount: 0 + started: true + state: + running: + startedAt: '2025-10-27T21:05:14Z' volumeMounts: - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - dnsPolicy: ClusterFirst - initContainers: - - command: - - /usr/sbinx/init_directory_structure.sh - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - image: docker.gitea.com/gitea:1.23.8-rootless - imagePullPolicy: IfNotPresent + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9mvwz + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + initContainerStatuses: + - containerID: containerd://70fe58eaf134c7d5ee60dd62e425eae04043fa18d30b337892f4d9f6bfd60de7 + image: docker.gitea.com/gitea:1.24.6-rootless + imageID: docker.gitea.com/gitea@sha256:91f2b27e080739f0d19dba716c3214f17257c632cf762e545b44ca577e37052c + lastState: {} name: init-directories - resources: - requests: - cpu: 100m - memory: 128Mi - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File + ready: true + restartCount: 0 + started: false + state: + terminated: + containerID: containerd://70fe58eaf134c7d5ee60dd62e425eae04043fa18d30b337892f4d9f6bfd60de7 + exitCode: 0 + finishedAt: '2025-10-27T21:04:15Z' + reason: Completed + startedAt: '2025-10-27T21:04:15Z' volumeMounts: - - mountPath: /usr/sbinx - name: init - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - - command: - - /usr/sbinx/config_environment.sh - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: TMP_EXISTING_ENVS_FILE - value: /tmp/existing-envs - - name: ENV_TO_INI_MOUNT_POINT - value: /env-to-ini-mounts - image: docker.gitea.com/gitea:1.23.8-rootless - imagePullPolicy: IfNotPresent + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9mvwz + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://126062f79f43c7068b8b8dbf5046fd97fe58254a4c94e2c24e9049835c22d149 + image: docker.gitea.com/gitea:1.24.6-rootless + imageID: docker.gitea.com/gitea@sha256:91f2b27e080739f0d19dba716c3214f17257c632cf762e545b44ca577e37052c + lastState: {} name: init-app-ini - resources: - requests: - cpu: 100m - memory: 128Mi - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File + ready: true + restartCount: 0 + started: false + state: + terminated: + containerID: containerd://126062f79f43c7068b8b8dbf5046fd97fe58254a4c94e2c24e9049835c22d149 + exitCode: 0 + finishedAt: '2025-10-27T21:04:18Z' + reason: Completed + startedAt: '2025-10-27T21:04:17Z' volumeMounts: - - mountPath: /usr/sbinx - name: config - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - - mountPath: /env-to-ini-mounts/inlines/ - name: inline-config-sources - - command: - - /usr/sbinx/configure_gitea.sh - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: HOME - value: /data/gitea/git - - name: GITEA_ADMIN_USERNAME - value: gitea_admin - - name: GITEA_ADMIN_PASSWORD - value: r8sA8CPHD9!bt6d - - name: GITEA_ADMIN_PASSWORD_MODE - value: keepUpdated - image: docker.gitea.com/gitea:1.23.8-rootless - imagePullPolicy: IfNotPresent + - mountPath: /usr/sbinx + name: config + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /env-to-ini-mounts/inlines/ + name: inline-config-sources + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9mvwz + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://60f9696c64cc4cea04a1de70f306511209af7d84bbda8c76142db877a58ccbe1 + image: docker.gitea.com/gitea:1.24.6-rootless + imageID: docker.gitea.com/gitea@sha256:91f2b27e080739f0d19dba716c3214f17257c632cf762e545b44ca577e37052c + lastState: {} name: configure-gitea - resources: - requests: - cpu: 100m - memory: 128Mi - securityContext: - runAsUser: 1000 - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File + ready: true + restartCount: 3 + started: false + state: + terminated: + containerID: containerd://60f9696c64cc4cea04a1de70f306511209af7d84bbda8c76142db877a58ccbe1 + exitCode: 0 + finishedAt: '2025-10-27T21:05:14Z' + reason: Completed + startedAt: '2025-10-27T21:05:01Z' volumeMounts: - - mountPath: /usr/sbinx - name: init - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - terminationGracePeriodSeconds: 60 - volumes: - - name: init - secret: - defaultMode: 110 - secretName: gitea-init - - name: config - secret: - defaultMode: 110 - secretName: gitea - - name: inline-config-sources - secret: - defaultMode: 420 - secretName: gitea-inline-config - - emptyDir: {} - name: temp - - name: data - persistentVolumeClaim: - claimName: gitea-shared-storage - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "3" - meta.helm.sh/release-name: gitea - meta.helm.sh/release-namespace: gitea - creationTimestamp: "2025-05-23T20:28:18Z" - generation: 2 - labels: - app: gitea - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: gitea - app.kubernetes.io/version: 1.23.8 - helm.sh/chart: gitea-0.0.0 - pod-template-hash: 66659b5cdc - version: 1.23.8 - name: gitea-66659b5cdc - namespace: gitea - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: gitea - uid: a95418e5-ec60-4e9a-a542-bf95ac8a3973 - resourceVersion: "20406234" - uid: 822d6eb2-737e-46e7-9026-23b875b67975 - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/instance: gitea - app.kubernetes.io/name: gitea - pod-template-hash: 66659b5cdc - template: - metadata: - annotations: - checksum/config: 2c0b9173c0047e498a8a3785346fe018224f68e0caa1b8354fbb7f82cdfa522f - creationTimestamp: null - labels: - app: gitea - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: gitea - app.kubernetes.io/version: 1.23.8 - helm.sh/chart: gitea-0.0.0 - pod-template-hash: 66659b5cdc - version: 1.23.8 - spec: - containers: - - env: - - name: SSH_LISTEN_PORT - value: "2222" - - name: SSH_PORT - value: "22" - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: TMPDIR - value: /tmp/gitea - - name: HOME - value: /data/gitea/git - image: docker.gitea.com/gitea:1.23.8-rootless - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 10 - initialDelaySeconds: 200 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: http - timeoutSeconds: 1 - name: gitea - ports: - - containerPort: 2222 - name: ssh - protocol: TCP - - containerPort: 3000 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: http - timeoutSeconds: 1 - resources: {} - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - dnsPolicy: ClusterFirst - initContainers: - - command: - - /usr/sbinx/init_directory_structure.sh - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - image: docker.gitea.com/gitea:1.23.8-rootless - imagePullPolicy: IfNotPresent - name: init-directories - resources: - requests: - cpu: 100m - memory: 128Mi - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /usr/sbinx - name: init - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - - command: - - /usr/sbinx/config_environment.sh - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: TMP_EXISTING_ENVS_FILE - value: /tmp/existing-envs - - name: ENV_TO_INI_MOUNT_POINT - value: /env-to-ini-mounts - image: docker.gitea.com/gitea:1.23.8-rootless - imagePullPolicy: IfNotPresent - name: init-app-ini - resources: - requests: - cpu: 100m - memory: 128Mi - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /usr/sbinx - name: config - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - - mountPath: /env-to-ini-mounts/inlines/ - name: inline-config-sources - - command: - - /usr/sbinx/configure_gitea.sh - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: HOME - value: /data/gitea/git - - name: GITEA_ADMIN_USERNAME - value: admin - - name: GITEA_ADMIN_PASSWORD - value: Kalapszar222& - - name: GITEA_ADMIN_PASSWORD_MODE - value: keepUpdated - image: docker.gitea.com/gitea:1.23.8-rootless - imagePullPolicy: IfNotPresent - name: configure-gitea - resources: - requests: - cpu: 100m - memory: 128Mi - securityContext: - runAsUser: 1000 - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /usr/sbinx - name: init - - mountPath: /tmp - name: temp - - mountPath: /data - name: data - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1000 - terminationGracePeriodSeconds: 60 - volumes: - - name: init - secret: - defaultMode: 110 - secretName: gitea-init - - name: config - secret: - defaultMode: 110 - secretName: gitea - - name: inline-config-sources - secret: - defaultMode: 420 - secretName: gitea-inline-config - - emptyDir: {} - name: temp - - name: data - persistentVolumeClaim: - claimName: gitea-shared-storage - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: StatefulSet - metadata: - annotations: - meta.helm.sh/release-name: gitea - meta.helm.sh/release-namespace: gitea - creationTimestamp: "2025-05-23T19:53:33Z" - generation: 2 - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 17.6.0 - helm.sh/chart: postgresql-16.7.27 - name: gitea-postgresql - namespace: gitea - resourceVersion: "20406140" - uid: 8d3cecd0-9602-45f4-b97b-a003b102f43d - spec: - persistentVolumeClaimRetentionPolicy: - whenDeleted: Retain - whenScaled: Retain - podManagementPolicy: OrderedReady - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9mvwz + readOnly: true + recursiveReadOnly: Disabled + phase: Running + podIP: 10.244.0.150 + podIPs: + - ip: 10.244.0.150 + qosClass: Burstable + startTime: '2025-10-27T21:04:07Z' + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-10-27T21:04:38Z' + generateName: gitea-postgresql- + labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - serviceName: gitea-postgresql-hl - template: - metadata: - creationTimestamp: null - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 17.6.0 - helm.sh/chart: postgresql-16.7.27 - name: gitea-postgresql - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: + app.kubernetes.io/version: 17.6.0 + apps.kubernetes.io/pod-index: '0' + controller-revision-hash: gitea-postgresql-57587479cf + helm.sh/chart: postgresql-16.7.27 + statefulset.kubernetes.io/pod-name: gitea-postgresql-0 + name: gitea-postgresql-0 + namespace: gitea + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: StatefulSet + name: gitea-postgresql + uid: 8d3cecd0-9602-45f4-b97b-a003b102f43d + resourceVersion: '20406135' + uid: 37fa35f8-7b3d-4a22-ab1a-c1414da34072 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchLabels: @@ -2331,49 +421,49 @@ items: app.kubernetes.io/name: postgresql topologyKey: kubernetes.io/hostname weight: 1 - automountServiceAccountToken: false - containers: + automountServiceAccountToken: false + containers: - env: - - name: BITNAMI_DEBUG - value: "false" - - name: POSTGRESQL_PORT_NUMBER - value: "5432" - - name: POSTGRESQL_VOLUME_DIR - value: /bitnami/postgresql - - name: PGDATA - value: /bitnami/postgresql/data - - name: POSTGRES_USER - value: gitea - - name: POSTGRES_PASSWORD_FILE - value: /opt/bitnami/postgresql/secrets/password - - name: POSTGRES_POSTGRES_PASSWORD_FILE - value: /opt/bitnami/postgresql/secrets/postgres-password - - name: POSTGRES_DATABASE - value: gitea - - name: POSTGRESQL_ENABLE_LDAP - value: "no" - - name: POSTGRESQL_ENABLE_TLS - value: "no" - - name: POSTGRESQL_LOG_HOSTNAME - value: "false" - - name: POSTGRESQL_LOG_CONNECTIONS - value: "false" - - name: POSTGRESQL_LOG_DISCONNECTIONS - value: "false" - - name: POSTGRESQL_PGAUDIT_LOG_CATALOG - value: "off" - - name: POSTGRESQL_CLIENT_MIN_MESSAGES - value: error - - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES - value: pgaudit + - name: BITNAMI_DEBUG + value: 'false' + - name: POSTGRESQL_PORT_NUMBER + value: '5432' + - name: POSTGRESQL_VOLUME_DIR + value: /bitnami/postgresql + - name: PGDATA + value: /bitnami/postgresql/data + - name: POSTGRES_USER + value: gitea + - name: POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/password + - name: POSTGRES_POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/postgres-password + - name: POSTGRES_DATABASE + value: gitea + - name: POSTGRESQL_ENABLE_LDAP + value: 'no' + - name: POSTGRESQL_ENABLE_TLS + value: 'no' + - name: POSTGRESQL_LOG_HOSTNAME + value: 'false' + - name: POSTGRESQL_LOG_CONNECTIONS + value: 'false' + - name: POSTGRESQL_LOG_DISCONNECTIONS + value: 'false' + - name: POSTGRESQL_PGAUDIT_LOG_CATALOG + value: 'off' + - name: POSTGRESQL_CLIENT_MIN_MESSAGES + value: error + - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES + value: pgaudit image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 imagePullPolicy: IfNotPresent livenessProbe: exec: command: - - /bin/sh - - -c - - exec pg_isready -U "gitea" -d "dbname=gitea" -h 127.0.0.1 -p 5432 + - /bin/sh + - -c + - exec pg_isready -U "gitea" -d "dbname=gitea" -h 127.0.0.1 -p 5432 failureThreshold: 6 initialDelaySeconds: 30 periodSeconds: 10 @@ -2381,18 +471,21 @@ items: timeoutSeconds: 5 name: postgresql ports: - - containerPort: 5432 - name: tcp-postgresql - protocol: TCP + - containerPort: 5432 + name: tcp-postgresql + protocol: TCP readinessProbe: exec: command: - - /bin/sh - - -c - - -e - - | - exec pg_isready -U "gitea" -d "dbname=gitea" -h 127.0.0.1 -p 5432 - [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] + - /bin/sh + - -c + - -e + - 'exec pg_isready -U "gitea" -d "dbname=gitea" -h 127.0.0.1 -p 5432 + + [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized + ] + + ' failureThreshold: 6 initialDelaySeconds: 5 periodSeconds: 10 @@ -2411,7 +504,7 @@ items: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL privileged: false readOnlyRootFilesystem: true runAsGroup: 1001 @@ -2423,31 +516,49 @@ items: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /tmp - name: empty-dir - subPath: tmp-dir - - mountPath: /opt/bitnami/postgresql/conf - name: empty-dir - subPath: app-conf-dir - - mountPath: /opt/bitnami/postgresql/tmp - name: empty-dir - subPath: app-tmp-dir - - mountPath: /opt/bitnami/postgresql/secrets/ - name: postgresql-password - - mountPath: /dev/shm - name: dshm - - mountPath: /bitnami/postgresql - name: data - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1001 - fsGroupChangePolicy: Always - serviceAccount: gitea-postgresql - serviceAccountName: gitea-postgresql - terminationGracePeriodSeconds: 30 - volumes: + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + subPath: app-conf-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + subPath: app-tmp-dir + - mountPath: /opt/bitnami/postgresql/secrets/ + name: postgresql-password + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + dnsPolicy: ClusterFirst + enableServiceLinks: true + hostname: gitea-postgresql-0 + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: gitea-postgresql + serviceAccountName: gitea-postgresql + subdomain: gitea-postgresql-hl + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: data + persistentVolumeClaim: + claimName: data-gitea-postgresql-0 - emptyDir: {} name: empty-dir - name: postgresql-password @@ -2457,87 +568,97 @@ items: - emptyDir: medium: Memory name: dshm - updateStrategy: - rollingUpdate: - partition: 0 - type: RollingUpdate - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - creationTimestamp: null - name: data - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 10Gi - volumeMode: Filesystem - status: - phase: Pending - status: - availableReplicas: 1 - collisionCount: 0 - currentReplicas: 1 - currentRevision: gitea-postgresql-57587479cf - observedGeneration: 2 - readyReplicas: 1 - replicas: 1 - updateRevision: gitea-postgresql-57587479cf - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: StatefulSet - metadata: - annotations: - meta.helm.sh/release-name: gitea - meta.helm.sh/release-namespace: gitea - creationTimestamp: "2025-05-23T19:53:33Z" - generation: 2 - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: valkey - app.kubernetes.io/part-of: valkey - app.kubernetes.io/version: 8.1.3 - helm.sh/chart: valkey-3.0.31 - name: gitea-valkey-primary - namespace: gitea - resourceVersion: "20406069" - uid: 40481ba9-b808-4215-b738-4a9a7f5dffb6 - spec: - persistentVolumeClaimRetentionPolicy: - whenDeleted: Retain - whenScaled: Retain - podManagementPolicy: OrderedReady - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:04:39Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:04:38Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:04:50Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:04:50Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:04:38Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://cec8de025f81b2b58d146b25d29ed923a34dd4b98f2c47c0b2c3fcce8e6ecce3 + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imageID: docker.io/bitnami/postgresql@sha256:5cf757a084469da93ca39a294c9ec7c1aaf2d2a5f728001676ece1a9607fa57f + lastState: {} + name: postgresql + ready: true + restartCount: 0 + started: true + state: + running: + startedAt: '2025-10-27T21:04:39Z' + volumeMounts: + - mountPath: /tmp + name: empty-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + - mountPath: /opt/bitnami/postgresql/secrets/ + name: postgresql-password + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.152 + podIPs: + - ip: 10.244.0.152 + qosClass: Burstable + startTime: '2025-10-27T21:04:38Z' + - apiVersion: v1 + kind: Pod + metadata: + annotations: + checksum/configmap: c8cdc0c4c772ac3192446a08bf401c29f1e39f33614657d36e4bb1692e34b39f + checksum/health: e3a0f06458110f02986bb8df4391c43567355d3582dd02f25447184391196fbc + checksum/scripts: 791de9ea7b477455268cda3e85c8e58a1505e8d19ff8e851d78a246cb185a0f7 + checksum/secret: 4b8cbd9693e7e45452b3b3213bc382ab02b9fb0a82991bfb0fec1e5e1193b9cd + creationTimestamp: '2025-10-27T21:04:08Z' + generateName: gitea-valkey-primary- + labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: valkey - serviceName: gitea-valkey-headless - template: - metadata: - annotations: - checksum/configmap: c8cdc0c4c772ac3192446a08bf401c29f1e39f33614657d36e4bb1692e34b39f - checksum/health: e3a0f06458110f02986bb8df4391c43567355d3582dd02f25447184391196fbc - checksum/scripts: 791de9ea7b477455268cda3e85c8e58a1505e8d19ff8e851d78a246cb185a0f7 - checksum/secret: 4b8cbd9693e7e45452b3b3213bc382ab02b9fb0a82991bfb0fec1e5e1193b9cd - creationTimestamp: null - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: valkey - app.kubernetes.io/version: 8.1.3 - helm.sh/chart: valkey-3.0.31 - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: + app.kubernetes.io/version: 8.1.3 + apps.kubernetes.io/pod-index: '0' + controller-revision-hash: gitea-valkey-primary-7d55f7b7b9 + helm.sh/chart: valkey-3.0.31 + statefulset.kubernetes.io/pod-name: gitea-valkey-primary-0 + name: gitea-valkey-primary-0 + namespace: gitea + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: StatefulSet + name: gitea-valkey-primary + uid: 40481ba9-b808-4215-b738-4a9a7f5dffb6 + resourceVersion: '20406063' + uid: f19d18c6-f00e-4e70-a071-fb1499eb4f58 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchLabels: @@ -2546,34 +667,34 @@ items: app.kubernetes.io/name: valkey topologyKey: kubernetes.io/hostname weight: 1 - automountServiceAccountToken: false - containers: + automountServiceAccountToken: false + containers: - args: - - -c - - /opt/bitnami/scripts/start-scripts/start-primary.sh + - -c + - /opt/bitnami/scripts/start-scripts/start-primary.sh command: - - /bin/bash + - /bin/bash env: - - name: BITNAMI_DEBUG - value: "false" - - name: VALKEY_REPLICATION_MODE - value: primary - - name: ALLOW_EMPTY_PASSWORD - value: "no" - - name: VALKEY_PASSWORD_FILE - value: /opt/bitnami/valkey/secrets/valkey-password - - name: VALKEY_TLS_ENABLED - value: "no" - - name: VALKEY_PORT - value: "6379" + - name: BITNAMI_DEBUG + value: 'false' + - name: VALKEY_REPLICATION_MODE + value: primary + - name: ALLOW_EMPTY_PASSWORD + value: 'no' + - name: VALKEY_PASSWORD_FILE + value: /opt/bitnami/valkey/secrets/valkey-password + - name: VALKEY_TLS_ENABLED + value: 'no' + - name: VALKEY_PORT + value: '6379' image: docker.io/bitnami/valkey:8.1.1-debian-12-r0 imagePullPolicy: IfNotPresent livenessProbe: exec: command: - - sh - - -c - - /health/ping_liveness_local.sh 5 + - sh + - -c + - /health/ping_liveness_local.sh 5 failureThreshold: 5 initialDelaySeconds: 20 periodSeconds: 5 @@ -2581,15 +702,15 @@ items: timeoutSeconds: 6 name: valkey ports: - - containerPort: 6379 - name: redis - protocol: TCP + - containerPort: 6379 + name: redis + protocol: TCP readinessProbe: exec: command: - - sh - - -c - - /health/ping_readiness_local.sh 1 + - sh + - -c + - /health/ping_readiness_local.sh 1 failureThreshold: 5 initialDelaySeconds: 20 periodSeconds: 5 @@ -2608,7 +729,7 @@ items: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true @@ -2619,33 +740,50 @@ items: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /opt/bitnami/scripts/start-scripts - name: start-scripts - - mountPath: /health - name: health - - mountPath: /opt/bitnami/valkey/secrets/ - name: valkey-password - - mountPath: /data - name: valkey-data - - mountPath: /opt/bitnami/valkey/mounted-etc - name: config - - mountPath: /opt/bitnami/valkey/etc/ - name: empty-dir - subPath: app-conf-dir - - mountPath: /tmp - name: empty-dir - subPath: tmp-dir - dnsPolicy: ClusterFirst - enableServiceLinks: true - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1001 - fsGroupChangePolicy: Always - serviceAccount: gitea-valkey-primary - serviceAccountName: gitea-valkey-primary - terminationGracePeriodSeconds: 30 - volumes: + - mountPath: /opt/bitnami/scripts/start-scripts + name: start-scripts + - mountPath: /health + name: health + - mountPath: /opt/bitnami/valkey/secrets/ + name: valkey-password + - mountPath: /data + name: valkey-data + - mountPath: /opt/bitnami/valkey/mounted-etc + name: config + - mountPath: /opt/bitnami/valkey/etc/ + name: empty-dir + subPath: app-conf-dir + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + dnsPolicy: ClusterFirst + enableServiceLinks: true + hostname: gitea-valkey-primary-0 + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: gitea-valkey-primary + serviceAccountName: gitea-valkey-primary + subdomain: gitea-valkey-headless + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: valkey-data + persistentVolumeClaim: + claimName: valkey-data-gitea-valkey-primary-0 - configMap: defaultMode: 493 name: gitea-valkey-scripts @@ -2658,8 +796,8 @@ items: secret: defaultMode: 420 items: - - key: valkey-password - path: valkey-password + - key: valkey-password + path: valkey-password secretName: gitea-valkey - configMap: defaultMode: 420 @@ -2667,37 +805,1906 @@ items: name: config - emptyDir: {} name: empty-dir - updateStrategy: - type: RollingUpdate - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - creationTimestamp: null - labels: + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:04:09Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:04:08Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:04:30Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:04:30Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:04:08Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://a8530f8b9c5dc9905955c60edec435613cce624c29ad8aa703313b9f3609797e + image: docker.io/bitnami/valkey:8.1.1-debian-12-r0 + imageID: docker.io/bitnami/valkey@sha256:b6b1c4944b12dc6d644bb553695350138f63172232d9d323486136aded59e5b6 + lastState: {} + name: valkey + ready: true + restartCount: 0 + started: true + state: + running: + startedAt: '2025-10-27T21:04:09Z' + volumeMounts: + - mountPath: /opt/bitnami/scripts/start-scripts + name: start-scripts + - mountPath: /health + name: health + - mountPath: /opt/bitnami/valkey/secrets/ + name: valkey-password + - mountPath: /data + name: valkey-data + - mountPath: /opt/bitnami/valkey/mounted-etc + name: config + - mountPath: /opt/bitnami/valkey/etc/ + name: empty-dir + - mountPath: /tmp + name: empty-dir + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.151 + podIPs: + - ip: 10.244.0.151 + qosClass: Burstable + startTime: '2025-10-27T21:04:08Z' + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: '2025-05-23T19:53:33Z' + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.24.6 + helm.sh/chart: gitea-12.4.0 + version: 1.24.6 + name: gitea-http + namespace: gitea + resourceVersion: '20405938' + uid: 0777d7be-068b-42c6-a59f-3264c0fdfc4a + spec: + clusterIP: 10.101.238.182 + clusterIPs: + - 10.101.238.182 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + nodePort: 30081 + port: 3000 + protocol: TCP + targetPort: 3000 + selector: + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: gitea + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: '2025-05-23T19:53:33Z' + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.6.0 + helm.sh/chart: postgresql-16.7.27 + name: gitea-postgresql + namespace: gitea + resourceVersion: '20405929' + uid: c1d52177-9299-462d-a487-b48b506f8f8d + spec: + clusterIP: 10.105.180.86 + clusterIPs: + - 10.105.180.86 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-postgresql + port: 5432 + protocol: TCP + targetPort: tcp-postgresql + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: postgresql + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: '2025-05-23T19:53:33Z' + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.6.0 + helm.sh/chart: postgresql-16.7.27 + name: gitea-postgresql-hl + namespace: gitea + resourceVersion: '20405926' + uid: 5dc925e4-afd5-44ea-b5d7-d8c19fe5432a + spec: + clusterIP: None + clusterIPs: + - None + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-postgresql + port: 5432 + protocol: TCP + targetPort: tcp-postgresql + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: postgresql + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: '2025-05-23T19:53:33Z' + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.24.6 + helm.sh/chart: gitea-12.4.0 + version: 1.24.6 + name: gitea-ssh + namespace: gitea + resourceVersion: '20405941' + uid: 398bb2ce-1748-41ef-8391-418b5292b6a8 + spec: + clusterIP: None + clusterIPs: + - None + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: ssh + port: 22 + protocol: TCP + targetPort: 22 + selector: + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: gitea + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: '2025-05-23T19:53:33Z' + labels: + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: valkey + app.kubernetes.io/part-of: valkey + app.kubernetes.io/version: 8.1.3 + helm.sh/chart: valkey-3.0.31 + name: gitea-valkey-headless + namespace: gitea + resourceVersion: '20405932' + uid: 9feead00-753c-404d-b777-560ab2c374ad + spec: + clusterIP: None + clusterIPs: + - None + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: valkey + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: '2025-05-23T19:53:33Z' + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: valkey + app.kubernetes.io/part-of: valkey + app.kubernetes.io/version: 8.1.3 + helm.sh/chart: valkey-3.0.31 + name: gitea-valkey-primary + namespace: gitea + resourceVersion: '20405935' + uid: 0645d25e-19c2-4cc7-b861-a5953f3eb68b + spec: + clusterIP: 10.98.74.122 + clusterIPs: + - 10.98.74.122 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: valkey + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '4' + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: '2025-05-23T19:53:33Z' + generation: 4 + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.24.6 + helm.sh/chart: gitea-12.4.0 + version: 1.24.6 + name: gitea + namespace: gitea + resourceVersion: '20406235' + uid: a95418e5-ec60-4e9a-a542-bf95ac8a3973 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: gitea + strategy: + rollingUpdate: + maxSurge: 100% + maxUnavailable: 0 + type: RollingUpdate + template: + metadata: + annotations: + checksum/config: 0b2c10182d51aa707a84b0fdf2c72cbb3d71ff230d325aa9ff22a49e8ce21ffc + creationTimestamp: null + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.24.6 + helm.sh/chart: gitea-12.4.0 + version: 1.24.6 + spec: + containers: + - env: + - name: SSH_LISTEN_PORT + value: '22' + - name: SSH_PORT + value: '22' + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMPDIR + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + initialDelaySeconds: 200 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + name: gitea + ports: + - containerPort: 22 + name: ssh + protocol: TCP + - containerPort: 3000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + dnsPolicy: ClusterFirst + initContainers: + - command: + - /usr/sbinx/init_directory_structure.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + name: init-directories + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - command: + - /usr/sbinx/config_environment.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMP_EXISTING_ENVS_FILE + value: /tmp/existing-envs + - name: ENV_TO_INI_MOUNT_POINT + value: /env-to-ini-mounts + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + name: init-app-ini + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: config + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /env-to-ini-mounts/inlines/ + name: inline-config-sources + - command: + - /usr/sbinx/configure_gitea.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + - name: GITEA_ADMIN_USERNAME + value: admin + - name: GITEA_ADMIN_PASSWORD + value: Kalapszar222& + - name: GITEA_ADMIN_PASSWORD_MODE + value: keepUpdated + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + name: configure-gitea + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + runAsUser: 1000 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + terminationGracePeriodSeconds: 60 + volumes: + - name: init + secret: + defaultMode: 110 + secretName: gitea-init + - name: config + secret: + defaultMode: 110 + secretName: gitea + - name: inline-config-sources + secret: + defaultMode: 420 + secretName: gitea-inline-config + - emptyDir: {} + name: temp + - name: data + persistentVolumeClaim: + claimName: gitea-shared-storage + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-08-24T01:03:10Z' + lastUpdateTime: '2025-08-24T01:03:10Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + - lastTransitionTime: '2025-05-23T19:53:33Z' + lastUpdateTime: '2025-10-27T21:05:36Z' + message: ReplicaSet "gitea-58df85bccc" has successfully progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + observedGeneration: 4 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '4' + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: '2025-10-27T21:04:07Z' + generation: 1 + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.24.6 + helm.sh/chart: gitea-12.4.0 + pod-template-hash: 58df85bccc + version: 1.24.6 + name: gitea-58df85bccc + namespace: gitea + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: gitea + uid: a95418e5-ec60-4e9a-a542-bf95ac8a3973 + resourceVersion: '20406222' + uid: 03ab4ff6-6209-41d4-a909-2917160eb74f + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: gitea + pod-template-hash: 58df85bccc + template: + metadata: + annotations: + checksum/config: 0b2c10182d51aa707a84b0fdf2c72cbb3d71ff230d325aa9ff22a49e8ce21ffc + creationTimestamp: null + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.24.6 + helm.sh/chart: gitea-12.4.0 + pod-template-hash: 58df85bccc + version: 1.24.6 + spec: + containers: + - env: + - name: SSH_LISTEN_PORT + value: '22' + - name: SSH_PORT + value: '22' + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMPDIR + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + initialDelaySeconds: 200 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + name: gitea + ports: + - containerPort: 22 + name: ssh + protocol: TCP + - containerPort: 3000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + dnsPolicy: ClusterFirst + initContainers: + - command: + - /usr/sbinx/init_directory_structure.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + name: init-directories + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - command: + - /usr/sbinx/config_environment.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMP_EXISTING_ENVS_FILE + value: /tmp/existing-envs + - name: ENV_TO_INI_MOUNT_POINT + value: /env-to-ini-mounts + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + name: init-app-ini + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: config + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /env-to-ini-mounts/inlines/ + name: inline-config-sources + - command: + - /usr/sbinx/configure_gitea.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + - name: GITEA_ADMIN_USERNAME + value: admin + - name: GITEA_ADMIN_PASSWORD + value: Kalapszar222& + - name: GITEA_ADMIN_PASSWORD_MODE + value: keepUpdated + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + name: configure-gitea + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + runAsUser: 1000 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + terminationGracePeriodSeconds: 60 + volumes: + - name: init + secret: + defaultMode: 110 + secretName: gitea-init + - name: config + secret: + defaultMode: 110 + secretName: gitea + - name: inline-config-sources + secret: + defaultMode: 420 + secretName: gitea-inline-config + - emptyDir: {} + name: temp + - name: data + persistentVolumeClaim: + claimName: gitea-shared-storage + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '2' + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: '2025-05-23T20:12:30Z' + generation: 2 + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.23.8 + helm.sh/chart: gitea-0.0.0 + pod-template-hash: 59f49bbd77 + version: 1.23.8 + name: gitea-59f49bbd77 + namespace: gitea + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: gitea + uid: a95418e5-ec60-4e9a-a542-bf95ac8a3973 + resourceVersion: '3159329' + uid: 9b250d58-9f3e-4b82-872f-78ab196dc1cd + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: gitea + pod-template-hash: 59f49bbd77 + template: + metadata: + annotations: + checksum/config: 153514c0c27436c85f9e699b6dabd2b261144631eb1d02dcab43c14b4b08eacd + creationTimestamp: null + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.23.8 + helm.sh/chart: gitea-0.0.0 + pod-template-hash: 59f49bbd77 + version: 1.23.8 + spec: + containers: + - env: + - name: SSH_LISTEN_PORT + value: '2222' + - name: SSH_PORT + value: '22' + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMPDIR + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + initialDelaySeconds: 200 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + name: gitea + ports: + - containerPort: 2222 + name: ssh + protocol: TCP + - containerPort: 3000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + dnsPolicy: ClusterFirst + initContainers: + - command: + - /usr/sbinx/init_directory_structure.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: init-directories + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - command: + - /usr/sbinx/config_environment.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMP_EXISTING_ENVS_FILE + value: /tmp/existing-envs + - name: ENV_TO_INI_MOUNT_POINT + value: /env-to-ini-mounts + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: init-app-ini + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: config + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /env-to-ini-mounts/inlines/ + name: inline-config-sources + - command: + - /usr/sbinx/configure_gitea.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + - name: GITEA_ADMIN_USERNAME + value: admin + - name: GITEA_ADMIN_PASSWORD + value: Kalapszar222& + - name: GITEA_ADMIN_PASSWORD_MODE + value: keepUpdated + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: configure-gitea + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + runAsUser: 1000 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + terminationGracePeriodSeconds: 60 + volumes: + - name: init + secret: + defaultMode: 110 + secretName: gitea-init + - name: config + secret: + defaultMode: 110 + secretName: gitea + - name: inline-config-sources + secret: + defaultMode: 420 + secretName: gitea-inline-config + - emptyDir: {} + name: temp + - name: data + persistentVolumeClaim: + claimName: gitea-shared-storage + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '1' + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: '2025-05-23T19:53:33Z' + generation: 2 + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.23.8 + helm.sh/chart: gitea-0.0.0 + pod-template-hash: 654b4569cd + version: 1.23.8 + name: gitea-654b4569cd + namespace: gitea + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: gitea + uid: a95418e5-ec60-4e9a-a542-bf95ac8a3973 + resourceVersion: '3157886' + uid: 6831c5b8-0793-4130-891d-4f84e7ecddbf + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: gitea + pod-template-hash: 654b4569cd + template: + metadata: + annotations: + checksum/config: 153514c0c27436c85f9e699b6dabd2b261144631eb1d02dcab43c14b4b08eacd + creationTimestamp: null + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.23.8 + helm.sh/chart: gitea-0.0.0 + pod-template-hash: 654b4569cd + version: 1.23.8 + spec: + containers: + - env: + - name: SSH_LISTEN_PORT + value: '2222' + - name: SSH_PORT + value: '22' + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMPDIR + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + initialDelaySeconds: 200 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + name: gitea + ports: + - containerPort: 2222 + name: ssh + protocol: TCP + - containerPort: 3000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + dnsPolicy: ClusterFirst + initContainers: + - command: + - /usr/sbinx/init_directory_structure.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: init-directories + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - command: + - /usr/sbinx/config_environment.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMP_EXISTING_ENVS_FILE + value: /tmp/existing-envs + - name: ENV_TO_INI_MOUNT_POINT + value: /env-to-ini-mounts + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: init-app-ini + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: config + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /env-to-ini-mounts/inlines/ + name: inline-config-sources + - command: + - /usr/sbinx/configure_gitea.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + - name: GITEA_ADMIN_USERNAME + value: gitea_admin + - name: GITEA_ADMIN_PASSWORD + value: r8sA8CPHD9!bt6d + - name: GITEA_ADMIN_PASSWORD_MODE + value: keepUpdated + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: configure-gitea + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + runAsUser: 1000 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + terminationGracePeriodSeconds: 60 + volumes: + - name: init + secret: + defaultMode: 110 + secretName: gitea-init + - name: config + secret: + defaultMode: 110 + secretName: gitea + - name: inline-config-sources + secret: + defaultMode: 420 + secretName: gitea-inline-config + - emptyDir: {} + name: temp + - name: data + persistentVolumeClaim: + claimName: gitea-shared-storage + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '3' + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: '2025-05-23T20:28:18Z' + generation: 2 + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.23.8 + helm.sh/chart: gitea-0.0.0 + pod-template-hash: 66659b5cdc + version: 1.23.8 + name: gitea-66659b5cdc + namespace: gitea + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: gitea + uid: a95418e5-ec60-4e9a-a542-bf95ac8a3973 + resourceVersion: '20406234' + uid: 822d6eb2-737e-46e7-9026-23b875b67975 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: gitea + pod-template-hash: 66659b5cdc + template: + metadata: + annotations: + checksum/config: 2c0b9173c0047e498a8a3785346fe018224f68e0caa1b8354fbb7f82cdfa522f + creationTimestamp: null + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.23.8 + helm.sh/chart: gitea-0.0.0 + pod-template-hash: 66659b5cdc + version: 1.23.8 + spec: + containers: + - env: + - name: SSH_LISTEN_PORT + value: '2222' + - name: SSH_PORT + value: '22' + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMPDIR + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + initialDelaySeconds: 200 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + name: gitea + ports: + - containerPort: 2222 + name: ssh + protocol: TCP + - containerPort: 3000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + dnsPolicy: ClusterFirst + initContainers: + - command: + - /usr/sbinx/init_directory_structure.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: init-directories + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - command: + - /usr/sbinx/config_environment.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMP_EXISTING_ENVS_FILE + value: /tmp/existing-envs + - name: ENV_TO_INI_MOUNT_POINT + value: /env-to-ini-mounts + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: init-app-ini + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: config + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /env-to-ini-mounts/inlines/ + name: inline-config-sources + - command: + - /usr/sbinx/configure_gitea.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + - name: GITEA_ADMIN_USERNAME + value: admin + - name: GITEA_ADMIN_PASSWORD + value: Kalapszar222& + - name: GITEA_ADMIN_PASSWORD_MODE + value: keepUpdated + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: configure-gitea + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + runAsUser: 1000 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + terminationGracePeriodSeconds: 60 + volumes: + - name: init + secret: + defaultMode: 110 + secretName: gitea-init + - name: config + secret: + defaultMode: 110 + secretName: gitea + - name: inline-config-sources + secret: + defaultMode: 420 + secretName: gitea-inline-config + - emptyDir: {} + name: temp + - name: data + persistentVolumeClaim: + claimName: gitea-shared-storage + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: StatefulSet + metadata: + annotations: + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: '2025-05-23T19:53:33Z' + generation: 2 + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.6.0 + helm.sh/chart: postgresql-16.7.27 + name: gitea-postgresql + namespace: gitea + resourceVersion: '20406140' + uid: 8d3cecd0-9602-45f4-b97b-a003b102f43d + spec: + persistentVolumeClaimRetentionPolicy: + whenDeleted: Retain + whenScaled: Retain + podManagementPolicy: OrderedReady + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: postgresql + serviceName: gitea-postgresql-hl + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.6.0 + helm.sh/chart: postgresql-16.7.27 + name: gitea-postgresql + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: postgresql + topologyKey: kubernetes.io/hostname + weight: 1 + automountServiceAccountToken: false + containers: + - env: + - name: BITNAMI_DEBUG + value: 'false' + - name: POSTGRESQL_PORT_NUMBER + value: '5432' + - name: POSTGRESQL_VOLUME_DIR + value: /bitnami/postgresql + - name: PGDATA + value: /bitnami/postgresql/data + - name: POSTGRES_USER + value: gitea + - name: POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/password + - name: POSTGRES_POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/postgres-password + - name: POSTGRES_DATABASE + value: gitea + - name: POSTGRESQL_ENABLE_LDAP + value: 'no' + - name: POSTGRESQL_ENABLE_TLS + value: 'no' + - name: POSTGRESQL_LOG_HOSTNAME + value: 'false' + - name: POSTGRESQL_LOG_CONNECTIONS + value: 'false' + - name: POSTGRESQL_LOG_DISCONNECTIONS + value: 'false' + - name: POSTGRESQL_PGAUDIT_LOG_CATALOG + value: 'off' + - name: POSTGRESQL_CLIENT_MIN_MESSAGES + value: error + - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES + value: pgaudit + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - /bin/sh + - -c + - exec pg_isready -U "gitea" -d "dbname=gitea" -h 127.0.0.1 -p + 5432 + failureThreshold: 6 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: postgresql + ports: + - containerPort: 5432 + name: tcp-postgresql + protocol: TCP + readinessProbe: + exec: + command: + - /bin/sh + - -c + - -e + - 'exec pg_isready -U "gitea" -d "dbname=gitea" -h 127.0.0.1 -p + 5432 + + [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized + ] + + ' + failureThreshold: 6 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: + cpu: 150m + ephemeral-storage: 2Gi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + subPath: app-conf-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + subPath: app-tmp-dir + - mountPath: /opt/bitnami/postgresql/secrets/ + name: postgresql-password + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: gitea-postgresql + serviceAccountName: gitea-postgresql + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: empty-dir + - name: postgresql-password + secret: + defaultMode: 420 + secretName: gitea-postgresql + - emptyDir: + medium: Memory + name: dshm + updateStrategy: + rollingUpdate: + partition: 0 + type: RollingUpdate + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + creationTimestamp: null + name: data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + volumeMode: Filesystem + status: + phase: Pending + status: + availableReplicas: 1 + collisionCount: 0 + currentReplicas: 1 + currentRevision: gitea-postgresql-57587479cf + observedGeneration: 2 + readyReplicas: 1 + replicas: 1 + updateRevision: gitea-postgresql-57587479cf + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: StatefulSet + metadata: + annotations: + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: '2025-05-23T19:53:33Z' + generation: 2 + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: valkey + app.kubernetes.io/part-of: valkey + app.kubernetes.io/version: 8.1.3 + helm.sh/chart: valkey-3.0.31 + name: gitea-valkey-primary + namespace: gitea + resourceVersion: '20406069' + uid: 40481ba9-b808-4215-b738-4a9a7f5dffb6 + spec: + persistentVolumeClaimRetentionPolicy: + whenDeleted: Retain + whenScaled: Retain + podManagementPolicy: OrderedReady + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: app.kubernetes.io/component: primary app.kubernetes.io/instance: gitea app.kubernetes.io/name: valkey - name: valkey-data - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 8Gi - volumeMode: Filesystem - status: - phase: Pending - status: - availableReplicas: 1 - collisionCount: 0 - currentReplicas: 1 - currentRevision: gitea-valkey-primary-7d55f7b7b9 - observedGeneration: 2 - readyReplicas: 1 - replicas: 1 - updateRevision: gitea-valkey-primary-7d55f7b7b9 - updatedReplicas: 1 + serviceName: gitea-valkey-headless + template: + metadata: + annotations: + checksum/configmap: c8cdc0c4c772ac3192446a08bf401c29f1e39f33614657d36e4bb1692e34b39f + checksum/health: e3a0f06458110f02986bb8df4391c43567355d3582dd02f25447184391196fbc + checksum/scripts: 791de9ea7b477455268cda3e85c8e58a1505e8d19ff8e851d78a246cb185a0f7 + checksum/secret: 4b8cbd9693e7e45452b3b3213bc382ab02b9fb0a82991bfb0fec1e5e1193b9cd + creationTimestamp: null + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: valkey + app.kubernetes.io/version: 8.1.3 + helm.sh/chart: valkey-3.0.31 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: valkey + topologyKey: kubernetes.io/hostname + weight: 1 + automountServiceAccountToken: false + containers: + - args: + - -c + - /opt/bitnami/scripts/start-scripts/start-primary.sh + command: + - /bin/bash + env: + - name: BITNAMI_DEBUG + value: 'false' + - name: VALKEY_REPLICATION_MODE + value: primary + - name: ALLOW_EMPTY_PASSWORD + value: 'no' + - name: VALKEY_PASSWORD_FILE + value: /opt/bitnami/valkey/secrets/valkey-password + - name: VALKEY_TLS_ENABLED + value: 'no' + - name: VALKEY_PORT + value: '6379' + image: docker.io/bitnami/valkey:8.1.1-debian-12-r0 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - sh + - -c + - /health/ping_liveness_local.sh 5 + failureThreshold: 5 + initialDelaySeconds: 20 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 6 + name: valkey + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - sh + - -c + - /health/ping_readiness_local.sh 1 + failureThreshold: 5 + initialDelaySeconds: 20 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 2 + resources: + limits: + cpu: 150m + ephemeral-storage: 2Gi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/bitnami/scripts/start-scripts + name: start-scripts + - mountPath: /health + name: health + - mountPath: /opt/bitnami/valkey/secrets/ + name: valkey-password + - mountPath: /data + name: valkey-data + - mountPath: /opt/bitnami/valkey/mounted-etc + name: config + - mountPath: /opt/bitnami/valkey/etc/ + name: empty-dir + subPath: app-conf-dir + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: gitea-valkey-primary + serviceAccountName: gitea-valkey-primary + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 493 + name: gitea-valkey-scripts + name: start-scripts + - configMap: + defaultMode: 493 + name: gitea-valkey-health + name: health + - name: valkey-password + secret: + defaultMode: 420 + items: + - key: valkey-password + path: valkey-password + secretName: gitea-valkey + - configMap: + defaultMode: 420 + name: gitea-valkey-configuration + name: config + - emptyDir: {} + name: empty-dir + updateStrategy: + type: RollingUpdate + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: valkey + name: valkey-data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + volumeMode: Filesystem + status: + phase: Pending + status: + availableReplicas: 1 + collisionCount: 0 + currentReplicas: 1 + currentRevision: gitea-valkey-primary-7d55f7b7b9 + observedGeneration: 2 + readyReplicas: 1 + replicas: 1 + updateRevision: gitea-valkey-primary-7d55f7b7b9 + updatedReplicas: 1 kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/graylog/all.yaml b/manifests/graylog/all.yaml index 43d5fa9..937ec51 100644 --- a/manifests/graylog/all.yaml +++ b/manifests/graylog/all.yaml @@ -1,69 +1,70 @@ apiVersion: v1 items: -- apiVersion: v1 - kind: Service - metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"graylog-input-beats","namespace":"graylog"},"spec":{"ports":[{"name":"beats","nodePort":31544,"port":5044,"targetPort":5044}],"selector":{"statefulset.kubernetes.io/pod-name":"graylog-0"},"type":"NodePort"}} - creationTimestamp: "2025-05-20T11:27:45Z" - name: graylog-input-beats - namespace: graylog - resourceVersion: "2732995" - uid: d5629799-2d61-4125-822c-ea73b34ae304 - spec: - clusterIP: 10.108.193.18 - clusterIPs: - - 10.108.193.18 - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: beats - nodePort: 31544 - port: 5044 - protocol: TCP - targetPort: 5044 - selector: - statefulset.kubernetes.io/pod-name: graylog-0 - sessionAffinity: None - type: NodePort - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"graylog-input-tcp","namespace":"graylog"},"spec":{"ports":[{"name":"raw-tcp","nodePort":31555,"port":5555,"protocol":"TCP","targetPort":5555}],"selector":{"statefulset.kubernetes.io/pod-name":"graylog-0"},"type":"NodePort"}} - creationTimestamp: "2025-05-14T13:08:58Z" - name: graylog-input-tcp - namespace: graylog - resourceVersion: "1987935" - uid: e19b29f0-e1a9-476f-be59-fd08e78f45d5 - spec: - clusterIP: 10.97.208.205 - clusterIPs: - - 10.97.208.205 - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: raw-tcp - nodePort: 31555 - port: 5555 - protocol: TCP - targetPort: 5555 - selector: - statefulset.kubernetes.io/pod-name: graylog-0 - sessionAffinity: None - type: NodePort - status: - loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"graylog-input-beats","namespace":"graylog"},"spec":{"ports":[{"name":"beats","nodePort":31544,"port":5044,"targetPort":5044}],"selector":{"statefulset.kubernetes.io/pod-name":"graylog-0"},"type":"NodePort"}} + + ' + creationTimestamp: '2025-05-20T11:27:45Z' + name: graylog-input-beats + namespace: graylog + resourceVersion: '2732995' + uid: d5629799-2d61-4125-822c-ea73b34ae304 + spec: + clusterIP: 10.108.193.18 + clusterIPs: + - 10.108.193.18 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: beats + nodePort: 31544 + port: 5044 + protocol: TCP + targetPort: 5044 + selector: + statefulset.kubernetes.io/pod-name: graylog-0 + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"graylog-input-tcp","namespace":"graylog"},"spec":{"ports":[{"name":"raw-tcp","nodePort":31555,"port":5555,"protocol":"TCP","targetPort":5555}],"selector":{"statefulset.kubernetes.io/pod-name":"graylog-0"},"type":"NodePort"}} + + ' + creationTimestamp: '2025-05-14T13:08:58Z' + name: graylog-input-tcp + namespace: graylog + resourceVersion: '1987935' + uid: e19b29f0-e1a9-476f-be59-fd08e78f45d5 + spec: + clusterIP: 10.97.208.205 + clusterIPs: + - 10.97.208.205 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: raw-tcp + nodePort: 31555 + port: 5555 + protocol: TCP + targetPort: 5555 + selector: + statefulset.kubernetes.io/pod-name: graylog-0 + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/ingress-nginx/all.yaml b/manifests/ingress-nginx/all.yaml index a1daa63..3a02738 100644 --- a/manifests/ingress-nginx/all.yaml +++ b/manifests/ingress-nginx/all.yaml @@ -1,982 +1,44 @@ apiVersion: v1 items: -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-04-28T15:36:50Z" - generateName: ingress-nginx-admission-create- - labels: - app.kubernetes.io/component: admission-webhook - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.12.1 - batch.kubernetes.io/controller-uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 - batch.kubernetes.io/job-name: ingress-nginx-admission-create - controller-uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 - job-name: ingress-nginx-admission-create - name: ingress-nginx-admission-create-npzkk - namespace: ingress-nginx - ownerReferences: - - apiVersion: batch/v1 - blockOwnerDeletion: true - controller: true - kind: Job - name: ingress-nginx-admission-create - uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 - resourceVersion: "12273257" - uid: a4558234-ae4f-471d-a1f0-54d7a409cd88 - spec: - containers: - - args: - - create - - --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.$(POD_NAMESPACE).svc - - --namespace=$(POD_NAMESPACE) - - --secret-name=ingress-nginx-admission - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.2@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea - imagePullPolicy: IfNotPresent - name: create - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsGroup: 65532 - runAsNonRoot: true - runAsUser: 65532 - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-kgll7 - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - nodeSelector: - kubernetes.io/os: linux - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: OnFailure - schedulerName: default-scheduler - securityContext: {} - serviceAccount: ingress-nginx-admission - serviceAccountName: ingress-nginx-admission - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: kube-api-access-kgll7 - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-04-28T15:36:56Z" - status: "False" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-04-28T15:36:50Z" - reason: PodCompleted - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-04-28T15:36:50Z" - reason: PodCompleted - status: "False" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-04-28T15:36:50Z" - reason: PodCompleted - status: "False" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-04-28T15:36:50Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://a6c6d92bf9be7028e8a0bb98787afb7ab3cce4bd0a9ee14c3a6e146fd651bcc4 - image: sha256:aea50de662ab9fa143158df4b59095301b8b135c5da186f02c9592c80c05b13a - imageID: registry.k8s.io/ingress-nginx/kube-webhook-certgen@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea - lastState: {} - name: create - ready: false - restartCount: 0 - started: false - state: - terminated: - containerID: containerd://a6c6d92bf9be7028e8a0bb98787afb7ab3cce4bd0a9ee14c3a6e146fd651bcc4 - exitCode: 0 - finishedAt: "2025-04-28T15:36:54Z" - reason: Completed - startedAt: "2025-04-28T15:36:54Z" - volumeMounts: - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-kgll7 - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.173 - hostIPs: - - ip: 192.168.31.173 - phase: Succeeded - qosClass: BestEffort - startTime: "2025-04-28T15:36:50Z" -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-04-28T15:36:50Z" - generateName: ingress-nginx-admission-patch- - labels: - app.kubernetes.io/component: admission-webhook - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.12.1 - batch.kubernetes.io/controller-uid: abde6d32-68e5-4dff-973d-c5924fd290b9 - batch.kubernetes.io/job-name: ingress-nginx-admission-patch - controller-uid: abde6d32-68e5-4dff-973d-c5924fd290b9 - job-name: ingress-nginx-admission-patch - name: ingress-nginx-admission-patch-grvbz - namespace: ingress-nginx - ownerReferences: - - apiVersion: batch/v1 - blockOwnerDeletion: true - controller: true - kind: Job - name: ingress-nginx-admission-patch - uid: abde6d32-68e5-4dff-973d-c5924fd290b9 - resourceVersion: "12273262" - uid: 1fdb3ff9-09bb-46d8-b6fe-81961b8006f9 - spec: - containers: - - args: - - patch - - --webhook-name=ingress-nginx-admission - - --namespace=$(POD_NAMESPACE) - - --patch-mutating=false - - --secret-name=ingress-nginx-admission - - --patch-failure-policy=Fail - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.2@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea - imagePullPolicy: IfNotPresent - name: patch - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsGroup: 65532 - runAsNonRoot: true - runAsUser: 65532 - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9jbmc - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - nodeSelector: - kubernetes.io/os: linux - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: OnFailure - schedulerName: default-scheduler - securityContext: {} - serviceAccount: ingress-nginx-admission - serviceAccountName: ingress-nginx-admission - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: kube-api-access-9jbmc - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-04-28T15:36:56Z" - status: "False" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-04-28T15:36:50Z" - reason: PodCompleted - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-04-28T15:36:50Z" - reason: PodCompleted - status: "False" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-04-28T15:36:50Z" - reason: PodCompleted - status: "False" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-04-28T15:36:50Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://14a7fddb173daa8b28be1a3bdb51b28e2a67171ca56dffa647815c28bd9ffc08 - image: sha256:aea50de662ab9fa143158df4b59095301b8b135c5da186f02c9592c80c05b13a - imageID: registry.k8s.io/ingress-nginx/kube-webhook-certgen@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea - lastState: {} - name: patch - ready: false - restartCount: 0 - started: false - state: - terminated: - containerID: containerd://14a7fddb173daa8b28be1a3bdb51b28e2a67171ca56dffa647815c28bd9ffc08 - exitCode: 0 - finishedAt: "2025-04-28T15:36:54Z" - reason: Completed - startedAt: "2025-04-28T15:36:54Z" - volumeMounts: - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9jbmc - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.173 - hostIPs: - - ip: 192.168.31.173 - phase: Succeeded - qosClass: BestEffort - startTime: "2025-04-28T15:36:50Z" -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-04-28T15:36:50Z" - generateName: ingress-nginx-controller-665b599bc5- - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.12.1 - pod-template-hash: 665b599bc5 - name: ingress-nginx-controller-665b599bc5-wzj88 - namespace: ingress-nginx - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: ingress-nginx-controller-665b599bc5 - uid: c0882270-c953-4732-8126-bec666da185d - resourceVersion: "20356548" - uid: c0bcc1f1-00b0-4c0f-8f1d-84a39c774486 - spec: - containers: - - args: - - /nginx-ingress-controller - - --publish-service=$(POD_NAMESPACE)/ingress-nginx-controller - - --election-id=ingress-nginx-leader - - --controller-class=k8s.io/ingress-nginx - - --ingress-class=nginx - - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller - - --validating-webhook=:8443 - - --validating-webhook-certificate=/usr/local/certificates/cert - - --validating-webhook-key=/usr/local/certificates/key - env: - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: LD_PRELOAD - value: /usr/local/lib/libmimalloc.so - image: registry.k8s.io/ingress-nginx/controller:v1.12.1@sha256:d2fbc4ec70d8aa2050dd91a91506e998765e86c96f32cffb56c503c9c34eed5b - imagePullPolicy: IfNotPresent - lifecycle: - preStop: - exec: - command: - - /wait-shutdown - livenessProbe: - failureThreshold: 5 - httpGet: - path: /healthz - port: 10254 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: controller - ports: - - containerPort: 80 - name: http - protocol: TCP - - containerPort: 443 - name: https - protocol: TCP - - containerPort: 8443 - name: webhook - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: 10254 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: - requests: - cpu: 100m - memory: 90Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - add: - - NET_BIND_SERVICE - drop: - - ALL - readOnlyRootFilesystem: false - runAsGroup: 82 - runAsNonRoot: true - runAsUser: 101 - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /usr/local/certificates/ - name: webhook-cert - readOnly: true - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-7bbd2 - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - nodeSelector: - kubernetes.io/os: linux - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: ingress-nginx - serviceAccountName: ingress-nginx - terminationGracePeriodSeconds: 300 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: webhook-cert - secret: - defaultMode: 420 - secretName: ingress-nginx-admission - - name: kube-api-access-7bbd2 - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:03Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-04-28T15:36:50Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:13Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:13Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-04-28T15:36:50Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://0705d81899dfee90c05bfc06965a43f80312910606da7747793c64f6a25cdf40 - image: sha256:78e25eaa557d48a19963cbe751b91dc1d53e1c82aad6cd36c20e1c11eb04cd13 - imageID: registry.k8s.io/ingress-nginx/controller@sha256:d2fbc4ec70d8aa2050dd91a91506e998765e86c96f32cffb56c503c9c34eed5b - lastState: - terminated: - containerID: containerd://6bbf8a67b813dc8c153fc4c8c274dd60e378cf25483370f7b4062ffa053cbc33 - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:32Z" - name: controller - ready: true - restartCount: 18 - started: true - state: - running: - startedAt: "2025-08-24T01:02:03Z" - volumeMounts: - - mountPath: /usr/local/certificates/ - name: webhook-cert - readOnly: true - recursiveReadOnly: Disabled - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-7bbd2 - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.38 - podIPs: - - ip: 10.244.0.38 - qosClass: Burstable - startTime: "2025-04-28T15:36:50Z" -- apiVersion: v1 - kind: Service - metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-controller","namespace":"ingress-nginx"},"spec":{"externalTrafficPolicy":"Local","ipFamilies":["IPv4"],"ipFamilyPolicy":"SingleStack","ports":[{"appProtocol":"http","name":"http","port":80,"protocol":"TCP","targetPort":"http"},{"appProtocol":"https","name":"https","port":443,"protocol":"TCP","targetPort":"https"}],"selector":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx"},"type":"LoadBalancer"}} - creationTimestamp: "2025-04-28T15:36:50Z" - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.12.1 - name: ingress-nginx-controller - namespace: ingress-nginx - resourceVersion: "540241" - uid: be891d4d-b00f-4b23-b0b5-28135dad560f - spec: - clusterIP: 10.105.59.125 - clusterIPs: - - 10.105.59.125 - externalTrafficPolicy: Local - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - appProtocol: http - name: http - nodePort: 31395 - port: 80 - protocol: TCP - targetPort: http - - appProtocol: https - name: https - nodePort: 32153 - port: 443 - protocol: TCP - targetPort: https - selector: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - sessionAffinity: None - type: NodePort - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-controller-admission","namespace":"ingress-nginx"},"spec":{"ports":[{"appProtocol":"https","name":"https-webhook","port":443,"targetPort":"webhook"}],"selector":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx"},"type":"ClusterIP"}} - creationTimestamp: "2025-04-28T15:36:50Z" - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.12.1 - name: ingress-nginx-controller-admission - namespace: ingress-nginx - resourceVersion: "539419" - uid: 32e3914f-47fe-4b18-b3ba-73560027382a - spec: - clusterIP: 10.105.239.16 - clusterIPs: - - 10.105.239.16 - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - appProtocol: https - name: https-webhook - port: 443 - protocol: TCP - targetPort: webhook - selector: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "1" - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-controller","namespace":"ingress-nginx"},"spec":{"minReadySeconds":0,"revisionHistoryLimit":10,"selector":{"matchLabels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx"}},"strategy":{"rollingUpdate":{"maxUnavailable":1},"type":"RollingUpdate"},"template":{"metadata":{"labels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"}},"spec":{"containers":[{"args":["/nginx-ingress-controller","--publish-service=$(POD_NAMESPACE)/ingress-nginx-controller","--election-id=ingress-nginx-leader","--controller-class=k8s.io/ingress-nginx","--ingress-class=nginx","--configmap=$(POD_NAMESPACE)/ingress-nginx-controller","--validating-webhook=:8443","--validating-webhook-certificate=/usr/local/certificates/cert","--validating-webhook-key=/usr/local/certificates/key"],"env":[{"name":"POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"LD_PRELOAD","value":"/usr/local/lib/libmimalloc.so"}],"image":"registry.k8s.io/ingress-nginx/controller:v1.12.1@sha256:d2fbc4ec70d8aa2050dd91a91506e998765e86c96f32cffb56c503c9c34eed5b","imagePullPolicy":"IfNotPresent","lifecycle":{"preStop":{"exec":{"command":["/wait-shutdown"]}}},"livenessProbe":{"failureThreshold":5,"httpGet":{"path":"/healthz","port":10254,"scheme":"HTTP"},"initialDelaySeconds":10,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1},"name":"controller","ports":[{"containerPort":80,"name":"http","protocol":"TCP"},{"containerPort":443,"name":"https","protocol":"TCP"},{"containerPort":8443,"name":"webhook","protocol":"TCP"}],"readinessProbe":{"failureThreshold":3,"httpGet":{"path":"/healthz","port":10254,"scheme":"HTTP"},"initialDelaySeconds":10,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1},"resources":{"requests":{"cpu":"100m","memory":"90Mi"}},"securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"add":["NET_BIND_SERVICE"],"drop":["ALL"]},"readOnlyRootFilesystem":false,"runAsGroup":82,"runAsNonRoot":true,"runAsUser":101,"seccompProfile":{"type":"RuntimeDefault"}},"volumeMounts":[{"mountPath":"/usr/local/certificates/","name":"webhook-cert","readOnly":true}]}],"dnsPolicy":"ClusterFirst","nodeSelector":{"kubernetes.io/os":"linux"},"serviceAccountName":"ingress-nginx","terminationGracePeriodSeconds":300,"volumes":[{"name":"webhook-cert","secret":{"secretName":"ingress-nginx-admission"}}]}}}} - creationTimestamp: "2025-04-28T15:36:50Z" - generation: 1 - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.12.1 - name: ingress-nginx-controller - namespace: ingress-nginx - resourceVersion: "12273732" - uid: 7e03d935-5c17-47a5-a8e5-eb395a35e9a8 - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app.kubernetes.io/component: controller + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-04-28T15:36:50Z' + generateName: ingress-nginx-admission-create- + labels: + app.kubernetes.io/component: admission-webhook app.kubernetes.io/instance: ingress-nginx app.kubernetes.io/name: ingress-nginx - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 1 - type: RollingUpdate - template: - metadata: - creationTimestamp: null - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.12.1 - spec: - containers: - - args: - - /nginx-ingress-controller - - --publish-service=$(POD_NAMESPACE)/ingress-nginx-controller - - --election-id=ingress-nginx-leader - - --controller-class=k8s.io/ingress-nginx - - --ingress-class=nginx - - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller - - --validating-webhook=:8443 - - --validating-webhook-certificate=/usr/local/certificates/cert - - --validating-webhook-key=/usr/local/certificates/key - env: - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: LD_PRELOAD - value: /usr/local/lib/libmimalloc.so - image: registry.k8s.io/ingress-nginx/controller:v1.12.1@sha256:d2fbc4ec70d8aa2050dd91a91506e998765e86c96f32cffb56c503c9c34eed5b - imagePullPolicy: IfNotPresent - lifecycle: - preStop: - exec: - command: - - /wait-shutdown - livenessProbe: - failureThreshold: 5 - httpGet: - path: /healthz - port: 10254 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: controller - ports: - - containerPort: 80 - name: http - protocol: TCP - - containerPort: 443 - name: https - protocol: TCP - - containerPort: 8443 - name: webhook - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: 10254 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: - requests: - cpu: 100m - memory: 90Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - add: - - NET_BIND_SERVICE - drop: - - ALL - readOnlyRootFilesystem: false - runAsGroup: 82 - runAsNonRoot: true - runAsUser: 101 - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /usr/local/certificates/ - name: webhook-cert - readOnly: true - dnsPolicy: ClusterFirst - nodeSelector: - kubernetes.io/os: linux - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: ingress-nginx - serviceAccountName: ingress-nginx - terminationGracePeriodSeconds: 300 - volumes: - - name: webhook-cert - secret: - defaultMode: 420 - secretName: ingress-nginx-admission - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-04-28T15:36:50Z" - lastUpdateTime: "2025-04-28T15:36:50Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - - lastTransitionTime: "2025-04-28T15:36:50Z" - lastUpdateTime: "2025-04-28T15:37:16Z" - message: ReplicaSet "ingress-nginx-controller-665b599bc5" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "1" - creationTimestamp: "2025-04-28T15:36:50Z" - generation: 1 - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.12.1 - pod-template-hash: 665b599bc5 - name: ingress-nginx-controller-665b599bc5 - namespace: ingress-nginx - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: ingress-nginx-controller - uid: 7e03d935-5c17-47a5-a8e5-eb395a35e9a8 - resourceVersion: "12273715" - uid: c0882270-c953-4732-8126-bec666da185d - spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - pod-template-hash: 665b599bc5 - template: - metadata: - creationTimestamp: null - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.12.1 - pod-template-hash: 665b599bc5 - spec: - containers: - - args: - - /nginx-ingress-controller - - --publish-service=$(POD_NAMESPACE)/ingress-nginx-controller - - --election-id=ingress-nginx-leader - - --controller-class=k8s.io/ingress-nginx - - --ingress-class=nginx - - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller - - --validating-webhook=:8443 - - --validating-webhook-certificate=/usr/local/certificates/cert - - --validating-webhook-key=/usr/local/certificates/key - env: - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: LD_PRELOAD - value: /usr/local/lib/libmimalloc.so - image: registry.k8s.io/ingress-nginx/controller:v1.12.1@sha256:d2fbc4ec70d8aa2050dd91a91506e998765e86c96f32cffb56c503c9c34eed5b - imagePullPolicy: IfNotPresent - lifecycle: - preStop: - exec: - command: - - /wait-shutdown - livenessProbe: - failureThreshold: 5 - httpGet: - path: /healthz - port: 10254 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: controller - ports: - - containerPort: 80 - name: http - protocol: TCP - - containerPort: 443 - name: https - protocol: TCP - - containerPort: 8443 - name: webhook - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: 10254 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: - requests: - cpu: 100m - memory: 90Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - add: - - NET_BIND_SERVICE - drop: - - ALL - readOnlyRootFilesystem: false - runAsGroup: 82 - runAsNonRoot: true - runAsUser: 101 - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /usr/local/certificates/ - name: webhook-cert - readOnly: true - dnsPolicy: ClusterFirst - nodeSelector: - kubernetes.io/os: linux - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: ingress-nginx - serviceAccountName: ingress-nginx - terminationGracePeriodSeconds: 300 - volumes: - - name: webhook-cert - secret: - defaultMode: 420 - secretName: ingress-nginx-admission - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 -- apiVersion: batch/v1 - kind: Job - metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"batch/v1","kind":"Job","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"admission-webhook","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-admission-create","namespace":"ingress-nginx"},"spec":{"template":{"metadata":{"labels":{"app.kubernetes.io/component":"admission-webhook","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-admission-create"},"spec":{"containers":[{"args":["create","--host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.$(POD_NAMESPACE).svc","--namespace=$(POD_NAMESPACE)","--secret-name=ingress-nginx-admission"],"env":[{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":"registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.2@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea","imagePullPolicy":"IfNotPresent","name":"create","securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532,"seccompProfile":{"type":"RuntimeDefault"}}}],"nodeSelector":{"kubernetes.io/os":"linux"},"restartPolicy":"OnFailure","serviceAccountName":"ingress-nginx-admission"}}}} - creationTimestamp: "2025-04-28T15:36:50Z" - generation: 1 - labels: - app.kubernetes.io/component: admission-webhook - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.12.1 - name: ingress-nginx-admission-create - namespace: ingress-nginx - resourceVersion: "539484" - uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 - spec: - backoffLimit: 6 - completionMode: NonIndexed - completions: 1 - manualSelector: false - parallelism: 1 - podReplacementPolicy: TerminatingOrFailed - selector: - matchLabels: + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 batch.kubernetes.io/controller-uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 - suspend: false - template: - metadata: - creationTimestamp: null - labels: - app.kubernetes.io/component: admission-webhook - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.12.1 - batch.kubernetes.io/controller-uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 - batch.kubernetes.io/job-name: ingress-nginx-admission-create - controller-uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 - job-name: ingress-nginx-admission-create - name: ingress-nginx-admission-create - spec: - containers: + batch.kubernetes.io/job-name: ingress-nginx-admission-create + controller-uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 + job-name: ingress-nginx-admission-create + name: ingress-nginx-admission-create-npzkk + namespace: ingress-nginx + ownerReferences: + - apiVersion: batch/v1 + blockOwnerDeletion: true + controller: true + kind: Job + name: ingress-nginx-admission-create + uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 + resourceVersion: '12273257' + uid: a4558234-ae4f-471d-a1f0-54d7a409cd88 + spec: + containers: - args: - - create - - --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.$(POD_NAMESPACE).svc - - --namespace=$(POD_NAMESPACE) - - --secret-name=ingress-nginx-admission + - create + - --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.$(POD_NAMESPACE).svc + - --namespace=$(POD_NAMESPACE) + - --secret-name=ingress-nginx-admission env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.2@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea imagePullPolicy: IfNotPresent name: create @@ -985,7 +47,7 @@ items: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true runAsGroup: 65532 runAsNonRoot: true @@ -994,93 +56,144 @@ items: type: RuntimeDefault terminationMessagePath: /dev/termination-log terminationMessagePolicy: File - dnsPolicy: ClusterFirst - nodeSelector: - kubernetes.io/os: linux - restartPolicy: OnFailure - schedulerName: default-scheduler - securityContext: {} - serviceAccount: ingress-nginx-admission - serviceAccountName: ingress-nginx-admission - terminationGracePeriodSeconds: 30 - status: - completionTime: "2025-04-28T15:36:57Z" - conditions: - - lastProbeTime: "2025-04-28T15:36:57Z" - lastTransitionTime: "2025-04-28T15:36:57Z" - message: Reached expected number of succeeded pods - reason: CompletionsReached - status: "True" - type: SuccessCriteriaMet - - lastProbeTime: "2025-04-28T15:36:57Z" - lastTransitionTime: "2025-04-28T15:36:57Z" - message: Reached expected number of succeeded pods - reason: CompletionsReached - status: "True" - type: Complete - ready: 0 - startTime: "2025-04-28T15:36:50Z" - succeeded: 1 - terminating: 0 - uncountedTerminatedPods: {} -- apiVersion: batch/v1 - kind: Job - metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"batch/v1","kind":"Job","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"admission-webhook","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-admission-patch","namespace":"ingress-nginx"},"spec":{"template":{"metadata":{"labels":{"app.kubernetes.io/component":"admission-webhook","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-admission-patch"},"spec":{"containers":[{"args":["patch","--webhook-name=ingress-nginx-admission","--namespace=$(POD_NAMESPACE)","--patch-mutating=false","--secret-name=ingress-nginx-admission","--patch-failure-policy=Fail"],"env":[{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":"registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.2@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea","imagePullPolicy":"IfNotPresent","name":"patch","securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532,"seccompProfile":{"type":"RuntimeDefault"}}}],"nodeSelector":{"kubernetes.io/os":"linux"},"restartPolicy":"OnFailure","serviceAccountName":"ingress-nginx-admission"}}}} - creationTimestamp: "2025-04-28T15:36:50Z" - generation: 1 - labels: - app.kubernetes.io/component: admission-webhook - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.12.1 - name: ingress-nginx-admission-patch - namespace: ingress-nginx - resourceVersion: "539481" - uid: abde6d32-68e5-4dff-973d-c5924fd290b9 - spec: - backoffLimit: 6 - completionMode: NonIndexed - completions: 1 - manualSelector: false - parallelism: 1 - podReplacementPolicy: TerminatingOrFailed - selector: - matchLabels: + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-kgll7 + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + nodeSelector: + kubernetes.io/os: linux + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: OnFailure + schedulerName: default-scheduler + securityContext: {} + serviceAccount: ingress-nginx-admission + serviceAccountName: ingress-nginx-admission + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: kube-api-access-kgll7 + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-04-28T15:36:56Z' + status: 'False' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-04-28T15:36:50Z' + reason: PodCompleted + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-04-28T15:36:50Z' + reason: PodCompleted + status: 'False' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-04-28T15:36:50Z' + reason: PodCompleted + status: 'False' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-04-28T15:36:50Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://a6c6d92bf9be7028e8a0bb98787afb7ab3cce4bd0a9ee14c3a6e146fd651bcc4 + image: sha256:aea50de662ab9fa143158df4b59095301b8b135c5da186f02c9592c80c05b13a + imageID: registry.k8s.io/ingress-nginx/kube-webhook-certgen@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea + lastState: {} + name: create + ready: false + restartCount: 0 + started: false + state: + terminated: + containerID: containerd://a6c6d92bf9be7028e8a0bb98787afb7ab3cce4bd0a9ee14c3a6e146fd651bcc4 + exitCode: 0 + finishedAt: '2025-04-28T15:36:54Z' + reason: Completed + startedAt: '2025-04-28T15:36:54Z' + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-kgll7 + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.173 + hostIPs: + - ip: 192.168.31.173 + phase: Succeeded + qosClass: BestEffort + startTime: '2025-04-28T15:36:50Z' + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-04-28T15:36:50Z' + generateName: ingress-nginx-admission-patch- + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 batch.kubernetes.io/controller-uid: abde6d32-68e5-4dff-973d-c5924fd290b9 - suspend: false - template: - metadata: - creationTimestamp: null - labels: - app.kubernetes.io/component: admission-webhook - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.12.1 - batch.kubernetes.io/controller-uid: abde6d32-68e5-4dff-973d-c5924fd290b9 - batch.kubernetes.io/job-name: ingress-nginx-admission-patch - controller-uid: abde6d32-68e5-4dff-973d-c5924fd290b9 - job-name: ingress-nginx-admission-patch - name: ingress-nginx-admission-patch - spec: - containers: + batch.kubernetes.io/job-name: ingress-nginx-admission-patch + controller-uid: abde6d32-68e5-4dff-973d-c5924fd290b9 + job-name: ingress-nginx-admission-patch + name: ingress-nginx-admission-patch-grvbz + namespace: ingress-nginx + ownerReferences: + - apiVersion: batch/v1 + blockOwnerDeletion: true + controller: true + kind: Job + name: ingress-nginx-admission-patch + uid: abde6d32-68e5-4dff-973d-c5924fd290b9 + resourceVersion: '12273262' + uid: 1fdb3ff9-09bb-46d8-b6fe-81961b8006f9 + spec: + containers: - args: - - patch - - --webhook-name=ingress-nginx-admission - - --namespace=$(POD_NAMESPACE) - - --patch-mutating=false - - --secret-name=ingress-nginx-admission - - --patch-failure-policy=Fail + - patch + - --webhook-name=ingress-nginx-admission + - --namespace=$(POD_NAMESPACE) + - --patch-mutating=false + - --secret-name=ingress-nginx-admission + - --patch-failure-policy=Fail env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.2@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea imagePullPolicy: IfNotPresent name: patch @@ -1089,7 +202,7 @@ items: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true runAsGroup: 65532 runAsNonRoot: true @@ -1098,35 +211,927 @@ items: type: RuntimeDefault terminationMessagePath: /dev/termination-log terminationMessagePolicy: File - dnsPolicy: ClusterFirst - nodeSelector: - kubernetes.io/os: linux - restartPolicy: OnFailure - schedulerName: default-scheduler - securityContext: {} - serviceAccount: ingress-nginx-admission - serviceAccountName: ingress-nginx-admission - terminationGracePeriodSeconds: 30 - status: - completionTime: "2025-04-28T15:36:57Z" - conditions: - - lastProbeTime: "2025-04-28T15:36:57Z" - lastTransitionTime: "2025-04-28T15:36:57Z" - message: Reached expected number of succeeded pods - reason: CompletionsReached - status: "True" - type: SuccessCriteriaMet - - lastProbeTime: "2025-04-28T15:36:57Z" - lastTransitionTime: "2025-04-28T15:36:57Z" - message: Reached expected number of succeeded pods - reason: CompletionsReached - status: "True" - type: Complete - ready: 0 - startTime: "2025-04-28T15:36:50Z" - succeeded: 1 - terminating: 0 - uncountedTerminatedPods: {} + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9jbmc + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + nodeSelector: + kubernetes.io/os: linux + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: OnFailure + schedulerName: default-scheduler + securityContext: {} + serviceAccount: ingress-nginx-admission + serviceAccountName: ingress-nginx-admission + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: kube-api-access-9jbmc + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-04-28T15:36:56Z' + status: 'False' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-04-28T15:36:50Z' + reason: PodCompleted + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-04-28T15:36:50Z' + reason: PodCompleted + status: 'False' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-04-28T15:36:50Z' + reason: PodCompleted + status: 'False' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-04-28T15:36:50Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://14a7fddb173daa8b28be1a3bdb51b28e2a67171ca56dffa647815c28bd9ffc08 + image: sha256:aea50de662ab9fa143158df4b59095301b8b135c5da186f02c9592c80c05b13a + imageID: registry.k8s.io/ingress-nginx/kube-webhook-certgen@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea + lastState: {} + name: patch + ready: false + restartCount: 0 + started: false + state: + terminated: + containerID: containerd://14a7fddb173daa8b28be1a3bdb51b28e2a67171ca56dffa647815c28bd9ffc08 + exitCode: 0 + finishedAt: '2025-04-28T15:36:54Z' + reason: Completed + startedAt: '2025-04-28T15:36:54Z' + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9jbmc + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.173 + hostIPs: + - ip: 192.168.31.173 + phase: Succeeded + qosClass: BestEffort + startTime: '2025-04-28T15:36:50Z' + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-04-28T15:36:50Z' + generateName: ingress-nginx-controller-665b599bc5- + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + pod-template-hash: 665b599bc5 + name: ingress-nginx-controller-665b599bc5-wzj88 + namespace: ingress-nginx + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: ingress-nginx-controller-665b599bc5 + uid: c0882270-c953-4732-8126-bec666da185d + resourceVersion: '20356548' + uid: c0bcc1f1-00b0-4c0f-8f1d-84a39c774486 + spec: + containers: + - args: + - /nginx-ingress-controller + - --publish-service=$(POD_NAMESPACE)/ingress-nginx-controller + - --election-id=ingress-nginx-leader + - --controller-class=k8s.io/ingress-nginx + - --ingress-class=nginx + - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller + - --validating-webhook=:8443 + - --validating-webhook-certificate=/usr/local/certificates/cert + - --validating-webhook-key=/usr/local/certificates/key + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: LD_PRELOAD + value: /usr/local/lib/libmimalloc.so + image: registry.k8s.io/ingress-nginx/controller:v1.12.1@sha256:d2fbc4ec70d8aa2050dd91a91506e998765e86c96f32cffb56c503c9c34eed5b + imagePullPolicy: IfNotPresent + lifecycle: + preStop: + exec: + command: + - /wait-shutdown + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: controller + ports: + - containerPort: 80 + name: http + protocol: TCP + - containerPort: 443 + name: https + protocol: TCP + - containerPort: 8443 + name: webhook + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 100m + memory: 90Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - NET_BIND_SERVICE + drop: + - ALL + readOnlyRootFilesystem: false + runAsGroup: 82 + runAsNonRoot: true + runAsUser: 101 + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/local/certificates/ + name: webhook-cert + readOnly: true + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-7bbd2 + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + nodeSelector: + kubernetes.io/os: linux + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: ingress-nginx + serviceAccountName: ingress-nginx + terminationGracePeriodSeconds: 300 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: webhook-cert + secret: + defaultMode: 420 + secretName: ingress-nginx-admission + - name: kube-api-access-7bbd2 + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:03Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-04-28T15:36:50Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:13Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:13Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-04-28T15:36:50Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://0705d81899dfee90c05bfc06965a43f80312910606da7747793c64f6a25cdf40 + image: sha256:78e25eaa557d48a19963cbe751b91dc1d53e1c82aad6cd36c20e1c11eb04cd13 + imageID: registry.k8s.io/ingress-nginx/controller@sha256:d2fbc4ec70d8aa2050dd91a91506e998765e86c96f32cffb56c503c9c34eed5b + lastState: + terminated: + containerID: containerd://6bbf8a67b813dc8c153fc4c8c274dd60e378cf25483370f7b4062ffa053cbc33 + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:32Z' + name: controller + ready: true + restartCount: 18 + started: true + state: + running: + startedAt: '2025-08-24T01:02:03Z' + volumeMounts: + - mountPath: /usr/local/certificates/ + name: webhook-cert + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-7bbd2 + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.38 + podIPs: + - ip: 10.244.0.38 + qosClass: Burstable + startTime: '2025-04-28T15:36:50Z' + - apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-controller","namespace":"ingress-nginx"},"spec":{"externalTrafficPolicy":"Local","ipFamilies":["IPv4"],"ipFamilyPolicy":"SingleStack","ports":[{"appProtocol":"http","name":"http","port":80,"protocol":"TCP","targetPort":"http"},{"appProtocol":"https","name":"https","port":443,"protocol":"TCP","targetPort":"https"}],"selector":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx"},"type":"LoadBalancer"}} + + ' + creationTimestamp: '2025-04-28T15:36:50Z' + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + name: ingress-nginx-controller + namespace: ingress-nginx + resourceVersion: '540241' + uid: be891d4d-b00f-4b23-b0b5-28135dad560f + spec: + clusterIP: 10.105.59.125 + clusterIPs: + - 10.105.59.125 + externalTrafficPolicy: Local + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - appProtocol: http + name: http + nodePort: 31395 + port: 80 + protocol: TCP + targetPort: http + - appProtocol: https + name: https + nodePort: 32153 + port: 443 + protocol: TCP + targetPort: https + selector: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-controller-admission","namespace":"ingress-nginx"},"spec":{"ports":[{"appProtocol":"https","name":"https-webhook","port":443,"targetPort":"webhook"}],"selector":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx"},"type":"ClusterIP"}} + + ' + creationTimestamp: '2025-04-28T15:36:50Z' + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + name: ingress-nginx-controller-admission + namespace: ingress-nginx + resourceVersion: '539419' + uid: 32e3914f-47fe-4b18-b3ba-73560027382a + spec: + clusterIP: 10.105.239.16 + clusterIPs: + - 10.105.239.16 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - appProtocol: https + name: https-webhook + port: 443 + protocol: TCP + targetPort: webhook + selector: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '1' + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-controller","namespace":"ingress-nginx"},"spec":{"minReadySeconds":0,"revisionHistoryLimit":10,"selector":{"matchLabels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx"}},"strategy":{"rollingUpdate":{"maxUnavailable":1},"type":"RollingUpdate"},"template":{"metadata":{"labels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"}},"spec":{"containers":[{"args":["/nginx-ingress-controller","--publish-service=$(POD_NAMESPACE)/ingress-nginx-controller","--election-id=ingress-nginx-leader","--controller-class=k8s.io/ingress-nginx","--ingress-class=nginx","--configmap=$(POD_NAMESPACE)/ingress-nginx-controller","--validating-webhook=:8443","--validating-webhook-certificate=/usr/local/certificates/cert","--validating-webhook-key=/usr/local/certificates/key"],"env":[{"name":"POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"LD_PRELOAD","value":"/usr/local/lib/libmimalloc.so"}],"image":"registry.k8s.io/ingress-nginx/controller:v1.12.1@sha256:d2fbc4ec70d8aa2050dd91a91506e998765e86c96f32cffb56c503c9c34eed5b","imagePullPolicy":"IfNotPresent","lifecycle":{"preStop":{"exec":{"command":["/wait-shutdown"]}}},"livenessProbe":{"failureThreshold":5,"httpGet":{"path":"/healthz","port":10254,"scheme":"HTTP"},"initialDelaySeconds":10,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1},"name":"controller","ports":[{"containerPort":80,"name":"http","protocol":"TCP"},{"containerPort":443,"name":"https","protocol":"TCP"},{"containerPort":8443,"name":"webhook","protocol":"TCP"}],"readinessProbe":{"failureThreshold":3,"httpGet":{"path":"/healthz","port":10254,"scheme":"HTTP"},"initialDelaySeconds":10,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1},"resources":{"requests":{"cpu":"100m","memory":"90Mi"}},"securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"add":["NET_BIND_SERVICE"],"drop":["ALL"]},"readOnlyRootFilesystem":false,"runAsGroup":82,"runAsNonRoot":true,"runAsUser":101,"seccompProfile":{"type":"RuntimeDefault"}},"volumeMounts":[{"mountPath":"/usr/local/certificates/","name":"webhook-cert","readOnly":true}]}],"dnsPolicy":"ClusterFirst","nodeSelector":{"kubernetes.io/os":"linux"},"serviceAccountName":"ingress-nginx","terminationGracePeriodSeconds":300,"volumes":[{"name":"webhook-cert","secret":{"secretName":"ingress-nginx-admission"}}]}}}} + + ' + creationTimestamp: '2025-04-28T15:36:50Z' + generation: 1 + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + name: ingress-nginx-controller + namespace: ingress-nginx + resourceVersion: '12273732' + uid: 7e03d935-5c17-47a5-a8e5-eb395a35e9a8 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + spec: + containers: + - args: + - /nginx-ingress-controller + - --publish-service=$(POD_NAMESPACE)/ingress-nginx-controller + - --election-id=ingress-nginx-leader + - --controller-class=k8s.io/ingress-nginx + - --ingress-class=nginx + - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller + - --validating-webhook=:8443 + - --validating-webhook-certificate=/usr/local/certificates/cert + - --validating-webhook-key=/usr/local/certificates/key + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: LD_PRELOAD + value: /usr/local/lib/libmimalloc.so + image: registry.k8s.io/ingress-nginx/controller:v1.12.1@sha256:d2fbc4ec70d8aa2050dd91a91506e998765e86c96f32cffb56c503c9c34eed5b + imagePullPolicy: IfNotPresent + lifecycle: + preStop: + exec: + command: + - /wait-shutdown + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: controller + ports: + - containerPort: 80 + name: http + protocol: TCP + - containerPort: 443 + name: https + protocol: TCP + - containerPort: 8443 + name: webhook + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 100m + memory: 90Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - NET_BIND_SERVICE + drop: + - ALL + readOnlyRootFilesystem: false + runAsGroup: 82 + runAsNonRoot: true + runAsUser: 101 + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/local/certificates/ + name: webhook-cert + readOnly: true + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/os: linux + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: ingress-nginx + serviceAccountName: ingress-nginx + terminationGracePeriodSeconds: 300 + volumes: + - name: webhook-cert + secret: + defaultMode: 420 + secretName: ingress-nginx-admission + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-04-28T15:36:50Z' + lastUpdateTime: '2025-04-28T15:36:50Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + - lastTransitionTime: '2025-04-28T15:36:50Z' + lastUpdateTime: '2025-04-28T15:37:16Z' + message: ReplicaSet "ingress-nginx-controller-665b599bc5" has successfully + progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '1' + creationTimestamp: '2025-04-28T15:36:50Z' + generation: 1 + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + pod-template-hash: 665b599bc5 + name: ingress-nginx-controller-665b599bc5 + namespace: ingress-nginx + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: ingress-nginx-controller + uid: 7e03d935-5c17-47a5-a8e5-eb395a35e9a8 + resourceVersion: '12273715' + uid: c0882270-c953-4732-8126-bec666da185d + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + pod-template-hash: 665b599bc5 + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + pod-template-hash: 665b599bc5 + spec: + containers: + - args: + - /nginx-ingress-controller + - --publish-service=$(POD_NAMESPACE)/ingress-nginx-controller + - --election-id=ingress-nginx-leader + - --controller-class=k8s.io/ingress-nginx + - --ingress-class=nginx + - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller + - --validating-webhook=:8443 + - --validating-webhook-certificate=/usr/local/certificates/cert + - --validating-webhook-key=/usr/local/certificates/key + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: LD_PRELOAD + value: /usr/local/lib/libmimalloc.so + image: registry.k8s.io/ingress-nginx/controller:v1.12.1@sha256:d2fbc4ec70d8aa2050dd91a91506e998765e86c96f32cffb56c503c9c34eed5b + imagePullPolicy: IfNotPresent + lifecycle: + preStop: + exec: + command: + - /wait-shutdown + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: controller + ports: + - containerPort: 80 + name: http + protocol: TCP + - containerPort: 443 + name: https + protocol: TCP + - containerPort: 8443 + name: webhook + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 100m + memory: 90Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - NET_BIND_SERVICE + drop: + - ALL + readOnlyRootFilesystem: false + runAsGroup: 82 + runAsNonRoot: true + runAsUser: 101 + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/local/certificates/ + name: webhook-cert + readOnly: true + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/os: linux + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: ingress-nginx + serviceAccountName: ingress-nginx + terminationGracePeriodSeconds: 300 + volumes: + - name: webhook-cert + secret: + defaultMode: 420 + secretName: ingress-nginx-admission + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + - apiVersion: batch/v1 + kind: Job + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"batch/v1","kind":"Job","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"admission-webhook","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-admission-create","namespace":"ingress-nginx"},"spec":{"template":{"metadata":{"labels":{"app.kubernetes.io/component":"admission-webhook","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-admission-create"},"spec":{"containers":[{"args":["create","--host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.$(POD_NAMESPACE).svc","--namespace=$(POD_NAMESPACE)","--secret-name=ingress-nginx-admission"],"env":[{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":"registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.2@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea","imagePullPolicy":"IfNotPresent","name":"create","securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532,"seccompProfile":{"type":"RuntimeDefault"}}}],"nodeSelector":{"kubernetes.io/os":"linux"},"restartPolicy":"OnFailure","serviceAccountName":"ingress-nginx-admission"}}}} + + ' + creationTimestamp: '2025-04-28T15:36:50Z' + generation: 1 + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + name: ingress-nginx-admission-create + namespace: ingress-nginx + resourceVersion: '539484' + uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 + spec: + backoffLimit: 6 + completionMode: NonIndexed + completions: 1 + manualSelector: false + parallelism: 1 + podReplacementPolicy: TerminatingOrFailed + selector: + matchLabels: + batch.kubernetes.io/controller-uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 + suspend: false + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + batch.kubernetes.io/controller-uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 + batch.kubernetes.io/job-name: ingress-nginx-admission-create + controller-uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 + job-name: ingress-nginx-admission-create + name: ingress-nginx-admission-create + spec: + containers: + - args: + - create + - --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.$(POD_NAMESPACE).svc + - --namespace=$(POD_NAMESPACE) + - --secret-name=ingress-nginx-admission + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.2@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea + imagePullPolicy: IfNotPresent + name: create + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 65532 + runAsNonRoot: true + runAsUser: 65532 + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/os: linux + restartPolicy: OnFailure + schedulerName: default-scheduler + securityContext: {} + serviceAccount: ingress-nginx-admission + serviceAccountName: ingress-nginx-admission + terminationGracePeriodSeconds: 30 + status: + completionTime: '2025-04-28T15:36:57Z' + conditions: + - lastProbeTime: '2025-04-28T15:36:57Z' + lastTransitionTime: '2025-04-28T15:36:57Z' + message: Reached expected number of succeeded pods + reason: CompletionsReached + status: 'True' + type: SuccessCriteriaMet + - lastProbeTime: '2025-04-28T15:36:57Z' + lastTransitionTime: '2025-04-28T15:36:57Z' + message: Reached expected number of succeeded pods + reason: CompletionsReached + status: 'True' + type: Complete + ready: 0 + startTime: '2025-04-28T15:36:50Z' + succeeded: 1 + terminating: 0 + uncountedTerminatedPods: {} + - apiVersion: batch/v1 + kind: Job + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"batch/v1","kind":"Job","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"admission-webhook","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-admission-patch","namespace":"ingress-nginx"},"spec":{"template":{"metadata":{"labels":{"app.kubernetes.io/component":"admission-webhook","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-admission-patch"},"spec":{"containers":[{"args":["patch","--webhook-name=ingress-nginx-admission","--namespace=$(POD_NAMESPACE)","--patch-mutating=false","--secret-name=ingress-nginx-admission","--patch-failure-policy=Fail"],"env":[{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":"registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.2@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea","imagePullPolicy":"IfNotPresent","name":"patch","securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532,"seccompProfile":{"type":"RuntimeDefault"}}}],"nodeSelector":{"kubernetes.io/os":"linux"},"restartPolicy":"OnFailure","serviceAccountName":"ingress-nginx-admission"}}}} + + ' + creationTimestamp: '2025-04-28T15:36:50Z' + generation: 1 + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + name: ingress-nginx-admission-patch + namespace: ingress-nginx + resourceVersion: '539481' + uid: abde6d32-68e5-4dff-973d-c5924fd290b9 + spec: + backoffLimit: 6 + completionMode: NonIndexed + completions: 1 + manualSelector: false + parallelism: 1 + podReplacementPolicy: TerminatingOrFailed + selector: + matchLabels: + batch.kubernetes.io/controller-uid: abde6d32-68e5-4dff-973d-c5924fd290b9 + suspend: false + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + batch.kubernetes.io/controller-uid: abde6d32-68e5-4dff-973d-c5924fd290b9 + batch.kubernetes.io/job-name: ingress-nginx-admission-patch + controller-uid: abde6d32-68e5-4dff-973d-c5924fd290b9 + job-name: ingress-nginx-admission-patch + name: ingress-nginx-admission-patch + spec: + containers: + - args: + - patch + - --webhook-name=ingress-nginx-admission + - --namespace=$(POD_NAMESPACE) + - --patch-mutating=false + - --secret-name=ingress-nginx-admission + - --patch-failure-policy=Fail + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.2@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea + imagePullPolicy: IfNotPresent + name: patch + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 65532 + runAsNonRoot: true + runAsUser: 65532 + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/os: linux + restartPolicy: OnFailure + schedulerName: default-scheduler + securityContext: {} + serviceAccount: ingress-nginx-admission + serviceAccountName: ingress-nginx-admission + terminationGracePeriodSeconds: 30 + status: + completionTime: '2025-04-28T15:36:57Z' + conditions: + - lastProbeTime: '2025-04-28T15:36:57Z' + lastTransitionTime: '2025-04-28T15:36:57Z' + message: Reached expected number of succeeded pods + reason: CompletionsReached + status: 'True' + type: SuccessCriteriaMet + - lastProbeTime: '2025-04-28T15:36:57Z' + lastTransitionTime: '2025-04-28T15:36:57Z' + message: Reached expected number of succeeded pods + reason: CompletionsReached + status: 'True' + type: Complete + ready: 0 + startTime: '2025-04-28T15:36:50Z' + succeeded: 1 + terminating: 0 + uncountedTerminatedPods: {} kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/jellyfin/all.yaml b/manifests/jellyfin/all.yaml index 506161a..142d09a 100644 --- a/manifests/jellyfin/all.yaml +++ b/manifests/jellyfin/all.yaml @@ -1,538 +1,73 @@ apiVersion: v1 items: -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-09-09T23:38:04Z" - generateName: jellyfin-latest-78977b5658- - labels: - app: jellyfin-latest - pod-template-hash: 78977b5658 - name: jellyfin-latest-78977b5658-67nbg - namespace: jellyfin - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: jellyfin-latest-78977b5658 - uid: efd86e40-b059-4b41-8813-c54d2593f571 - resourceVersion: "20356654" - uid: bfaeb5b7-08d5-430c-bac6-f7b1a37e0592 - spec: - containers: - - env: - - name: LIBVA_DRIVER_NAME - value: iHD - image: jellyfin/jellyfin:10.11.0-rc5 - imagePullPolicy: Always - name: jellyfin - ports: - - containerPort: 8096 - protocol: TCP - resources: {} - securityContext: - privileged: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /config - name: config - - mountPath: /cache - name: cache - - mountPath: /media - name: media - - mountPath: /dev/dri - name: vaapi - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9twg4 - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - hostPath: - path: /opt/jellyfin/config - type: DirectoryOrCreate - name: config - - hostPath: - path: /opt/jellyfin/cache - type: DirectoryOrCreate - name: cache - - hostPath: - path: /mnt/media - type: Directory - name: media - - hostPath: - path: /dev/dri - type: Directory - name: vaapi - - name: kube-api-access-9twg4 - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-09-09T23:38:06Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-09-09T23:38:04Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-09-09T23:38:06Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-09-09T23:38:06Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-09-09T23:38:04Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://81c7eb3ce500fda3a8df4dbf7c1652d9c3785f755e6f12621a47cbf398a67741 - image: docker.io/jellyfin/jellyfin:10.11.0-rc5 - imageID: docker.io/jellyfin/jellyfin@sha256:1bcdcb5da6e41ff570ebe903eb19dac106e4589e506814d665465ed3a302d57e - lastState: {} - name: jellyfin - ready: true - restartCount: 0 - started: true - state: - running: - startedAt: "2025-09-09T23:38:06Z" - volumeMounts: - - mountPath: /config - name: config - - mountPath: /cache - name: cache - - mountPath: /media - name: media - - mountPath: /dev/dri - name: vaapi - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-9twg4 - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.95 - podIPs: - - ip: 10.244.0.95 - qosClass: BestEffort - startTime: "2025-09-09T23:38:04Z" -- apiVersion: v1 - kind: Service - metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"jellyfin","namespace":"jellyfin"},"spec":{"ports":[{"name":"http","nodePort":30097,"port":8096,"targetPort":8096}],"selector":{"app":"jellyfin"},"type":"NodePort"}} - creationTimestamp: "2025-05-12T22:56:40Z" - name: jellyfin - namespace: jellyfin - resourceVersion: "13271824" - uid: 3c979733-1a5a-43c9-9569-7978ee42718a - spec: - clusterIP: 10.101.109.247 - clusterIPs: - - 10.101.109.247 - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: http - nodePort: 30097 - port: 8096 - protocol: TCP - targetPort: 8096 - selector: - app: jellyfin-latest - sessionAffinity: None - type: NodePort - status: - loadBalancer: {} -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "1" - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app":"jellyfin"},"name":"jellyfin","namespace":"jellyfin"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"jellyfin"}},"strategy":{"rollingUpdate":{"maxSurge":"25%","maxUnavailable":"25%"},"type":"RollingUpdate"},"template":{"metadata":{"labels":{"app":"jellyfin"}},"spec":{"containers":[{"env":[{"name":"LIBVA_DRIVER_NAME","value":"iHD"}],"image":"jellyfin/jellyfin","imagePullPolicy":"Always","name":"jellyfin","ports":[{"containerPort":8096,"protocol":"TCP"}],"securityContext":{"privileged":true},"volumeMounts":[{"mountPath":"/config","name":"config"},{"mountPath":"/cache","name":"cache"},{"mountPath":"/media","name":"media"},{"mountPath":"/dev/dri","name":"vaapi"}]}],"dnsPolicy":"ClusterFirst","restartPolicy":"Always","schedulerName":"default-scheduler","securityContext":{},"terminationGracePeriodSeconds":30,"volumes":[{"hostPath":{"path":"/opt/jellyfin/config","type":"DirectoryOrCreate"},"name":"config"},{"hostPath":{"path":"/opt/jellyfin/cache","type":"DirectoryOrCreate"},"name":"cache"},{"hostPath":{"path":"/mnt/media","type":"Directory"},"name":"media"},{"hostPath":{"path":"/dev/dri","type":"Directory"},"name":"vaapi"}]}}}} - creationTimestamp: "2025-05-13T17:06:42Z" - generation: 2 - labels: - app: jellyfin - name: jellyfin - namespace: jellyfin - resourceVersion: "13271340" - uid: 0d2577d6-c082-417a-90e6-9a229e7ef84f - spec: - progressDeadlineSeconds: 600 - replicas: 0 - revisionHistoryLimit: 10 - selector: - matchLabels: - app: jellyfin - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - creationTimestamp: null - labels: - app: jellyfin - spec: - containers: - - env: - - name: LIBVA_DRIVER_NAME - value: iHD - image: jellyfin/jellyfin - imagePullPolicy: Always - name: jellyfin - ports: - - containerPort: 8096 - protocol: TCP - resources: {} - securityContext: - privileged: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /config - name: config - - mountPath: /cache - name: cache - - mountPath: /media - name: media - - mountPath: /dev/dri - name: vaapi - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: - - hostPath: - path: /opt/jellyfin/config - type: DirectoryOrCreate - name: config - - hostPath: - path: /opt/jellyfin/cache - type: DirectoryOrCreate - name: cache - - hostPath: - path: /mnt/media - type: Directory - name: media - - hostPath: - path: /dev/dri - type: Directory - name: vaapi - status: - conditions: - - lastTransitionTime: "2025-05-13T17:06:42Z" - lastUpdateTime: "2025-05-13T17:06:44Z" - message: ReplicaSet "jellyfin-5d9bbccdd" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - - lastTransitionTime: "2025-08-24T01:02:25Z" - lastUpdateTime: "2025-08-24T01:02:25Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - observedGeneration: 2 -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "1" - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app":"jellyfin-latest"},"name":"jellyfin-latest","namespace":"jellyfin"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"jellyfin-latest"}},"strategy":{"rollingUpdate":{"maxSurge":"25%","maxUnavailable":"25%"},"type":"RollingUpdate"},"template":{"metadata":{"labels":{"app":"jellyfin-latest"}},"spec":{"containers":[{"env":[{"name":"LIBVA_DRIVER_NAME","value":"iHD"}],"image":"jellyfin/jellyfin:10.11.0-rc5","imagePullPolicy":"Always","name":"jellyfin","ports":[{"containerPort":8096,"protocol":"TCP"}],"securityContext":{"privileged":true},"volumeMounts":[{"mountPath":"/config","name":"config"},{"mountPath":"/cache","name":"cache"},{"mountPath":"/media","name":"media"},{"mountPath":"/dev/dri","name":"vaapi"}]}],"dnsPolicy":"ClusterFirst","restartPolicy":"Always","schedulerName":"default-scheduler","securityContext":{},"terminationGracePeriodSeconds":30,"volumes":[{"hostPath":{"path":"/opt/jellyfin/config","type":"DirectoryOrCreate"},"name":"config"},{"hostPath":{"path":"/opt/jellyfin/cache","type":"DirectoryOrCreate"},"name":"cache"},{"hostPath":{"path":"/mnt/media","type":"Directory"},"name":"media"},{"hostPath":{"path":"/dev/dri","type":"Directory"},"name":"vaapi"}]}}}} - creationTimestamp: "2025-08-31T22:45:19Z" - generation: 1 - labels: - app: jellyfin-latest - name: jellyfin-latest - namespace: jellyfin - resourceVersion: "14408637" - uid: 5b496147-c143-4f9e-bb30-f20a4936cae3 - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app: jellyfin-latest - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - creationTimestamp: null - labels: - app: jellyfin-latest - spec: - containers: - - env: - - name: LIBVA_DRIVER_NAME - value: iHD - image: jellyfin/jellyfin:10.11.0-rc5 - imagePullPolicy: Always - name: jellyfin - ports: - - containerPort: 8096 - protocol: TCP - resources: {} - securityContext: - privileged: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /config - name: config - - mountPath: /cache - name: cache - - mountPath: /media - name: media - - mountPath: /dev/dri - name: vaapi - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: - - hostPath: - path: /opt/jellyfin/config - type: DirectoryOrCreate - name: config - - hostPath: - path: /opt/jellyfin/cache - type: DirectoryOrCreate - name: cache - - hostPath: - path: /mnt/media - type: Directory - name: media - - hostPath: - path: /dev/dri - type: Directory - name: vaapi - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-08-31T22:45:19Z" - lastUpdateTime: "2025-08-31T22:45:42Z" - message: ReplicaSet "jellyfin-latest-78977b5658" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - - lastTransitionTime: "2025-09-09T23:38:06Z" - lastUpdateTime: "2025-09-09T23:38:06Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "0" - deployment.kubernetes.io/max-replicas: "0" - deployment.kubernetes.io/revision: "1" - creationTimestamp: "2025-05-13T17:06:42Z" - generation: 2 - labels: - app: jellyfin - pod-template-hash: 5d9bbccdd - name: jellyfin-5d9bbccdd - namespace: jellyfin - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: jellyfin - uid: 0d2577d6-c082-417a-90e6-9a229e7ef84f - resourceVersion: "13271337" - uid: 4e268daa-5472-4f53-b2fd-43d709777350 - spec: - replicas: 0 - selector: - matchLabels: - app: jellyfin - pod-template-hash: 5d9bbccdd - template: - metadata: - creationTimestamp: null - labels: - app: jellyfin - pod-template-hash: 5d9bbccdd - spec: - containers: - - env: - - name: LIBVA_DRIVER_NAME - value: iHD - image: jellyfin/jellyfin - imagePullPolicy: Always - name: jellyfin - ports: - - containerPort: 8096 - protocol: TCP - resources: {} - securityContext: - privileged: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /config - name: config - - mountPath: /cache - name: cache - - mountPath: /media - name: media - - mountPath: /dev/dri - name: vaapi - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: - - hostPath: - path: /opt/jellyfin/config - type: DirectoryOrCreate - name: config - - hostPath: - path: /opt/jellyfin/cache - type: DirectoryOrCreate - name: cache - - hostPath: - path: /mnt/media - type: Directory - name: media - - hostPath: - path: /dev/dri - type: Directory - name: vaapi - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "1" - creationTimestamp: "2025-08-31T22:45:19Z" - generation: 1 - labels: - app: jellyfin-latest - pod-template-hash: 78977b5658 - name: jellyfin-latest-78977b5658 - namespace: jellyfin - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: jellyfin-latest - uid: 5b496147-c143-4f9e-bb30-f20a4936cae3 - resourceVersion: "14408636" - uid: efd86e40-b059-4b41-8813-c54d2593f571 - spec: - replicas: 1 - selector: - matchLabels: + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-09-09T23:38:04Z' + generateName: jellyfin-latest-78977b5658- + labels: app: jellyfin-latest pod-template-hash: 78977b5658 - template: - metadata: - creationTimestamp: null - labels: - app: jellyfin-latest - pod-template-hash: 78977b5658 - spec: - containers: + name: jellyfin-latest-78977b5658-67nbg + namespace: jellyfin + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: jellyfin-latest-78977b5658 + uid: efd86e40-b059-4b41-8813-c54d2593f571 + resourceVersion: '20356654' + uid: bfaeb5b7-08d5-430c-bac6-f7b1a37e0592 + spec: + containers: - env: - - name: LIBVA_DRIVER_NAME - value: iHD + - name: LIBVA_DRIVER_NAME + value: iHD image: jellyfin/jellyfin:10.11.0-rc5 imagePullPolicy: Always name: jellyfin ports: - - containerPort: 8096 - protocol: TCP + - containerPort: 8096 + protocol: TCP resources: {} securityContext: privileged: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /config - name: config - - mountPath: /cache - name: cache - - mountPath: /media - name: media - - mountPath: /dev/dri - name: vaapi - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: + - mountPath: /config + name: config + - mountPath: /cache + name: cache + - mountPath: /media + name: media + - mountPath: /dev/dri + name: vaapi + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9twg4 + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: - hostPath: path: /opt/jellyfin/config type: DirectoryOrCreate @@ -549,12 +84,479 @@ items: path: /dev/dri type: Directory name: vaapi - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 + - name: kube-api-access-9twg4 + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-09-09T23:38:06Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-09-09T23:38:04Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-09-09T23:38:06Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-09-09T23:38:06Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-09-09T23:38:04Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://81c7eb3ce500fda3a8df4dbf7c1652d9c3785f755e6f12621a47cbf398a67741 + image: docker.io/jellyfin/jellyfin:10.11.0-rc5 + imageID: docker.io/jellyfin/jellyfin@sha256:1bcdcb5da6e41ff570ebe903eb19dac106e4589e506814d665465ed3a302d57e + lastState: {} + name: jellyfin + ready: true + restartCount: 0 + started: true + state: + running: + startedAt: '2025-09-09T23:38:06Z' + volumeMounts: + - mountPath: /config + name: config + - mountPath: /cache + name: cache + - mountPath: /media + name: media + - mountPath: /dev/dri + name: vaapi + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9twg4 + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.95 + podIPs: + - ip: 10.244.0.95 + qosClass: BestEffort + startTime: '2025-09-09T23:38:04Z' + - apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"jellyfin","namespace":"jellyfin"},"spec":{"ports":[{"name":"http","nodePort":30097,"port":8096,"targetPort":8096}],"selector":{"app":"jellyfin"},"type":"NodePort"}} + + ' + creationTimestamp: '2025-05-12T22:56:40Z' + name: jellyfin + namespace: jellyfin + resourceVersion: '13271824' + uid: 3c979733-1a5a-43c9-9569-7978ee42718a + spec: + clusterIP: 10.101.109.247 + clusterIPs: + - 10.101.109.247 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + nodePort: 30097 + port: 8096 + protocol: TCP + targetPort: 8096 + selector: + app: jellyfin-latest + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '1' + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app":"jellyfin"},"name":"jellyfin","namespace":"jellyfin"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"jellyfin"}},"strategy":{"rollingUpdate":{"maxSurge":"25%","maxUnavailable":"25%"},"type":"RollingUpdate"},"template":{"metadata":{"labels":{"app":"jellyfin"}},"spec":{"containers":[{"env":[{"name":"LIBVA_DRIVER_NAME","value":"iHD"}],"image":"jellyfin/jellyfin","imagePullPolicy":"Always","name":"jellyfin","ports":[{"containerPort":8096,"protocol":"TCP"}],"securityContext":{"privileged":true},"volumeMounts":[{"mountPath":"/config","name":"config"},{"mountPath":"/cache","name":"cache"},{"mountPath":"/media","name":"media"},{"mountPath":"/dev/dri","name":"vaapi"}]}],"dnsPolicy":"ClusterFirst","restartPolicy":"Always","schedulerName":"default-scheduler","securityContext":{},"terminationGracePeriodSeconds":30,"volumes":[{"hostPath":{"path":"/opt/jellyfin/config","type":"DirectoryOrCreate"},"name":"config"},{"hostPath":{"path":"/opt/jellyfin/cache","type":"DirectoryOrCreate"},"name":"cache"},{"hostPath":{"path":"/mnt/media","type":"Directory"},"name":"media"},{"hostPath":{"path":"/dev/dri","type":"Directory"},"name":"vaapi"}]}}}} + + ' + creationTimestamp: '2025-05-13T17:06:42Z' + generation: 2 + labels: + app: jellyfin + name: jellyfin + namespace: jellyfin + resourceVersion: '13271340' + uid: 0d2577d6-c082-417a-90e6-9a229e7ef84f + spec: + progressDeadlineSeconds: 600 + replicas: 0 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: jellyfin + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: jellyfin + spec: + containers: + - env: + - name: LIBVA_DRIVER_NAME + value: iHD + image: jellyfin/jellyfin + imagePullPolicy: Always + name: jellyfin + ports: + - containerPort: 8096 + protocol: TCP + resources: {} + securityContext: + privileged: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: config + - mountPath: /cache + name: cache + - mountPath: /media + name: media + - mountPath: /dev/dri + name: vaapi + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: /opt/jellyfin/config + type: DirectoryOrCreate + name: config + - hostPath: + path: /opt/jellyfin/cache + type: DirectoryOrCreate + name: cache + - hostPath: + path: /mnt/media + type: Directory + name: media + - hostPath: + path: /dev/dri + type: Directory + name: vaapi + status: + conditions: + - lastTransitionTime: '2025-05-13T17:06:42Z' + lastUpdateTime: '2025-05-13T17:06:44Z' + message: ReplicaSet "jellyfin-5d9bbccdd" has successfully progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + - lastTransitionTime: '2025-08-24T01:02:25Z' + lastUpdateTime: '2025-08-24T01:02:25Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + observedGeneration: 2 + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '1' + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app":"jellyfin-latest"},"name":"jellyfin-latest","namespace":"jellyfin"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"jellyfin-latest"}},"strategy":{"rollingUpdate":{"maxSurge":"25%","maxUnavailable":"25%"},"type":"RollingUpdate"},"template":{"metadata":{"labels":{"app":"jellyfin-latest"}},"spec":{"containers":[{"env":[{"name":"LIBVA_DRIVER_NAME","value":"iHD"}],"image":"jellyfin/jellyfin:10.11.0-rc5","imagePullPolicy":"Always","name":"jellyfin","ports":[{"containerPort":8096,"protocol":"TCP"}],"securityContext":{"privileged":true},"volumeMounts":[{"mountPath":"/config","name":"config"},{"mountPath":"/cache","name":"cache"},{"mountPath":"/media","name":"media"},{"mountPath":"/dev/dri","name":"vaapi"}]}],"dnsPolicy":"ClusterFirst","restartPolicy":"Always","schedulerName":"default-scheduler","securityContext":{},"terminationGracePeriodSeconds":30,"volumes":[{"hostPath":{"path":"/opt/jellyfin/config","type":"DirectoryOrCreate"},"name":"config"},{"hostPath":{"path":"/opt/jellyfin/cache","type":"DirectoryOrCreate"},"name":"cache"},{"hostPath":{"path":"/mnt/media","type":"Directory"},"name":"media"},{"hostPath":{"path":"/dev/dri","type":"Directory"},"name":"vaapi"}]}}}} + + ' + creationTimestamp: '2025-08-31T22:45:19Z' + generation: 1 + labels: + app: jellyfin-latest + name: jellyfin-latest + namespace: jellyfin + resourceVersion: '14408637' + uid: 5b496147-c143-4f9e-bb30-f20a4936cae3 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: jellyfin-latest + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: jellyfin-latest + spec: + containers: + - env: + - name: LIBVA_DRIVER_NAME + value: iHD + image: jellyfin/jellyfin:10.11.0-rc5 + imagePullPolicy: Always + name: jellyfin + ports: + - containerPort: 8096 + protocol: TCP + resources: {} + securityContext: + privileged: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: config + - mountPath: /cache + name: cache + - mountPath: /media + name: media + - mountPath: /dev/dri + name: vaapi + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: /opt/jellyfin/config + type: DirectoryOrCreate + name: config + - hostPath: + path: /opt/jellyfin/cache + type: DirectoryOrCreate + name: cache + - hostPath: + path: /mnt/media + type: Directory + name: media + - hostPath: + path: /dev/dri + type: Directory + name: vaapi + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-08-31T22:45:19Z' + lastUpdateTime: '2025-08-31T22:45:42Z' + message: ReplicaSet "jellyfin-latest-78977b5658" has successfully progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + - lastTransitionTime: '2025-09-09T23:38:06Z' + lastUpdateTime: '2025-09-09T23:38:06Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '0' + deployment.kubernetes.io/max-replicas: '0' + deployment.kubernetes.io/revision: '1' + creationTimestamp: '2025-05-13T17:06:42Z' + generation: 2 + labels: + app: jellyfin + pod-template-hash: 5d9bbccdd + name: jellyfin-5d9bbccdd + namespace: jellyfin + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: jellyfin + uid: 0d2577d6-c082-417a-90e6-9a229e7ef84f + resourceVersion: '13271337' + uid: 4e268daa-5472-4f53-b2fd-43d709777350 + spec: + replicas: 0 + selector: + matchLabels: + app: jellyfin + pod-template-hash: 5d9bbccdd + template: + metadata: + creationTimestamp: null + labels: + app: jellyfin + pod-template-hash: 5d9bbccdd + spec: + containers: + - env: + - name: LIBVA_DRIVER_NAME + value: iHD + image: jellyfin/jellyfin + imagePullPolicy: Always + name: jellyfin + ports: + - containerPort: 8096 + protocol: TCP + resources: {} + securityContext: + privileged: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: config + - mountPath: /cache + name: cache + - mountPath: /media + name: media + - mountPath: /dev/dri + name: vaapi + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: /opt/jellyfin/config + type: DirectoryOrCreate + name: config + - hostPath: + path: /opt/jellyfin/cache + type: DirectoryOrCreate + name: cache + - hostPath: + path: /mnt/media + type: Directory + name: media + - hostPath: + path: /dev/dri + type: Directory + name: vaapi + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '1' + creationTimestamp: '2025-08-31T22:45:19Z' + generation: 1 + labels: + app: jellyfin-latest + pod-template-hash: 78977b5658 + name: jellyfin-latest-78977b5658 + namespace: jellyfin + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: jellyfin-latest + uid: 5b496147-c143-4f9e-bb30-f20a4936cae3 + resourceVersion: '14408636' + uid: efd86e40-b059-4b41-8813-c54d2593f571 + spec: + replicas: 1 + selector: + matchLabels: + app: jellyfin-latest + pod-template-hash: 78977b5658 + template: + metadata: + creationTimestamp: null + labels: + app: jellyfin-latest + pod-template-hash: 78977b5658 + spec: + containers: + - env: + - name: LIBVA_DRIVER_NAME + value: iHD + image: jellyfin/jellyfin:10.11.0-rc5 + imagePullPolicy: Always + name: jellyfin + ports: + - containerPort: 8096 + protocol: TCP + resources: {} + securityContext: + privileged: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: config + - mountPath: /cache + name: cache + - mountPath: /media + name: media + - mountPath: /dev/dri + name: vaapi + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: /opt/jellyfin/config + type: DirectoryOrCreate + name: config + - hostPath: + path: /opt/jellyfin/cache + type: DirectoryOrCreate + name: cache + - hostPath: + path: /mnt/media + type: Directory + name: media + - hostPath: + path: /dev/dri + type: Directory + name: vaapi + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/local-path-media/all.yaml b/manifests/local-path-media/all.yaml index 7bbb25d..d3f5f0d 100644 --- a/manifests/local-path-media/all.yaml +++ b/manifests/local-path-media/all.yaml @@ -1,632 +1,633 @@ apiVersion: v1 items: -- apiVersion: v1 - kind: Pod - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-08-12T11:22:01+02:00" - creationTimestamp: "2025-08-12T09:22:01Z" - generateName: local-path-provisioner-5dbf77846f- - labels: - app: local-path-provisioner - pod-template-hash: 5dbf77846f - name: local-path-provisioner-5dbf77846f-p6w8k - namespace: local-path-media - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: local-path-provisioner-5dbf77846f - uid: f5e2809e-cbd9-4fee-94f8-9bd65d7f1c68 - resourceVersion: "20356622" - uid: ddf563c9-c0d5-4c52-af09-4cdfa46ec2a5 - spec: - containers: - - command: - - local-path-provisioner - - --debug - - start - - --config - - /etc/config/config.json - - --provisioner-name - - rancher.io/local-path-media - - --namespace - - local-path-media - - --service-account-name - - local-path-provisioner-service-account - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: CONFIG_MOUNT_PATH - value: /etc/config/ - image: rancher/local-path-provisioner:v0.0.31 - imagePullPolicy: IfNotPresent - name: local-path-provisioner - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /etc/config/ - name: config-volume - - mountPath: /mnt/media - name: media-disk - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-xwt8k - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - nodeSelector: - kubernetes.io/hostname: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: local-path-provisioner - serviceAccountName: local-path-provisioner - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - configMap: - defaultMode: 420 - name: local-path-config - name: config-volume - - hostPath: - path: /mnt/media - type: Directory - name: media-disk - - name: kube-api-access-xwt8k - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:09Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-08-12T09:22:01Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:09Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:09Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-08-12T09:22:01Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://10b91cc2845ee88bc45c6436beaff5f177517a7aacc2cc28161c10fa9b5c054a - image: docker.io/rancher/local-path-provisioner:v0.0.31 - imageID: docker.io/rancher/local-path-provisioner@sha256:80496fdeb307541007621959aa13aed41d31db9cd2dc4167c19833e0bfa3878c - lastState: - terminated: - containerID: containerd://e6b725711ffe78093f5a1e7f7a139fd540cb6aa1a9cd430aed393d2abc780f53 - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:37Z" - name: local-path-provisioner - ready: true - restartCount: 4 - started: true - state: - running: - startedAt: "2025-08-24T01:02:09Z" - volumeMounts: - - mountPath: /etc/config/ - name: config-volume - - mountPath: /mnt/media - name: media-disk - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-xwt8k - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.48 - podIPs: - - ip: 10.244.0.48 - qosClass: BestEffort - startTime: "2025-08-12T09:22:01Z" -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "4" - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"local-path-provisioner","namespace":"local-path-media"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"local-path-provisioner"}},"template":{"metadata":{"labels":{"app":"local-path-provisioner"}},"spec":{"containers":[{"command":["local-path-provisioner","--debug","start","--config","/etc/config/config.json","--provisioner-name","rancher.io/local-path-media","--namespace","local-path-media"],"env":[{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"CONFIG_MOUNT_PATH","value":"/etc/config/"}],"image":"rancher/local-path-provisioner:v0.0.31","imagePullPolicy":"IfNotPresent","name":"local-path-provisioner","volumeMounts":[{"mountPath":"/etc/config/","name":"config-volume"},{"mountPath":"/mnt/media","name":"media-disk"}]}],"nodeSelector":{"kubernetes.io/hostname":"server-thinkcentre-e73"},"serviceAccountName":"local-path-provisioner","volumes":[{"configMap":{"name":"local-path-config"},"name":"config-volume"},{"hostPath":{"path":"/mnt/media","type":"Directory"},"name":"media-disk"}]}}}} - creationTimestamp: "2025-08-12T09:15:33Z" - generation: 4 - name: local-path-provisioner - namespace: local-path-media - resourceVersion: "12125163" - uid: 3f4a593d-6157-4df2-a4ff-34a5989624b5 - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app: local-path-provisioner - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-08-12T11:22:01+02:00" - creationTimestamp: null - labels: - app: local-path-provisioner - spec: - containers: - - command: - - local-path-provisioner - - --debug - - start - - --config - - /etc/config/config.json - - --provisioner-name - - rancher.io/local-path-media - - --namespace - - local-path-media - - --service-account-name - - local-path-provisioner-service-account - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: CONFIG_MOUNT_PATH - value: /etc/config/ - image: rancher/local-path-provisioner:v0.0.31 - imagePullPolicy: IfNotPresent - name: local-path-provisioner - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /etc/config/ - name: config-volume - - mountPath: /mnt/media - name: media-disk - dnsPolicy: ClusterFirst - nodeSelector: - kubernetes.io/hostname: server-thinkcentre-e73 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: local-path-provisioner - serviceAccountName: local-path-provisioner - terminationGracePeriodSeconds: 30 - volumes: - - configMap: - defaultMode: 420 - name: local-path-config - name: config-volume - - hostPath: - path: /mnt/media - type: Directory - name: media-disk - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-08-12T09:17:01Z" - lastUpdateTime: "2025-08-12T09:17:01Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - - lastTransitionTime: "2025-08-12T09:15:33Z" - lastUpdateTime: "2025-08-12T09:22:02Z" - message: ReplicaSet "local-path-provisioner-5dbf77846f" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - observedGeneration: 4 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "3" - creationTimestamp: "2025-08-12T09:21:55Z" - generation: 2 - labels: - app: local-path-provisioner - pod-template-hash: 5d9b85d4c4 - name: local-path-provisioner-5d9b85d4c4 - namespace: local-path-media - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: local-path-provisioner - uid: 3f4a593d-6157-4df2-a4ff-34a5989624b5 - resourceVersion: "12125162" - uid: def87e16-f05c-432a-829d-60c89632726d - spec: - replicas: 0 - selector: - matchLabels: - app: local-path-provisioner - pod-template-hash: 5d9b85d4c4 - template: - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-08-12T11:17:00+02:00" - creationTimestamp: null - labels: - app: local-path-provisioner - pod-template-hash: 5d9b85d4c4 - spec: - containers: - - command: - - local-path-provisioner - - --debug - - start - - --config - - /etc/config/config.json - - --provisioner-name - - rancher.io/local-path-media - - --namespace - - local-path-media - - --service-account-name - - local-path-provisioner-service-account - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: CONFIG_MOUNT_PATH - value: /etc/config/ - image: rancher/local-path-provisioner:v0.0.31 - imagePullPolicy: IfNotPresent - name: local-path-provisioner - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /etc/config/ - name: config-volume - - mountPath: /mnt/media - name: media-disk - dnsPolicy: ClusterFirst - nodeSelector: - kubernetes.io/hostname: server-thinkcentre-e73 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: local-path-provisioner - serviceAccountName: local-path-provisioner - terminationGracePeriodSeconds: 30 - volumes: - - configMap: - defaultMode: 420 - name: local-path-config - name: config-volume - - hostPath: - path: /mnt/media - type: Directory - name: media-disk - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "4" - creationTimestamp: "2025-08-12T09:22:01Z" - generation: 1 - labels: - app: local-path-provisioner - pod-template-hash: 5dbf77846f - name: local-path-provisioner-5dbf77846f - namespace: local-path-media - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: local-path-provisioner - uid: 3f4a593d-6157-4df2-a4ff-34a5989624b5 - resourceVersion: "12125154" - uid: f5e2809e-cbd9-4fee-94f8-9bd65d7f1c68 - spec: - replicas: 1 - selector: - matchLabels: + - apiVersion: v1 + kind: Pod + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-08-12T11:22:01+02:00' + creationTimestamp: '2025-08-12T09:22:01Z' + generateName: local-path-provisioner-5dbf77846f- + labels: app: local-path-provisioner pod-template-hash: 5dbf77846f - template: - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-08-12T11:22:01+02:00" - creationTimestamp: null - labels: + name: local-path-provisioner-5dbf77846f-p6w8k + namespace: local-path-media + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: local-path-provisioner-5dbf77846f + uid: f5e2809e-cbd9-4fee-94f8-9bd65d7f1c68 + resourceVersion: '20356622' + uid: ddf563c9-c0d5-4c52-af09-4cdfa46ec2a5 + spec: + containers: + - command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + - --provisioner-name + - rancher.io/local-path-media + - --namespace + - local-path-media + - --service-account-name + - local-path-provisioner-service-account + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + image: rancher/local-path-provisioner:v0.0.31 + imagePullPolicy: IfNotPresent + name: local-path-provisioner + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /mnt/media + name: media-disk + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-xwt8k + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + nodeSelector: + kubernetes.io/hostname: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner + serviceAccountName: local-path-provisioner + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - configMap: + defaultMode: 420 + name: local-path-config + name: config-volume + - hostPath: + path: /mnt/media + type: Directory + name: media-disk + - name: kube-api-access-xwt8k + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:09Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-08-12T09:22:01Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:09Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:09Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-08-12T09:22:01Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://10b91cc2845ee88bc45c6436beaff5f177517a7aacc2cc28161c10fa9b5c054a + image: docker.io/rancher/local-path-provisioner:v0.0.31 + imageID: docker.io/rancher/local-path-provisioner@sha256:80496fdeb307541007621959aa13aed41d31db9cd2dc4167c19833e0bfa3878c + lastState: + terminated: + containerID: containerd://e6b725711ffe78093f5a1e7f7a139fd540cb6aa1a9cd430aed393d2abc780f53 + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:37Z' + name: local-path-provisioner + ready: true + restartCount: 4 + started: true + state: + running: + startedAt: '2025-08-24T01:02:09Z' + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /mnt/media + name: media-disk + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-xwt8k + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.48 + podIPs: + - ip: 10.244.0.48 + qosClass: BestEffort + startTime: '2025-08-12T09:22:01Z' + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '4' + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"local-path-provisioner","namespace":"local-path-media"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"local-path-provisioner"}},"template":{"metadata":{"labels":{"app":"local-path-provisioner"}},"spec":{"containers":[{"command":["local-path-provisioner","--debug","start","--config","/etc/config/config.json","--provisioner-name","rancher.io/local-path-media","--namespace","local-path-media"],"env":[{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"CONFIG_MOUNT_PATH","value":"/etc/config/"}],"image":"rancher/local-path-provisioner:v0.0.31","imagePullPolicy":"IfNotPresent","name":"local-path-provisioner","volumeMounts":[{"mountPath":"/etc/config/","name":"config-volume"},{"mountPath":"/mnt/media","name":"media-disk"}]}],"nodeSelector":{"kubernetes.io/hostname":"server-thinkcentre-e73"},"serviceAccountName":"local-path-provisioner","volumes":[{"configMap":{"name":"local-path-config"},"name":"config-volume"},{"hostPath":{"path":"/mnt/media","type":"Directory"},"name":"media-disk"}]}}}} + + ' + creationTimestamp: '2025-08-12T09:15:33Z' + generation: 4 + name: local-path-provisioner + namespace: local-path-media + resourceVersion: '12125163' + uid: 3f4a593d-6157-4df2-a4ff-34a5989624b5 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: local-path-provisioner + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-08-12T11:22:01+02:00' + creationTimestamp: null + labels: + app: local-path-provisioner + spec: + containers: + - command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + - --provisioner-name + - rancher.io/local-path-media + - --namespace + - local-path-media + - --service-account-name + - local-path-provisioner-service-account + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + image: rancher/local-path-provisioner:v0.0.31 + imagePullPolicy: IfNotPresent + name: local-path-provisioner + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /mnt/media + name: media-disk + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/hostname: server-thinkcentre-e73 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner + serviceAccountName: local-path-provisioner + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: local-path-config + name: config-volume + - hostPath: + path: /mnt/media + type: Directory + name: media-disk + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-08-12T09:17:01Z' + lastUpdateTime: '2025-08-12T09:17:01Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + - lastTransitionTime: '2025-08-12T09:15:33Z' + lastUpdateTime: '2025-08-12T09:22:02Z' + message: ReplicaSet "local-path-provisioner-5dbf77846f" has successfully + progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + observedGeneration: 4 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '3' + creationTimestamp: '2025-08-12T09:21:55Z' + generation: 2 + labels: + app: local-path-provisioner + pod-template-hash: 5d9b85d4c4 + name: local-path-provisioner-5d9b85d4c4 + namespace: local-path-media + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: local-path-provisioner + uid: 3f4a593d-6157-4df2-a4ff-34a5989624b5 + resourceVersion: '12125162' + uid: def87e16-f05c-432a-829d-60c89632726d + spec: + replicas: 0 + selector: + matchLabels: + app: local-path-provisioner + pod-template-hash: 5d9b85d4c4 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-08-12T11:17:00+02:00' + creationTimestamp: null + labels: + app: local-path-provisioner + pod-template-hash: 5d9b85d4c4 + spec: + containers: + - command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + - --provisioner-name + - rancher.io/local-path-media + - --namespace + - local-path-media + - --service-account-name + - local-path-provisioner-service-account + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + image: rancher/local-path-provisioner:v0.0.31 + imagePullPolicy: IfNotPresent + name: local-path-provisioner + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /mnt/media + name: media-disk + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/hostname: server-thinkcentre-e73 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner + serviceAccountName: local-path-provisioner + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: local-path-config + name: config-volume + - hostPath: + path: /mnt/media + type: Directory + name: media-disk + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '4' + creationTimestamp: '2025-08-12T09:22:01Z' + generation: 1 + labels: + app: local-path-provisioner + pod-template-hash: 5dbf77846f + name: local-path-provisioner-5dbf77846f + namespace: local-path-media + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: local-path-provisioner + uid: 3f4a593d-6157-4df2-a4ff-34a5989624b5 + resourceVersion: '12125154' + uid: f5e2809e-cbd9-4fee-94f8-9bd65d7f1c68 + spec: + replicas: 1 + selector: + matchLabels: app: local-path-provisioner pod-template-hash: 5dbf77846f - spec: - containers: - - command: - - local-path-provisioner - - --debug - - start - - --config - - /etc/config/config.json - - --provisioner-name - - rancher.io/local-path-media - - --namespace - - local-path-media - - --service-account-name - - local-path-provisioner-service-account - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: CONFIG_MOUNT_PATH - value: /etc/config/ - image: rancher/local-path-provisioner:v0.0.31 - imagePullPolicy: IfNotPresent - name: local-path-provisioner - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /etc/config/ - name: config-volume - - mountPath: /mnt/media - name: media-disk - dnsPolicy: ClusterFirst - nodeSelector: - kubernetes.io/hostname: server-thinkcentre-e73 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: local-path-provisioner - serviceAccountName: local-path-provisioner - terminationGracePeriodSeconds: 30 - volumes: - - configMap: - defaultMode: 420 - name: local-path-config - name: config-volume - - hostPath: - path: /mnt/media - type: Directory - name: media-disk - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "1" - creationTimestamp: "2025-08-12T09:15:33Z" - generation: 2 - labels: - app: local-path-provisioner - pod-template-hash: 797b486f9c - name: local-path-provisioner-797b486f9c - namespace: local-path-media - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: local-path-provisioner - uid: 3f4a593d-6157-4df2-a4ff-34a5989624b5 - resourceVersion: "12124635" - uid: 44877f9a-1bf1-4cef-b2cb-c4a185fea5e6 - spec: - replicas: 0 - selector: - matchLabels: + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-08-12T11:22:01+02:00' + creationTimestamp: null + labels: + app: local-path-provisioner + pod-template-hash: 5dbf77846f + spec: + containers: + - command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + - --provisioner-name + - rancher.io/local-path-media + - --namespace + - local-path-media + - --service-account-name + - local-path-provisioner-service-account + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + image: rancher/local-path-provisioner:v0.0.31 + imagePullPolicy: IfNotPresent + name: local-path-provisioner + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /mnt/media + name: media-disk + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/hostname: server-thinkcentre-e73 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner + serviceAccountName: local-path-provisioner + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: local-path-config + name: config-volume + - hostPath: + path: /mnt/media + type: Directory + name: media-disk + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '1' + creationTimestamp: '2025-08-12T09:15:33Z' + generation: 2 + labels: app: local-path-provisioner pod-template-hash: 797b486f9c - template: - metadata: - creationTimestamp: null - labels: + name: local-path-provisioner-797b486f9c + namespace: local-path-media + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: local-path-provisioner + uid: 3f4a593d-6157-4df2-a4ff-34a5989624b5 + resourceVersion: '12124635' + uid: 44877f9a-1bf1-4cef-b2cb-c4a185fea5e6 + spec: + replicas: 0 + selector: + matchLabels: app: local-path-provisioner pod-template-hash: 797b486f9c - spec: - containers: - - command: - - local-path-provisioner - - --debug - - start - - --config - - /etc/config/config.json - - --provisioner-name - - rancher.io/local-path-media - - --namespace - - local-path-media - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: CONFIG_MOUNT_PATH - value: /etc/config/ - image: rancher/local-path-provisioner:v0.0.31 - imagePullPolicy: IfNotPresent - name: local-path-provisioner - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /etc/config/ - name: config-volume - - mountPath: /mnt/media - name: media-disk - dnsPolicy: ClusterFirst - nodeSelector: - kubernetes.io/hostname: server-thinkcentre-e73 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: local-path-provisioner - serviceAccountName: local-path-provisioner - terminationGracePeriodSeconds: 30 - volumes: - - configMap: - defaultMode: 420 - name: local-path-config - name: config-volume - - hostPath: - path: /mnt/media - type: Directory - name: media-disk - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "2" - creationTimestamp: "2025-08-12T09:17:00Z" - generation: 2 - labels: - app: local-path-provisioner - pod-template-hash: 7f78f86fdc - name: local-path-provisioner-7f78f86fdc - namespace: local-path-media - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: local-path-provisioner - uid: 3f4a593d-6157-4df2-a4ff-34a5989624b5 - resourceVersion: "12125123" - uid: 3ef06e44-2df6-44fd-807f-dabccde75267 - spec: - replicas: 0 - selector: - matchLabels: + template: + metadata: + creationTimestamp: null + labels: + app: local-path-provisioner + pod-template-hash: 797b486f9c + spec: + containers: + - command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + - --provisioner-name + - rancher.io/local-path-media + - --namespace + - local-path-media + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + image: rancher/local-path-provisioner:v0.0.31 + imagePullPolicy: IfNotPresent + name: local-path-provisioner + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /mnt/media + name: media-disk + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/hostname: server-thinkcentre-e73 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner + serviceAccountName: local-path-provisioner + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: local-path-config + name: config-volume + - hostPath: + path: /mnt/media + type: Directory + name: media-disk + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '2' + creationTimestamp: '2025-08-12T09:17:00Z' + generation: 2 + labels: app: local-path-provisioner pod-template-hash: 7f78f86fdc - template: - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-08-12T11:17:00+02:00" - creationTimestamp: null - labels: + name: local-path-provisioner-7f78f86fdc + namespace: local-path-media + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: local-path-provisioner + uid: 3f4a593d-6157-4df2-a4ff-34a5989624b5 + resourceVersion: '12125123' + uid: 3ef06e44-2df6-44fd-807f-dabccde75267 + spec: + replicas: 0 + selector: + matchLabels: app: local-path-provisioner pod-template-hash: 7f78f86fdc - spec: - containers: - - command: - - local-path-provisioner - - --debug - - start - - --config - - /etc/config/config.json - - --provisioner-name - - rancher.io/local-path-media - - --namespace - - local-path-media - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: CONFIG_MOUNT_PATH - value: /etc/config/ - image: rancher/local-path-provisioner:v0.0.31 - imagePullPolicy: IfNotPresent - name: local-path-provisioner - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /etc/config/ - name: config-volume - - mountPath: /mnt/media - name: media-disk - dnsPolicy: ClusterFirst - nodeSelector: - kubernetes.io/hostname: server-thinkcentre-e73 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: local-path-provisioner - serviceAccountName: local-path-provisioner - terminationGracePeriodSeconds: 30 - volumes: - - configMap: - defaultMode: 420 - name: local-path-config - name: config-volume - - hostPath: - path: /mnt/media - type: Directory - name: media-disk - status: - observedGeneration: 2 - replicas: 0 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-08-12T11:17:00+02:00' + creationTimestamp: null + labels: + app: local-path-provisioner + pod-template-hash: 7f78f86fdc + spec: + containers: + - command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + - --provisioner-name + - rancher.io/local-path-media + - --namespace + - local-path-media + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + image: rancher/local-path-provisioner:v0.0.31 + imagePullPolicy: IfNotPresent + name: local-path-provisioner + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /mnt/media + name: media-disk + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/hostname: server-thinkcentre-e73 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner + serviceAccountName: local-path-provisioner + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: local-path-config + name: config-volume + - hostPath: + path: /mnt/media + type: Directory + name: media-disk + status: + observedGeneration: 2 + replicas: 0 kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/local-path-storage/all.yaml b/manifests/local-path-storage/all.yaml index 5141887..5ddee7e 100644 --- a/manifests/local-path-storage/all.yaml +++ b/manifests/local-path-storage/all.yaml @@ -1,288 +1,40 @@ apiVersion: v1 items: -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-04-25T14:43:53Z" - generateName: local-path-provisioner-74f9666bc9- - labels: - app: local-path-provisioner - pod-template-hash: 74f9666bc9 - name: local-path-provisioner-74f9666bc9-vlcws - namespace: local-path-storage - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: local-path-provisioner-74f9666bc9 - uid: 27ff0826-5993-4a1a-8637-0c5907344c44 - resourceVersion: "20356658" - uid: ec4a0930-eb65-429d-92a2-aa949b6ae67c - spec: - containers: - - command: - - local-path-provisioner - - --debug - - start - - --config - - /etc/config/config.json - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: CONFIG_MOUNT_PATH - value: /etc/config/ - image: rancher/local-path-provisioner:v0.0.31 - imagePullPolicy: IfNotPresent - name: local-path-provisioner - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /etc/config/ - name: config-volume - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-vshsr - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: local-path-provisioner-service-account - serviceAccountName: local-path-provisioner-service-account - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - configMap: - defaultMode: 420 - name: local-path-config - name: config-volume - - name: kube-api-access-vshsr - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:07Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-04-25T14:43:53Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:07Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:07Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-04-25T14:43:53Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://87f279b36b89fec215617f9bf39fa653485802522cf195e2a304e10626fd79c4 - image: docker.io/rancher/local-path-provisioner:v0.0.31 - imageID: docker.io/rancher/local-path-provisioner@sha256:80496fdeb307541007621959aa13aed41d31db9cd2dc4167c19833e0bfa3878c - lastState: - terminated: - containerID: containerd://915a3371a1a4f29a28dbc046fedd0beb20af0edf26683b9f6b75164535879ecb - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:37Z" - name: local-path-provisioner - ready: true - restartCount: 12 - started: true - state: - running: - startedAt: "2025-08-24T01:02:07Z" - volumeMounts: - - mountPath: /etc/config/ - name: config-volume - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-vshsr - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.42 - podIPs: - - ip: 10.244.0.42 - qosClass: BestEffort - startTime: "2025-04-25T14:43:53Z" -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "1" - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"local-path-provisioner","namespace":"local-path-storage"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"local-path-provisioner"}},"template":{"metadata":{"labels":{"app":"local-path-provisioner"}},"spec":{"containers":[{"command":["local-path-provisioner","--debug","start","--config","/etc/config/config.json"],"env":[{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"CONFIG_MOUNT_PATH","value":"/etc/config/"}],"image":"rancher/local-path-provisioner:v0.0.31","imagePullPolicy":"IfNotPresent","name":"local-path-provisioner","volumeMounts":[{"mountPath":"/etc/config/","name":"config-volume"}]}],"serviceAccountName":"local-path-provisioner-service-account","volumes":[{"configMap":{"name":"local-path-config"},"name":"config-volume"}]}}}} - creationTimestamp: "2025-03-03T21:51:07Z" - generation: 1 - name: local-path-provisioner - namespace: local-path-storage - resourceVersion: "1752979" - uid: 188ca018-74d6-46b1-8f54-b9c1eb50e652 - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app: local-path-provisioner - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - creationTimestamp: null - labels: - app: local-path-provisioner - spec: - containers: - - command: - - local-path-provisioner - - --debug - - start - - --config - - /etc/config/config.json - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: CONFIG_MOUNT_PATH - value: /etc/config/ - image: rancher/local-path-provisioner:v0.0.31 - imagePullPolicy: IfNotPresent - name: local-path-provisioner - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /etc/config/ - name: config-volume - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: local-path-provisioner-service-account - serviceAccountName: local-path-provisioner-service-account - terminationGracePeriodSeconds: 30 - volumes: - - configMap: - defaultMode: 420 - name: local-path-config - name: config-volume - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-03-03T21:51:07Z" - lastUpdateTime: "2025-03-03T21:51:12Z" - message: ReplicaSet "local-path-provisioner-74f9666bc9" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - - lastTransitionTime: "2025-05-11T20:41:42Z" - lastUpdateTime: "2025-05-11T20:41:42Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "1" - creationTimestamp: "2025-03-03T21:51:07Z" - generation: 1 - labels: - app: local-path-provisioner - pod-template-hash: 74f9666bc9 - name: local-path-provisioner-74f9666bc9 - namespace: local-path-storage - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: local-path-provisioner - uid: 188ca018-74d6-46b1-8f54-b9c1eb50e652 - resourceVersion: "10111264" - uid: 27ff0826-5993-4a1a-8637-0c5907344c44 - spec: - replicas: 1 - selector: - matchLabels: + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-04-25T14:43:53Z' + generateName: local-path-provisioner-74f9666bc9- + labels: app: local-path-provisioner pod-template-hash: 74f9666bc9 - template: - metadata: - creationTimestamp: null - labels: - app: local-path-provisioner - pod-template-hash: 74f9666bc9 - spec: - containers: + name: local-path-provisioner-74f9666bc9-vlcws + namespace: local-path-storage + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: local-path-provisioner-74f9666bc9 + uid: 27ff0826-5993-4a1a-8637-0c5907344c44 + resourceVersion: '20356658' + uid: ec4a0930-eb65-429d-92a2-aa949b6ae67c + spec: + containers: - command: - - local-path-provisioner - - --debug - - start - - --config - - /etc/config/config.json + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: CONFIG_MOUNT_PATH - value: /etc/config/ + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ image: rancher/local-path-provisioner:v0.0.31 imagePullPolicy: IfNotPresent name: local-path-provisioner @@ -290,26 +42,275 @@ items: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /etc/config/ - name: config-volume - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: local-path-provisioner-service-account - serviceAccountName: local-path-provisioner-service-account - terminationGracePeriodSeconds: 30 - volumes: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-vshsr + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner-service-account + serviceAccountName: local-path-provisioner-service-account + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: - configMap: defaultMode: 420 name: local-path-config name: config-volume - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 + - name: kube-api-access-vshsr + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:07Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-04-25T14:43:53Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:07Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:07Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-04-25T14:43:53Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://87f279b36b89fec215617f9bf39fa653485802522cf195e2a304e10626fd79c4 + image: docker.io/rancher/local-path-provisioner:v0.0.31 + imageID: docker.io/rancher/local-path-provisioner@sha256:80496fdeb307541007621959aa13aed41d31db9cd2dc4167c19833e0bfa3878c + lastState: + terminated: + containerID: containerd://915a3371a1a4f29a28dbc046fedd0beb20af0edf26683b9f6b75164535879ecb + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:37Z' + name: local-path-provisioner + ready: true + restartCount: 12 + started: true + state: + running: + startedAt: '2025-08-24T01:02:07Z' + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-vshsr + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.42 + podIPs: + - ip: 10.244.0.42 + qosClass: BestEffort + startTime: '2025-04-25T14:43:53Z' + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '1' + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"local-path-provisioner","namespace":"local-path-storage"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"local-path-provisioner"}},"template":{"metadata":{"labels":{"app":"local-path-provisioner"}},"spec":{"containers":[{"command":["local-path-provisioner","--debug","start","--config","/etc/config/config.json"],"env":[{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"CONFIG_MOUNT_PATH","value":"/etc/config/"}],"image":"rancher/local-path-provisioner:v0.0.31","imagePullPolicy":"IfNotPresent","name":"local-path-provisioner","volumeMounts":[{"mountPath":"/etc/config/","name":"config-volume"}]}],"serviceAccountName":"local-path-provisioner-service-account","volumes":[{"configMap":{"name":"local-path-config"},"name":"config-volume"}]}}}} + + ' + creationTimestamp: '2025-03-03T21:51:07Z' + generation: 1 + name: local-path-provisioner + namespace: local-path-storage + resourceVersion: '1752979' + uid: 188ca018-74d6-46b1-8f54-b9c1eb50e652 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: local-path-provisioner + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: local-path-provisioner + spec: + containers: + - command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + image: rancher/local-path-provisioner:v0.0.31 + imagePullPolicy: IfNotPresent + name: local-path-provisioner + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner-service-account + serviceAccountName: local-path-provisioner-service-account + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: local-path-config + name: config-volume + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-03-03T21:51:07Z' + lastUpdateTime: '2025-03-03T21:51:12Z' + message: ReplicaSet "local-path-provisioner-74f9666bc9" has successfully + progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + - lastTransitionTime: '2025-05-11T20:41:42Z' + lastUpdateTime: '2025-05-11T20:41:42Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '1' + creationTimestamp: '2025-03-03T21:51:07Z' + generation: 1 + labels: + app: local-path-provisioner + pod-template-hash: 74f9666bc9 + name: local-path-provisioner-74f9666bc9 + namespace: local-path-storage + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: local-path-provisioner + uid: 188ca018-74d6-46b1-8f54-b9c1eb50e652 + resourceVersion: '10111264' + uid: 27ff0826-5993-4a1a-8637-0c5907344c44 + spec: + replicas: 1 + selector: + matchLabels: + app: local-path-provisioner + pod-template-hash: 74f9666bc9 + template: + metadata: + creationTimestamp: null + labels: + app: local-path-provisioner + pod-template-hash: 74f9666bc9 + spec: + containers: + - command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + image: rancher/local-path-provisioner:v0.0.31 + imagePullPolicy: IfNotPresent + name: local-path-provisioner + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner-service-account + serviceAccountName: local-path-provisioner-service-account + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: local-path-config + name: config-volume + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/minecraft/all.yaml b/manifests/minecraft/all.yaml index 562bc33..208ed97 100644 --- a/manifests/minecraft/all.yaml +++ b/manifests/minecraft/all.yaml @@ -1,203 +1,204 @@ apiVersion: v1 items: -- apiVersion: v1 - kind: Service - metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"minecraft-service","namespace":"minecraft"},"spec":{"ports":[{"nodePort":30065,"port":25565,"protocol":"TCP","targetPort":25565}],"selector":{"app":"minecraft"},"type":"NodePort"}} - creationTimestamp: "2025-03-15T17:15:31Z" - name: minecraft-service - namespace: minecraft - resourceVersion: "33501" - uid: df2206d4-9fd9-43d5-83c7-040ab8c83d76 - spec: - clusterIP: 10.104.56.62 - clusterIPs: - - 10.104.56.62 - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - nodePort: 30065 - port: 25565 - protocol: TCP - targetPort: 25565 - selector: - app: minecraft - sessionAffinity: None - type: NodePort - status: - loadBalancer: {} -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "1" - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app":"minecraft"},"name":"minecraft-server","namespace":"minecraft"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"minecraft"}},"template":{"metadata":{"labels":{"app":"minecraft"}},"spec":{"containers":[{"env":[{"name":"EULA","value":"TRUE"},{"name":"TYPE","value":"FORGE"},{"name":"VERSION","value":"1.21.4"},{"name":"MEMORY","value":"4G"},{"name":"ENABLE_RCON","value":"true"},{"name":"RCON_PASSWORD","value":"supersecret"},{"name":"OVERRIDE_SERVER_PROPERTIES","value":"TRUE"},{"name":"SERVER_IP","value":"0.0.0.0"}],"image":"itzg/minecraft-server:latest","imagePullPolicy":"Always","name":"minecraft","ports":[{"containerPort":25565,"name":"minecraft","protocol":"TCP"}],"volumeMounts":[{"mountPath":"/data","name":"mc-data"}]}],"volumes":[{"name":"mc-data","persistentVolumeClaim":{"claimName":"mc-data-pvc"}}]}}}} - creationTimestamp: "2025-03-15T17:15:13Z" - generation: 2 - labels: - app: minecraft - name: minecraft-server - namespace: minecraft - resourceVersion: "537709" - uid: ef31db7b-be9d-48c7-a8da-c9533463ce21 - spec: - progressDeadlineSeconds: 600 - replicas: 0 - revisionHistoryLimit: 10 - selector: - matchLabels: + - apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"minecraft-service","namespace":"minecraft"},"spec":{"ports":[{"nodePort":30065,"port":25565,"protocol":"TCP","targetPort":25565}],"selector":{"app":"minecraft"},"type":"NodePort"}} + + ' + creationTimestamp: '2025-03-15T17:15:31Z' + name: minecraft-service + namespace: minecraft + resourceVersion: '33501' + uid: df2206d4-9fd9-43d5-83c7-040ab8c83d76 + spec: + clusterIP: 10.104.56.62 + clusterIPs: + - 10.104.56.62 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - nodePort: 30065 + port: 25565 + protocol: TCP + targetPort: 25565 + selector: + app: minecraft + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '1' + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app":"minecraft"},"name":"minecraft-server","namespace":"minecraft"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"minecraft"}},"template":{"metadata":{"labels":{"app":"minecraft"}},"spec":{"containers":[{"env":[{"name":"EULA","value":"TRUE"},{"name":"TYPE","value":"FORGE"},{"name":"VERSION","value":"1.21.4"},{"name":"MEMORY","value":"4G"},{"name":"ENABLE_RCON","value":"true"},{"name":"RCON_PASSWORD","value":"supersecret"},{"name":"OVERRIDE_SERVER_PROPERTIES","value":"TRUE"},{"name":"SERVER_IP","value":"0.0.0.0"}],"image":"itzg/minecraft-server:latest","imagePullPolicy":"Always","name":"minecraft","ports":[{"containerPort":25565,"name":"minecraft","protocol":"TCP"}],"volumeMounts":[{"mountPath":"/data","name":"mc-data"}]}],"volumes":[{"name":"mc-data","persistentVolumeClaim":{"claimName":"mc-data-pvc"}}]}}}} + + ' + creationTimestamp: '2025-03-15T17:15:13Z' + generation: 2 + labels: app: minecraft - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - creationTimestamp: null - labels: - app: minecraft - spec: - containers: - - env: - - name: EULA - value: "TRUE" - - name: TYPE - value: FORGE - - name: VERSION - value: 1.21.4 - - name: MEMORY - value: 4G - - name: ENABLE_RCON - value: "true" - - name: RCON_PASSWORD - value: supersecret - - name: OVERRIDE_SERVER_PROPERTIES - value: "TRUE" - - name: SERVER_IP - value: 0.0.0.0 - image: itzg/minecraft-server:latest - imagePullPolicy: Always - name: minecraft - ports: - - containerPort: 25565 - name: minecraft - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /data - name: mc-data - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: - - name: mc-data - persistentVolumeClaim: - claimName: mc-data-pvc - status: - conditions: - - lastTransitionTime: "2025-03-15T17:15:13Z" - lastUpdateTime: "2025-03-15T17:17:17Z" - message: ReplicaSet "minecraft-server-589bb7cbf" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - - lastTransitionTime: "2025-04-25T09:29:05Z" - lastUpdateTime: "2025-04-25T09:29:05Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - observedGeneration: 2 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "0" - deployment.kubernetes.io/max-replicas: "0" - deployment.kubernetes.io/revision: "1" - creationTimestamp: "2025-03-15T17:15:13Z" - generation: 2 - labels: - app: minecraft - pod-template-hash: 589bb7cbf - name: minecraft-server-589bb7cbf - namespace: minecraft - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment name: minecraft-server + namespace: minecraft + resourceVersion: '537709' uid: ef31db7b-be9d-48c7-a8da-c9533463ce21 - resourceVersion: "537706" - uid: 168f9115-db2a-4c62-913b-998ef3166dcd - spec: - replicas: 0 - selector: - matchLabels: + spec: + progressDeadlineSeconds: 600 + replicas: 0 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: minecraft + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: minecraft + spec: + containers: + - env: + - name: EULA + value: 'TRUE' + - name: TYPE + value: FORGE + - name: VERSION + value: 1.21.4 + - name: MEMORY + value: 4G + - name: ENABLE_RCON + value: 'true' + - name: RCON_PASSWORD + value: supersecret + - name: OVERRIDE_SERVER_PROPERTIES + value: 'TRUE' + - name: SERVER_IP + value: 0.0.0.0 + image: itzg/minecraft-server:latest + imagePullPolicy: Always + name: minecraft + ports: + - containerPort: 25565 + name: minecraft + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /data + name: mc-data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: mc-data + persistentVolumeClaim: + claimName: mc-data-pvc + status: + conditions: + - lastTransitionTime: '2025-03-15T17:15:13Z' + lastUpdateTime: '2025-03-15T17:17:17Z' + message: ReplicaSet "minecraft-server-589bb7cbf" has successfully progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + - lastTransitionTime: '2025-04-25T09:29:05Z' + lastUpdateTime: '2025-04-25T09:29:05Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + observedGeneration: 2 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '0' + deployment.kubernetes.io/max-replicas: '0' + deployment.kubernetes.io/revision: '1' + creationTimestamp: '2025-03-15T17:15:13Z' + generation: 2 + labels: app: minecraft pod-template-hash: 589bb7cbf - template: - metadata: - creationTimestamp: null - labels: + name: minecraft-server-589bb7cbf + namespace: minecraft + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: minecraft-server + uid: ef31db7b-be9d-48c7-a8da-c9533463ce21 + resourceVersion: '537706' + uid: 168f9115-db2a-4c62-913b-998ef3166dcd + spec: + replicas: 0 + selector: + matchLabels: app: minecraft pod-template-hash: 589bb7cbf - spec: - containers: - - env: - - name: EULA - value: "TRUE" - - name: TYPE - value: FORGE - - name: VERSION - value: 1.21.4 - - name: MEMORY - value: 4G - - name: ENABLE_RCON - value: "true" - - name: RCON_PASSWORD - value: supersecret - - name: OVERRIDE_SERVER_PROPERTIES - value: "TRUE" - - name: SERVER_IP - value: 0.0.0.0 - image: itzg/minecraft-server:latest - imagePullPolicy: Always - name: minecraft - ports: - - containerPort: 25565 - name: minecraft - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /data - name: mc-data - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: - - name: mc-data - persistentVolumeClaim: - claimName: mc-data-pvc - status: - observedGeneration: 2 - replicas: 0 + template: + metadata: + creationTimestamp: null + labels: + app: minecraft + pod-template-hash: 589bb7cbf + spec: + containers: + - env: + - name: EULA + value: 'TRUE' + - name: TYPE + value: FORGE + - name: VERSION + value: 1.21.4 + - name: MEMORY + value: 4G + - name: ENABLE_RCON + value: 'true' + - name: RCON_PASSWORD + value: supersecret + - name: OVERRIDE_SERVER_PROPERTIES + value: 'TRUE' + - name: SERVER_IP + value: 0.0.0.0 + image: itzg/minecraft-server:latest + imagePullPolicy: Always + name: minecraft + ports: + - containerPort: 25565 + name: minecraft + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /data + name: mc-data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: mc-data + persistentVolumeClaim: + claimName: mc-data-pvc + status: + observedGeneration: 2 + replicas: 0 kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/monitoring/all.yaml b/manifests/monitoring/all.yaml index ddff6b1..42e9afe 100644 --- a/manifests/monitoring/all.yaml +++ b/manifests/monitoring/all.yaml @@ -1,3448 +1,69 @@ apiVersion: v1 items: -- apiVersion: v1 - kind: Pod - metadata: - annotations: - kubectl.kubernetes.io/default-container: alertmanager - creationTimestamp: "2025-03-15T19:28:35Z" - generateName: alertmanager-monitoring-kube-prometheus-alertmanager- - labels: - alertmanager: monitoring-kube-prometheus-alertmanager - app.kubernetes.io/instance: monitoring-kube-prometheus-alertmanager - app.kubernetes.io/managed-by: prometheus-operator - app.kubernetes.io/name: alertmanager - app.kubernetes.io/version: 0.28.1 - apps.kubernetes.io/pod-index: "0" - controller-revision-hash: alertmanager-monitoring-kube-prometheus-alertmanager-6b749c8658 - statefulset.kubernetes.io/pod-name: alertmanager-monitoring-kube-prometheus-alertmanager-0 - name: alertmanager-monitoring-kube-prometheus-alertmanager-0 - namespace: monitoring - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: StatefulSet - name: alertmanager-monitoring-kube-prometheus-alertmanager - uid: d1ac5b0a-c1d8-442f-b938-c8387c484893 - resourceVersion: "20356487" - uid: 31a1e271-2244-443c-b58b-486e4d118318 - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: - - alertmanager - - key: alertmanager - operator: In - values: - - monitoring-kube-prometheus-alertmanager - topologyKey: kubernetes.io/hostname - weight: 100 - automountServiceAccountToken: true - containers: - - args: - - --config.file=/etc/alertmanager/config_out/alertmanager.env.yaml - - --storage.path=/alertmanager - - --data.retention=120h - - --cluster.listen-address= - - --web.listen-address=:9093 - - --web.external-url=http://monitoring-kube-prometheus-alertmanager.monitoring:9093 - - --web.route-prefix=/ - - --cluster.label=monitoring/monitoring-kube-prometheus-alertmanager - - --cluster.peer=alertmanager-monitoring-kube-prometheus-alertmanager-0.alertmanager-operated:9094 - - --cluster.reconnect-timeout=5m - - --web.config.file=/etc/alertmanager/web_config/web-config.yaml - env: - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - image: quay.io/prometheus/alertmanager:v0.28.1 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 10 - httpGet: - path: /-/healthy - port: http-web - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 3 - name: alertmanager - ports: - - containerPort: 9093 - name: http-web - protocol: TCP - - containerPort: 9094 - name: mesh-tcp - protocol: TCP - - containerPort: 9094 - name: mesh-udp - protocol: UDP - readinessProbe: - failureThreshold: 10 - httpGet: - path: /-/ready - port: http-web - scheme: HTTP - initialDelaySeconds: 3 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 3 - resources: - requests: - memory: 200Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: FallbackToLogsOnError - volumeMounts: - - mountPath: /etc/alertmanager/config - name: config-volume - - mountPath: /etc/alertmanager/config_out - name: config-out - readOnly: true - - mountPath: /etc/alertmanager/certs - name: tls-assets - readOnly: true - - mountPath: /alertmanager - name: alertmanager-monitoring-kube-prometheus-alertmanager-db - - mountPath: /etc/alertmanager/web_config/web-config.yaml - name: web-config - readOnly: true - subPath: web-config.yaml - - mountPath: /etc/alertmanager/cluster_tls_config/cluster-tls-config.yaml - name: cluster-tls-config - readOnly: true - subPath: cluster-tls-config.yaml - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-kqjt8 - readOnly: true - - args: - - --listen-address=:8080 - - --web-config-file=/etc/alertmanager/web_config/web-config.yaml - - --reload-url=http://127.0.0.1:9093/-/reload - - --config-file=/etc/alertmanager/config/alertmanager.yaml.gz - - --config-envsubst-file=/etc/alertmanager/config_out/alertmanager.env.yaml - - --watched-dir=/etc/alertmanager/config - command: - - /bin/prometheus-config-reloader - env: - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: SHARD - value: "-1" - image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 - imagePullPolicy: IfNotPresent - name: config-reloader - ports: - - containerPort: 8080 - name: reloader-web - protocol: TCP - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: FallbackToLogsOnError - volumeMounts: - - mountPath: /etc/alertmanager/config - name: config-volume - readOnly: true - - mountPath: /etc/alertmanager/config_out - name: config-out - - mountPath: /etc/alertmanager/web_config/web-config.yaml - name: web-config - readOnly: true - subPath: web-config.yaml - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-kqjt8 - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - hostname: alertmanager-monitoring-kube-prometheus-alertmanager-0 - initContainers: - - args: - - --watch-interval=0 - - --listen-address=:8081 - - --config-file=/etc/alertmanager/config/alertmanager.yaml.gz - - --config-envsubst-file=/etc/alertmanager/config_out/alertmanager.env.yaml - - --watched-dir=/etc/alertmanager/config - command: - - /bin/prometheus-config-reloader - env: - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: SHARD - value: "-1" - image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 - imagePullPolicy: IfNotPresent - name: init-config-reloader - ports: - - containerPort: 8081 - name: reloader-web - protocol: TCP - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: FallbackToLogsOnError - volumeMounts: - - mountPath: /etc/alertmanager/config - name: config-volume - readOnly: true - - mountPath: /etc/alertmanager/config_out - name: config-out - - mountPath: /etc/alertmanager/web_config/web-config.yaml - name: web-config - readOnly: true - subPath: web-config.yaml - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-kqjt8 - readOnly: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 2000 - runAsGroup: 2000 - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - serviceAccount: monitoring-kube-prometheus-alertmanager - serviceAccountName: monitoring-kube-prometheus-alertmanager - subdomain: alertmanager-operated - terminationGracePeriodSeconds: 120 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: config-volume - secret: - defaultMode: 420 - secretName: alertmanager-monitoring-kube-prometheus-alertmanager-generated - - name: tls-assets - projected: - defaultMode: 420 - sources: - - secret: - name: alertmanager-monitoring-kube-prometheus-alertmanager-tls-assets-0 - - emptyDir: - medium: Memory - name: config-out - - name: web-config - secret: - defaultMode: 420 - secretName: alertmanager-monitoring-kube-prometheus-alertmanager-web-config - - name: cluster-tls-config - secret: - defaultMode: 420 - secretName: alertmanager-monitoring-kube-prometheus-alertmanager-cluster-tls-config - - emptyDir: {} - name: alertmanager-monitoring-kube-prometheus-alertmanager-db - - name: kube-api-access-kqjt8 - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:02Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-03-15T19:28:55Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:09Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:09Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-03-15T19:28:35Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://11db9ce5b4798a81eedd59f344ec79fbd8efd907e2e80f695dc1ff4dac034c42 - image: quay.io/prometheus/alertmanager:v0.28.1 - imageID: quay.io/prometheus/alertmanager@sha256:27c475db5fb156cab31d5c18a4251ac7ed567746a2483ff264516437a39b15ba - lastState: - terminated: - containerID: containerd://9966b24da94b94e88f9c51c25dc7cf0642f9025e98b690899ac08001e31278a1 - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - message: | - time=2025-08-12T14:09:35.281Z level=INFO source=main.go:191 msg="Starting Alertmanager" version="(version=0.28.1, branch=HEAD, revision=b2099eaa2c9ebc25edb26517cb9c732738e93910)" - time=2025-08-12T14:09:35.281Z level=INFO source=main.go:192 msg="Build context" build_context="(go=go1.23.7, platform=linux/amd64, user=root@fa3ca569dfe4, date=20250307-15:05:18, tags=netgo)" - time=2025-08-12T14:09:35.327Z level=INFO source=coordinator.go:112 msg="Loading configuration file" component=configuration file=/etc/alertmanager/config_out/alertmanager.env.yaml - time=2025-08-12T14:09:35.328Z level=INFO source=coordinator.go:125 msg="Completed loading of configuration file" component=configuration file=/etc/alertmanager/config_out/alertmanager.env.yaml - time=2025-08-12T14:09:35.333Z level=INFO source=tls_config.go:347 msg="Listening on" address=[::]:9093 - time=2025-08-12T14:09:35.333Z level=INFO source=tls_config.go:386 msg="TLS is disabled." http2=false address=[::]:9093 - time=2025-08-12T14:09:40.192Z level=INFO source=coordinator.go:112 msg="Loading configuration file" component=configuration file=/etc/alertmanager/config_out/alertmanager.env.yaml - time=2025-08-12T14:09:40.193Z level=INFO source=coordinator.go:125 msg="Completed loading of configuration file" component=configuration file=/etc/alertmanager/config_out/alertmanager.env.yaml - reason: Unknown - startedAt: "2025-08-12T14:09:35Z" - name: alertmanager - ready: true - restartCount: 24 - started: true - state: - running: - startedAt: "2025-08-24T01:02:02Z" - volumeMounts: - - mountPath: /etc/alertmanager/config - name: config-volume - - mountPath: /etc/alertmanager/config_out - name: config-out - readOnly: true - recursiveReadOnly: Disabled - - mountPath: /etc/alertmanager/certs - name: tls-assets - readOnly: true - recursiveReadOnly: Disabled - - mountPath: /alertmanager - name: alertmanager-monitoring-kube-prometheus-alertmanager-db - - mountPath: /etc/alertmanager/web_config/web-config.yaml - name: web-config - readOnly: true - recursiveReadOnly: Disabled - - mountPath: /etc/alertmanager/cluster_tls_config/cluster-tls-config.yaml - name: cluster-tls-config - readOnly: true - recursiveReadOnly: Disabled - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-kqjt8 - readOnly: true - recursiveReadOnly: Disabled - - containerID: containerd://cfc0b8b79f087e97e53ea9a6d6200173b25b29b8bbcf27f8b6c7b532fb5d9c54 - image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 - imageID: quay.io/prometheus-operator/prometheus-config-reloader@sha256:959d47672fbff2776a04ec62b8afcec89e8c036af84dc5fade50019dab212746 - lastState: - terminated: - containerID: containerd://786140909e80409f663934796f0e0a1bc34a89a0260ac53036e0ebe7a4127b13 - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - message: | - ts=2025-08-12T14:09:35.185577512Z level=info caller=/workspace/cmd/prometheus-config-reloader/main.go:148 msg="Starting prometheus-config-reloader" version="(version=0.81.0, branch=, revision=240b303)" build_context="(go=go1.23.7, platform=linux/amd64, user=, date=20250311-14:56:57, tags=unknown)" - ts=2025-08-12T14:09:35.185911989Z level=info caller=/workspace/internal/goruntime/cpu.go:27 msg="Leaving GOMAXPROCS=4: CPU quota undefined" - level=info ts=2025-08-12T14:09:35.186752469Z caller=reloader.go:282 msg="reloading via HTTP" - ts=2025-08-12T14:09:35.190691008Z level=info caller=/workspace/cmd/prometheus-config-reloader/main.go:202 msg="Starting web server for metrics" listen=:8080 - ts=2025-08-12T14:09:35.19133334Z level=info caller=/go/pkg/mod/github.com/prometheus/exporter-toolkit@v0.13.2/web/tls_config.go:347 msg="Listening on" address=[::]:8080 - ts=2025-08-12T14:09:35.191808246Z level=info caller=/go/pkg/mod/github.com/prometheus/exporter-toolkit@v0.13.2/web/tls_config.go:386 msg="TLS is disabled." http2=false address=[::]:8080 - level=error ts=2025-08-12T14:09:35.192479849Z caller=runutil.go:117 msg="function failed. Retrying in next tick" err="trigger reload: reload request failed: Post \"http://127.0.0.1:9093/-/reload\": dial tcp 127.0.0.1:9093: connect: connection refused" - level=info ts=2025-08-12T14:09:40.195756728Z caller=reloader.go:548 msg="Reload triggered" cfg_in=/etc/alertmanager/config/alertmanager.yaml.gz cfg_out=/etc/alertmanager/config_out/alertmanager.env.yaml cfg_dirs= watched_dirs=/etc/alertmanager/config - level=info ts=2025-08-12T14:09:40.195991023Z caller=reloader.go:330 msg="started watching config file and directories for changes" cfg=/etc/alertmanager/config/alertmanager.yaml.gz cfgDirs= out=/etc/alertmanager/config_out/alertmanager.env.yaml dirs=/etc/alertmanager/config - reason: Unknown - startedAt: "2025-08-12T14:09:35Z" - name: config-reloader - ready: true - restartCount: 24 - started: true - state: - running: - startedAt: "2025-08-24T01:02:02Z" - volumeMounts: - - mountPath: /etc/alertmanager/config - name: config-volume - readOnly: true - recursiveReadOnly: Disabled - - mountPath: /etc/alertmanager/config_out - name: config-out - - mountPath: /etc/alertmanager/web_config/web-config.yaml - name: web-config - readOnly: true - recursiveReadOnly: Disabled - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-kqjt8 - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - initContainerStatuses: - - containerID: containerd://0ed3695a0a318284424f596ed810dd70395e54378b7cc3684b5c0d2eccbcee5d - image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 - imageID: quay.io/prometheus-operator/prometheus-config-reloader@sha256:959d47672fbff2776a04ec62b8afcec89e8c036af84dc5fade50019dab212746 - lastState: {} - name: init-config-reloader - ready: true - restartCount: 0 - started: false - state: - terminated: - containerID: containerd://0ed3695a0a318284424f596ed810dd70395e54378b7cc3684b5c0d2eccbcee5d - exitCode: 0 - finishedAt: "2025-08-24T01:02:01Z" - reason: Completed - startedAt: "2025-08-24T01:02:01Z" - volumeMounts: - - mountPath: /etc/alertmanager/config - name: config-volume - readOnly: true - recursiveReadOnly: Disabled - - mountPath: /etc/alertmanager/config_out - name: config-out - - mountPath: /etc/alertmanager/web_config/web-config.yaml - name: web-config - readOnly: true - recursiveReadOnly: Disabled - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-kqjt8 - readOnly: true - recursiveReadOnly: Disabled - phase: Running - podIP: 10.244.0.35 - podIPs: - - ip: 10.244.0.35 - qosClass: Burstable - startTime: "2025-03-15T19:28:35Z" -- apiVersion: v1 - kind: Pod - metadata: - annotations: - checksum/config: 0e9cbd0ea8e24e32f7dfca5bab17a2ba05652642f0a09a4882833ae88e4cc4a3 - checksum/sc-dashboard-provider-config: e70bf6a851099d385178a76de9757bb0bef8299da6d8443602590e44f05fdf24 - checksum/secret: 032056e9c62bbe9d1daa41ee49cd3d9524c076f51ca4c65adadf4ef08ef28712 - kubectl.kubernetes.io/default-container: grafana - creationTimestamp: "2025-03-15T20:17:35Z" - generateName: monitoring-grafana-57bd7cc44f- - labels: - app.kubernetes.io/instance: monitoring - app.kubernetes.io/name: grafana - app.kubernetes.io/version: 11.5.2 - helm.sh/chart: grafana-8.10.3 - pod-template-hash: 57bd7cc44f - name: monitoring-grafana-57bd7cc44f-h9t9f - namespace: monitoring - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: monitoring-grafana-57bd7cc44f - uid: 5d7b2e80-dcf0-4ec8-adeb-b494fa3b5e68 - resourceVersion: "20356481" - uid: 582d88bf-0c9b-4eba-84e9-cdc4e90d44bb - spec: - automountServiceAccountToken: true - containers: - - env: - - name: METHOD - value: WATCH - - name: LABEL - value: grafana_dashboard - - name: LABEL_VALUE - value: "1" - - name: FOLDER - value: /tmp/dashboards - - name: RESOURCE - value: both - - name: NAMESPACE - value: ALL - - name: REQ_USERNAME - valueFrom: - secretKeyRef: - key: admin-user - name: monitoring-grafana - - name: REQ_PASSWORD - valueFrom: - secretKeyRef: - key: admin-password - name: monitoring-grafana - - name: REQ_URL - value: http://localhost:3000/api/admin/provisioning/dashboards/reload - - name: REQ_METHOD - value: POST - image: quay.io/kiwigrid/k8s-sidecar:1.30.0 - imagePullPolicy: IfNotPresent - name: grafana-sc-dashboard - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /tmp/dashboards - name: sc-dashboard-volume - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-khj29 - readOnly: true - - env: - - name: METHOD - value: WATCH - - name: LABEL - value: grafana_datasource - - name: LABEL_VALUE - value: "1" - - name: FOLDER - value: /etc/grafana/provisioning/datasources - - name: RESOURCE - value: both - - name: REQ_USERNAME - valueFrom: - secretKeyRef: - key: admin-user - name: monitoring-grafana - - name: REQ_PASSWORD - valueFrom: - secretKeyRef: - key: admin-password - name: monitoring-grafana - - name: REQ_URL - value: http://localhost:3000/api/admin/provisioning/datasources/reload - - name: REQ_METHOD - value: POST - image: quay.io/kiwigrid/k8s-sidecar:1.30.0 - imagePullPolicy: IfNotPresent - name: grafana-sc-datasources - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /etc/grafana/provisioning/datasources - name: sc-datasources-volume - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-khj29 - readOnly: true - - env: - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: GF_SECURITY_ADMIN_USER - valueFrom: - secretKeyRef: - key: admin-user - name: monitoring-grafana - - name: GF_SECURITY_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: admin-password - name: monitoring-grafana - - name: GF_PATHS_DATA - value: /var/lib/grafana/ - - name: GF_PATHS_LOGS - value: /var/log/grafana - - name: GF_PATHS_PLUGINS - value: /var/lib/grafana/plugins - - name: GF_PATHS_PROVISIONING - value: /etc/grafana/provisioning - image: docker.io/grafana/grafana:11.5.2 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 10 - httpGet: - path: /api/health - port: 3000 - scheme: HTTP - initialDelaySeconds: 60 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 30 - name: grafana - ports: - - containerPort: 3000 - name: grafana - protocol: TCP - - containerPort: 9094 - name: gossip-tcp - protocol: TCP - - containerPort: 9094 - name: gossip-udp - protocol: UDP - - containerPort: 6060 - name: profiling - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /api/health - port: 3000 - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /etc/grafana/grafana.ini - name: config - subPath: grafana.ini - - mountPath: /var/lib/grafana - name: storage - - mountPath: /tmp/dashboards - name: sc-dashboard-volume - - mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml - name: sc-dashboard-provider - subPath: provider.yaml - - mountPath: /etc/grafana/provisioning/datasources - name: sc-datasources-volume - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-khj29 - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 472 - runAsGroup: 472 - runAsNonRoot: true - runAsUser: 472 - serviceAccount: monitoring-grafana - serviceAccountName: monitoring-grafana - shareProcessNamespace: false - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - configMap: - defaultMode: 420 - name: monitoring-grafana - name: config - - emptyDir: {} - name: storage - - emptyDir: {} - name: sc-dashboard-volume - - configMap: - defaultMode: 420 - name: monitoring-grafana-config-dashboards - name: sc-dashboard-provider - - emptyDir: {} - name: sc-datasources-volume - - name: kube-api-access-khj29 - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:05Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-03-15T20:17:35Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:15Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:15Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-03-15T20:17:35Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://d9f759986c23a25bf868950f905db151b59c9752575088ba22185f5250db0466 - image: docker.io/grafana/grafana:11.5.2 - imageID: docker.io/grafana/grafana@sha256:8b37a2f028f164ce7b9889e1765b9d6ee23fec80f871d156fbf436d6198d32b7 - lastState: - terminated: - containerID: containerd://ad484f6759705312c760c4db7754375b7f16628aa9b71cc4d4d90e4fa2bc3a77 - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:33Z" - name: grafana - ready: true - restartCount: 24 - started: true - state: - running: - startedAt: "2025-08-24T01:02:04Z" - volumeMounts: - - mountPath: /etc/grafana/grafana.ini - name: config - - mountPath: /var/lib/grafana - name: storage - - mountPath: /tmp/dashboards - name: sc-dashboard-volume - - mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml - name: sc-dashboard-provider - - mountPath: /etc/grafana/provisioning/datasources - name: sc-datasources-volume - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-khj29 - readOnly: true - recursiveReadOnly: Disabled - - containerID: containerd://3c9aa1fa5e6ced932afe1771d5ef58eadf4f55d3832ba96b6e4d902f855850b9 - image: quay.io/kiwigrid/k8s-sidecar:1.30.0 - imageID: quay.io/kiwigrid/k8s-sidecar@sha256:9a326271c439b6f9e174f3b48ed132bbff71c00592c7dbd072ccdc334445bde2 - lastState: - terminated: - containerID: containerd://7b2dfcc88610d7b4bc54215d16c9acf1512ef91f0ecb352a9c416270e96e5d0f - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:33Z" - name: grafana-sc-dashboard - ready: true - restartCount: 24 - started: true - state: - running: - startedAt: "2025-08-24T01:02:03Z" - volumeMounts: - - mountPath: /tmp/dashboards - name: sc-dashboard-volume - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-khj29 - readOnly: true - recursiveReadOnly: Disabled - - containerID: containerd://ed8944c8c2ed25b53826f9904118c8f40849f35adf80a085b55f446c9403f52c - image: quay.io/kiwigrid/k8s-sidecar:1.30.0 - imageID: quay.io/kiwigrid/k8s-sidecar@sha256:9a326271c439b6f9e174f3b48ed132bbff71c00592c7dbd072ccdc334445bde2 - lastState: - terminated: - containerID: containerd://7fd38cc69fc5b56e3801f74f4af036911e04eef8da868d881e287e1b2820c4eb - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:33Z" - name: grafana-sc-datasources - ready: true - restartCount: 24 - started: true - state: - running: - startedAt: "2025-08-24T01:02:03Z" - volumeMounts: - - mountPath: /etc/grafana/provisioning/datasources - name: sc-datasources-volume - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-khj29 - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.39 - podIPs: - - ip: 10.244.0.39 - qosClass: BestEffort - startTime: "2025-03-15T20:17:35Z" -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-03-15T19:28:25Z" - generateName: monitoring-kube-prometheus-operator-55f4b4d949- - labels: - app: kube-prometheus-stack-operator - app.kubernetes.io/component: prometheus-operator - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator - app.kubernetes.io/part-of: kube-prometheus-stack - app.kubernetes.io/version: 70.0.0 - chart: kube-prometheus-stack-70.0.0 - heritage: Helm - pod-template-hash: 55f4b4d949 - release: monitoring - name: monitoring-kube-prometheus-operator-55f4b4d949-9xhm7 - namespace: monitoring - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: monitoring-kube-prometheus-operator-55f4b4d949 - uid: 6018d8a7-1d56-4811-80e1-042743fa271b - resourceVersion: "20356570" - uid: 9e0b6bc0-4aa8-494c-90b2-c095910bc33b - spec: - automountServiceAccountToken: true - containers: - - args: - - --kubelet-service=kube-system/monitoring-kube-prometheus-kubelet - - --kubelet-endpoints=true - - --kubelet-endpointslice=false - - --localhost=127.0.0.1 - - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 - - --config-reloader-cpu-request=0 - - --config-reloader-cpu-limit=0 - - --config-reloader-memory-request=0 - - --config-reloader-memory-limit=0 - - --thanos-default-base-image=quay.io/thanos/thanos:v0.37.2 - - --secret-field-selector=type!=kubernetes.io/dockercfg,type!=kubernetes.io/service-account-token,type!=helm.sh/release.v1 - - --web.enable-tls=true - - --web.cert-file=/cert/cert - - --web.key-file=/cert/key - - --web.listen-address=:10250 - - --web.tls-min-version=VersionTLS13 - env: - - name: GOGC - value: "30" - image: quay.io/prometheus-operator/prometheus-operator:v0.81.0 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: https - scheme: HTTPS - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: kube-prometheus-stack - ports: - - containerPort: 10250 - name: https - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: https - scheme: HTTPS - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /cert - name: tls-secret - readOnly: true - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-4zxdr - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 65534 - runAsGroup: 65534 - runAsNonRoot: true - runAsUser: 65534 - seccompProfile: - type: RuntimeDefault - serviceAccount: monitoring-kube-prometheus-operator - serviceAccountName: monitoring-kube-prometheus-operator - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: tls-secret - secret: - defaultMode: 420 - secretName: monitoring-kube-prometheus-admission - - name: kube-api-access-4zxdr - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:03Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-03-15T19:28:25Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:04Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:04Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-03-15T19:28:25Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://eb2ab2cccf0b98c082733495e3a4bcb1b85bce20ac880731ae89be3f488e945d - image: quay.io/prometheus-operator/prometheus-operator:v0.81.0 - imageID: quay.io/prometheus-operator/prometheus-operator@sha256:5f6a204b252e901b97486ff409c74f48cdbb4cf83731355b08f1155febad6822 - lastState: - terminated: - containerID: containerd://1cae6950db5136f118602297f5922b4d127864034e2b50bffd1df8f7e7f909cc - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:31Z" - name: kube-prometheus-stack - ready: true - restartCount: 47 - started: true - state: - running: - startedAt: "2025-08-24T01:02:03Z" - volumeMounts: - - mountPath: /cert - name: tls-secret - readOnly: true - recursiveReadOnly: Disabled - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-4zxdr - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.37 - podIPs: - - ip: 10.244.0.37 - qosClass: BestEffort - startTime: "2025-03-15T19:28:25Z" -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-03-15T19:28:25Z" - generateName: monitoring-kube-state-metrics-6d79fb6b66- - labels: - app.kubernetes.io/component: metrics - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: kube-state-metrics - app.kubernetes.io/part-of: kube-state-metrics - app.kubernetes.io/version: 2.15.0 - helm.sh/chart: kube-state-metrics-5.30.1 - pod-template-hash: 6d79fb6b66 - release: monitoring - name: monitoring-kube-state-metrics-6d79fb6b66-8ss6p - namespace: monitoring - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: monitoring-kube-state-metrics-6d79fb6b66 - uid: d4a6f708-59c4-4a58-9fec-f0bbfde4a93b - resourceVersion: "20356827" - uid: e334bfda-b179-44a3-98a9-18eedce004ee - spec: - automountServiceAccountToken: true - containers: - - args: - - --port=8080 - - --resources=certificatesigningrequests,configmaps,cronjobs,daemonsets,deployments,endpoints,horizontalpodautoscalers,ingresses,jobs,leases,limitranges,mutatingwebhookconfigurations,namespaces,networkpolicies,nodes,persistentvolumeclaims,persistentvolumes,poddisruptionbudgets,pods,replicasets,replicationcontrollers,resourcequotas,secrets,services,statefulsets,storageclasses,validatingwebhookconfigurations,volumeattachments - image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.15.0 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: /livez - port: 8080 - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: kube-state-metrics - ports: - - containerPort: 8080 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /readyz - port: 8081 - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-nzt2m - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 65534 - runAsGroup: 65534 - runAsNonRoot: true - runAsUser: 65534 - seccompProfile: - type: RuntimeDefault - serviceAccount: monitoring-kube-state-metrics - serviceAccountName: monitoring-kube-state-metrics - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: kube-api-access-nzt2m - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:02Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-03-15T19:28:25Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-10-27T12:02:33Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-10-27T12:02:33Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-03-15T19:28:25Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://f5bd7ed2ad9ab66b7d1af9603476a2175229c4a495fb0f2e194fde4efc7f3ba7 - image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.15.0 - imageID: registry.k8s.io/kube-state-metrics/kube-state-metrics@sha256:db384bf43222b066c378e77027a675d4cd9911107adba46c2922b3a55e10d6fb - lastState: - terminated: - containerID: containerd://bfdc847811e3f392b2e261e76783ab1a37501a92937610d6c42b7bfd4ed15896 - exitCode: 1 - finishedAt: "2025-10-27T11:57:13Z" - reason: Error - startedAt: "2025-10-27T11:57:13Z" - name: kube-state-metrics - ready: true - restartCount: 136 - started: true - state: - running: - startedAt: "2025-10-27T12:02:21Z" - volumeMounts: - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-nzt2m - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.34 - podIPs: - - ip: 10.244.0.34 - qosClass: BestEffort - startTime: "2025-03-15T19:28:25Z" -- apiVersion: v1 - kind: Pod - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - creationTimestamp: "2025-03-15T19:28:25Z" - generateName: monitoring-prometheus-node-exporter- - labels: - app.kubernetes.io/component: metrics - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: prometheus-node-exporter - app.kubernetes.io/part-of: prometheus-node-exporter - app.kubernetes.io/version: 1.9.0 - controller-revision-hash: 668c8cbd9b - helm.sh/chart: prometheus-node-exporter-4.44.1 - jobLabel: node-exporter - pod-template-generation: "1" - release: monitoring - name: monitoring-prometheus-node-exporter-w4smp - namespace: monitoring - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: DaemonSet - name: monitoring-prometheus-node-exporter - uid: 6d528352-5dc2-4440-a370-5a7deaba08e8 - resourceVersion: "20356662" - uid: 3430d5a2-f5ec-4939-86c8-6cb3ed035431 - spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchFields: - - key: metadata.name - operator: In - values: - - server-thinkcentre-e73 - automountServiceAccountToken: false - containers: - - args: - - --path.procfs=/host/proc - - --path.sysfs=/host/sys - - --path.rootfs=/host/root - - --path.udev.data=/host/root/run/udev/data - - --web.listen-address=[$(HOST_IP)]:9100 - - --collector.filesystem.mount-points-exclude=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/.+)($|/) - - --collector.filesystem.fs-types-exclude=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$ - env: - - name: HOST_IP - value: 0.0.0.0 - image: quay.io/prometheus/node-exporter:v1.9.0 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: / - port: 9100 - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: node-exporter - ports: - - containerPort: 9100 - hostPort: 9100 - name: http-metrics - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: / - port: 9100 - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /host/proc - name: proc - readOnly: true - - mountPath: /host/sys - name: sys - readOnly: true - - mountPath: /host/root - mountPropagation: HostToContainer - name: root - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - hostNetwork: true - hostPID: true - nodeName: server-thinkcentre-e73 - nodeSelector: - kubernetes.io/os: linux - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 65534 - runAsGroup: 65534 - runAsNonRoot: true - runAsUser: 65534 - serviceAccount: monitoring-prometheus-node-exporter - serviceAccountName: monitoring-prometheus-node-exporter - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoSchedule - operator: Exists - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - - effect: NoSchedule - key: node.kubernetes.io/disk-pressure - operator: Exists - - effect: NoSchedule - key: node.kubernetes.io/memory-pressure - operator: Exists - - effect: NoSchedule - key: node.kubernetes.io/pid-pressure - operator: Exists - - effect: NoSchedule - key: node.kubernetes.io/unschedulable - operator: Exists - - effect: NoSchedule - key: node.kubernetes.io/network-unavailable - operator: Exists - volumes: - - hostPath: - path: /proc - type: "" - name: proc - - hostPath: - path: /sys - type: "" - name: sys - - hostPath: - path: / - type: "" - name: root - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:01:56Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-03-15T19:28:25Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-10-27T12:01:10Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-10-27T12:01:10Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-03-15T19:28:25Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://ffc7637c59f9589d4b27a4419e236cb6a417f68ccb15d518e75363de37a231f7 - image: quay.io/prometheus/node-exporter:v1.9.0 - imageID: quay.io/prometheus/node-exporter@sha256:c99d7ee4d12a38661788f60d9eca493f08584e2e544bbd3b3fca64749f86b848 - lastState: - terminated: - containerID: containerd://df37269a9109c51b2ff5b69e0a123736cb6a190307affb63865f6de1e5e48f65 - exitCode: 143 - finishedAt: "2025-10-27T11:56:02Z" - reason: Error - startedAt: "2025-10-27T11:55:32Z" - name: node-exporter - ready: true - restartCount: 183 - started: true - state: - running: - startedAt: "2025-10-27T12:01:09Z" - volumeMounts: - - mountPath: /host/proc - name: proc - readOnly: true - recursiveReadOnly: Disabled - - mountPath: /host/sys - name: sys - readOnly: true - recursiveReadOnly: Disabled - - mountPath: /host/root - name: root - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 192.168.31.54 - podIPs: - - ip: 192.168.31.54 - qosClass: BestEffort - startTime: "2025-03-15T19:28:25Z" -- apiVersion: v1 - kind: Pod - metadata: - annotations: - kubectl.kubernetes.io/default-container: prometheus - creationTimestamp: "2025-03-15T19:28:36Z" - generateName: prometheus-monitoring-kube-prometheus-prometheus- - labels: - app.kubernetes.io/instance: monitoring-kube-prometheus-prometheus - app.kubernetes.io/managed-by: prometheus-operator - app.kubernetes.io/name: prometheus - app.kubernetes.io/version: 3.2.1 - apps.kubernetes.io/pod-index: "0" - controller-revision-hash: prometheus-monitoring-kube-prometheus-prometheus-86dddb5558 - operator.prometheus.io/name: monitoring-kube-prometheus-prometheus - operator.prometheus.io/shard: "0" - prometheus: monitoring-kube-prometheus-prometheus - statefulset.kubernetes.io/pod-name: prometheus-monitoring-kube-prometheus-prometheus-0 - name: prometheus-monitoring-kube-prometheus-prometheus-0 - namespace: monitoring - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: StatefulSet - name: prometheus-monitoring-kube-prometheus-prometheus - uid: 9bffc56e-9f40-49e1-82af-16217933206f - resourceVersion: "20356567" - uid: 244b32a1-dfd3-460c-81e6-626c045ff8ac - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: - - prometheus - - key: prometheus - operator: In - values: - - monitoring-kube-prometheus-prometheus - topologyKey: kubernetes.io/hostname - weight: 100 - automountServiceAccountToken: true - containers: - - args: - - --web.console.templates=/etc/prometheus/consoles - - --web.console.libraries=/etc/prometheus/console_libraries - - --config.file=/etc/prometheus/config_out/prometheus.env.yaml - - --web.enable-lifecycle - - --web.external-url=http://monitoring-kube-prometheus-prometheus.monitoring:9090 - - --web.route-prefix=/ - - --storage.tsdb.retention.time=10d - - --storage.tsdb.path=/prometheus - - --storage.tsdb.wal-compression - - --web.config.file=/etc/prometheus/web_config/web-config.yaml - image: quay.io/prometheus/prometheus:v3.2.1 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 6 - httpGet: - path: /-/healthy - port: http-web - scheme: HTTP - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 3 - name: prometheus - ports: - - containerPort: 9090 - name: http-web - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /-/ready - port: http-web - scheme: HTTP - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 3 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - startupProbe: - failureThreshold: 60 - httpGet: - path: /-/ready - port: http-web - scheme: HTTP - periodSeconds: 15 - successThreshold: 1 - timeoutSeconds: 3 - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: FallbackToLogsOnError - volumeMounts: - - mountPath: /etc/prometheus/config_out - name: config-out - readOnly: true - - mountPath: /etc/prometheus/certs - name: tls-assets - readOnly: true - - mountPath: /prometheus - name: prometheus-monitoring-kube-prometheus-prometheus-db - - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - - mountPath: /etc/prometheus/web_config/web-config.yaml - name: web-config - readOnly: true - subPath: web-config.yaml - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-p86t2 - readOnly: true - - args: - - --listen-address=:8080 - - --reload-url=http://127.0.0.1:9090/-/reload - - --config-file=/etc/prometheus/config/prometheus.yaml.gz - - --config-envsubst-file=/etc/prometheus/config_out/prometheus.env.yaml - - --watched-dir=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - command: - - /bin/prometheus-config-reloader - env: - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: SHARD - value: "0" - image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 - imagePullPolicy: IfNotPresent - name: config-reloader - ports: - - containerPort: 8080 - name: reloader-web - protocol: TCP - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: FallbackToLogsOnError - volumeMounts: - - mountPath: /etc/prometheus/config - name: config - - mountPath: /etc/prometheus/config_out - name: config-out - - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-p86t2 - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - hostname: prometheus-monitoring-kube-prometheus-prometheus-0 - initContainers: - - args: - - --watch-interval=0 - - --listen-address=:8081 - - --config-file=/etc/prometheus/config/prometheus.yaml.gz - - --config-envsubst-file=/etc/prometheus/config_out/prometheus.env.yaml - - --watched-dir=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - command: - - /bin/prometheus-config-reloader - env: - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: SHARD - value: "0" - image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 - imagePullPolicy: IfNotPresent - name: init-config-reloader - ports: - - containerPort: 8081 - name: reloader-web - protocol: TCP - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: FallbackToLogsOnError - volumeMounts: - - mountPath: /etc/prometheus/config - name: config - - mountPath: /etc/prometheus/config_out - name: config-out - - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-p86t2 - readOnly: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 2000 - runAsGroup: 2000 - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - serviceAccount: monitoring-kube-prometheus-prometheus - serviceAccountName: monitoring-kube-prometheus-prometheus - shareProcessNamespace: false - subdomain: prometheus-operated - terminationGracePeriodSeconds: 600 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: config - secret: - defaultMode: 420 - secretName: prometheus-monitoring-kube-prometheus-prometheus - - name: tls-assets - projected: - defaultMode: 420 - sources: - - secret: - name: prometheus-monitoring-kube-prometheus-prometheus-tls-assets-0 - - emptyDir: - medium: Memory - name: config-out - - configMap: - defaultMode: 420 - name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - - name: web-config - secret: - defaultMode: 420 - secretName: prometheus-monitoring-kube-prometheus-prometheus-web-config - - emptyDir: {} - name: prometheus-monitoring-kube-prometheus-prometheus-db - - name: kube-api-access-p86t2 - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:01Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-03-15T19:28:55Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:14Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:14Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-03-15T19:28:36Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://24aea25929f7c6290589bb75e0387eef32927bc3ea1e9e8f6225a31cd95cd7b2 - image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 - imageID: quay.io/prometheus-operator/prometheus-config-reloader@sha256:959d47672fbff2776a04ec62b8afcec89e8c036af84dc5fade50019dab212746 - lastState: - terminated: - containerID: containerd://504a46448a2af4d2106361c74ebfd8f831e63d873c86a16a0468e0bf62077207 - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - message: | - ts=2025-08-12T14:09:40.326926499Z level=info caller=/workspace/cmd/prometheus-config-reloader/main.go:148 msg="Starting prometheus-config-reloader" version="(version=0.81.0, branch=, revision=240b303)" build_context="(go=go1.23.7, platform=linux/amd64, user=, date=20250311-14:56:57, tags=unknown)" - ts=2025-08-12T14:09:40.327286946Z level=info caller=/workspace/internal/goruntime/cpu.go:27 msg="Leaving GOMAXPROCS=4: CPU quota undefined" - level=info ts=2025-08-12T14:09:40.328570882Z caller=reloader.go:282 msg="reloading via HTTP" - ts=2025-08-12T14:09:40.328652702Z level=info caller=/workspace/cmd/prometheus-config-reloader/main.go:202 msg="Starting web server for metrics" listen=:8080 - ts=2025-08-12T14:09:40.3298177Z level=info caller=/go/pkg/mod/github.com/prometheus/exporter-toolkit@v0.13.2/web/tls_config.go:347 msg="Listening on" address=[::]:8080 - ts=2025-08-12T14:09:40.330054287Z level=info caller=/go/pkg/mod/github.com/prometheus/exporter-toolkit@v0.13.2/web/tls_config.go:350 msg="TLS is disabled." http2=false address=[::]:8080 - level=error ts=2025-08-12T14:09:40.34388543Z caller=runutil.go:117 msg="function failed. Retrying in next tick" err="trigger reload: reload request failed: Post \"http://127.0.0.1:9090/-/reload\": dial tcp 127.0.0.1:9090: connect: connection refused" - level=info ts=2025-08-12T14:09:46.048560099Z caller=reloader.go:548 msg="Reload triggered" cfg_in=/etc/prometheus/config/prometheus.yaml.gz cfg_out=/etc/prometheus/config_out/prometheus.env.yaml cfg_dirs= watched_dirs=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - level=info ts=2025-08-12T14:09:46.048728407Z caller=reloader.go:330 msg="started watching config file and directories for changes" cfg=/etc/prometheus/config/prometheus.yaml.gz cfgDirs= out=/etc/prometheus/config_out/prometheus.env.yaml dirs=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - reason: Unknown - startedAt: "2025-08-12T14:09:40Z" - name: config-reloader - ready: true - restartCount: 24 - started: true - state: - running: - startedAt: "2025-08-24T01:02:01Z" - volumeMounts: - - mountPath: /etc/prometheus/config - name: config - - mountPath: /etc/prometheus/config_out - name: config-out - - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-p86t2 - readOnly: true - recursiveReadOnly: Disabled - - containerID: containerd://991a9e0bcc2885f002c804acefa68ca621df144dd04e6a234ec13dc7ed6fbf55 - image: quay.io/prometheus/prometheus:v3.2.1 - imageID: quay.io/prometheus/prometheus@sha256:6927e0919a144aa7616fd0137d4816816d42f6b816de3af269ab065250859a62 - lastState: - terminated: - containerID: containerd://f8573fee09d77135fcd33a274ee7eb08f71b79309d5e07e6b83e3ea13769a807 - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - message: | - lector.go:243: failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/monitoring/endpoints?resourceVersion=12273178\": dial tcp 10.96.0.1:443: i/o timeout" component=k8s_client_runtime - time=2025-08-13T13:21:17.143Z level=ERROR source=reflector.go:158 msg="Unhandled Error" component=k8s_client_runtime logger=UnhandledError err="pkg/mod/k8s.io/client-go@v0.31.3/tools/cache/reflector.go:243: Failed to watch *v1.Endpoints: failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/monitoring/endpoints?resourceVersion=12273178\": dial tcp 10.96.0.1:443: i/o timeout" - time=2025-08-13T13:21:17.342Z level=INFO source=reflector.go:561 msg="pkg/mod/k8s.io/client-go@v0.31.3/tools/cache/reflector.go:243: failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/monitoring/endpoints?resourceVersion=12273169\": dial tcp 10.96.0.1:443: i/o timeout" component=k8s_client_runtime - time=2025-08-13T13:21:17.343Z level=ERROR source=reflector.go:158 msg="Unhandled Error" component=k8s_client_runtime logger=UnhandledError err="pkg/mod/k8s.io/client-go@v0.31.3/tools/cache/reflector.go:243: Failed to watch *v1.Endpoints: failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/monitoring/endpoints?resourceVersion=12273169\": dial tcp 10.96.0.1:443: i/o timeout" - time=2025-08-13T13:21:17.964Z level=INFO source=reflector.go:561 msg="pkg/mod/k8s.io/client-go@v0.31.3/tools/cache/reflector.go:243: failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/default/endpoints?resourceVersion=12273115\": dial tcp 10.96.0.1:443: i/o timeout" component=k8s_client_runtime - time=2025-08-13T13:21:17.964Z level=ERROR source=reflector.go:158 msg="Unhandled Error" component=k8s_client_runtime logger=UnhandledError err="pkg/mod/k8s.io/client-go@v0.31.3/tools/cache/reflector.go:243: Failed to watch *v1.Endpoints: failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/default/endpoints?resourceVersion=12273115\": dial tcp 10.96.0.1:443: i/o timeout" - reason: Unknown - startedAt: "2025-08-12T14:09:39Z" - name: prometheus - ready: true - restartCount: 26 - started: true - state: - running: - startedAt: "2025-08-24T01:02:01Z" - volumeMounts: - - mountPath: /etc/prometheus/config_out - name: config-out - readOnly: true - recursiveReadOnly: Disabled - - mountPath: /etc/prometheus/certs - name: tls-assets - readOnly: true - recursiveReadOnly: Disabled - - mountPath: /prometheus - name: prometheus-monitoring-kube-prometheus-prometheus-db - - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - - mountPath: /etc/prometheus/web_config/web-config.yaml - name: web-config - readOnly: true - recursiveReadOnly: Disabled - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-p86t2 - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - initContainerStatuses: - - containerID: containerd://ede82a260dbcf83eac9b9d89275858a311a22f59e3be952b0d1afc94252648fe - image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 - imageID: quay.io/prometheus-operator/prometheus-config-reloader@sha256:959d47672fbff2776a04ec62b8afcec89e8c036af84dc5fade50019dab212746 - lastState: {} - name: init-config-reloader - ready: true - restartCount: 0 - started: false - state: - terminated: - containerID: containerd://ede82a260dbcf83eac9b9d89275858a311a22f59e3be952b0d1afc94252648fe - exitCode: 0 - finishedAt: "2025-08-24T01:02:00Z" - reason: Completed - startedAt: "2025-08-24T01:02:00Z" - volumeMounts: - - mountPath: /etc/prometheus/config - name: config - - mountPath: /etc/prometheus/config_out - name: config-out - - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-p86t2 - readOnly: true - recursiveReadOnly: Disabled - phase: Running - podIP: 10.244.0.33 - podIPs: - - ip: 10.244.0.33 - qosClass: BestEffort - startTime: "2025-03-15T19:28:36Z" -- apiVersion: v1 - kind: Service - metadata: - creationTimestamp: "2025-03-15T19:28:35Z" - labels: - managed-by: prometheus-operator - operated-alertmanager: "true" - name: alertmanager-operated - namespace: monitoring - ownerReferences: - - apiVersion: monitoring.coreos.com/v1 - kind: Alertmanager - name: monitoring-kube-prometheus-alertmanager - uid: 88a51b90-294a-485f-84ca-ec2b1b03eab6 - resourceVersion: "44301" - uid: 03bc5664-262c-4b79-a1ba-09470f9d347b - spec: - clusterIP: None - clusterIPs: - - None - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: http-web - port: 9093 - protocol: TCP - targetPort: http-web - - name: tcp-mesh - port: 9094 - protocol: TCP - targetPort: 9094 - - name: udp-mesh - port: 9094 - protocol: UDP - targetPort: 9094 - publishNotReadyAddresses: true - selector: - app.kubernetes.io/name: alertmanager - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: monitoring - meta.helm.sh/release-namespace: monitoring - creationTimestamp: "2025-03-15T19:28:25Z" - labels: - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: grafana - app.kubernetes.io/version: 11.5.2 - helm.sh/chart: grafana-8.10.3 - name: monitoring-grafana - namespace: monitoring - resourceVersion: "44520" - uid: 72825402-9c40-486e-a498-35a9cdd122c9 - spec: - clusterIP: 10.105.0.57 - clusterIPs: - - 10.105.0.57 - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: http-web - nodePort: 30129 - port: 80 - protocol: TCP - targetPort: 3000 - selector: - app.kubernetes.io/instance: monitoring - app.kubernetes.io/name: grafana - sessionAffinity: None - type: NodePort - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: monitoring - meta.helm.sh/release-namespace: monitoring - creationTimestamp: "2025-03-15T19:28:25Z" - labels: - app: kube-prometheus-stack-alertmanager - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: kube-prometheus-stack - app.kubernetes.io/version: 70.0.0 - chart: kube-prometheus-stack-70.0.0 - heritage: Helm - release: monitoring - self-monitor: "true" - name: monitoring-kube-prometheus-alertmanager - namespace: monitoring - resourceVersion: "44096" - uid: 2742b08b-5099-48a2-8994-863db4da6d65 - spec: - clusterIP: 10.99.143.97 - clusterIPs: - - 10.99.143.97 - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: http-web - port: 9093 - protocol: TCP - targetPort: 9093 - - appProtocol: http - name: reloader-web - port: 8080 - protocol: TCP - targetPort: reloader-web - selector: - alertmanager: monitoring-kube-prometheus-alertmanager - app.kubernetes.io/name: alertmanager - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: monitoring - meta.helm.sh/release-namespace: monitoring - creationTimestamp: "2025-03-15T19:28:25Z" - labels: - app: kube-prometheus-stack-operator - app.kubernetes.io/component: prometheus-operator - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator - app.kubernetes.io/part-of: kube-prometheus-stack - app.kubernetes.io/version: 70.0.0 - chart: kube-prometheus-stack-70.0.0 - heritage: Helm - release: monitoring - name: monitoring-kube-prometheus-operator - namespace: monitoring - resourceVersion: "44076" - uid: 79de3aaa-68a9-4b77-88cb-cc9604bc442d - spec: - clusterIP: 10.96.8.233 - clusterIPs: - - 10.96.8.233 - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: https - port: 443 - protocol: TCP - targetPort: https - selector: - app: kube-prometheus-stack-operator - release: monitoring - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: monitoring - meta.helm.sh/release-namespace: monitoring - creationTimestamp: "2025-03-15T19:28:25Z" - labels: - app: kube-prometheus-stack-prometheus - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: kube-prometheus-stack - app.kubernetes.io/version: 70.0.0 - chart: kube-prometheus-stack-70.0.0 - heritage: Helm - release: monitoring - self-monitor: "true" - name: monitoring-kube-prometheus-prometheus - namespace: monitoring - resourceVersion: "44074" - uid: a37d3d3d-36a8-4789-ace8-cbc883b7a77d - spec: - clusterIP: 10.100.57.9 - clusterIPs: - - 10.100.57.9 - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: http-web - port: 9090 - protocol: TCP - targetPort: 9090 - - appProtocol: http - name: reloader-web - port: 8080 - protocol: TCP - targetPort: reloader-web - selector: - app.kubernetes.io/name: prometheus - operator.prometheus.io/name: monitoring-kube-prometheus-prometheus - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: monitoring - meta.helm.sh/release-namespace: monitoring - creationTimestamp: "2025-03-15T19:28:25Z" - labels: - app.kubernetes.io/component: metrics - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: kube-state-metrics - app.kubernetes.io/part-of: kube-state-metrics - app.kubernetes.io/version: 2.15.0 - helm.sh/chart: kube-state-metrics-5.30.1 - release: monitoring - name: monitoring-kube-state-metrics - namespace: monitoring - resourceVersion: "44104" - uid: 92f36d87-29da-42d0-afba-dc64950f1b4c - spec: - clusterIP: 10.108.92.173 - clusterIPs: - - 10.108.92.173 - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: http - port: 8080 - protocol: TCP - targetPort: 8080 - selector: - app.kubernetes.io/instance: monitoring - app.kubernetes.io/name: kube-state-metrics - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: monitoring - meta.helm.sh/release-namespace: monitoring - prometheus.io/scrape: "true" - creationTimestamp: "2025-03-15T19:28:25Z" - labels: - app.kubernetes.io/component: metrics - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: prometheus-node-exporter - app.kubernetes.io/part-of: prometheus-node-exporter - app.kubernetes.io/version: 1.9.0 - helm.sh/chart: prometheus-node-exporter-4.44.1 - jobLabel: node-exporter - release: monitoring - name: monitoring-prometheus-node-exporter - namespace: monitoring - resourceVersion: "44100" - uid: 28555baf-eb07-43b6-a015-1c30c9442515 - spec: - clusterIP: 10.105.167.78 - clusterIPs: - - 10.105.167.78 - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: http-metrics - port: 9100 - protocol: TCP - targetPort: 9100 - selector: - app.kubernetes.io/instance: monitoring - app.kubernetes.io/name: prometheus-node-exporter - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - creationTimestamp: "2025-03-15T19:28:36Z" - labels: - managed-by: prometheus-operator - operated-prometheus: "true" - name: prometheus-operated - namespace: monitoring - ownerReferences: - - apiVersion: monitoring.coreos.com/v1 - kind: Prometheus - name: monitoring-kube-prometheus-prometheus - uid: 733d54a5-4541-46bc-82be-1c8b1b5925f4 - resourceVersion: "44330" - uid: 78275757-3538-44df-b51a-2af3b3fb9a16 - spec: - clusterIP: None - clusterIPs: - - None - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: http-web - port: 9090 - protocol: TCP - targetPort: http-web - selector: - app.kubernetes.io/name: prometheus - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: apps/v1 - kind: DaemonSet - metadata: - annotations: - deprecated.daemonset.template.generation: "1" - meta.helm.sh/release-name: monitoring - meta.helm.sh/release-namespace: monitoring - creationTimestamp: "2025-03-15T19:28:25Z" - generation: 1 - labels: - app.kubernetes.io/component: metrics - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: prometheus-node-exporter - app.kubernetes.io/part-of: prometheus-node-exporter - app.kubernetes.io/version: 1.9.0 - helm.sh/chart: prometheus-node-exporter-4.44.1 - release: monitoring - name: monitoring-prometheus-node-exporter - namespace: monitoring - resourceVersion: "20356664" - uid: 6d528352-5dc2-4440-a370-5a7deaba08e8 - spec: - revisionHistoryLimit: 10 - selector: - matchLabels: - app.kubernetes.io/instance: monitoring - app.kubernetes.io/name: prometheus-node-exporter - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - creationTimestamp: null - labels: - app.kubernetes.io/component: metrics - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: prometheus-node-exporter - app.kubernetes.io/part-of: prometheus-node-exporter - app.kubernetes.io/version: 1.9.0 - helm.sh/chart: prometheus-node-exporter-4.44.1 - jobLabel: node-exporter - release: monitoring - spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: eks.amazonaws.com/compute-type - operator: NotIn - values: - - fargate - - key: type - operator: NotIn - values: - - virtual-kubelet - automountServiceAccountToken: false - containers: - - args: - - --path.procfs=/host/proc - - --path.sysfs=/host/sys - - --path.rootfs=/host/root - - --path.udev.data=/host/root/run/udev/data - - --web.listen-address=[$(HOST_IP)]:9100 - - --collector.filesystem.mount-points-exclude=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/.+)($|/) - - --collector.filesystem.fs-types-exclude=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$ - env: - - name: HOST_IP - value: 0.0.0.0 - image: quay.io/prometheus/node-exporter:v1.9.0 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: / - port: 9100 - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: node-exporter - ports: - - containerPort: 9100 - name: http-metrics - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: / - port: 9100 - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /host/proc - name: proc - readOnly: true - - mountPath: /host/sys - name: sys - readOnly: true - - mountPath: /host/root - mountPropagation: HostToContainer - name: root - readOnly: true - dnsPolicy: ClusterFirst - hostNetwork: true - hostPID: true - nodeSelector: - kubernetes.io/os: linux - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 65534 - runAsGroup: 65534 - runAsNonRoot: true - runAsUser: 65534 - serviceAccount: monitoring-prometheus-node-exporter - serviceAccountName: monitoring-prometheus-node-exporter - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoSchedule - operator: Exists - volumes: - - hostPath: - path: /proc - type: "" - name: proc - - hostPath: - path: /sys - type: "" - name: sys - - hostPath: - path: / - type: "" - name: root - updateStrategy: - rollingUpdate: - maxSurge: 0 - maxUnavailable: 1 - type: RollingUpdate - status: - currentNumberScheduled: 1 - desiredNumberScheduled: 1 - numberAvailable: 1 - numberMisscheduled: 0 - numberReady: 1 - observedGeneration: 1 - updatedNumberScheduled: 1 -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "1" - meta.helm.sh/release-name: monitoring - meta.helm.sh/release-namespace: monitoring - creationTimestamp: "2025-03-15T19:28:25Z" - generation: 1 - labels: - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: grafana - app.kubernetes.io/version: 11.5.2 - helm.sh/chart: grafana-8.10.3 - name: monitoring-grafana - namespace: monitoring - resourceVersion: "12273753" - uid: fc6bfa03-c1bf-465a-8b0f-cc59840d4ee9 - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app.kubernetes.io/instance: monitoring - app.kubernetes.io/name: grafana - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - annotations: - checksum/config: 0e9cbd0ea8e24e32f7dfca5bab17a2ba05652642f0a09a4882833ae88e4cc4a3 - checksum/sc-dashboard-provider-config: e70bf6a851099d385178a76de9757bb0bef8299da6d8443602590e44f05fdf24 - checksum/secret: 032056e9c62bbe9d1daa41ee49cd3d9524c076f51ca4c65adadf4ef08ef28712 - kubectl.kubernetes.io/default-container: grafana - creationTimestamp: null - labels: - app.kubernetes.io/instance: monitoring - app.kubernetes.io/name: grafana - app.kubernetes.io/version: 11.5.2 - helm.sh/chart: grafana-8.10.3 - spec: - automountServiceAccountToken: true - containers: - - env: - - name: METHOD - value: WATCH - - name: LABEL - value: grafana_dashboard - - name: LABEL_VALUE - value: "1" - - name: FOLDER - value: /tmp/dashboards - - name: RESOURCE - value: both - - name: NAMESPACE - value: ALL - - name: REQ_USERNAME - valueFrom: - secretKeyRef: - key: admin-user - name: monitoring-grafana - - name: REQ_PASSWORD - valueFrom: - secretKeyRef: - key: admin-password - name: monitoring-grafana - - name: REQ_URL - value: http://localhost:3000/api/admin/provisioning/dashboards/reload - - name: REQ_METHOD - value: POST - image: quay.io/kiwigrid/k8s-sidecar:1.30.0 - imagePullPolicy: IfNotPresent - name: grafana-sc-dashboard - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /tmp/dashboards - name: sc-dashboard-volume - - env: - - name: METHOD - value: WATCH - - name: LABEL - value: grafana_datasource - - name: LABEL_VALUE - value: "1" - - name: FOLDER - value: /etc/grafana/provisioning/datasources - - name: RESOURCE - value: both - - name: REQ_USERNAME - valueFrom: - secretKeyRef: - key: admin-user - name: monitoring-grafana - - name: REQ_PASSWORD - valueFrom: - secretKeyRef: - key: admin-password - name: monitoring-grafana - - name: REQ_URL - value: http://localhost:3000/api/admin/provisioning/datasources/reload - - name: REQ_METHOD - value: POST - image: quay.io/kiwigrid/k8s-sidecar:1.30.0 - imagePullPolicy: IfNotPresent - name: grafana-sc-datasources - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /etc/grafana/provisioning/datasources - name: sc-datasources-volume - - env: - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: GF_SECURITY_ADMIN_USER - valueFrom: - secretKeyRef: - key: admin-user - name: monitoring-grafana - - name: GF_SECURITY_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: admin-password - name: monitoring-grafana - - name: GF_PATHS_DATA - value: /var/lib/grafana/ - - name: GF_PATHS_LOGS - value: /var/log/grafana - - name: GF_PATHS_PLUGINS - value: /var/lib/grafana/plugins - - name: GF_PATHS_PROVISIONING - value: /etc/grafana/provisioning - image: docker.io/grafana/grafana:11.5.2 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 10 - httpGet: - path: /api/health - port: 3000 - scheme: HTTP - initialDelaySeconds: 60 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 30 - name: grafana - ports: - - containerPort: 3000 - name: grafana - protocol: TCP - - containerPort: 9094 - name: gossip-tcp - protocol: TCP - - containerPort: 9094 - name: gossip-udp - protocol: UDP - - containerPort: 6060 - name: profiling - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /api/health - port: 3000 - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /etc/grafana/grafana.ini - name: config - subPath: grafana.ini - - mountPath: /var/lib/grafana - name: storage - - mountPath: /tmp/dashboards - name: sc-dashboard-volume - - mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml - name: sc-dashboard-provider - subPath: provider.yaml - - mountPath: /etc/grafana/provisioning/datasources - name: sc-datasources-volume - dnsPolicy: ClusterFirst - enableServiceLinks: true - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 472 - runAsGroup: 472 - runAsNonRoot: true - runAsUser: 472 - serviceAccount: monitoring-grafana - serviceAccountName: monitoring-grafana - shareProcessNamespace: false - terminationGracePeriodSeconds: 30 - volumes: - - configMap: - defaultMode: 420 - name: monitoring-grafana - name: config - - emptyDir: {} - name: storage - - emptyDir: {} - name: sc-dashboard-volume - - configMap: - defaultMode: 420 - name: monitoring-grafana-config-dashboards - name: sc-dashboard-provider - - emptyDir: {} - name: sc-datasources-volume - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-03-15T19:28:25Z" - lastUpdateTime: "2025-03-15T19:28:57Z" - message: ReplicaSet "monitoring-grafana-57bd7cc44f" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - - lastTransitionTime: "2025-08-24T01:02:15Z" - lastUpdateTime: "2025-08-24T01:02:15Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "1" - meta.helm.sh/release-name: monitoring - meta.helm.sh/release-namespace: monitoring - creationTimestamp: "2025-03-15T19:28:25Z" - generation: 1 - labels: - app: kube-prometheus-stack-operator - app.kubernetes.io/component: prometheus-operator - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator - app.kubernetes.io/part-of: kube-prometheus-stack - app.kubernetes.io/version: 70.0.0 - chart: kube-prometheus-stack-70.0.0 - heritage: Helm - release: monitoring - name: monitoring-kube-prometheus-operator - namespace: monitoring - resourceVersion: "9486996" - uid: 4158076c-b017-4c71-ac3a-f0be9fa7137a - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app: kube-prometheus-stack-operator - release: monitoring - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - creationTimestamp: null - labels: - app: kube-prometheus-stack-operator - app.kubernetes.io/component: prometheus-operator - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator - app.kubernetes.io/part-of: kube-prometheus-stack - app.kubernetes.io/version: 70.0.0 - chart: kube-prometheus-stack-70.0.0 - heritage: Helm - release: monitoring - spec: - automountServiceAccountToken: true - containers: - - args: - - --kubelet-service=kube-system/monitoring-kube-prometheus-kubelet - - --kubelet-endpoints=true - - --kubelet-endpointslice=false - - --localhost=127.0.0.1 - - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 - - --config-reloader-cpu-request=0 - - --config-reloader-cpu-limit=0 - - --config-reloader-memory-request=0 - - --config-reloader-memory-limit=0 - - --thanos-default-base-image=quay.io/thanos/thanos:v0.37.2 - - --secret-field-selector=type!=kubernetes.io/dockercfg,type!=kubernetes.io/service-account-token,type!=helm.sh/release.v1 - - --web.enable-tls=true - - --web.cert-file=/cert/cert - - --web.key-file=/cert/key - - --web.listen-address=:10250 - - --web.tls-min-version=VersionTLS13 - env: - - name: GOGC - value: "30" - image: quay.io/prometheus-operator/prometheus-operator:v0.81.0 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: https - scheme: HTTPS - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: kube-prometheus-stack - ports: - - containerPort: 10250 - name: https - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: https - scheme: HTTPS - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /cert - name: tls-secret - readOnly: true - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 65534 - runAsGroup: 65534 - runAsNonRoot: true - runAsUser: 65534 - seccompProfile: - type: RuntimeDefault - serviceAccount: monitoring-kube-prometheus-operator - serviceAccountName: monitoring-kube-prometheus-operator - terminationGracePeriodSeconds: 30 - volumes: - - name: tls-secret - secret: - defaultMode: 420 - secretName: monitoring-kube-prometheus-admission - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-03-15T19:28:25Z" - lastUpdateTime: "2025-03-15T19:28:36Z" - message: ReplicaSet "monitoring-kube-prometheus-operator-55f4b4d949" has successfully - progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - - lastTransitionTime: "2025-07-21T02:46:22Z" - lastUpdateTime: "2025-07-21T02:46:22Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "1" - meta.helm.sh/release-name: monitoring - meta.helm.sh/release-namespace: monitoring - creationTimestamp: "2025-03-15T19:28:25Z" - generation: 1 - labels: - app.kubernetes.io/component: metrics - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: kube-state-metrics - app.kubernetes.io/part-of: kube-state-metrics - app.kubernetes.io/version: 2.15.0 - helm.sh/chart: kube-state-metrics-5.30.1 - release: monitoring - name: monitoring-kube-state-metrics - namespace: monitoring - resourceVersion: "20356831" - uid: e30931b2-603e-45aa-8921-36bde6c62412 - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app.kubernetes.io/instance: monitoring - app.kubernetes.io/name: kube-state-metrics - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - creationTimestamp: null - labels: - app.kubernetes.io/component: metrics - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: kube-state-metrics - app.kubernetes.io/part-of: kube-state-metrics - app.kubernetes.io/version: 2.15.0 - helm.sh/chart: kube-state-metrics-5.30.1 - release: monitoring - spec: - automountServiceAccountToken: true - containers: - - args: - - --port=8080 - - --resources=certificatesigningrequests,configmaps,cronjobs,daemonsets,deployments,endpoints,horizontalpodautoscalers,ingresses,jobs,leases,limitranges,mutatingwebhookconfigurations,namespaces,networkpolicies,nodes,persistentvolumeclaims,persistentvolumes,poddisruptionbudgets,pods,replicasets,replicationcontrollers,resourcequotas,secrets,services,statefulsets,storageclasses,validatingwebhookconfigurations,volumeattachments - image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.15.0 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: /livez - port: 8080 - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: kube-state-metrics - ports: - - containerPort: 8080 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /readyz - port: 8081 - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 65534 - runAsGroup: 65534 - runAsNonRoot: true - runAsUser: 65534 - seccompProfile: - type: RuntimeDefault - serviceAccount: monitoring-kube-state-metrics - serviceAccountName: monitoring-kube-state-metrics - terminationGracePeriodSeconds: 30 - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-03-15T19:28:25Z" - lastUpdateTime: "2025-03-15T19:28:41Z" - message: ReplicaSet "monitoring-kube-state-metrics-6d79fb6b66" has successfully - progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - - lastTransitionTime: "2025-10-27T12:02:33Z" - lastUpdateTime: "2025-10-27T12:02:33Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "1" - meta.helm.sh/release-name: monitoring - meta.helm.sh/release-namespace: monitoring - creationTimestamp: "2025-03-15T19:28:25Z" - generation: 1 - labels: - app.kubernetes.io/instance: monitoring - app.kubernetes.io/name: grafana - app.kubernetes.io/version: 11.5.2 - helm.sh/chart: grafana-8.10.3 - pod-template-hash: 57bd7cc44f - name: monitoring-grafana-57bd7cc44f - namespace: monitoring - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: monitoring-grafana - uid: fc6bfa03-c1bf-465a-8b0f-cc59840d4ee9 - resourceVersion: "12273752" - uid: 5d7b2e80-dcf0-4ec8-adeb-b494fa3b5e68 - spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/instance: monitoring - app.kubernetes.io/name: grafana - pod-template-hash: 57bd7cc44f - template: - metadata: - annotations: - checksum/config: 0e9cbd0ea8e24e32f7dfca5bab17a2ba05652642f0a09a4882833ae88e4cc4a3 - checksum/sc-dashboard-provider-config: e70bf6a851099d385178a76de9757bb0bef8299da6d8443602590e44f05fdf24 - checksum/secret: 032056e9c62bbe9d1daa41ee49cd3d9524c076f51ca4c65adadf4ef08ef28712 - kubectl.kubernetes.io/default-container: grafana - creationTimestamp: null - labels: - app.kubernetes.io/instance: monitoring - app.kubernetes.io/name: grafana - app.kubernetes.io/version: 11.5.2 - helm.sh/chart: grafana-8.10.3 - pod-template-hash: 57bd7cc44f - spec: - automountServiceAccountToken: true - containers: - - env: - - name: METHOD - value: WATCH - - name: LABEL - value: grafana_dashboard - - name: LABEL_VALUE - value: "1" - - name: FOLDER - value: /tmp/dashboards - - name: RESOURCE - value: both - - name: NAMESPACE - value: ALL - - name: REQ_USERNAME - valueFrom: - secretKeyRef: - key: admin-user - name: monitoring-grafana - - name: REQ_PASSWORD - valueFrom: - secretKeyRef: - key: admin-password - name: monitoring-grafana - - name: REQ_URL - value: http://localhost:3000/api/admin/provisioning/dashboards/reload - - name: REQ_METHOD - value: POST - image: quay.io/kiwigrid/k8s-sidecar:1.30.0 - imagePullPolicy: IfNotPresent - name: grafana-sc-dashboard - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /tmp/dashboards - name: sc-dashboard-volume - - env: - - name: METHOD - value: WATCH - - name: LABEL - value: grafana_datasource - - name: LABEL_VALUE - value: "1" - - name: FOLDER - value: /etc/grafana/provisioning/datasources - - name: RESOURCE - value: both - - name: REQ_USERNAME - valueFrom: - secretKeyRef: - key: admin-user - name: monitoring-grafana - - name: REQ_PASSWORD - valueFrom: - secretKeyRef: - key: admin-password - name: monitoring-grafana - - name: REQ_URL - value: http://localhost:3000/api/admin/provisioning/datasources/reload - - name: REQ_METHOD - value: POST - image: quay.io/kiwigrid/k8s-sidecar:1.30.0 - imagePullPolicy: IfNotPresent - name: grafana-sc-datasources - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /etc/grafana/provisioning/datasources - name: sc-datasources-volume - - env: - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: GF_SECURITY_ADMIN_USER - valueFrom: - secretKeyRef: - key: admin-user - name: monitoring-grafana - - name: GF_SECURITY_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: admin-password - name: monitoring-grafana - - name: GF_PATHS_DATA - value: /var/lib/grafana/ - - name: GF_PATHS_LOGS - value: /var/log/grafana - - name: GF_PATHS_PLUGINS - value: /var/lib/grafana/plugins - - name: GF_PATHS_PROVISIONING - value: /etc/grafana/provisioning - image: docker.io/grafana/grafana:11.5.2 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 10 - httpGet: - path: /api/health - port: 3000 - scheme: HTTP - initialDelaySeconds: 60 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 30 - name: grafana - ports: - - containerPort: 3000 - name: grafana - protocol: TCP - - containerPort: 9094 - name: gossip-tcp - protocol: TCP - - containerPort: 9094 - name: gossip-udp - protocol: UDP - - containerPort: 6060 - name: profiling - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /api/health - port: 3000 - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /etc/grafana/grafana.ini - name: config - subPath: grafana.ini - - mountPath: /var/lib/grafana - name: storage - - mountPath: /tmp/dashboards - name: sc-dashboard-volume - - mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml - name: sc-dashboard-provider - subPath: provider.yaml - - mountPath: /etc/grafana/provisioning/datasources - name: sc-datasources-volume - dnsPolicy: ClusterFirst - enableServiceLinks: true - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 472 - runAsGroup: 472 - runAsNonRoot: true - runAsUser: 472 - serviceAccount: monitoring-grafana - serviceAccountName: monitoring-grafana - shareProcessNamespace: false - terminationGracePeriodSeconds: 30 - volumes: - - configMap: - defaultMode: 420 - name: monitoring-grafana - name: config - - emptyDir: {} - name: storage - - emptyDir: {} - name: sc-dashboard-volume - - configMap: - defaultMode: 420 - name: monitoring-grafana-config-dashboards - name: sc-dashboard-provider - - emptyDir: {} - name: sc-datasources-volume - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "1" - meta.helm.sh/release-name: monitoring - meta.helm.sh/release-namespace: monitoring - creationTimestamp: "2025-03-15T19:28:25Z" - generation: 1 - labels: - app: kube-prometheus-stack-operator - app.kubernetes.io/component: prometheus-operator - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator - app.kubernetes.io/part-of: kube-prometheus-stack - app.kubernetes.io/version: 70.0.0 - chart: kube-prometheus-stack-70.0.0 - heritage: Helm - pod-template-hash: 55f4b4d949 - release: monitoring - name: monitoring-kube-prometheus-operator-55f4b4d949 - namespace: monitoring - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: monitoring-kube-prometheus-operator - uid: 4158076c-b017-4c71-ac3a-f0be9fa7137a - resourceVersion: "9486994" - uid: 6018d8a7-1d56-4811-80e1-042743fa271b - spec: - replicas: 1 - selector: - matchLabels: - app: kube-prometheus-stack-operator - pod-template-hash: 55f4b4d949 - release: monitoring - template: - metadata: - creationTimestamp: null - labels: - app: kube-prometheus-stack-operator - app.kubernetes.io/component: prometheus-operator - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator - app.kubernetes.io/part-of: kube-prometheus-stack - app.kubernetes.io/version: 70.0.0 - chart: kube-prometheus-stack-70.0.0 - heritage: Helm - pod-template-hash: 55f4b4d949 - release: monitoring - spec: - automountServiceAccountToken: true - containers: - - args: - - --kubelet-service=kube-system/monitoring-kube-prometheus-kubelet - - --kubelet-endpoints=true - - --kubelet-endpointslice=false - - --localhost=127.0.0.1 - - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 - - --config-reloader-cpu-request=0 - - --config-reloader-cpu-limit=0 - - --config-reloader-memory-request=0 - - --config-reloader-memory-limit=0 - - --thanos-default-base-image=quay.io/thanos/thanos:v0.37.2 - - --secret-field-selector=type!=kubernetes.io/dockercfg,type!=kubernetes.io/service-account-token,type!=helm.sh/release.v1 - - --web.enable-tls=true - - --web.cert-file=/cert/cert - - --web.key-file=/cert/key - - --web.listen-address=:10250 - - --web.tls-min-version=VersionTLS13 - env: - - name: GOGC - value: "30" - image: quay.io/prometheus-operator/prometheus-operator:v0.81.0 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: https - scheme: HTTPS - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: kube-prometheus-stack - ports: - - containerPort: 10250 - name: https - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: https - scheme: HTTPS - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /cert - name: tls-secret - readOnly: true - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 65534 - runAsGroup: 65534 - runAsNonRoot: true - runAsUser: 65534 - seccompProfile: - type: RuntimeDefault - serviceAccount: monitoring-kube-prometheus-operator - serviceAccountName: monitoring-kube-prometheus-operator - terminationGracePeriodSeconds: 30 - volumes: - - name: tls-secret - secret: - defaultMode: 420 - secretName: monitoring-kube-prometheus-admission - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "1" - meta.helm.sh/release-name: monitoring - meta.helm.sh/release-namespace: monitoring - creationTimestamp: "2025-03-15T19:28:25Z" - generation: 1 - labels: - app.kubernetes.io/component: metrics - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: kube-state-metrics - app.kubernetes.io/part-of: kube-state-metrics - app.kubernetes.io/version: 2.15.0 - helm.sh/chart: kube-state-metrics-5.30.1 - pod-template-hash: 6d79fb6b66 - release: monitoring - name: monitoring-kube-state-metrics-6d79fb6b66 - namespace: monitoring - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: monitoring-kube-state-metrics - uid: e30931b2-603e-45aa-8921-36bde6c62412 - resourceVersion: "20356830" - uid: d4a6f708-59c4-4a58-9fec-f0bbfde4a93b - spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/instance: monitoring - app.kubernetes.io/name: kube-state-metrics - pod-template-hash: 6d79fb6b66 - template: - metadata: - creationTimestamp: null - labels: - app.kubernetes.io/component: metrics - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: kube-state-metrics - app.kubernetes.io/part-of: kube-state-metrics - app.kubernetes.io/version: 2.15.0 - helm.sh/chart: kube-state-metrics-5.30.1 - pod-template-hash: 6d79fb6b66 - release: monitoring - spec: - automountServiceAccountToken: true - containers: - - args: - - --port=8080 - - --resources=certificatesigningrequests,configmaps,cronjobs,daemonsets,deployments,endpoints,horizontalpodautoscalers,ingresses,jobs,leases,limitranges,mutatingwebhookconfigurations,namespaces,networkpolicies,nodes,persistentvolumeclaims,persistentvolumes,poddisruptionbudgets,pods,replicasets,replicationcontrollers,resourcequotas,secrets,services,statefulsets,storageclasses,validatingwebhookconfigurations,volumeattachments - image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.15.0 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - path: /livez - port: 8080 - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: kube-state-metrics - ports: - - containerPort: 8080 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /readyz - port: 8081 - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 65534 - runAsGroup: 65534 - runAsNonRoot: true - runAsUser: 65534 - seccompProfile: - type: RuntimeDefault - serviceAccount: monitoring-kube-state-metrics - serviceAccountName: monitoring-kube-state-metrics - terminationGracePeriodSeconds: 30 - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 -- apiVersion: apps/v1 - kind: StatefulSet - metadata: - annotations: - meta.helm.sh/release-name: monitoring - meta.helm.sh/release-namespace: monitoring - prometheus-operator-input-hash: "1548357065563043061" - creationTimestamp: "2025-03-15T19:28:35Z" - generation: 1 - labels: - app: kube-prometheus-stack-alertmanager - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: kube-prometheus-stack - app.kubernetes.io/version: 70.0.0 - chart: kube-prometheus-stack-70.0.0 - heritage: Helm - managed-by: prometheus-operator - release: monitoring - name: alertmanager-monitoring-kube-prometheus-alertmanager - namespace: monitoring - ownerReferences: - - apiVersion: monitoring.coreos.com/v1 - blockOwnerDeletion: true - controller: true - kind: Alertmanager - name: monitoring-kube-prometheus-alertmanager - uid: 88a51b90-294a-485f-84ca-ec2b1b03eab6 - resourceVersion: "12143681" - uid: d1ac5b0a-c1d8-442f-b938-c8387c484893 - spec: - persistentVolumeClaimRetentionPolicy: - whenDeleted: Retain - whenScaled: Retain - podManagementPolicy: Parallel - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: + - apiVersion: v1 + kind: Pod + metadata: + annotations: + kubectl.kubernetes.io/default-container: alertmanager + creationTimestamp: '2025-03-15T19:28:35Z' + generateName: alertmanager-monitoring-kube-prometheus-alertmanager- + labels: alertmanager: monitoring-kube-prometheus-alertmanager app.kubernetes.io/instance: monitoring-kube-prometheus-alertmanager app.kubernetes.io/managed-by: prometheus-operator app.kubernetes.io/name: alertmanager - serviceName: alertmanager-operated - template: - metadata: - annotations: - kubectl.kubernetes.io/default-container: alertmanager - creationTimestamp: null - labels: - alertmanager: monitoring-kube-prometheus-alertmanager - app.kubernetes.io/instance: monitoring-kube-prometheus-alertmanager - app.kubernetes.io/managed-by: prometheus-operator - app.kubernetes.io/name: alertmanager - app.kubernetes.io/version: 0.28.1 - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: + app.kubernetes.io/version: 0.28.1 + apps.kubernetes.io/pod-index: '0' + controller-revision-hash: alertmanager-monitoring-kube-prometheus-alertmanager-6b749c8658 + statefulset.kubernetes.io/pod-name: alertmanager-monitoring-kube-prometheus-alertmanager-0 + name: alertmanager-monitoring-kube-prometheus-alertmanager-0 + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: StatefulSet + name: alertmanager-monitoring-kube-prometheus-alertmanager + uid: d1ac5b0a-c1d8-442f-b938-c8387c484893 + resourceVersion: '20356487' + uid: 31a1e271-2244-443c-b58b-486e4d118318 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: - - alertmanager - - key: alertmanager - operator: In - values: - - monitoring-kube-prometheus-alertmanager + - key: app.kubernetes.io/name + operator: In + values: + - alertmanager + - key: alertmanager + operator: In + values: + - monitoring-kube-prometheus-alertmanager topologyKey: kubernetes.io/hostname weight: 100 - automountServiceAccountToken: true - containers: + automountServiceAccountToken: true + containers: - args: - - --config.file=/etc/alertmanager/config_out/alertmanager.env.yaml - - --storage.path=/alertmanager - - --data.retention=120h - - --cluster.listen-address= - - --web.listen-address=:9093 - - --web.external-url=http://monitoring-kube-prometheus-alertmanager.monitoring:9093 - - --web.route-prefix=/ - - --cluster.label=monitoring/monitoring-kube-prometheus-alertmanager - - --cluster.peer=alertmanager-monitoring-kube-prometheus-alertmanager-0.alertmanager-operated:9094 - - --cluster.reconnect-timeout=5m - - --web.config.file=/etc/alertmanager/web_config/web-config.yaml + - --config.file=/etc/alertmanager/config_out/alertmanager.env.yaml + - --storage.path=/alertmanager + - --data.retention=120h + - --cluster.listen-address= + - --web.listen-address=:9093 + - --web.external-url=http://monitoring-kube-prometheus-alertmanager.monitoring:9093 + - --web.route-prefix=/ + - --cluster.label=monitoring/monitoring-kube-prometheus-alertmanager + - --cluster.peer=alertmanager-monitoring-kube-prometheus-alertmanager-0.alertmanager-operated:9094 + - --cluster.reconnect-timeout=5m + - --web.config.file=/etc/alertmanager/web_config/web-config.yaml env: - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP image: quay.io/prometheus/alertmanager:v0.28.1 imagePullPolicy: IfNotPresent livenessProbe: @@ -3456,15 +77,15 @@ items: timeoutSeconds: 3 name: alertmanager ports: - - containerPort: 9093 - name: http-web - protocol: TCP - - containerPort: 9094 - name: mesh-tcp - protocol: TCP - - containerPort: 9094 - name: mesh-udp - protocol: UDP + - containerPort: 9093 + name: http-web + protocol: TCP + - containerPort: 9094 + name: mesh-tcp + protocol: TCP + - containerPort: 9094 + name: mesh-udp + protocol: UDP readinessProbe: failureThreshold: 10 httpGet: @@ -3482,129 +103,153 @@ items: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - - mountPath: /etc/alertmanager/config - name: config-volume - - mountPath: /etc/alertmanager/config_out - name: config-out - readOnly: true - - mountPath: /etc/alertmanager/certs - name: tls-assets - readOnly: true - - mountPath: /alertmanager - name: alertmanager-monitoring-kube-prometheus-alertmanager-db - - mountPath: /etc/alertmanager/web_config/web-config.yaml - name: web-config - readOnly: true - subPath: web-config.yaml - - mountPath: /etc/alertmanager/cluster_tls_config/cluster-tls-config.yaml - name: cluster-tls-config - readOnly: true - subPath: cluster-tls-config.yaml + - mountPath: /etc/alertmanager/config + name: config-volume + - mountPath: /etc/alertmanager/config_out + name: config-out + readOnly: true + - mountPath: /etc/alertmanager/certs + name: tls-assets + readOnly: true + - mountPath: /alertmanager + name: alertmanager-monitoring-kube-prometheus-alertmanager-db + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + subPath: web-config.yaml + - mountPath: /etc/alertmanager/cluster_tls_config/cluster-tls-config.yaml + name: cluster-tls-config + readOnly: true + subPath: cluster-tls-config.yaml + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-kqjt8 + readOnly: true - args: - - --listen-address=:8080 - - --web-config-file=/etc/alertmanager/web_config/web-config.yaml - - --reload-url=http://127.0.0.1:9093/-/reload - - --config-file=/etc/alertmanager/config/alertmanager.yaml.gz - - --config-envsubst-file=/etc/alertmanager/config_out/alertmanager.env.yaml - - --watched-dir=/etc/alertmanager/config + - --listen-address=:8080 + - --web-config-file=/etc/alertmanager/web_config/web-config.yaml + - --reload-url=http://127.0.0.1:9093/-/reload + - --config-file=/etc/alertmanager/config/alertmanager.yaml.gz + - --config-envsubst-file=/etc/alertmanager/config_out/alertmanager.env.yaml + - --watched-dir=/etc/alertmanager/config command: - - /bin/prometheus-config-reloader + - /bin/prometheus-config-reloader env: - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: SHARD - value: "-1" + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: SHARD + value: '-1' image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 imagePullPolicy: IfNotPresent name: config-reloader ports: - - containerPort: 8080 - name: reloader-web - protocol: TCP + - containerPort: 8080 + name: reloader-web + protocol: TCP resources: {} securityContext: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - - mountPath: /etc/alertmanager/config - name: config-volume - readOnly: true - - mountPath: /etc/alertmanager/config_out - name: config-out - - mountPath: /etc/alertmanager/web_config/web-config.yaml - name: web-config - readOnly: true - subPath: web-config.yaml - dnsPolicy: ClusterFirst - initContainers: + - mountPath: /etc/alertmanager/config + name: config-volume + readOnly: true + - mountPath: /etc/alertmanager/config_out + name: config-out + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + subPath: web-config.yaml + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-kqjt8 + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + hostname: alertmanager-monitoring-kube-prometheus-alertmanager-0 + initContainers: - args: - - --watch-interval=0 - - --listen-address=:8081 - - --config-file=/etc/alertmanager/config/alertmanager.yaml.gz - - --config-envsubst-file=/etc/alertmanager/config_out/alertmanager.env.yaml - - --watched-dir=/etc/alertmanager/config + - --watch-interval=0 + - --listen-address=:8081 + - --config-file=/etc/alertmanager/config/alertmanager.yaml.gz + - --config-envsubst-file=/etc/alertmanager/config_out/alertmanager.env.yaml + - --watched-dir=/etc/alertmanager/config command: - - /bin/prometheus-config-reloader + - /bin/prometheus-config-reloader env: - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: SHARD - value: "-1" + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: SHARD + value: '-1' image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 imagePullPolicy: IfNotPresent name: init-config-reloader ports: - - containerPort: 8081 - name: reloader-web - protocol: TCP + - containerPort: 8081 + name: reloader-web + protocol: TCP resources: {} securityContext: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - - mountPath: /etc/alertmanager/config - name: config-volume - readOnly: true - - mountPath: /etc/alertmanager/config_out - name: config-out - - mountPath: /etc/alertmanager/web_config/web-config.yaml - name: web-config - readOnly: true - subPath: web-config.yaml - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 2000 - runAsGroup: 2000 - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - serviceAccount: monitoring-kube-prometheus-alertmanager - serviceAccountName: monitoring-kube-prometheus-alertmanager - terminationGracePeriodSeconds: 120 - volumes: + - mountPath: /etc/alertmanager/config + name: config-volume + readOnly: true + - mountPath: /etc/alertmanager/config_out + name: config-out + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + subPath: web-config.yaml + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-kqjt8 + readOnly: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 2000 + runAsGroup: 2000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-prometheus-alertmanager + serviceAccountName: monitoring-kube-prometheus-alertmanager + subdomain: alertmanager-operated + terminationGracePeriodSeconds: 120 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: - name: config-volume secret: defaultMode: 420 @@ -3613,8 +258,8 @@ items: projected: defaultMode: 420 sources: - - secret: - name: alertmanager-monitoring-kube-prometheus-alertmanager-tls-assets-0 + - secret: + name: alertmanager-monitoring-kube-prometheus-alertmanager-tls-assets-0 - emptyDir: medium: Memory name: config-out @@ -3628,110 +273,1242 @@ items: secretName: alertmanager-monitoring-kube-prometheus-alertmanager-cluster-tls-config - emptyDir: {} name: alertmanager-monitoring-kube-prometheus-alertmanager-db - updateStrategy: - type: RollingUpdate - status: - availableReplicas: 1 - collisionCount: 0 - currentReplicas: 1 - currentRevision: alertmanager-monitoring-kube-prometheus-alertmanager-6b749c8658 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 - updateRevision: alertmanager-monitoring-kube-prometheus-alertmanager-6b749c8658 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: StatefulSet - metadata: - annotations: - meta.helm.sh/release-name: monitoring - meta.helm.sh/release-namespace: monitoring - prometheus-operator-input-hash: "13698391499502685580" - creationTimestamp: "2025-03-15T19:28:36Z" - generation: 1 - labels: - app: kube-prometheus-stack-prometheus - app.kubernetes.io/instance: monitoring - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: kube-prometheus-stack - app.kubernetes.io/version: 70.0.0 - chart: kube-prometheus-stack-70.0.0 - heritage: Helm - managed-by: prometheus-operator - operator.prometheus.io/mode: server - operator.prometheus.io/name: monitoring-kube-prometheus-prometheus - operator.prometheus.io/shard: "0" - release: monitoring - name: prometheus-monitoring-kube-prometheus-prometheus - namespace: monitoring - ownerReferences: - - apiVersion: monitoring.coreos.com/v1 - blockOwnerDeletion: true - controller: true - kind: Prometheus - name: monitoring-kube-prometheus-prometheus - uid: 733d54a5-4541-46bc-82be-1c8b1b5925f4 - resourceVersion: "12273747" - uid: 9bffc56e-9f40-49e1-82af-16217933206f - spec: - persistentVolumeClaimRetentionPolicy: - whenDeleted: Retain - whenScaled: Retain - podManagementPolicy: Parallel - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: + - name: kube-api-access-kqjt8 + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:02Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-03-15T19:28:55Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:09Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:09Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-03-15T19:28:35Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://11db9ce5b4798a81eedd59f344ec79fbd8efd907e2e80f695dc1ff4dac034c42 + image: quay.io/prometheus/alertmanager:v0.28.1 + imageID: quay.io/prometheus/alertmanager@sha256:27c475db5fb156cab31d5c18a4251ac7ed567746a2483ff264516437a39b15ba + lastState: + terminated: + containerID: containerd://9966b24da94b94e88f9c51c25dc7cf0642f9025e98b690899ac08001e31278a1 + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + message: 'time=2025-08-12T14:09:35.281Z level=INFO source=main.go:191 + msg="Starting Alertmanager" version="(version=0.28.1, branch=HEAD, + revision=b2099eaa2c9ebc25edb26517cb9c732738e93910)" + + time=2025-08-12T14:09:35.281Z level=INFO source=main.go:192 msg="Build + context" build_context="(go=go1.23.7, platform=linux/amd64, user=root@fa3ca569dfe4, + date=20250307-15:05:18, tags=netgo)" + + time=2025-08-12T14:09:35.327Z level=INFO source=coordinator.go:112 + msg="Loading configuration file" component=configuration file=/etc/alertmanager/config_out/alertmanager.env.yaml + + time=2025-08-12T14:09:35.328Z level=INFO source=coordinator.go:125 + msg="Completed loading of configuration file" component=configuration + file=/etc/alertmanager/config_out/alertmanager.env.yaml + + time=2025-08-12T14:09:35.333Z level=INFO source=tls_config.go:347 + msg="Listening on" address=[::]:9093 + + time=2025-08-12T14:09:35.333Z level=INFO source=tls_config.go:386 + msg="TLS is disabled." http2=false address=[::]:9093 + + time=2025-08-12T14:09:40.192Z level=INFO source=coordinator.go:112 + msg="Loading configuration file" component=configuration file=/etc/alertmanager/config_out/alertmanager.env.yaml + + time=2025-08-12T14:09:40.193Z level=INFO source=coordinator.go:125 + msg="Completed loading of configuration file" component=configuration + file=/etc/alertmanager/config_out/alertmanager.env.yaml + + ' + reason: Unknown + startedAt: '2025-08-12T14:09:35Z' + name: alertmanager + ready: true + restartCount: 24 + started: true + state: + running: + startedAt: '2025-08-24T01:02:02Z' + volumeMounts: + - mountPath: /etc/alertmanager/config + name: config-volume + - mountPath: /etc/alertmanager/config_out + name: config-out + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /etc/alertmanager/certs + name: tls-assets + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /alertmanager + name: alertmanager-monitoring-kube-prometheus-alertmanager-db + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /etc/alertmanager/cluster_tls_config/cluster-tls-config.yaml + name: cluster-tls-config + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-kqjt8 + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://cfc0b8b79f087e97e53ea9a6d6200173b25b29b8bbcf27f8b6c7b532fb5d9c54 + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imageID: quay.io/prometheus-operator/prometheus-config-reloader@sha256:959d47672fbff2776a04ec62b8afcec89e8c036af84dc5fade50019dab212746 + lastState: + terminated: + containerID: containerd://786140909e80409f663934796f0e0a1bc34a89a0260ac53036e0ebe7a4127b13 + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + message: 'ts=2025-08-12T14:09:35.185577512Z level=info caller=/workspace/cmd/prometheus-config-reloader/main.go:148 + msg="Starting prometheus-config-reloader" version="(version=0.81.0, + branch=, revision=240b303)" build_context="(go=go1.23.7, platform=linux/amd64, + user=, date=20250311-14:56:57, tags=unknown)" + + ts=2025-08-12T14:09:35.185911989Z level=info caller=/workspace/internal/goruntime/cpu.go:27 + msg="Leaving GOMAXPROCS=4: CPU quota undefined" + + level=info ts=2025-08-12T14:09:35.186752469Z caller=reloader.go:282 + msg="reloading via HTTP" + + ts=2025-08-12T14:09:35.190691008Z level=info caller=/workspace/cmd/prometheus-config-reloader/main.go:202 + msg="Starting web server for metrics" listen=:8080 + + ts=2025-08-12T14:09:35.19133334Z level=info caller=/go/pkg/mod/github.com/prometheus/exporter-toolkit@v0.13.2/web/tls_config.go:347 + msg="Listening on" address=[::]:8080 + + ts=2025-08-12T14:09:35.191808246Z level=info caller=/go/pkg/mod/github.com/prometheus/exporter-toolkit@v0.13.2/web/tls_config.go:386 + msg="TLS is disabled." http2=false address=[::]:8080 + + level=error ts=2025-08-12T14:09:35.192479849Z caller=runutil.go:117 + msg="function failed. Retrying in next tick" err="trigger reload: + reload request failed: Post \"http://127.0.0.1:9093/-/reload\": dial + tcp 127.0.0.1:9093: connect: connection refused" + + level=info ts=2025-08-12T14:09:40.195756728Z caller=reloader.go:548 + msg="Reload triggered" cfg_in=/etc/alertmanager/config/alertmanager.yaml.gz + cfg_out=/etc/alertmanager/config_out/alertmanager.env.yaml cfg_dirs= + watched_dirs=/etc/alertmanager/config + + level=info ts=2025-08-12T14:09:40.195991023Z caller=reloader.go:330 + msg="started watching config file and directories for changes" cfg=/etc/alertmanager/config/alertmanager.yaml.gz + cfgDirs= out=/etc/alertmanager/config_out/alertmanager.env.yaml dirs=/etc/alertmanager/config + + ' + reason: Unknown + startedAt: '2025-08-12T14:09:35Z' + name: config-reloader + ready: true + restartCount: 24 + started: true + state: + running: + startedAt: '2025-08-24T01:02:02Z' + volumeMounts: + - mountPath: /etc/alertmanager/config + name: config-volume + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /etc/alertmanager/config_out + name: config-out + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-kqjt8 + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + initContainerStatuses: + - containerID: containerd://0ed3695a0a318284424f596ed810dd70395e54378b7cc3684b5c0d2eccbcee5d + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imageID: quay.io/prometheus-operator/prometheus-config-reloader@sha256:959d47672fbff2776a04ec62b8afcec89e8c036af84dc5fade50019dab212746 + lastState: {} + name: init-config-reloader + ready: true + restartCount: 0 + started: false + state: + terminated: + containerID: containerd://0ed3695a0a318284424f596ed810dd70395e54378b7cc3684b5c0d2eccbcee5d + exitCode: 0 + finishedAt: '2025-08-24T01:02:01Z' + reason: Completed + startedAt: '2025-08-24T01:02:01Z' + volumeMounts: + - mountPath: /etc/alertmanager/config + name: config-volume + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /etc/alertmanager/config_out + name: config-out + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-kqjt8 + readOnly: true + recursiveReadOnly: Disabled + phase: Running + podIP: 10.244.0.35 + podIPs: + - ip: 10.244.0.35 + qosClass: Burstable + startTime: '2025-03-15T19:28:35Z' + - apiVersion: v1 + kind: Pod + metadata: + annotations: + checksum/config: 0e9cbd0ea8e24e32f7dfca5bab17a2ba05652642f0a09a4882833ae88e4cc4a3 + checksum/sc-dashboard-provider-config: e70bf6a851099d385178a76de9757bb0bef8299da6d8443602590e44f05fdf24 + checksum/secret: 032056e9c62bbe9d1daa41ee49cd3d9524c076f51ca4c65adadf4ef08ef28712 + kubectl.kubernetes.io/default-container: grafana + creationTimestamp: '2025-03-15T20:17:35Z' + generateName: monitoring-grafana-57bd7cc44f- + labels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: grafana + app.kubernetes.io/version: 11.5.2 + helm.sh/chart: grafana-8.10.3 + pod-template-hash: 57bd7cc44f + name: monitoring-grafana-57bd7cc44f-h9t9f + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: monitoring-grafana-57bd7cc44f + uid: 5d7b2e80-dcf0-4ec8-adeb-b494fa3b5e68 + resourceVersion: '20356481' + uid: 582d88bf-0c9b-4eba-84e9-cdc4e90d44bb + spec: + automountServiceAccountToken: true + containers: + - env: + - name: METHOD + value: WATCH + - name: LABEL + value: grafana_dashboard + - name: LABEL_VALUE + value: '1' + - name: FOLDER + value: /tmp/dashboards + - name: RESOURCE + value: both + - name: NAMESPACE + value: ALL + - name: REQ_USERNAME + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: REQ_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: REQ_URL + value: http://localhost:3000/api/admin/provisioning/dashboards/reload + - name: REQ_METHOD + value: POST + image: quay.io/kiwigrid/k8s-sidecar:1.30.0 + imagePullPolicy: IfNotPresent + name: grafana-sc-dashboard + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp/dashboards + name: sc-dashboard-volume + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-khj29 + readOnly: true + - env: + - name: METHOD + value: WATCH + - name: LABEL + value: grafana_datasource + - name: LABEL_VALUE + value: '1' + - name: FOLDER + value: /etc/grafana/provisioning/datasources + - name: RESOURCE + value: both + - name: REQ_USERNAME + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: REQ_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: REQ_URL + value: http://localhost:3000/api/admin/provisioning/datasources/reload + - name: REQ_METHOD + value: POST + image: quay.io/kiwigrid/k8s-sidecar:1.30.0 + imagePullPolicy: IfNotPresent + name: grafana-sc-datasources + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/grafana/provisioning/datasources + name: sc-datasources-volume + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-khj29 + readOnly: true + - env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: GF_SECURITY_ADMIN_USER + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: GF_SECURITY_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: GF_PATHS_DATA + value: /var/lib/grafana/ + - name: GF_PATHS_LOGS + value: /var/log/grafana + - name: GF_PATHS_PLUGINS + value: /var/lib/grafana/plugins + - name: GF_PATHS_PROVISIONING + value: /etc/grafana/provisioning + image: docker.io/grafana/grafana:11.5.2 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + httpGet: + path: /api/health + port: 3000 + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 30 + name: grafana + ports: + - containerPort: 3000 + name: grafana + protocol: TCP + - containerPort: 9094 + name: gossip-tcp + protocol: TCP + - containerPort: 9094 + name: gossip-udp + protocol: UDP + - containerPort: 6060 + name: profiling + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /api/health + port: 3000 + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/grafana/grafana.ini + name: config + subPath: grafana.ini + - mountPath: /var/lib/grafana + name: storage + - mountPath: /tmp/dashboards + name: sc-dashboard-volume + - mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml + name: sc-dashboard-provider + subPath: provider.yaml + - mountPath: /etc/grafana/provisioning/datasources + name: sc-datasources-volume + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-khj29 + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 472 + runAsGroup: 472 + runAsNonRoot: true + runAsUser: 472 + serviceAccount: monitoring-grafana + serviceAccountName: monitoring-grafana + shareProcessNamespace: false + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - configMap: + defaultMode: 420 + name: monitoring-grafana + name: config + - emptyDir: {} + name: storage + - emptyDir: {} + name: sc-dashboard-volume + - configMap: + defaultMode: 420 + name: monitoring-grafana-config-dashboards + name: sc-dashboard-provider + - emptyDir: {} + name: sc-datasources-volume + - name: kube-api-access-khj29 + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:05Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-03-15T20:17:35Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:15Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:15Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-03-15T20:17:35Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://d9f759986c23a25bf868950f905db151b59c9752575088ba22185f5250db0466 + image: docker.io/grafana/grafana:11.5.2 + imageID: docker.io/grafana/grafana@sha256:8b37a2f028f164ce7b9889e1765b9d6ee23fec80f871d156fbf436d6198d32b7 + lastState: + terminated: + containerID: containerd://ad484f6759705312c760c4db7754375b7f16628aa9b71cc4d4d90e4fa2bc3a77 + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:33Z' + name: grafana + ready: true + restartCount: 24 + started: true + state: + running: + startedAt: '2025-08-24T01:02:04Z' + volumeMounts: + - mountPath: /etc/grafana/grafana.ini + name: config + - mountPath: /var/lib/grafana + name: storage + - mountPath: /tmp/dashboards + name: sc-dashboard-volume + - mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml + name: sc-dashboard-provider + - mountPath: /etc/grafana/provisioning/datasources + name: sc-datasources-volume + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-khj29 + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://3c9aa1fa5e6ced932afe1771d5ef58eadf4f55d3832ba96b6e4d902f855850b9 + image: quay.io/kiwigrid/k8s-sidecar:1.30.0 + imageID: quay.io/kiwigrid/k8s-sidecar@sha256:9a326271c439b6f9e174f3b48ed132bbff71c00592c7dbd072ccdc334445bde2 + lastState: + terminated: + containerID: containerd://7b2dfcc88610d7b4bc54215d16c9acf1512ef91f0ecb352a9c416270e96e5d0f + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:33Z' + name: grafana-sc-dashboard + ready: true + restartCount: 24 + started: true + state: + running: + startedAt: '2025-08-24T01:02:03Z' + volumeMounts: + - mountPath: /tmp/dashboards + name: sc-dashboard-volume + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-khj29 + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://ed8944c8c2ed25b53826f9904118c8f40849f35adf80a085b55f446c9403f52c + image: quay.io/kiwigrid/k8s-sidecar:1.30.0 + imageID: quay.io/kiwigrid/k8s-sidecar@sha256:9a326271c439b6f9e174f3b48ed132bbff71c00592c7dbd072ccdc334445bde2 + lastState: + terminated: + containerID: containerd://7fd38cc69fc5b56e3801f74f4af036911e04eef8da868d881e287e1b2820c4eb + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:33Z' + name: grafana-sc-datasources + ready: true + restartCount: 24 + started: true + state: + running: + startedAt: '2025-08-24T01:02:03Z' + volumeMounts: + - mountPath: /etc/grafana/provisioning/datasources + name: sc-datasources-volume + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-khj29 + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.39 + podIPs: + - ip: 10.244.0.39 + qosClass: BestEffort + startTime: '2025-03-15T20:17:35Z' + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-03-15T19:28:25Z' + generateName: monitoring-kube-prometheus-operator-55f4b4d949- + labels: + app: kube-prometheus-stack-operator + app.kubernetes.io/component: prometheus-operator + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + pod-template-hash: 55f4b4d949 + release: monitoring + name: monitoring-kube-prometheus-operator-55f4b4d949-9xhm7 + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: monitoring-kube-prometheus-operator-55f4b4d949 + uid: 6018d8a7-1d56-4811-80e1-042743fa271b + resourceVersion: '20356570' + uid: 9e0b6bc0-4aa8-494c-90b2-c095910bc33b + spec: + automountServiceAccountToken: true + containers: + - args: + - --kubelet-service=kube-system/monitoring-kube-prometheus-kubelet + - --kubelet-endpoints=true + - --kubelet-endpointslice=false + - --localhost=127.0.0.1 + - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + - --config-reloader-cpu-request=0 + - --config-reloader-cpu-limit=0 + - --config-reloader-memory-request=0 + - --config-reloader-memory-limit=0 + - --thanos-default-base-image=quay.io/thanos/thanos:v0.37.2 + - --secret-field-selector=type!=kubernetes.io/dockercfg,type!=kubernetes.io/service-account-token,type!=helm.sh/release.v1 + - --web.enable-tls=true + - --web.cert-file=/cert/cert + - --web.key-file=/cert/key + - --web.listen-address=:10250 + - --web.tls-min-version=VersionTLS13 + env: + - name: GOGC + value: '30' + image: quay.io/prometheus-operator/prometheus-operator:v0.81.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: https + scheme: HTTPS + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: kube-prometheus-stack + ports: + - containerPort: 10250 + name: https + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: https + scheme: HTTPS + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /cert + name: tls-secret + readOnly: true + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-4zxdr + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-prometheus-operator + serviceAccountName: monitoring-kube-prometheus-operator + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: tls-secret + secret: + defaultMode: 420 + secretName: monitoring-kube-prometheus-admission + - name: kube-api-access-4zxdr + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:03Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-03-15T19:28:25Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:04Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:04Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-03-15T19:28:25Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://eb2ab2cccf0b98c082733495e3a4bcb1b85bce20ac880731ae89be3f488e945d + image: quay.io/prometheus-operator/prometheus-operator:v0.81.0 + imageID: quay.io/prometheus-operator/prometheus-operator@sha256:5f6a204b252e901b97486ff409c74f48cdbb4cf83731355b08f1155febad6822 + lastState: + terminated: + containerID: containerd://1cae6950db5136f118602297f5922b4d127864034e2b50bffd1df8f7e7f909cc + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:31Z' + name: kube-prometheus-stack + ready: true + restartCount: 47 + started: true + state: + running: + startedAt: '2025-08-24T01:02:03Z' + volumeMounts: + - mountPath: /cert + name: tls-secret + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-4zxdr + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.37 + podIPs: + - ip: 10.244.0.37 + qosClass: BestEffort + startTime: '2025-03-15T19:28:25Z' + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-03-15T19:28:25Z' + generateName: monitoring-kube-state-metrics-6d79fb6b66- + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-state-metrics + app.kubernetes.io/part-of: kube-state-metrics + app.kubernetes.io/version: 2.15.0 + helm.sh/chart: kube-state-metrics-5.30.1 + pod-template-hash: 6d79fb6b66 + release: monitoring + name: monitoring-kube-state-metrics-6d79fb6b66-8ss6p + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: monitoring-kube-state-metrics-6d79fb6b66 + uid: d4a6f708-59c4-4a58-9fec-f0bbfde4a93b + resourceVersion: '20356827' + uid: e334bfda-b179-44a3-98a9-18eedce004ee + spec: + automountServiceAccountToken: true + containers: + - args: + - --port=8080 + - --resources=certificatesigningrequests,configmaps,cronjobs,daemonsets,deployments,endpoints,horizontalpodautoscalers,ingresses,jobs,leases,limitranges,mutatingwebhookconfigurations,namespaces,networkpolicies,nodes,persistentvolumeclaims,persistentvolumes,poddisruptionbudgets,pods,replicasets,replicationcontrollers,resourcequotas,secrets,services,statefulsets,storageclasses,validatingwebhookconfigurations,volumeattachments + image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.15.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /livez + port: 8080 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: kube-state-metrics + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /readyz + port: 8081 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-nzt2m + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-state-metrics + serviceAccountName: monitoring-kube-state-metrics + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: kube-api-access-nzt2m + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:02Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-03-15T19:28:25Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-10-27T12:02:33Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-10-27T12:02:33Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-03-15T19:28:25Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://f5bd7ed2ad9ab66b7d1af9603476a2175229c4a495fb0f2e194fde4efc7f3ba7 + image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.15.0 + imageID: registry.k8s.io/kube-state-metrics/kube-state-metrics@sha256:db384bf43222b066c378e77027a675d4cd9911107adba46c2922b3a55e10d6fb + lastState: + terminated: + containerID: containerd://bfdc847811e3f392b2e261e76783ab1a37501a92937610d6c42b7bfd4ed15896 + exitCode: 1 + finishedAt: '2025-10-27T11:57:13Z' + reason: Error + startedAt: '2025-10-27T11:57:13Z' + name: kube-state-metrics + ready: true + restartCount: 136 + started: true + state: + running: + startedAt: '2025-10-27T12:02:21Z' + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-nzt2m + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.34 + podIPs: + - ip: 10.244.0.34 + qosClass: BestEffort + startTime: '2025-03-15T19:28:25Z' + - apiVersion: v1 + kind: Pod + metadata: + annotations: + cluster-autoscaler.kubernetes.io/safe-to-evict: 'true' + creationTimestamp: '2025-03-15T19:28:25Z' + generateName: monitoring-prometheus-node-exporter- + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: prometheus-node-exporter + app.kubernetes.io/part-of: prometheus-node-exporter + app.kubernetes.io/version: 1.9.0 + controller-revision-hash: 668c8cbd9b + helm.sh/chart: prometheus-node-exporter-4.44.1 + jobLabel: node-exporter + pod-template-generation: '1' + release: monitoring + name: monitoring-prometheus-node-exporter-w4smp + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: DaemonSet + name: monitoring-prometheus-node-exporter + uid: 6d528352-5dc2-4440-a370-5a7deaba08e8 + resourceVersion: '20356662' + uid: 3430d5a2-f5ec-4939-86c8-6cb3ed035431 + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchFields: + - key: metadata.name + operator: In + values: + - server-thinkcentre-e73 + automountServiceAccountToken: false + containers: + - args: + - --path.procfs=/host/proc + - --path.sysfs=/host/sys + - --path.rootfs=/host/root + - --path.udev.data=/host/root/run/udev/data + - --web.listen-address=[$(HOST_IP)]:9100 + - --collector.filesystem.mount-points-exclude=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/.+)($|/) + - --collector.filesystem.fs-types-exclude=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$ + env: + - name: HOST_IP + value: 0.0.0.0 + image: quay.io/prometheus/node-exporter:v1.9.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: 9100 + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: node-exporter + ports: + - containerPort: 9100 + hostPort: 9100 + name: http-metrics + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: 9100 + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /host/proc + name: proc + readOnly: true + - mountPath: /host/sys + name: sys + readOnly: true + - mountPath: /host/root + mountPropagation: HostToContainer + name: root + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + hostNetwork: true + hostPID: true + nodeName: server-thinkcentre-e73 + nodeSelector: + kubernetes.io/os: linux + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + serviceAccount: monitoring-prometheus-node-exporter + serviceAccountName: monitoring-prometheus-node-exporter + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoSchedule + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + - effect: NoSchedule + key: node.kubernetes.io/disk-pressure + operator: Exists + - effect: NoSchedule + key: node.kubernetes.io/memory-pressure + operator: Exists + - effect: NoSchedule + key: node.kubernetes.io/pid-pressure + operator: Exists + - effect: NoSchedule + key: node.kubernetes.io/unschedulable + operator: Exists + - effect: NoSchedule + key: node.kubernetes.io/network-unavailable + operator: Exists + volumes: + - hostPath: + path: /proc + type: '' + name: proc + - hostPath: + path: /sys + type: '' + name: sys + - hostPath: + path: / + type: '' + name: root + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:01:56Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-03-15T19:28:25Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-10-27T12:01:10Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-10-27T12:01:10Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-03-15T19:28:25Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://ffc7637c59f9589d4b27a4419e236cb6a417f68ccb15d518e75363de37a231f7 + image: quay.io/prometheus/node-exporter:v1.9.0 + imageID: quay.io/prometheus/node-exporter@sha256:c99d7ee4d12a38661788f60d9eca493f08584e2e544bbd3b3fca64749f86b848 + lastState: + terminated: + containerID: containerd://df37269a9109c51b2ff5b69e0a123736cb6a190307affb63865f6de1e5e48f65 + exitCode: 143 + finishedAt: '2025-10-27T11:56:02Z' + reason: Error + startedAt: '2025-10-27T11:55:32Z' + name: node-exporter + ready: true + restartCount: 183 + started: true + state: + running: + startedAt: '2025-10-27T12:01:09Z' + volumeMounts: + - mountPath: /host/proc + name: proc + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /host/sys + name: sys + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /host/root + name: root + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 192.168.31.54 + podIPs: + - ip: 192.168.31.54 + qosClass: BestEffort + startTime: '2025-03-15T19:28:25Z' + - apiVersion: v1 + kind: Pod + metadata: + annotations: + kubectl.kubernetes.io/default-container: prometheus + creationTimestamp: '2025-03-15T19:28:36Z' + generateName: prometheus-monitoring-kube-prometheus-prometheus- + labels: app.kubernetes.io/instance: monitoring-kube-prometheus-prometheus app.kubernetes.io/managed-by: prometheus-operator app.kubernetes.io/name: prometheus + app.kubernetes.io/version: 3.2.1 + apps.kubernetes.io/pod-index: '0' + controller-revision-hash: prometheus-monitoring-kube-prometheus-prometheus-86dddb5558 operator.prometheus.io/name: monitoring-kube-prometheus-prometheus - operator.prometheus.io/shard: "0" + operator.prometheus.io/shard: '0' prometheus: monitoring-kube-prometheus-prometheus - serviceName: prometheus-operated - template: - metadata: - annotations: - kubectl.kubernetes.io/default-container: prometheus - creationTimestamp: null - labels: - app.kubernetes.io/instance: monitoring-kube-prometheus-prometheus - app.kubernetes.io/managed-by: prometheus-operator - app.kubernetes.io/name: prometheus - app.kubernetes.io/version: 3.2.1 - operator.prometheus.io/name: monitoring-kube-prometheus-prometheus - operator.prometheus.io/shard: "0" - prometheus: monitoring-kube-prometheus-prometheus - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: + statefulset.kubernetes.io/pod-name: prometheus-monitoring-kube-prometheus-prometheus-0 + name: prometheus-monitoring-kube-prometheus-prometheus-0 + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: StatefulSet + name: prometheus-monitoring-kube-prometheus-prometheus + uid: 9bffc56e-9f40-49e1-82af-16217933206f + resourceVersion: '20356567' + uid: 244b32a1-dfd3-460c-81e6-626c045ff8ac + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: - - prometheus - - key: prometheus - operator: In - values: - - monitoring-kube-prometheus-prometheus + - key: app.kubernetes.io/name + operator: In + values: + - prometheus + - key: prometheus + operator: In + values: + - monitoring-kube-prometheus-prometheus topologyKey: kubernetes.io/hostname weight: 100 - automountServiceAccountToken: true - containers: + automountServiceAccountToken: true + containers: - args: - - --web.console.templates=/etc/prometheus/consoles - - --web.console.libraries=/etc/prometheus/console_libraries - - --config.file=/etc/prometheus/config_out/prometheus.env.yaml - - --web.enable-lifecycle - - --web.external-url=http://monitoring-kube-prometheus-prometheus.monitoring:9090 - - --web.route-prefix=/ - - --storage.tsdb.retention.time=10d - - --storage.tsdb.path=/prometheus - - --storage.tsdb.wal-compression - - --web.config.file=/etc/prometheus/web_config/web-config.yaml + - --web.console.templates=/etc/prometheus/consoles + - --web.console.libraries=/etc/prometheus/console_libraries + - --config.file=/etc/prometheus/config_out/prometheus.env.yaml + - --web.enable-lifecycle + - --web.external-url=http://monitoring-kube-prometheus-prometheus.monitoring:9090 + - --web.route-prefix=/ + - --storage.tsdb.retention.time=10d + - --storage.tsdb.path=/prometheus + - --storage.tsdb.wal-compression + - --web.config.file=/etc/prometheus/web_config/web-config.yaml image: quay.io/prometheus/prometheus:v3.2.1 imagePullPolicy: IfNotPresent livenessProbe: @@ -3745,9 +1522,9 @@ items: timeoutSeconds: 3 name: prometheus ports: - - containerPort: 9090 - name: http-web - protocol: TCP + - containerPort: 9090 + name: http-web + protocol: TCP readinessProbe: failureThreshold: 3 httpGet: @@ -3762,7 +1539,7 @@ items: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true startupProbe: failureThreshold: 60 @@ -3776,114 +1553,138 @@ items: terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - - mountPath: /etc/prometheus/config_out - name: config-out - readOnly: true - - mountPath: /etc/prometheus/certs - name: tls-assets - readOnly: true - - mountPath: /prometheus - name: prometheus-monitoring-kube-prometheus-prometheus-db - - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - - mountPath: /etc/prometheus/web_config/web-config.yaml - name: web-config - readOnly: true - subPath: web-config.yaml + - mountPath: /etc/prometheus/config_out + name: config-out + readOnly: true + - mountPath: /etc/prometheus/certs + name: tls-assets + readOnly: true + - mountPath: /prometheus + name: prometheus-monitoring-kube-prometheus-prometheus-db + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - mountPath: /etc/prometheus/web_config/web-config.yaml + name: web-config + readOnly: true + subPath: web-config.yaml + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-p86t2 + readOnly: true - args: - - --listen-address=:8080 - - --reload-url=http://127.0.0.1:9090/-/reload - - --config-file=/etc/prometheus/config/prometheus.yaml.gz - - --config-envsubst-file=/etc/prometheus/config_out/prometheus.env.yaml - - --watched-dir=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - --listen-address=:8080 + - --reload-url=http://127.0.0.1:9090/-/reload + - --config-file=/etc/prometheus/config/prometheus.yaml.gz + - --config-envsubst-file=/etc/prometheus/config_out/prometheus.env.yaml + - --watched-dir=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 command: - - /bin/prometheus-config-reloader + - /bin/prometheus-config-reloader env: - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: SHARD - value: "0" + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: SHARD + value: '0' image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 imagePullPolicy: IfNotPresent name: config-reloader ports: - - containerPort: 8080 - name: reloader-web - protocol: TCP + - containerPort: 8080 + name: reloader-web + protocol: TCP resources: {} securityContext: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - - mountPath: /etc/prometheus/config - name: config - - mountPath: /etc/prometheus/config_out - name: config-out - - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - dnsPolicy: ClusterFirst - initContainers: + - mountPath: /etc/prometheus/config + name: config + - mountPath: /etc/prometheus/config_out + name: config-out + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-p86t2 + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + hostname: prometheus-monitoring-kube-prometheus-prometheus-0 + initContainers: - args: - - --watch-interval=0 - - --listen-address=:8081 - - --config-file=/etc/prometheus/config/prometheus.yaml.gz - - --config-envsubst-file=/etc/prometheus/config_out/prometheus.env.yaml - - --watched-dir=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - --watch-interval=0 + - --listen-address=:8081 + - --config-file=/etc/prometheus/config/prometheus.yaml.gz + - --config-envsubst-file=/etc/prometheus/config_out/prometheus.env.yaml + - --watched-dir=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 command: - - /bin/prometheus-config-reloader + - /bin/prometheus-config-reloader env: - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: SHARD - value: "0" + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: SHARD + value: '0' image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 imagePullPolicy: IfNotPresent name: init-config-reloader ports: - - containerPort: 8081 - name: reloader-web - protocol: TCP + - containerPort: 8081 + name: reloader-web + protocol: TCP resources: {} securityContext: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - - mountPath: /etc/prometheus/config - name: config - - mountPath: /etc/prometheus/config_out - name: config-out - - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 2000 - runAsGroup: 2000 - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - serviceAccount: monitoring-kube-prometheus-prometheus - serviceAccountName: monitoring-kube-prometheus-prometheus - shareProcessNamespace: false - terminationGracePeriodSeconds: 600 - volumes: + - mountPath: /etc/prometheus/config + name: config + - mountPath: /etc/prometheus/config_out + name: config-out + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-p86t2 + readOnly: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 2000 + runAsGroup: 2000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-prometheus-prometheus + serviceAccountName: monitoring-kube-prometheus-prometheus + shareProcessNamespace: false + subdomain: prometheus-operated + terminationGracePeriodSeconds: 600 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: - name: config secret: defaultMode: 420 @@ -3892,8 +1693,8 @@ items: projected: defaultMode: 420 sources: - - secret: - name: prometheus-monitoring-kube-prometheus-prometheus-tls-assets-0 + - secret: + name: prometheus-monitoring-kube-prometheus-prometheus-tls-assets-0 - emptyDir: medium: Memory name: config-out @@ -3907,18 +1708,2308 @@ items: secretName: prometheus-monitoring-kube-prometheus-prometheus-web-config - emptyDir: {} name: prometheus-monitoring-kube-prometheus-prometheus-db - updateStrategy: - type: RollingUpdate - status: - availableReplicas: 1 - collisionCount: 0 - currentReplicas: 1 - currentRevision: prometheus-monitoring-kube-prometheus-prometheus-86dddb5558 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 - updateRevision: prometheus-monitoring-kube-prometheus-prometheus-86dddb5558 - updatedReplicas: 1 + - name: kube-api-access-p86t2 + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:01Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-03-15T19:28:55Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:14Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:14Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-03-15T19:28:36Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://24aea25929f7c6290589bb75e0387eef32927bc3ea1e9e8f6225a31cd95cd7b2 + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imageID: quay.io/prometheus-operator/prometheus-config-reloader@sha256:959d47672fbff2776a04ec62b8afcec89e8c036af84dc5fade50019dab212746 + lastState: + terminated: + containerID: containerd://504a46448a2af4d2106361c74ebfd8f831e63d873c86a16a0468e0bf62077207 + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + message: 'ts=2025-08-12T14:09:40.326926499Z level=info caller=/workspace/cmd/prometheus-config-reloader/main.go:148 + msg="Starting prometheus-config-reloader" version="(version=0.81.0, + branch=, revision=240b303)" build_context="(go=go1.23.7, platform=linux/amd64, + user=, date=20250311-14:56:57, tags=unknown)" + + ts=2025-08-12T14:09:40.327286946Z level=info caller=/workspace/internal/goruntime/cpu.go:27 + msg="Leaving GOMAXPROCS=4: CPU quota undefined" + + level=info ts=2025-08-12T14:09:40.328570882Z caller=reloader.go:282 + msg="reloading via HTTP" + + ts=2025-08-12T14:09:40.328652702Z level=info caller=/workspace/cmd/prometheus-config-reloader/main.go:202 + msg="Starting web server for metrics" listen=:8080 + + ts=2025-08-12T14:09:40.3298177Z level=info caller=/go/pkg/mod/github.com/prometheus/exporter-toolkit@v0.13.2/web/tls_config.go:347 + msg="Listening on" address=[::]:8080 + + ts=2025-08-12T14:09:40.330054287Z level=info caller=/go/pkg/mod/github.com/prometheus/exporter-toolkit@v0.13.2/web/tls_config.go:350 + msg="TLS is disabled." http2=false address=[::]:8080 + + level=error ts=2025-08-12T14:09:40.34388543Z caller=runutil.go:117 + msg="function failed. Retrying in next tick" err="trigger reload: + reload request failed: Post \"http://127.0.0.1:9090/-/reload\": dial + tcp 127.0.0.1:9090: connect: connection refused" + + level=info ts=2025-08-12T14:09:46.048560099Z caller=reloader.go:548 + msg="Reload triggered" cfg_in=/etc/prometheus/config/prometheus.yaml.gz + cfg_out=/etc/prometheus/config_out/prometheus.env.yaml cfg_dirs= watched_dirs=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + + level=info ts=2025-08-12T14:09:46.048728407Z caller=reloader.go:330 + msg="started watching config file and directories for changes" cfg=/etc/prometheus/config/prometheus.yaml.gz + cfgDirs= out=/etc/prometheus/config_out/prometheus.env.yaml dirs=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + + ' + reason: Unknown + startedAt: '2025-08-12T14:09:40Z' + name: config-reloader + ready: true + restartCount: 24 + started: true + state: + running: + startedAt: '2025-08-24T01:02:01Z' + volumeMounts: + - mountPath: /etc/prometheus/config + name: config + - mountPath: /etc/prometheus/config_out + name: config-out + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-p86t2 + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://991a9e0bcc2885f002c804acefa68ca621df144dd04e6a234ec13dc7ed6fbf55 + image: quay.io/prometheus/prometheus:v3.2.1 + imageID: quay.io/prometheus/prometheus@sha256:6927e0919a144aa7616fd0137d4816816d42f6b816de3af269ab065250859a62 + lastState: + terminated: + containerID: containerd://f8573fee09d77135fcd33a274ee7eb08f71b79309d5e07e6b83e3ea13769a807 + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + message: 'lector.go:243: failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/monitoring/endpoints?resourceVersion=12273178\": + dial tcp 10.96.0.1:443: i/o timeout" component=k8s_client_runtime + + time=2025-08-13T13:21:17.143Z level=ERROR source=reflector.go:158 + msg="Unhandled Error" component=k8s_client_runtime logger=UnhandledError + err="pkg/mod/k8s.io/client-go@v0.31.3/tools/cache/reflector.go:243: + Failed to watch *v1.Endpoints: failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/monitoring/endpoints?resourceVersion=12273178\": + dial tcp 10.96.0.1:443: i/o timeout" + + time=2025-08-13T13:21:17.342Z level=INFO source=reflector.go:561 msg="pkg/mod/k8s.io/client-go@v0.31.3/tools/cache/reflector.go:243: + failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/monitoring/endpoints?resourceVersion=12273169\": + dial tcp 10.96.0.1:443: i/o timeout" component=k8s_client_runtime + + time=2025-08-13T13:21:17.343Z level=ERROR source=reflector.go:158 + msg="Unhandled Error" component=k8s_client_runtime logger=UnhandledError + err="pkg/mod/k8s.io/client-go@v0.31.3/tools/cache/reflector.go:243: + Failed to watch *v1.Endpoints: failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/monitoring/endpoints?resourceVersion=12273169\": + dial tcp 10.96.0.1:443: i/o timeout" + + time=2025-08-13T13:21:17.964Z level=INFO source=reflector.go:561 msg="pkg/mod/k8s.io/client-go@v0.31.3/tools/cache/reflector.go:243: + failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/default/endpoints?resourceVersion=12273115\": + dial tcp 10.96.0.1:443: i/o timeout" component=k8s_client_runtime + + time=2025-08-13T13:21:17.964Z level=ERROR source=reflector.go:158 + msg="Unhandled Error" component=k8s_client_runtime logger=UnhandledError + err="pkg/mod/k8s.io/client-go@v0.31.3/tools/cache/reflector.go:243: + Failed to watch *v1.Endpoints: failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/default/endpoints?resourceVersion=12273115\": + dial tcp 10.96.0.1:443: i/o timeout" + + ' + reason: Unknown + startedAt: '2025-08-12T14:09:39Z' + name: prometheus + ready: true + restartCount: 26 + started: true + state: + running: + startedAt: '2025-08-24T01:02:01Z' + volumeMounts: + - mountPath: /etc/prometheus/config_out + name: config-out + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /etc/prometheus/certs + name: tls-assets + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /prometheus + name: prometheus-monitoring-kube-prometheus-prometheus-db + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - mountPath: /etc/prometheus/web_config/web-config.yaml + name: web-config + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-p86t2 + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + initContainerStatuses: + - containerID: containerd://ede82a260dbcf83eac9b9d89275858a311a22f59e3be952b0d1afc94252648fe + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imageID: quay.io/prometheus-operator/prometheus-config-reloader@sha256:959d47672fbff2776a04ec62b8afcec89e8c036af84dc5fade50019dab212746 + lastState: {} + name: init-config-reloader + ready: true + restartCount: 0 + started: false + state: + terminated: + containerID: containerd://ede82a260dbcf83eac9b9d89275858a311a22f59e3be952b0d1afc94252648fe + exitCode: 0 + finishedAt: '2025-08-24T01:02:00Z' + reason: Completed + startedAt: '2025-08-24T01:02:00Z' + volumeMounts: + - mountPath: /etc/prometheus/config + name: config + - mountPath: /etc/prometheus/config_out + name: config-out + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-p86t2 + readOnly: true + recursiveReadOnly: Disabled + phase: Running + podIP: 10.244.0.33 + podIPs: + - ip: 10.244.0.33 + qosClass: BestEffort + startTime: '2025-03-15T19:28:36Z' + - apiVersion: v1 + kind: Service + metadata: + creationTimestamp: '2025-03-15T19:28:35Z' + labels: + managed-by: prometheus-operator + operated-alertmanager: 'true' + name: alertmanager-operated + namespace: monitoring + ownerReferences: + - apiVersion: monitoring.coreos.com/v1 + kind: Alertmanager + name: monitoring-kube-prometheus-alertmanager + uid: 88a51b90-294a-485f-84ca-ec2b1b03eab6 + resourceVersion: '44301' + uid: 03bc5664-262c-4b79-a1ba-09470f9d347b + spec: + clusterIP: None + clusterIPs: + - None + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http-web + port: 9093 + protocol: TCP + targetPort: http-web + - name: tcp-mesh + port: 9094 + protocol: TCP + targetPort: 9094 + - name: udp-mesh + port: 9094 + protocol: UDP + targetPort: 9094 + publishNotReadyAddresses: true + selector: + app.kubernetes.io/name: alertmanager + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: '2025-03-15T19:28:25Z' + labels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: grafana + app.kubernetes.io/version: 11.5.2 + helm.sh/chart: grafana-8.10.3 + name: monitoring-grafana + namespace: monitoring + resourceVersion: '44520' + uid: 72825402-9c40-486e-a498-35a9cdd122c9 + spec: + clusterIP: 10.105.0.57 + clusterIPs: + - 10.105.0.57 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http-web + nodePort: 30129 + port: 80 + protocol: TCP + targetPort: 3000 + selector: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: grafana + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: '2025-03-15T19:28:25Z' + labels: + app: kube-prometheus-stack-alertmanager + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + release: monitoring + self-monitor: 'true' + name: monitoring-kube-prometheus-alertmanager + namespace: monitoring + resourceVersion: '44096' + uid: 2742b08b-5099-48a2-8994-863db4da6d65 + spec: + clusterIP: 10.99.143.97 + clusterIPs: + - 10.99.143.97 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http-web + port: 9093 + protocol: TCP + targetPort: 9093 + - appProtocol: http + name: reloader-web + port: 8080 + protocol: TCP + targetPort: reloader-web + selector: + alertmanager: monitoring-kube-prometheus-alertmanager + app.kubernetes.io/name: alertmanager + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: '2025-03-15T19:28:25Z' + labels: + app: kube-prometheus-stack-operator + app.kubernetes.io/component: prometheus-operator + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + release: monitoring + name: monitoring-kube-prometheus-operator + namespace: monitoring + resourceVersion: '44076' + uid: 79de3aaa-68a9-4b77-88cb-cc9604bc442d + spec: + clusterIP: 10.96.8.233 + clusterIPs: + - 10.96.8.233 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: https + port: 443 + protocol: TCP + targetPort: https + selector: + app: kube-prometheus-stack-operator + release: monitoring + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: '2025-03-15T19:28:25Z' + labels: + app: kube-prometheus-stack-prometheus + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + release: monitoring + self-monitor: 'true' + name: monitoring-kube-prometheus-prometheus + namespace: monitoring + resourceVersion: '44074' + uid: a37d3d3d-36a8-4789-ace8-cbc883b7a77d + spec: + clusterIP: 10.100.57.9 + clusterIPs: + - 10.100.57.9 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http-web + port: 9090 + protocol: TCP + targetPort: 9090 + - appProtocol: http + name: reloader-web + port: 8080 + protocol: TCP + targetPort: reloader-web + selector: + app.kubernetes.io/name: prometheus + operator.prometheus.io/name: monitoring-kube-prometheus-prometheus + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: '2025-03-15T19:28:25Z' + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-state-metrics + app.kubernetes.io/part-of: kube-state-metrics + app.kubernetes.io/version: 2.15.0 + helm.sh/chart: kube-state-metrics-5.30.1 + release: monitoring + name: monitoring-kube-state-metrics + namespace: monitoring + resourceVersion: '44104' + uid: 92f36d87-29da-42d0-afba-dc64950f1b4c + spec: + clusterIP: 10.108.92.173 + clusterIPs: + - 10.108.92.173 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 8080 + selector: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: kube-state-metrics + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + prometheus.io/scrape: 'true' + creationTimestamp: '2025-03-15T19:28:25Z' + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: prometheus-node-exporter + app.kubernetes.io/part-of: prometheus-node-exporter + app.kubernetes.io/version: 1.9.0 + helm.sh/chart: prometheus-node-exporter-4.44.1 + jobLabel: node-exporter + release: monitoring + name: monitoring-prometheus-node-exporter + namespace: monitoring + resourceVersion: '44100' + uid: 28555baf-eb07-43b6-a015-1c30c9442515 + spec: + clusterIP: 10.105.167.78 + clusterIPs: + - 10.105.167.78 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http-metrics + port: 9100 + protocol: TCP + targetPort: 9100 + selector: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: prometheus-node-exporter + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + creationTimestamp: '2025-03-15T19:28:36Z' + labels: + managed-by: prometheus-operator + operated-prometheus: 'true' + name: prometheus-operated + namespace: monitoring + ownerReferences: + - apiVersion: monitoring.coreos.com/v1 + kind: Prometheus + name: monitoring-kube-prometheus-prometheus + uid: 733d54a5-4541-46bc-82be-1c8b1b5925f4 + resourceVersion: '44330' + uid: 78275757-3538-44df-b51a-2af3b3fb9a16 + spec: + clusterIP: None + clusterIPs: + - None + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http-web + port: 9090 + protocol: TCP + targetPort: http-web + selector: + app.kubernetes.io/name: prometheus + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: apps/v1 + kind: DaemonSet + metadata: + annotations: + deprecated.daemonset.template.generation: '1' + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: '2025-03-15T19:28:25Z' + generation: 1 + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: prometheus-node-exporter + app.kubernetes.io/part-of: prometheus-node-exporter + app.kubernetes.io/version: 1.9.0 + helm.sh/chart: prometheus-node-exporter-4.44.1 + release: monitoring + name: monitoring-prometheus-node-exporter + namespace: monitoring + resourceVersion: '20356664' + uid: 6d528352-5dc2-4440-a370-5a7deaba08e8 + spec: + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: prometheus-node-exporter + template: + metadata: + annotations: + cluster-autoscaler.kubernetes.io/safe-to-evict: 'true' + creationTimestamp: null + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: prometheus-node-exporter + app.kubernetes.io/part-of: prometheus-node-exporter + app.kubernetes.io/version: 1.9.0 + helm.sh/chart: prometheus-node-exporter-4.44.1 + jobLabel: node-exporter + release: monitoring + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: eks.amazonaws.com/compute-type + operator: NotIn + values: + - fargate + - key: type + operator: NotIn + values: + - virtual-kubelet + automountServiceAccountToken: false + containers: + - args: + - --path.procfs=/host/proc + - --path.sysfs=/host/sys + - --path.rootfs=/host/root + - --path.udev.data=/host/root/run/udev/data + - --web.listen-address=[$(HOST_IP)]:9100 + - --collector.filesystem.mount-points-exclude=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/.+)($|/) + - --collector.filesystem.fs-types-exclude=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$ + env: + - name: HOST_IP + value: 0.0.0.0 + image: quay.io/prometheus/node-exporter:v1.9.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: 9100 + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: node-exporter + ports: + - containerPort: 9100 + name: http-metrics + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: 9100 + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /host/proc + name: proc + readOnly: true + - mountPath: /host/sys + name: sys + readOnly: true + - mountPath: /host/root + mountPropagation: HostToContainer + name: root + readOnly: true + dnsPolicy: ClusterFirst + hostNetwork: true + hostPID: true + nodeSelector: + kubernetes.io/os: linux + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + serviceAccount: monitoring-prometheus-node-exporter + serviceAccountName: monitoring-prometheus-node-exporter + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoSchedule + operator: Exists + volumes: + - hostPath: + path: /proc + type: '' + name: proc + - hostPath: + path: /sys + type: '' + name: sys + - hostPath: + path: / + type: '' + name: root + updateStrategy: + rollingUpdate: + maxSurge: 0 + maxUnavailable: 1 + type: RollingUpdate + status: + currentNumberScheduled: 1 + desiredNumberScheduled: 1 + numberAvailable: 1 + numberMisscheduled: 0 + numberReady: 1 + observedGeneration: 1 + updatedNumberScheduled: 1 + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '1' + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: '2025-03-15T19:28:25Z' + generation: 1 + labels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: grafana + app.kubernetes.io/version: 11.5.2 + helm.sh/chart: grafana-8.10.3 + name: monitoring-grafana + namespace: monitoring + resourceVersion: '12273753' + uid: fc6bfa03-c1bf-465a-8b0f-cc59840d4ee9 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: grafana + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + annotations: + checksum/config: 0e9cbd0ea8e24e32f7dfca5bab17a2ba05652642f0a09a4882833ae88e4cc4a3 + checksum/sc-dashboard-provider-config: e70bf6a851099d385178a76de9757bb0bef8299da6d8443602590e44f05fdf24 + checksum/secret: 032056e9c62bbe9d1daa41ee49cd3d9524c076f51ca4c65adadf4ef08ef28712 + kubectl.kubernetes.io/default-container: grafana + creationTimestamp: null + labels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: grafana + app.kubernetes.io/version: 11.5.2 + helm.sh/chart: grafana-8.10.3 + spec: + automountServiceAccountToken: true + containers: + - env: + - name: METHOD + value: WATCH + - name: LABEL + value: grafana_dashboard + - name: LABEL_VALUE + value: '1' + - name: FOLDER + value: /tmp/dashboards + - name: RESOURCE + value: both + - name: NAMESPACE + value: ALL + - name: REQ_USERNAME + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: REQ_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: REQ_URL + value: http://localhost:3000/api/admin/provisioning/dashboards/reload + - name: REQ_METHOD + value: POST + image: quay.io/kiwigrid/k8s-sidecar:1.30.0 + imagePullPolicy: IfNotPresent + name: grafana-sc-dashboard + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp/dashboards + name: sc-dashboard-volume + - env: + - name: METHOD + value: WATCH + - name: LABEL + value: grafana_datasource + - name: LABEL_VALUE + value: '1' + - name: FOLDER + value: /etc/grafana/provisioning/datasources + - name: RESOURCE + value: both + - name: REQ_USERNAME + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: REQ_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: REQ_URL + value: http://localhost:3000/api/admin/provisioning/datasources/reload + - name: REQ_METHOD + value: POST + image: quay.io/kiwigrid/k8s-sidecar:1.30.0 + imagePullPolicy: IfNotPresent + name: grafana-sc-datasources + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/grafana/provisioning/datasources + name: sc-datasources-volume + - env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: GF_SECURITY_ADMIN_USER + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: GF_SECURITY_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: GF_PATHS_DATA + value: /var/lib/grafana/ + - name: GF_PATHS_LOGS + value: /var/log/grafana + - name: GF_PATHS_PLUGINS + value: /var/lib/grafana/plugins + - name: GF_PATHS_PROVISIONING + value: /etc/grafana/provisioning + image: docker.io/grafana/grafana:11.5.2 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + httpGet: + path: /api/health + port: 3000 + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 30 + name: grafana + ports: + - containerPort: 3000 + name: grafana + protocol: TCP + - containerPort: 9094 + name: gossip-tcp + protocol: TCP + - containerPort: 9094 + name: gossip-udp + protocol: UDP + - containerPort: 6060 + name: profiling + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /api/health + port: 3000 + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/grafana/grafana.ini + name: config + subPath: grafana.ini + - mountPath: /var/lib/grafana + name: storage + - mountPath: /tmp/dashboards + name: sc-dashboard-volume + - mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml + name: sc-dashboard-provider + subPath: provider.yaml + - mountPath: /etc/grafana/provisioning/datasources + name: sc-datasources-volume + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 472 + runAsGroup: 472 + runAsNonRoot: true + runAsUser: 472 + serviceAccount: monitoring-grafana + serviceAccountName: monitoring-grafana + shareProcessNamespace: false + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: monitoring-grafana + name: config + - emptyDir: {} + name: storage + - emptyDir: {} + name: sc-dashboard-volume + - configMap: + defaultMode: 420 + name: monitoring-grafana-config-dashboards + name: sc-dashboard-provider + - emptyDir: {} + name: sc-datasources-volume + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-03-15T19:28:25Z' + lastUpdateTime: '2025-03-15T19:28:57Z' + message: ReplicaSet "monitoring-grafana-57bd7cc44f" has successfully progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + - lastTransitionTime: '2025-08-24T01:02:15Z' + lastUpdateTime: '2025-08-24T01:02:15Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '1' + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: '2025-03-15T19:28:25Z' + generation: 1 + labels: + app: kube-prometheus-stack-operator + app.kubernetes.io/component: prometheus-operator + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + release: monitoring + name: monitoring-kube-prometheus-operator + namespace: monitoring + resourceVersion: '9486996' + uid: 4158076c-b017-4c71-ac3a-f0be9fa7137a + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: kube-prometheus-stack-operator + release: monitoring + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: kube-prometheus-stack-operator + app.kubernetes.io/component: prometheus-operator + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + release: monitoring + spec: + automountServiceAccountToken: true + containers: + - args: + - --kubelet-service=kube-system/monitoring-kube-prometheus-kubelet + - --kubelet-endpoints=true + - --kubelet-endpointslice=false + - --localhost=127.0.0.1 + - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + - --config-reloader-cpu-request=0 + - --config-reloader-cpu-limit=0 + - --config-reloader-memory-request=0 + - --config-reloader-memory-limit=0 + - --thanos-default-base-image=quay.io/thanos/thanos:v0.37.2 + - --secret-field-selector=type!=kubernetes.io/dockercfg,type!=kubernetes.io/service-account-token,type!=helm.sh/release.v1 + - --web.enable-tls=true + - --web.cert-file=/cert/cert + - --web.key-file=/cert/key + - --web.listen-address=:10250 + - --web.tls-min-version=VersionTLS13 + env: + - name: GOGC + value: '30' + image: quay.io/prometheus-operator/prometheus-operator:v0.81.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: https + scheme: HTTPS + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: kube-prometheus-stack + ports: + - containerPort: 10250 + name: https + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: https + scheme: HTTPS + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /cert + name: tls-secret + readOnly: true + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-prometheus-operator + serviceAccountName: monitoring-kube-prometheus-operator + terminationGracePeriodSeconds: 30 + volumes: + - name: tls-secret + secret: + defaultMode: 420 + secretName: monitoring-kube-prometheus-admission + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-03-15T19:28:25Z' + lastUpdateTime: '2025-03-15T19:28:36Z' + message: ReplicaSet "monitoring-kube-prometheus-operator-55f4b4d949" has + successfully progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + - lastTransitionTime: '2025-07-21T02:46:22Z' + lastUpdateTime: '2025-07-21T02:46:22Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '1' + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: '2025-03-15T19:28:25Z' + generation: 1 + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-state-metrics + app.kubernetes.io/part-of: kube-state-metrics + app.kubernetes.io/version: 2.15.0 + helm.sh/chart: kube-state-metrics-5.30.1 + release: monitoring + name: monitoring-kube-state-metrics + namespace: monitoring + resourceVersion: '20356831' + uid: e30931b2-603e-45aa-8921-36bde6c62412 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: kube-state-metrics + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-state-metrics + app.kubernetes.io/part-of: kube-state-metrics + app.kubernetes.io/version: 2.15.0 + helm.sh/chart: kube-state-metrics-5.30.1 + release: monitoring + spec: + automountServiceAccountToken: true + containers: + - args: + - --port=8080 + - --resources=certificatesigningrequests,configmaps,cronjobs,daemonsets,deployments,endpoints,horizontalpodautoscalers,ingresses,jobs,leases,limitranges,mutatingwebhookconfigurations,namespaces,networkpolicies,nodes,persistentvolumeclaims,persistentvolumes,poddisruptionbudgets,pods,replicasets,replicationcontrollers,resourcequotas,secrets,services,statefulsets,storageclasses,validatingwebhookconfigurations,volumeattachments + image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.15.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /livez + port: 8080 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: kube-state-metrics + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /readyz + port: 8081 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-state-metrics + serviceAccountName: monitoring-kube-state-metrics + terminationGracePeriodSeconds: 30 + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-03-15T19:28:25Z' + lastUpdateTime: '2025-03-15T19:28:41Z' + message: ReplicaSet "monitoring-kube-state-metrics-6d79fb6b66" has successfully + progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + - lastTransitionTime: '2025-10-27T12:02:33Z' + lastUpdateTime: '2025-10-27T12:02:33Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '1' + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: '2025-03-15T19:28:25Z' + generation: 1 + labels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: grafana + app.kubernetes.io/version: 11.5.2 + helm.sh/chart: grafana-8.10.3 + pod-template-hash: 57bd7cc44f + name: monitoring-grafana-57bd7cc44f + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: monitoring-grafana + uid: fc6bfa03-c1bf-465a-8b0f-cc59840d4ee9 + resourceVersion: '12273752' + uid: 5d7b2e80-dcf0-4ec8-adeb-b494fa3b5e68 + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: grafana + pod-template-hash: 57bd7cc44f + template: + metadata: + annotations: + checksum/config: 0e9cbd0ea8e24e32f7dfca5bab17a2ba05652642f0a09a4882833ae88e4cc4a3 + checksum/sc-dashboard-provider-config: e70bf6a851099d385178a76de9757bb0bef8299da6d8443602590e44f05fdf24 + checksum/secret: 032056e9c62bbe9d1daa41ee49cd3d9524c076f51ca4c65adadf4ef08ef28712 + kubectl.kubernetes.io/default-container: grafana + creationTimestamp: null + labels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: grafana + app.kubernetes.io/version: 11.5.2 + helm.sh/chart: grafana-8.10.3 + pod-template-hash: 57bd7cc44f + spec: + automountServiceAccountToken: true + containers: + - env: + - name: METHOD + value: WATCH + - name: LABEL + value: grafana_dashboard + - name: LABEL_VALUE + value: '1' + - name: FOLDER + value: /tmp/dashboards + - name: RESOURCE + value: both + - name: NAMESPACE + value: ALL + - name: REQ_USERNAME + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: REQ_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: REQ_URL + value: http://localhost:3000/api/admin/provisioning/dashboards/reload + - name: REQ_METHOD + value: POST + image: quay.io/kiwigrid/k8s-sidecar:1.30.0 + imagePullPolicy: IfNotPresent + name: grafana-sc-dashboard + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp/dashboards + name: sc-dashboard-volume + - env: + - name: METHOD + value: WATCH + - name: LABEL + value: grafana_datasource + - name: LABEL_VALUE + value: '1' + - name: FOLDER + value: /etc/grafana/provisioning/datasources + - name: RESOURCE + value: both + - name: REQ_USERNAME + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: REQ_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: REQ_URL + value: http://localhost:3000/api/admin/provisioning/datasources/reload + - name: REQ_METHOD + value: POST + image: quay.io/kiwigrid/k8s-sidecar:1.30.0 + imagePullPolicy: IfNotPresent + name: grafana-sc-datasources + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/grafana/provisioning/datasources + name: sc-datasources-volume + - env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: GF_SECURITY_ADMIN_USER + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: GF_SECURITY_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: GF_PATHS_DATA + value: /var/lib/grafana/ + - name: GF_PATHS_LOGS + value: /var/log/grafana + - name: GF_PATHS_PLUGINS + value: /var/lib/grafana/plugins + - name: GF_PATHS_PROVISIONING + value: /etc/grafana/provisioning + image: docker.io/grafana/grafana:11.5.2 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + httpGet: + path: /api/health + port: 3000 + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 30 + name: grafana + ports: + - containerPort: 3000 + name: grafana + protocol: TCP + - containerPort: 9094 + name: gossip-tcp + protocol: TCP + - containerPort: 9094 + name: gossip-udp + protocol: UDP + - containerPort: 6060 + name: profiling + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /api/health + port: 3000 + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/grafana/grafana.ini + name: config + subPath: grafana.ini + - mountPath: /var/lib/grafana + name: storage + - mountPath: /tmp/dashboards + name: sc-dashboard-volume + - mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml + name: sc-dashboard-provider + subPath: provider.yaml + - mountPath: /etc/grafana/provisioning/datasources + name: sc-datasources-volume + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 472 + runAsGroup: 472 + runAsNonRoot: true + runAsUser: 472 + serviceAccount: monitoring-grafana + serviceAccountName: monitoring-grafana + shareProcessNamespace: false + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: monitoring-grafana + name: config + - emptyDir: {} + name: storage + - emptyDir: {} + name: sc-dashboard-volume + - configMap: + defaultMode: 420 + name: monitoring-grafana-config-dashboards + name: sc-dashboard-provider + - emptyDir: {} + name: sc-datasources-volume + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '1' + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: '2025-03-15T19:28:25Z' + generation: 1 + labels: + app: kube-prometheus-stack-operator + app.kubernetes.io/component: prometheus-operator + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + pod-template-hash: 55f4b4d949 + release: monitoring + name: monitoring-kube-prometheus-operator-55f4b4d949 + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: monitoring-kube-prometheus-operator + uid: 4158076c-b017-4c71-ac3a-f0be9fa7137a + resourceVersion: '9486994' + uid: 6018d8a7-1d56-4811-80e1-042743fa271b + spec: + replicas: 1 + selector: + matchLabels: + app: kube-prometheus-stack-operator + pod-template-hash: 55f4b4d949 + release: monitoring + template: + metadata: + creationTimestamp: null + labels: + app: kube-prometheus-stack-operator + app.kubernetes.io/component: prometheus-operator + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + pod-template-hash: 55f4b4d949 + release: monitoring + spec: + automountServiceAccountToken: true + containers: + - args: + - --kubelet-service=kube-system/monitoring-kube-prometheus-kubelet + - --kubelet-endpoints=true + - --kubelet-endpointslice=false + - --localhost=127.0.0.1 + - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + - --config-reloader-cpu-request=0 + - --config-reloader-cpu-limit=0 + - --config-reloader-memory-request=0 + - --config-reloader-memory-limit=0 + - --thanos-default-base-image=quay.io/thanos/thanos:v0.37.2 + - --secret-field-selector=type!=kubernetes.io/dockercfg,type!=kubernetes.io/service-account-token,type!=helm.sh/release.v1 + - --web.enable-tls=true + - --web.cert-file=/cert/cert + - --web.key-file=/cert/key + - --web.listen-address=:10250 + - --web.tls-min-version=VersionTLS13 + env: + - name: GOGC + value: '30' + image: quay.io/prometheus-operator/prometheus-operator:v0.81.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: https + scheme: HTTPS + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: kube-prometheus-stack + ports: + - containerPort: 10250 + name: https + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: https + scheme: HTTPS + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /cert + name: tls-secret + readOnly: true + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-prometheus-operator + serviceAccountName: monitoring-kube-prometheus-operator + terminationGracePeriodSeconds: 30 + volumes: + - name: tls-secret + secret: + defaultMode: 420 + secretName: monitoring-kube-prometheus-admission + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '1' + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: '2025-03-15T19:28:25Z' + generation: 1 + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-state-metrics + app.kubernetes.io/part-of: kube-state-metrics + app.kubernetes.io/version: 2.15.0 + helm.sh/chart: kube-state-metrics-5.30.1 + pod-template-hash: 6d79fb6b66 + release: monitoring + name: monitoring-kube-state-metrics-6d79fb6b66 + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: monitoring-kube-state-metrics + uid: e30931b2-603e-45aa-8921-36bde6c62412 + resourceVersion: '20356830' + uid: d4a6f708-59c4-4a58-9fec-f0bbfde4a93b + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: kube-state-metrics + pod-template-hash: 6d79fb6b66 + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-state-metrics + app.kubernetes.io/part-of: kube-state-metrics + app.kubernetes.io/version: 2.15.0 + helm.sh/chart: kube-state-metrics-5.30.1 + pod-template-hash: 6d79fb6b66 + release: monitoring + spec: + automountServiceAccountToken: true + containers: + - args: + - --port=8080 + - --resources=certificatesigningrequests,configmaps,cronjobs,daemonsets,deployments,endpoints,horizontalpodautoscalers,ingresses,jobs,leases,limitranges,mutatingwebhookconfigurations,namespaces,networkpolicies,nodes,persistentvolumeclaims,persistentvolumes,poddisruptionbudgets,pods,replicasets,replicationcontrollers,resourcequotas,secrets,services,statefulsets,storageclasses,validatingwebhookconfigurations,volumeattachments + image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.15.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /livez + port: 8080 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: kube-state-metrics + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /readyz + port: 8081 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-state-metrics + serviceAccountName: monitoring-kube-state-metrics + terminationGracePeriodSeconds: 30 + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + - apiVersion: apps/v1 + kind: StatefulSet + metadata: + annotations: + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + prometheus-operator-input-hash: '1548357065563043061' + creationTimestamp: '2025-03-15T19:28:35Z' + generation: 1 + labels: + app: kube-prometheus-stack-alertmanager + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + managed-by: prometheus-operator + release: monitoring + name: alertmanager-monitoring-kube-prometheus-alertmanager + namespace: monitoring + ownerReferences: + - apiVersion: monitoring.coreos.com/v1 + blockOwnerDeletion: true + controller: true + kind: Alertmanager + name: monitoring-kube-prometheus-alertmanager + uid: 88a51b90-294a-485f-84ca-ec2b1b03eab6 + resourceVersion: '12143681' + uid: d1ac5b0a-c1d8-442f-b938-c8387c484893 + spec: + persistentVolumeClaimRetentionPolicy: + whenDeleted: Retain + whenScaled: Retain + podManagementPolicy: Parallel + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + alertmanager: monitoring-kube-prometheus-alertmanager + app.kubernetes.io/instance: monitoring-kube-prometheus-alertmanager + app.kubernetes.io/managed-by: prometheus-operator + app.kubernetes.io/name: alertmanager + serviceName: alertmanager-operated + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: alertmanager + creationTimestamp: null + labels: + alertmanager: monitoring-kube-prometheus-alertmanager + app.kubernetes.io/instance: monitoring-kube-prometheus-alertmanager + app.kubernetes.io/managed-by: prometheus-operator + app.kubernetes.io/name: alertmanager + app.kubernetes.io/version: 0.28.1 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - alertmanager + - key: alertmanager + operator: In + values: + - monitoring-kube-prometheus-alertmanager + topologyKey: kubernetes.io/hostname + weight: 100 + automountServiceAccountToken: true + containers: + - args: + - --config.file=/etc/alertmanager/config_out/alertmanager.env.yaml + - --storage.path=/alertmanager + - --data.retention=120h + - --cluster.listen-address= + - --web.listen-address=:9093 + - --web.external-url=http://monitoring-kube-prometheus-alertmanager.monitoring:9093 + - --web.route-prefix=/ + - --cluster.label=monitoring/monitoring-kube-prometheus-alertmanager + - --cluster.peer=alertmanager-monitoring-kube-prometheus-alertmanager-0.alertmanager-operated:9094 + - --cluster.reconnect-timeout=5m + - --web.config.file=/etc/alertmanager/web_config/web-config.yaml + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: quay.io/prometheus/alertmanager:v0.28.1 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + httpGet: + path: /-/healthy + port: http-web + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 3 + name: alertmanager + ports: + - containerPort: 9093 + name: http-web + protocol: TCP + - containerPort: 9094 + name: mesh-tcp + protocol: TCP + - containerPort: 9094 + name: mesh-udp + protocol: UDP + readinessProbe: + failureThreshold: 10 + httpGet: + path: /-/ready + port: http-web + scheme: HTTP + initialDelaySeconds: 3 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 3 + resources: + requests: + memory: 200Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/alertmanager/config + name: config-volume + - mountPath: /etc/alertmanager/config_out + name: config-out + readOnly: true + - mountPath: /etc/alertmanager/certs + name: tls-assets + readOnly: true + - mountPath: /alertmanager + name: alertmanager-monitoring-kube-prometheus-alertmanager-db + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + subPath: web-config.yaml + - mountPath: /etc/alertmanager/cluster_tls_config/cluster-tls-config.yaml + name: cluster-tls-config + readOnly: true + subPath: cluster-tls-config.yaml + - args: + - --listen-address=:8080 + - --web-config-file=/etc/alertmanager/web_config/web-config.yaml + - --reload-url=http://127.0.0.1:9093/-/reload + - --config-file=/etc/alertmanager/config/alertmanager.yaml.gz + - --config-envsubst-file=/etc/alertmanager/config_out/alertmanager.env.yaml + - --watched-dir=/etc/alertmanager/config + command: + - /bin/prometheus-config-reloader + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: SHARD + value: '-1' + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imagePullPolicy: IfNotPresent + name: config-reloader + ports: + - containerPort: 8080 + name: reloader-web + protocol: TCP + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/alertmanager/config + name: config-volume + readOnly: true + - mountPath: /etc/alertmanager/config_out + name: config-out + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + subPath: web-config.yaml + dnsPolicy: ClusterFirst + initContainers: + - args: + - --watch-interval=0 + - --listen-address=:8081 + - --config-file=/etc/alertmanager/config/alertmanager.yaml.gz + - --config-envsubst-file=/etc/alertmanager/config_out/alertmanager.env.yaml + - --watched-dir=/etc/alertmanager/config + command: + - /bin/prometheus-config-reloader + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: SHARD + value: '-1' + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imagePullPolicy: IfNotPresent + name: init-config-reloader + ports: + - containerPort: 8081 + name: reloader-web + protocol: TCP + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/alertmanager/config + name: config-volume + readOnly: true + - mountPath: /etc/alertmanager/config_out + name: config-out + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + subPath: web-config.yaml + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 2000 + runAsGroup: 2000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-prometheus-alertmanager + serviceAccountName: monitoring-kube-prometheus-alertmanager + terminationGracePeriodSeconds: 120 + volumes: + - name: config-volume + secret: + defaultMode: 420 + secretName: alertmanager-monitoring-kube-prometheus-alertmanager-generated + - name: tls-assets + projected: + defaultMode: 420 + sources: + - secret: + name: alertmanager-monitoring-kube-prometheus-alertmanager-tls-assets-0 + - emptyDir: + medium: Memory + name: config-out + - name: web-config + secret: + defaultMode: 420 + secretName: alertmanager-monitoring-kube-prometheus-alertmanager-web-config + - name: cluster-tls-config + secret: + defaultMode: 420 + secretName: alertmanager-monitoring-kube-prometheus-alertmanager-cluster-tls-config + - emptyDir: {} + name: alertmanager-monitoring-kube-prometheus-alertmanager-db + updateStrategy: + type: RollingUpdate + status: + availableReplicas: 1 + collisionCount: 0 + currentReplicas: 1 + currentRevision: alertmanager-monitoring-kube-prometheus-alertmanager-6b749c8658 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updateRevision: alertmanager-monitoring-kube-prometheus-alertmanager-6b749c8658 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: StatefulSet + metadata: + annotations: + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + prometheus-operator-input-hash: '13698391499502685580' + creationTimestamp: '2025-03-15T19:28:36Z' + generation: 1 + labels: + app: kube-prometheus-stack-prometheus + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + managed-by: prometheus-operator + operator.prometheus.io/mode: server + operator.prometheus.io/name: monitoring-kube-prometheus-prometheus + operator.prometheus.io/shard: '0' + release: monitoring + name: prometheus-monitoring-kube-prometheus-prometheus + namespace: monitoring + ownerReferences: + - apiVersion: monitoring.coreos.com/v1 + blockOwnerDeletion: true + controller: true + kind: Prometheus + name: monitoring-kube-prometheus-prometheus + uid: 733d54a5-4541-46bc-82be-1c8b1b5925f4 + resourceVersion: '12273747' + uid: 9bffc56e-9f40-49e1-82af-16217933206f + spec: + persistentVolumeClaimRetentionPolicy: + whenDeleted: Retain + whenScaled: Retain + podManagementPolicy: Parallel + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/instance: monitoring-kube-prometheus-prometheus + app.kubernetes.io/managed-by: prometheus-operator + app.kubernetes.io/name: prometheus + operator.prometheus.io/name: monitoring-kube-prometheus-prometheus + operator.prometheus.io/shard: '0' + prometheus: monitoring-kube-prometheus-prometheus + serviceName: prometheus-operated + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: prometheus + creationTimestamp: null + labels: + app.kubernetes.io/instance: monitoring-kube-prometheus-prometheus + app.kubernetes.io/managed-by: prometheus-operator + app.kubernetes.io/name: prometheus + app.kubernetes.io/version: 3.2.1 + operator.prometheus.io/name: monitoring-kube-prometheus-prometheus + operator.prometheus.io/shard: '0' + prometheus: monitoring-kube-prometheus-prometheus + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - prometheus + - key: prometheus + operator: In + values: + - monitoring-kube-prometheus-prometheus + topologyKey: kubernetes.io/hostname + weight: 100 + automountServiceAccountToken: true + containers: + - args: + - --web.console.templates=/etc/prometheus/consoles + - --web.console.libraries=/etc/prometheus/console_libraries + - --config.file=/etc/prometheus/config_out/prometheus.env.yaml + - --web.enable-lifecycle + - --web.external-url=http://monitoring-kube-prometheus-prometheus.monitoring:9090 + - --web.route-prefix=/ + - --storage.tsdb.retention.time=10d + - --storage.tsdb.path=/prometheus + - --storage.tsdb.wal-compression + - --web.config.file=/etc/prometheus/web_config/web-config.yaml + image: quay.io/prometheus/prometheus:v3.2.1 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 6 + httpGet: + path: /-/healthy + port: http-web + scheme: HTTP + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 3 + name: prometheus + ports: + - containerPort: 9090 + name: http-web + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /-/ready + port: http-web + scheme: HTTP + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 3 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + startupProbe: + failureThreshold: 60 + httpGet: + path: /-/ready + port: http-web + scheme: HTTP + periodSeconds: 15 + successThreshold: 1 + timeoutSeconds: 3 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/prometheus/config_out + name: config-out + readOnly: true + - mountPath: /etc/prometheus/certs + name: tls-assets + readOnly: true + - mountPath: /prometheus + name: prometheus-monitoring-kube-prometheus-prometheus-db + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - mountPath: /etc/prometheus/web_config/web-config.yaml + name: web-config + readOnly: true + subPath: web-config.yaml + - args: + - --listen-address=:8080 + - --reload-url=http://127.0.0.1:9090/-/reload + - --config-file=/etc/prometheus/config/prometheus.yaml.gz + - --config-envsubst-file=/etc/prometheus/config_out/prometheus.env.yaml + - --watched-dir=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + command: + - /bin/prometheus-config-reloader + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: SHARD + value: '0' + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imagePullPolicy: IfNotPresent + name: config-reloader + ports: + - containerPort: 8080 + name: reloader-web + protocol: TCP + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/prometheus/config + name: config + - mountPath: /etc/prometheus/config_out + name: config-out + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + dnsPolicy: ClusterFirst + initContainers: + - args: + - --watch-interval=0 + - --listen-address=:8081 + - --config-file=/etc/prometheus/config/prometheus.yaml.gz + - --config-envsubst-file=/etc/prometheus/config_out/prometheus.env.yaml + - --watched-dir=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + command: + - /bin/prometheus-config-reloader + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: SHARD + value: '0' + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imagePullPolicy: IfNotPresent + name: init-config-reloader + ports: + - containerPort: 8081 + name: reloader-web + protocol: TCP + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/prometheus/config + name: config + - mountPath: /etc/prometheus/config_out + name: config-out + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 2000 + runAsGroup: 2000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-prometheus-prometheus + serviceAccountName: monitoring-kube-prometheus-prometheus + shareProcessNamespace: false + terminationGracePeriodSeconds: 600 + volumes: + - name: config + secret: + defaultMode: 420 + secretName: prometheus-monitoring-kube-prometheus-prometheus + - name: tls-assets + projected: + defaultMode: 420 + sources: + - secret: + name: prometheus-monitoring-kube-prometheus-prometheus-tls-assets-0 + - emptyDir: + medium: Memory + name: config-out + - configMap: + defaultMode: 420 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - name: web-config + secret: + defaultMode: 420 + secretName: prometheus-monitoring-kube-prometheus-prometheus-web-config + - emptyDir: {} + name: prometheus-monitoring-kube-prometheus-prometheus-db + updateStrategy: + type: RollingUpdate + status: + availableReplicas: 1 + collisionCount: 0 + currentReplicas: 1 + currentRevision: prometheus-monitoring-kube-prometheus-prometheus-86dddb5558 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updateRevision: prometheus-monitoring-kube-prometheus-prometheus-86dddb5558 + updatedReplicas: 1 kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/nextcloud/all.yaml b/manifests/nextcloud/all.yaml index 33d0475..c953212 100644 --- a/manifests/nextcloud/all.yaml +++ b/manifests/nextcloud/all.yaml @@ -1,1392 +1,204 @@ apiVersion: v1 items: -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-08-25T19:58:43Z" - generateName: elasticsearch-6b8cd75846- - labels: - app: elasticsearch - pod-template-hash: 6b8cd75846 - name: elasticsearch-6b8cd75846-9flx5 - namespace: nextcloud - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: elasticsearch-6b8cd75846 - uid: 5f730c22-0c63-4cb7-81a7-a4eeea5189a0 - resourceVersion: "20356491" - uid: c06f63ef-6dc5-48bf-ac10-1e45a86133bb - spec: - containers: - - env: - - name: discovery.type - value: single-node - - name: xpack.security.enabled - value: "false" - - name: ES_JAVA_OPTS - value: -Xms512m -Xmx512m - image: docker.elastic.co/elasticsearch/elasticsearch:8.6.1 - imagePullPolicy: IfNotPresent - name: elasticsearch - ports: - - containerPort: 9200 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /usr/share/elasticsearch/data - name: data - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-hg5gq - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - emptyDir: {} - name: data - - name: kube-api-access-hg5gq - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-25T19:59:08Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-08-25T19:58:43Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-08-25T19:59:08Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-08-25T19:59:08Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-08-25T19:58:43Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://784adc6a2fded6328b195d76aac4660ffffc1b1bea76aac0196977d2091ae3e1 - image: docker.elastic.co/elasticsearch/elasticsearch:8.6.1 - imageID: docker.elastic.co/elasticsearch/elasticsearch@sha256:159534b0af912835c708face6c4620029adbbd0d27c8cccd34968d2dba8d74b8 - lastState: {} - name: elasticsearch - ready: true - restartCount: 0 - started: true - state: - running: - startedAt: "2025-08-25T19:59:08Z" - volumeMounts: - - mountPath: /usr/share/elasticsearch/data - name: data - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-hg5gq - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.93 - podIPs: - - ip: 10.244.0.93 - qosClass: BestEffort - startTime: "2025-08-25T19:58:43Z" -- apiVersion: v1 - kind: Pod - metadata: - annotations: - hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 - kubectl.kubernetes.io/restartedAt: "2025-08-25T15:46:47+02:00" - nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 - php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a - creationTimestamp: "2025-09-10T18:14:12Z" - generateName: nextcloud-579d6957cd- - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 579d6957cd - name: nextcloud-579d6957cd-9rkdf - namespace: nextcloud - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: nextcloud-579d6957cd - uid: 3f1c61ec-f722-48ee-93fb-c8e97dd37303 - resourceVersion: "20356628" - uid: b1dfa34d-869e-471a-90cf-b6d9c4b4bab7 - spec: - containers: - - env: - - name: POSTGRES_HOST - value: nextcloud-postgresql - - name: POSTGRES_DB - value: nextcloud - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: db-password - name: nextcloud-db - - name: NEXTCLOUD_ADMIN_USER - valueFrom: - secretKeyRef: - key: nextcloud-username - name: nextcloud - - name: NEXTCLOUD_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: nextcloud-password - name: nextcloud - - name: NEXTCLOUD_TRUSTED_DOMAINS - value: 192.168.31.54 192.168.31.54:32080 nextcloud - - name: NEXTCLOUD_DATA_DIR - value: /var/www/html/data - image: nextcloud:31.0.8-apache - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: nextcloud - ports: - - containerPort: 80 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/www/ - name: nextcloud-main - subPath: root - - mountPath: /var/www/html - name: nextcloud-main - subPath: html - - mountPath: /var/www/html/data - name: nextcloud-main - subPath: data - - mountPath: /var/www/html/config - name: nextcloud-main - subPath: config - - mountPath: /var/www/html/custom_apps - name: nextcloud-main - subPath: custom_apps - - mountPath: /var/www/tmp - name: nextcloud-main - subPath: tmp - - mountPath: /var/www/html/themes - name: nextcloud-main - subPath: themes - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-84vpf - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - initContainers: - - command: - - sh - - -c - - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 ; done - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_HOST - value: nextcloud-postgresql - image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 - imagePullPolicy: IfNotPresent - name: postgresql-isready - resources: {} - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-84vpf - readOnly: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 33 - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: nextcloud-main - persistentVolumeClaim: - claimName: nextcloud-nextcloud-media - - name: kube-api-access-84vpf - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-09-10T18:14:12Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-09-10T18:14:12Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-09-10T20:47:08Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-09-10T20:47:08Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-09-10T18:14:12Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://dcf8a911b2b8cdef759e2e43b4612773c54c00eecdd28b671892862e428dbde0 - image: docker.io/library/nextcloud:31.0.8-apache - imageID: docker.io/library/nextcloud@sha256:c3329db9d0d0d79b1fe6433b54b81c28acaefecfe96a400be202b7da80f6b8ca - lastState: - terminated: - containerID: containerd://b63eff5a9112bd0c96960ec78a865e2f8330d0378b8bebbac7e881e77ed0717f - exitCode: 0 - finishedAt: "2025-09-10T20:46:46Z" - reason: Completed - startedAt: "2025-09-10T18:14:12Z" - name: nextcloud - ready: true - restartCount: 1 - started: true - state: - running: - startedAt: "2025-09-10T20:46:46Z" - volumeMounts: - - mountPath: /var/www/ - name: nextcloud-main - - mountPath: /var/www/html - name: nextcloud-main - - mountPath: /var/www/html/data - name: nextcloud-main - - mountPath: /var/www/html/config - name: nextcloud-main - - mountPath: /var/www/html/custom_apps - name: nextcloud-main - - mountPath: /var/www/tmp - name: nextcloud-main - - mountPath: /var/www/html/themes - name: nextcloud-main - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-84vpf - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - initContainerStatuses: - - containerID: containerd://07dcee399e4283d9f6e754c0f99bf64d5f38bbc895b4bdb1fd9199c65a51870f - image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 - imageID: docker.io/bitnami/postgresql@sha256:5cf757a084469da93ca39a294c9ec7c1aaf2d2a5f728001676ece1a9607fa57f - lastState: {} - name: postgresql-isready - ready: true - restartCount: 0 - started: false - state: - terminated: - containerID: containerd://07dcee399e4283d9f6e754c0f99bf64d5f38bbc895b4bdb1fd9199c65a51870f - exitCode: 0 - finishedAt: "2025-09-10T18:14:12Z" - reason: Completed - startedAt: "2025-09-10T18:14:12Z" - volumeMounts: - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-84vpf - readOnly: true - recursiveReadOnly: Disabled - phase: Running - podIP: 10.244.0.111 - podIPs: - - ip: 10.244.0.111 - qosClass: BestEffort - startTime: "2025-09-10T18:14:12Z" -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-08-24T18:31:46Z" - generateName: nextcloud-postgresql- - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 17.5.0 - apps.kubernetes.io/pod-index: "0" - controller-revision-hash: nextcloud-postgresql-797775c5fb - helm.sh/chart: postgresql-16.7.4 - statefulset.kubernetes.io/pod-name: nextcloud-postgresql-0 - name: nextcloud-postgresql-0 - namespace: nextcloud - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: StatefulSet - name: nextcloud-postgresql - uid: e648b386-1cd1-42db-8e16-6b383dd87d70 - resourceVersion: "20356554" - uid: daf6ad29-f5fe-4c42-8d83-b0d132889928 - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: postgresql - topologyKey: kubernetes.io/hostname - weight: 1 - automountServiceAccountToken: false - containers: - - env: - - name: BITNAMI_DEBUG - value: "false" - - name: POSTGRESQL_PORT_NUMBER - value: "5432" - - name: POSTGRESQL_VOLUME_DIR - value: /bitnami/postgresql - - name: PGDATA - value: /bitnami/postgresql/data - - name: POSTGRES_USER - value: nextcloud - - name: POSTGRES_PASSWORD_FILE - value: /opt/bitnami/postgresql/secrets/password - - name: POSTGRES_POSTGRES_PASSWORD_FILE - value: /opt/bitnami/postgresql/secrets/postgres-password - - name: POSTGRES_DATABASE - value: nextcloud - - name: POSTGRESQL_ENABLE_LDAP - value: "no" - - name: POSTGRESQL_ENABLE_TLS - value: "no" - - name: POSTGRESQL_LOG_HOSTNAME - value: "false" - - name: POSTGRESQL_LOG_CONNECTIONS - value: "false" - - name: POSTGRESQL_LOG_DISCONNECTIONS - value: "false" - - name: POSTGRESQL_PGAUDIT_LOG_CATALOG - value: "off" - - name: POSTGRESQL_CLIENT_MIN_MESSAGES - value: error - - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES - value: pgaudit - image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - /bin/sh - - -c - - exec pg_isready -U "nextcloud" -d "dbname=nextcloud" -h 127.0.0.1 -p 5432 - failureThreshold: 6 - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: postgresql - ports: - - containerPort: 5432 - name: tcp-postgresql - protocol: TCP - readinessProbe: - exec: - command: - - /bin/sh - - -c - - -e - - | - exec pg_isready -U "nextcloud" -d "dbname=nextcloud" -h 127.0.0.1 -p 5432 - [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] - failureThreshold: 6 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: - limits: - cpu: 150m - ephemeral-storage: 2Gi - memory: 192Mi - requests: - cpu: 100m - ephemeral-storage: 50Mi - memory: 128Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - readOnlyRootFilesystem: true - runAsGroup: 1001 - runAsNonRoot: true - runAsUser: 1001 - seLinuxOptions: {} - seccompProfile: - type: RuntimeDefault - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /tmp - name: empty-dir - subPath: tmp-dir - - mountPath: /opt/bitnami/postgresql/conf - name: empty-dir - subPath: app-conf-dir - - mountPath: /opt/bitnami/postgresql/tmp - name: empty-dir - subPath: app-tmp-dir - - mountPath: /opt/bitnami/postgresql/secrets/ - name: postgresql-password - - mountPath: /dev/shm - name: dshm - - mountPath: /bitnami/postgresql - name: data - dnsPolicy: ClusterFirst - enableServiceLinks: true - hostname: nextcloud-postgresql-0 - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1001 - fsGroupChangePolicy: Always - serviceAccount: nextcloud-postgresql - serviceAccountName: nextcloud-postgresql - subdomain: nextcloud-postgresql-hl - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - emptyDir: {} - name: empty-dir - - name: postgresql-password - secret: - defaultMode: 420 - secretName: nextcloud-postgresql - - emptyDir: - medium: Memory - name: dshm - - emptyDir: {} - name: data - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T18:31:48Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-08-24T18:31:46Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-09-12T11:29:31Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-09-12T11:29:31Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-08-24T18:31:46Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://f8e95b50afee2a0ac1e6eb497d3b63a17b2da613265284fa8f8f79c2a462fb0b - image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 - imageID: docker.io/bitnami/postgresql@sha256:5cf757a084469da93ca39a294c9ec7c1aaf2d2a5f728001676ece1a9607fa57f - lastState: - terminated: - containerID: containerd://4390cfa5d9bc3faebd41e1394b9e9fcae4c7be44218b44e76b88a2716850a5ff - exitCode: 137 - finishedAt: "2025-09-12T11:29:19Z" - reason: OOMKilled - startedAt: "2025-09-10T20:46:24Z" - name: postgresql - ready: true - restartCount: 3 - started: true - state: - running: - startedAt: "2025-09-12T11:29:20Z" - volumeMounts: - - mountPath: /tmp - name: empty-dir - - mountPath: /opt/bitnami/postgresql/conf - name: empty-dir - - mountPath: /opt/bitnami/postgresql/tmp - name: empty-dir - - mountPath: /opt/bitnami/postgresql/secrets/ - name: postgresql-password - - mountPath: /dev/shm - name: dshm - - mountPath: /bitnami/postgresql - name: data - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.52 - podIPs: - - ip: 10.244.0.52 - qosClass: Burstable - startTime: "2025-08-24T18:31:46Z" -- apiVersion: v1 - kind: Service - metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"elasticsearch","namespace":"nextcloud"},"spec":{"ports":[{"port":9200,"targetPort":9200}],"selector":{"app":"elasticsearch"}}} - creationTimestamp: "2025-08-25T18:32:31Z" - name: elasticsearch - namespace: nextcloud - resourceVersion: "12502038" - uid: ac66f0f0-787a-40a8-b574-e9856421eaeb - spec: - clusterIP: 10.104.186.33 - clusterIPs: - - 10.104.186.33 - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - port: 9200 - protocol: TCP - targetPort: 9200 - selector: - app: elasticsearch - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: nextcloud - meta.helm.sh/release-namespace: nextcloud - creationTimestamp: "2025-08-24T18:31:46Z" - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: nextcloud - app.kubernetes.io/version: 31.0.8 - helm.sh/chart: nextcloud-7.0.2 - name: nextcloud - namespace: nextcloud - resourceVersion: "12365787" - uid: 12fce161-edc8-42ef-a5a3-ff0ef6470098 - spec: - clusterIP: 10.105.83.190 - clusterIPs: - - 10.105.83.190 - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: http - nodePort: 32080 - port: 80 - protocol: TCP - targetPort: 80 - selector: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - sessionAffinity: None - type: NodePort - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: nextcloud - meta.helm.sh/release-namespace: nextcloud - creationTimestamp: "2025-08-24T18:31:46Z" - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 17.5.0 - helm.sh/chart: postgresql-16.7.4 - name: nextcloud-postgresql - namespace: nextcloud - resourceVersion: "12365780" - uid: cdc36770-a3be-4d6b-ac0e-a3ca646fe619 - spec: - clusterIP: 10.107.224.100 - clusterIPs: - - 10.107.224.100 - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: tcp-postgresql - port: 5432 - protocol: TCP - targetPort: tcp-postgresql - selector: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: postgresql - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: nextcloud - meta.helm.sh/release-namespace: nextcloud - creationTimestamp: "2025-08-24T18:31:46Z" - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 17.5.0 - helm.sh/chart: postgresql-16.7.4 - name: nextcloud-postgresql-hl - namespace: nextcloud - resourceVersion: "12365777" - uid: 52f65006-c02e-4913-8fb6-07f49128b08a - spec: - clusterIP: None - clusterIPs: - - None - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: tcp-postgresql - port: 5432 - protocol: TCP - targetPort: tcp-postgresql - publishNotReadyAddresses: true - selector: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: postgresql - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "1" - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"elasticsearch","namespace":"nextcloud"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"elasticsearch"}},"template":{"metadata":{"labels":{"app":"elasticsearch"}},"spec":{"containers":[{"env":[{"name":"discovery.type","value":"single-node"},{"name":"xpack.security.enabled","value":"false"},{"name":"ES_JAVA_OPTS","value":"-Xms512m -Xmx512m"}],"image":"docker.elastic.co/elasticsearch/elasticsearch:8.6.1","name":"elasticsearch","ports":[{"containerPort":9200}],"volumeMounts":[{"mountPath":"/usr/share/elasticsearch/data","name":"data"}]}],"volumes":[{"emptyDir":{},"name":"data"}]}}}} - creationTimestamp: "2025-08-25T19:58:43Z" - generation: 1 - name: elasticsearch - namespace: nextcloud - resourceVersion: "12502083" - uid: 28d17310-00fa-4cca-8fd8-8b6bf6361915 - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app: elasticsearch - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - creationTimestamp: null - labels: - app: elasticsearch - spec: - containers: - - env: - - name: discovery.type - value: single-node - - name: xpack.security.enabled - value: "false" - - name: ES_JAVA_OPTS - value: -Xms512m -Xmx512m - image: docker.elastic.co/elasticsearch/elasticsearch:8.6.1 - imagePullPolicy: IfNotPresent - name: elasticsearch - ports: - - containerPort: 9200 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /usr/share/elasticsearch/data - name: data - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: data - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-08-25T19:59:08Z" - lastUpdateTime: "2025-08-25T19:59:08Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - - lastTransitionTime: "2025-08-25T19:58:43Z" - lastUpdateTime: "2025-08-25T19:59:08Z" - message: ReplicaSet "elasticsearch-6b8cd75846" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "10" - meta.helm.sh/release-name: nextcloud - meta.helm.sh/release-namespace: nextcloud - creationTimestamp: "2025-08-24T18:31:46Z" - generation: 14 - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: nextcloud - app.kubernetes.io/version: 31.0.8 - helm.sh/chart: nextcloud-7.0.2 - name: nextcloud - namespace: nextcloud - resourceVersion: "14520176" - uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - strategy: - type: Recreate - template: - metadata: - annotations: - hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 - kubectl.kubernetes.io/restartedAt: "2025-08-25T15:46:47+02:00" - nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 - php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a - creationTimestamp: null - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - spec: - containers: - - env: - - name: POSTGRES_HOST - value: nextcloud-postgresql - - name: POSTGRES_DB - value: nextcloud - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: db-password - name: nextcloud-db - - name: NEXTCLOUD_ADMIN_USER - valueFrom: - secretKeyRef: - key: nextcloud-username - name: nextcloud - - name: NEXTCLOUD_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: nextcloud-password - name: nextcloud - - name: NEXTCLOUD_TRUSTED_DOMAINS - value: 192.168.31.54 192.168.31.54:32080 nextcloud - - name: NEXTCLOUD_DATA_DIR - value: /var/www/html/data - image: nextcloud:31.0.8-apache - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: nextcloud - ports: - - containerPort: 80 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/www/ - name: nextcloud-main - subPath: root - - mountPath: /var/www/html - name: nextcloud-main - subPath: html - - mountPath: /var/www/html/data - name: nextcloud-main - subPath: data - - mountPath: /var/www/html/config - name: nextcloud-main - subPath: config - - mountPath: /var/www/html/custom_apps - name: nextcloud-main - subPath: custom_apps - - mountPath: /var/www/tmp - name: nextcloud-main - subPath: tmp - - mountPath: /var/www/html/themes - name: nextcloud-main - subPath: themes - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 - ; done - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_HOST - value: nextcloud-postgresql - image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 - imagePullPolicy: IfNotPresent - name: postgresql-isready - resources: {} - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 33 - terminationGracePeriodSeconds: 30 - volumes: - - name: nextcloud-main - persistentVolumeClaim: - claimName: nextcloud-nextcloud-media - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-08-24T18:31:46Z" - lastUpdateTime: "2025-09-10T18:14:24Z" - message: ReplicaSet "nextcloud-579d6957cd" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - - lastTransitionTime: "2025-09-10T20:47:08Z" - lastUpdateTime: "2025-09-10T20:47:08Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - observedGeneration: 14 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "1" - creationTimestamp: "2025-08-25T19:58:43Z" - generation: 1 - labels: - app: elasticsearch - pod-template-hash: 6b8cd75846 - name: elasticsearch-6b8cd75846 - namespace: nextcloud - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: elasticsearch - uid: 28d17310-00fa-4cca-8fd8-8b6bf6361915 - resourceVersion: "12502082" - uid: 5f730c22-0c63-4cb7-81a7-a4eeea5189a0 - spec: - replicas: 1 - selector: - matchLabels: + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-08-25T19:58:43Z' + generateName: elasticsearch-6b8cd75846- + labels: app: elasticsearch pod-template-hash: 6b8cd75846 - template: - metadata: - creationTimestamp: null - labels: - app: elasticsearch - pod-template-hash: 6b8cd75846 - spec: - containers: + name: elasticsearch-6b8cd75846-9flx5 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: elasticsearch-6b8cd75846 + uid: 5f730c22-0c63-4cb7-81a7-a4eeea5189a0 + resourceVersion: '20356491' + uid: c06f63ef-6dc5-48bf-ac10-1e45a86133bb + spec: + containers: - env: - - name: discovery.type - value: single-node - - name: xpack.security.enabled - value: "false" - - name: ES_JAVA_OPTS - value: -Xms512m -Xmx512m + - name: discovery.type + value: single-node + - name: xpack.security.enabled + value: 'false' + - name: ES_JAVA_OPTS + value: -Xms512m -Xmx512m image: docker.elastic.co/elasticsearch/elasticsearch:8.6.1 imagePullPolicy: IfNotPresent name: elasticsearch ports: - - containerPort: 9200 - protocol: TCP + - containerPort: 9200 + protocol: TCP resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /usr/share/elasticsearch/data - name: data - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: + - mountPath: /usr/share/elasticsearch/data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-hg5gq + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: - emptyDir: {} name: data - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "3" - meta.helm.sh/release-name: nextcloud - meta.helm.sh/release-namespace: nextcloud - creationTimestamp: "2025-08-25T13:34:57Z" - generation: 2 - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 55d9785497 - name: nextcloud-55d9785497 - namespace: nextcloud - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: nextcloud - uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 - resourceVersion: "12467934" - uid: 934925dd-e1e1-43d4-9f05-666f3d01e643 - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 55d9785497 - template: - metadata: - annotations: - hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 - nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 - php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a - creationTimestamp: null - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 55d9785497 - spec: - containers: - - env: - - name: POSTGRES_HOST - value: nextcloud-postgresql - - name: POSTGRES_DB - value: nextcloud - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: db-password - name: nextcloud-db - - name: NEXTCLOUD_ADMIN_USER - valueFrom: - secretKeyRef: - key: nextcloud-username - name: nextcloud - - name: NEXTCLOUD_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: nextcloud-password - name: nextcloud - - name: NEXTCLOUD_TRUSTED_DOMAINS - value: 192.168.31.54 192.168.31.54:32080 nextcloud - - name: NEXTCLOUD_DATA_DIR - value: /var/www/html/data - image: nextcloud:29.0.3-apache - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: nextcloud - ports: - - containerPort: 80 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File + - name: kube-api-access-hg5gq + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-25T19:59:08Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-08-25T19:58:43Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-08-25T19:59:08Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-08-25T19:59:08Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-08-25T19:58:43Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://784adc6a2fded6328b195d76aac4660ffffc1b1bea76aac0196977d2091ae3e1 + image: docker.elastic.co/elasticsearch/elasticsearch:8.6.1 + imageID: docker.elastic.co/elasticsearch/elasticsearch@sha256:159534b0af912835c708face6c4620029adbbd0d27c8cccd34968d2dba8d74b8 + lastState: {} + name: elasticsearch + ready: true + restartCount: 0 + started: true + state: + running: + startedAt: '2025-08-25T19:59:08Z' volumeMounts: - - mountPath: /var/www/ - name: nextcloud-main - subPath: root - - mountPath: /var/www/html - name: nextcloud-main - subPath: html - - mountPath: /var/www/html/data - name: nextcloud-main - subPath: data - - mountPath: /var/www/html/config - name: nextcloud-main - subPath: config - - mountPath: /var/www/html/custom_apps - name: nextcloud-main - subPath: custom_apps - - mountPath: /var/www/tmp - name: nextcloud-main - subPath: tmp - - mountPath: /var/www/html/themes - name: nextcloud-main - subPath: themes - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 - ; done - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_HOST - value: nextcloud-postgresql - image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 - imagePullPolicy: IfNotPresent - name: postgresql-isready - resources: {} - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 33 - terminationGracePeriodSeconds: 30 - volumes: - - name: nextcloud-main - persistentVolumeClaim: - claimName: nextcloud-nextcloud - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "10" - meta.helm.sh/release-name: nextcloud - meta.helm.sh/release-namespace: nextcloud - creationTimestamp: "2025-09-10T18:14:12Z" - generation: 1 - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 579d6957cd - name: nextcloud-579d6957cd - namespace: nextcloud - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: nextcloud - uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 - resourceVersion: "14520175" - uid: 3f1c61ec-f722-48ee-93fb-c8e97dd37303 - spec: - replicas: 1 - selector: - matchLabels: + - mountPath: /usr/share/elasticsearch/data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-hg5gq + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.93 + podIPs: + - ip: 10.244.0.93 + qosClass: BestEffort + startTime: '2025-08-25T19:58:43Z' + - apiVersion: v1 + kind: Pod + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: '2025-08-25T15:46:47+02:00' + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: '2025-09-10T18:14:12Z' + generateName: nextcloud-579d6957cd- + labels: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: nextcloud pod-template-hash: 579d6957cd - template: - metadata: - annotations: - hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 - kubectl.kubernetes.io/restartedAt: "2025-08-25T15:46:47+02:00" - nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 - php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a - creationTimestamp: null - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 579d6957cd - spec: - containers: + name: nextcloud-579d6957cd-9rkdf + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: nextcloud-579d6957cd + uid: 3f1c61ec-f722-48ee-93fb-c8e97dd37303 + resourceVersion: '20356628' + uid: b1dfa34d-869e-471a-90cf-b6d9c4b4bab7 + spec: + containers: - env: - - name: POSTGRES_HOST - value: nextcloud-postgresql - - name: POSTGRES_DB - value: nextcloud - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: db-password - name: nextcloud-db - - name: NEXTCLOUD_ADMIN_USER - valueFrom: - secretKeyRef: - key: nextcloud-username - name: nextcloud - - name: NEXTCLOUD_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: nextcloud-password - name: nextcloud - - name: NEXTCLOUD_TRUSTED_DOMAINS - value: 192.168.31.54 192.168.31.54:32080 nextcloud - - name: NEXTCLOUD_DATA_DIR - value: /var/www/html/data + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data image: nextcloud:31.0.8-apache imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 httpGet: httpHeaders: - - name: Host - value: 192.168.31.54 + - name: Host + value: 192.168.31.54 path: /status.php port: 80 scheme: HTTP @@ -1396,15 +208,15 @@ items: timeoutSeconds: 5 name: nextcloud ports: - - containerPort: 80 - name: http - protocol: TCP + - containerPort: 80 + name: http + protocol: TCP readinessProbe: failureThreshold: 3 httpGet: httpHeaders: - - name: Host - value: 192.168.31.54 + - name: Host + value: 192.168.31.54 path: /status.php port: 80 scheme: HTTP @@ -1416,42 +228,46 @@ items: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /var/www/ - name: nextcloud-main - subPath: root - - mountPath: /var/www/html - name: nextcloud-main - subPath: html - - mountPath: /var/www/html/data - name: nextcloud-main - subPath: data - - mountPath: /var/www/html/config - name: nextcloud-main - subPath: config - - mountPath: /var/www/html/custom_apps - name: nextcloud-main - subPath: custom_apps - - mountPath: /var/www/tmp - name: nextcloud-main - subPath: tmp - - mountPath: /var/www/html/themes - name: nextcloud-main - subPath: themes - dnsPolicy: ClusterFirst - initContainers: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-84vpf + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + initContainers: - command: - - sh - - -c - - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 - ; done + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep + 2 ; done env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_HOST - value: nextcloud-postgresql + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 imagePullPolicy: IfNotPresent name: postgresql-isready @@ -1459,1434 +275,170 @@ items: securityContext: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 33 - terminationGracePeriodSeconds: 30 - volumes: + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-84vpf + readOnly: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: - name: nextcloud-main persistentVolumeClaim: claimName: nextcloud-nextcloud-media - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "5" - meta.helm.sh/release-name: nextcloud - meta.helm.sh/release-namespace: nextcloud - creationTimestamp: "2025-08-25T13:46:49Z" - generation: 4 - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 6c47bbdc9 - name: nextcloud-6c47bbdc9 - namespace: nextcloud - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: nextcloud - uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 - resourceVersion: "14497334" - uid: d13cc326-d8f5-410f-b245-6370203d8c0f - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 6c47bbdc9 - template: - metadata: - annotations: - hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 - kubectl.kubernetes.io/restartedAt: "2025-08-25T15:46:47+02:00" - nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 - php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a - creationTimestamp: null - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 6c47bbdc9 - spec: - containers: - - env: - - name: POSTGRES_HOST - value: nextcloud-postgresql - - name: POSTGRES_DB - value: nextcloud - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: db-password - name: nextcloud-db - - name: NEXTCLOUD_ADMIN_USER - valueFrom: - secretKeyRef: - key: nextcloud-username - name: nextcloud - - name: NEXTCLOUD_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: nextcloud-password - name: nextcloud - - name: NEXTCLOUD_TRUSTED_DOMAINS - value: 192.168.31.54 192.168.31.54:32080 nextcloud - - name: NEXTCLOUD_DATA_DIR - value: /var/www/html/data - image: nextcloud:29.0.3-apache - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 + - name: kube-api-access-84vpf + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-09-10T18:14:12Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-09-10T18:14:12Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-09-10T20:47:08Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-09-10T20:47:08Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-09-10T18:14:12Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://dcf8a911b2b8cdef759e2e43b4612773c54c00eecdd28b671892862e428dbde0 + image: docker.io/library/nextcloud:31.0.8-apache + imageID: docker.io/library/nextcloud@sha256:c3329db9d0d0d79b1fe6433b54b81c28acaefecfe96a400be202b7da80f6b8ca + lastState: + terminated: + containerID: containerd://b63eff5a9112bd0c96960ec78a865e2f8330d0378b8bebbac7e881e77ed0717f + exitCode: 0 + finishedAt: '2025-09-10T20:46:46Z' + reason: Completed + startedAt: '2025-09-10T18:14:12Z' name: nextcloud - ports: - - containerPort: 80 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File + ready: true + restartCount: 1 + started: true + state: + running: + startedAt: '2025-09-10T20:46:46Z' volumeMounts: - - mountPath: /var/www/ - name: nextcloud-main - subPath: root - - mountPath: /var/www/html - name: nextcloud-main - subPath: html - - mountPath: /var/www/html/data - name: nextcloud-main - subPath: data - - mountPath: /var/www/html/config - name: nextcloud-main - subPath: config - - mountPath: /var/www/html/custom_apps - name: nextcloud-main - subPath: custom_apps - - mountPath: /var/www/tmp - name: nextcloud-main - subPath: tmp - - mountPath: /var/www/html/themes - name: nextcloud-main - subPath: themes - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 - ; done - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_HOST - value: nextcloud-postgresql + - mountPath: /var/www/ + name: nextcloud-main + - mountPath: /var/www/html + name: nextcloud-main + - mountPath: /var/www/html/data + name: nextcloud-main + - mountPath: /var/www/html/config + name: nextcloud-main + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + - mountPath: /var/www/tmp + name: nextcloud-main + - mountPath: /var/www/html/themes + name: nextcloud-main + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-84vpf + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + initContainerStatuses: + - containerID: containerd://07dcee399e4283d9f6e754c0f99bf64d5f38bbc895b4bdb1fd9199c65a51870f image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 - imagePullPolicy: IfNotPresent + imageID: docker.io/bitnami/postgresql@sha256:5cf757a084469da93ca39a294c9ec7c1aaf2d2a5f728001676ece1a9607fa57f + lastState: {} name: postgresql-isready - resources: {} - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 33 - terminationGracePeriodSeconds: 30 - volumes: - - name: nextcloud-main - persistentVolumeClaim: - claimName: nextcloud-nextcloud - status: - observedGeneration: 4 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "2" - meta.helm.sh/release-name: nextcloud - meta.helm.sh/release-namespace: nextcloud - creationTimestamp: "2025-08-25T13:28:33Z" - generation: 2 - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 6dc4d48f86 - name: nextcloud-6dc4d48f86 - namespace: nextcloud - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: nextcloud - uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 - resourceVersion: "12466964" - uid: f1c26a26-e346-4d1d-bbc4-421e4ca37ecb - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 6dc4d48f86 - template: - metadata: - annotations: - hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 - nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 - php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a - creationTimestamp: null - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 6dc4d48f86 - spec: - containers: - - env: - - name: POSTGRES_HOST - value: nextcloud-postgresql - - name: POSTGRES_DB - value: nextcloud - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: db-password - name: nextcloud-db - - name: NEXTCLOUD_ADMIN_USER - valueFrom: - secretKeyRef: - key: nextcloud-username - name: nextcloud - - name: NEXTCLOUD_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: nextcloud-password - name: nextcloud - - name: NEXTCLOUD_TRUSTED_DOMAINS - value: next.experlab.xyz nextcloud 192.168.31.54 192.168.31.54:32080 - - name: NEXTCLOUD_DATA_DIR - value: /var/www/html/data - image: nextcloud:29.0.3-apache - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: next.experlab.xyz - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: nextcloud - ports: - - containerPort: 80 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: next.experlab.xyz - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File + ready: true + restartCount: 0 + started: false + state: + terminated: + containerID: containerd://07dcee399e4283d9f6e754c0f99bf64d5f38bbc895b4bdb1fd9199c65a51870f + exitCode: 0 + finishedAt: '2025-09-10T18:14:12Z' + reason: Completed + startedAt: '2025-09-10T18:14:12Z' volumeMounts: - - mountPath: /var/www/ - name: nextcloud-main - subPath: root - - mountPath: /var/www/html - name: nextcloud-main - subPath: html - - mountPath: /var/www/html/data - name: nextcloud-main - subPath: data - - mountPath: /var/www/html/config - name: nextcloud-main - subPath: config - - mountPath: /var/www/html/custom_apps - name: nextcloud-main - subPath: custom_apps - - mountPath: /var/www/tmp - name: nextcloud-main - subPath: tmp - - mountPath: /var/www/html/themes - name: nextcloud-main - subPath: themes - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 - ; done - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_HOST - value: nextcloud-postgresql - image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 - imagePullPolicy: IfNotPresent - name: postgresql-isready - resources: {} - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 33 - terminationGracePeriodSeconds: 30 - volumes: - - name: nextcloud-main - persistentVolumeClaim: - claimName: nextcloud-nextcloud - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "0" - deployment.kubernetes.io/max-replicas: "0" - deployment.kubernetes.io/revision: "8" - meta.helm.sh/release-name: nextcloud - meta.helm.sh/release-namespace: nextcloud - creationTimestamp: "2025-09-10T16:37:56Z" - generation: 2 - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 74f4595559 - name: nextcloud-74f4595559 - namespace: nextcloud - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: nextcloud - uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 - resourceVersion: "14504722" - uid: d969aa34-cca2-4982-a37b-0da16808d5e5 - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 74f4595559 - template: - metadata: - annotations: - hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 - kubectl.kubernetes.io/restartedAt: "2025-08-25T15:46:47+02:00" - nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 - php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a - creationTimestamp: null - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 74f4595559 - spec: - containers: - - env: - - name: POSTGRES_HOST - value: nextcloud-postgresql - - name: POSTGRES_DB - value: nextcloud - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: db-password - name: nextcloud-db - - name: NEXTCLOUD_ADMIN_USER - valueFrom: - secretKeyRef: - key: nextcloud-username - name: nextcloud - - name: NEXTCLOUD_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: nextcloud-password - name: nextcloud - - name: NEXTCLOUD_TRUSTED_DOMAINS - value: 192.168.31.54 192.168.31.54:32080 nextcloud - - name: NEXTCLOUD_DATA_DIR - value: /var/www/html/data - image: nextcloud:31.0.8-apache - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: nextcloud - ports: - - containerPort: 80 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/www/ - name: nextcloud-main - subPath: root - - mountPath: /var/www/html - name: nextcloud-main - subPath: html - - mountPath: /var/www/html/data - name: nextcloud-main - subPath: data - - mountPath: /var/www/html/config - name: nextcloud-main - subPath: config - - mountPath: /var/www/html/custom_apps - name: nextcloud-main - subPath: custom_apps - - mountPath: /var/www/tmp - name: nextcloud-main - subPath: tmp - - mountPath: /var/www/html/themes - name: nextcloud-main - subPath: themes - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 - ; done - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_HOST - value: nextcloud-postgresql - image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 - imagePullPolicy: IfNotPresent - name: postgresql-isready - resources: {} - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 33 - terminationGracePeriodSeconds: 30 - volumes: - - name: nextcloud-main - persistentVolumeClaim: - claimName: nextcloud-nextcloud - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "1" - meta.helm.sh/release-name: nextcloud - meta.helm.sh/release-namespace: nextcloud - creationTimestamp: "2025-08-24T18:31:46Z" - generation: 2 - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 7578b97497 - name: nextcloud-7578b97497 - namespace: nextcloud - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: nextcloud - uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 - resourceVersion: "12466308" - uid: 52457b02-27b5-4323-8f31-219477335265 - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 7578b97497 - template: - metadata: - annotations: - hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 - nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 - php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a - creationTimestamp: null - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 7578b97497 - spec: - containers: - - env: - - name: POSTGRES_HOST - value: nextcloud-postgresql - - name: POSTGRES_DB - value: nextcloud - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: db-password - name: nextcloud-db - - name: NEXTCLOUD_ADMIN_USER - valueFrom: - secretKeyRef: - key: nextcloud-username - name: nextcloud - - name: NEXTCLOUD_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: nextcloud-password - name: nextcloud - - name: NEXTCLOUD_TRUSTED_DOMAINS - value: next.experlab.xyz - - name: NEXTCLOUD_DATA_DIR - value: /var/www/html/data - image: nextcloud:29.0.3-apache - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: next.experlab.xyz - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: nextcloud - ports: - - containerPort: 80 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: next.experlab.xyz - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/www/ - name: nextcloud-main - subPath: root - - mountPath: /var/www/html - name: nextcloud-main - subPath: html - - mountPath: /var/www/html/data - name: nextcloud-main - subPath: data - - mountPath: /var/www/html/config - name: nextcloud-main - subPath: config - - mountPath: /var/www/html/custom_apps - name: nextcloud-main - subPath: custom_apps - - mountPath: /var/www/tmp - name: nextcloud-main - subPath: tmp - - mountPath: /var/www/html/themes - name: nextcloud-main - subPath: themes - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 - ; done - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_HOST - value: nextcloud-postgresql - image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 - imagePullPolicy: IfNotPresent - name: postgresql-isready - resources: {} - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 33 - terminationGracePeriodSeconds: 30 - volumes: - - name: nextcloud-main - persistentVolumeClaim: - claimName: nextcloud-nextcloud - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "0" - deployment.kubernetes.io/max-replicas: "0" - deployment.kubernetes.io/revision: "9" - meta.helm.sh/release-name: nextcloud - meta.helm.sh/release-namespace: nextcloud - creationTimestamp: "2025-09-10T17:59:22Z" - generation: 2 - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 7b9b9f8c44 - name: nextcloud-7b9b9f8c44 - namespace: nextcloud - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: nextcloud - uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 - resourceVersion: "14506281" - uid: 35abc7c9-fd0a-4810-8804-6542d6c2a5c3 - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 7b9b9f8c44 - template: - metadata: - annotations: - hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 - kubectl.kubernetes.io/restartedAt: "2025-08-25T15:46:47+02:00" - nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 - php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a - creationTimestamp: null - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 7b9b9f8c44 - spec: - containers: - - env: - - name: POSTGRES_HOST - value: nextcloud-postgresql - - name: POSTGRES_DB - value: nextcloud - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: db-password - name: nextcloud-db - - name: NEXTCLOUD_ADMIN_USER - valueFrom: - secretKeyRef: - key: nextcloud-username - name: nextcloud - - name: NEXTCLOUD_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: nextcloud-password - name: nextcloud - - name: NEXTCLOUD_TRUSTED_DOMAINS - value: 192.168.31.54 192.168.31.54:32080 nextcloud - - name: NEXTCLOUD_DATA_DIR - value: /var/www/html/data - image: nextcloud:31.0.8-apache - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: nextcloud - ports: - - containerPort: 80 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/www/ - name: nextcloud-main - subPath: root - - mountPath: /var/www/html - name: nextcloud-main - subPath: html - - mountPath: /var/www/html/data - name: nextcloud-main - subPath: data - - mountPath: /var/www/html/config - name: nextcloud-main - subPath: config - - mountPath: /var/www/html/custom_apps - name: nextcloud-main - subPath: custom_apps - - mountPath: /var/www/tmp - name: nextcloud-main - subPath: tmp - - mountPath: /var/www/html/themes - name: nextcloud-main - subPath: themes - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 - ; done - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_HOST - value: nextcloud-postgresql - image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 - imagePullPolicy: IfNotPresent - name: postgresql-isready - resources: {} - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 33 - terminationGracePeriodSeconds: 30 - volumes: - - name: nextcloud-main - persistentVolumeClaim: - claimName: nextcloud-nextcloud-200gi - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "6" - meta.helm.sh/release-name: nextcloud - meta.helm.sh/release-namespace: nextcloud - creationTimestamp: "2025-09-10T16:31:19Z" - generation: 2 - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 8599f69d4c - name: nextcloud-8599f69d4c - namespace: nextcloud - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: nextcloud - uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 - resourceVersion: "14497617" - uid: 530f64a1-a1d0-4229-b9e4-448cf7f3a098 - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 8599f69d4c - template: - metadata: - annotations: - hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 - kubectl.kubernetes.io/restartedAt: "2025-08-25T15:46:47+02:00" - nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 - php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a - creationTimestamp: null - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 8599f69d4c - spec: - containers: - - env: - - name: POSTGRES_HOST - value: nextcloud-postgresql - - name: POSTGRES_DB - value: nextcloud - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: db-password - name: nextcloud-db - - name: NEXTCLOUD_ADMIN_USER - valueFrom: - secretKeyRef: - key: nextcloud-username - name: nextcloud - - name: NEXTCLOUD_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: nextcloud-password - name: nextcloud - - name: NEXTCLOUD_TRUSTED_DOMAINS - value: 192.168.31.54 192.168.31.54:32080 nextcloud - - name: NEXTCLOUD_DATA_DIR - value: /var/www/html/data - image: nextcloud:29.0.16-apache - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: nextcloud - ports: - - containerPort: 80 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/www/ - name: nextcloud-main - subPath: root - - mountPath: /var/www/html - name: nextcloud-main - subPath: html - - mountPath: /var/www/html/data - name: nextcloud-main - subPath: data - - mountPath: /var/www/html/config - name: nextcloud-main - subPath: config - - mountPath: /var/www/html/custom_apps - name: nextcloud-main - subPath: custom_apps - - mountPath: /var/www/tmp - name: nextcloud-main - subPath: tmp - - mountPath: /var/www/html/themes - name: nextcloud-main - subPath: themes - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 - ; done - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_HOST - value: nextcloud-postgresql - image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 - imagePullPolicy: IfNotPresent - name: postgresql-isready - resources: {} - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 33 - terminationGracePeriodSeconds: 30 - volumes: - - name: nextcloud-main - persistentVolumeClaim: - claimName: nextcloud-nextcloud - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "4" - meta.helm.sh/release-name: nextcloud - meta.helm.sh/release-namespace: nextcloud - creationTimestamp: "2025-08-25T13:43:20Z" - generation: 2 - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 998947f4 - name: nextcloud-998947f4 - namespace: nextcloud - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: nextcloud - uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 - resourceVersion: "12468278" - uid: 2cb3bed7-6e22-4971-abac-5ff290007fde - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 998947f4 - template: - metadata: - annotations: - hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 - kubectl.kubernetes.io/restartedAt: "2025-08-25T15:43:18+02:00" - nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 - php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a - creationTimestamp: null - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: 998947f4 - spec: - containers: - - env: - - name: POSTGRES_HOST - value: nextcloud-postgresql - - name: POSTGRES_DB - value: nextcloud - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: db-password - name: nextcloud-db - - name: NEXTCLOUD_ADMIN_USER - valueFrom: - secretKeyRef: - key: nextcloud-username - name: nextcloud - - name: NEXTCLOUD_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: nextcloud-password - name: nextcloud - - name: NEXTCLOUD_TRUSTED_DOMAINS - value: 192.168.31.54 192.168.31.54:32080 nextcloud - - name: NEXTCLOUD_DATA_DIR - value: /var/www/html/data - image: nextcloud:29.0.3-apache - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: nextcloud - ports: - - containerPort: 80 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/www/ - name: nextcloud-main - subPath: root - - mountPath: /var/www/html - name: nextcloud-main - subPath: html - - mountPath: /var/www/html/data - name: nextcloud-main - subPath: data - - mountPath: /var/www/html/config - name: nextcloud-main - subPath: config - - mountPath: /var/www/html/custom_apps - name: nextcloud-main - subPath: custom_apps - - mountPath: /var/www/tmp - name: nextcloud-main - subPath: tmp - - mountPath: /var/www/html/themes - name: nextcloud-main - subPath: themes - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 - ; done - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_HOST - value: nextcloud-postgresql - image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 - imagePullPolicy: IfNotPresent - name: postgresql-isready - resources: {} - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 33 - terminationGracePeriodSeconds: 30 - volumes: - - name: nextcloud-main - persistentVolumeClaim: - claimName: nextcloud-nextcloud - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "7" - meta.helm.sh/release-name: nextcloud - meta.helm.sh/release-namespace: nextcloud - creationTimestamp: "2025-09-10T16:34:04Z" - generation: 2 - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: b5bd46b6c - name: nextcloud-b5bd46b6c - namespace: nextcloud - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: nextcloud - uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 - resourceVersion: "14497993" - uid: 7f5ec051-bc26-4e3a-b029-12dc6f5482f9 - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: b5bd46b6c - template: - metadata: - annotations: - hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 - kubectl.kubernetes.io/restartedAt: "2025-08-25T15:46:47+02:00" - nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 - php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a - creationTimestamp: null - labels: - app.kubernetes.io/component: app - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/name: nextcloud - pod-template-hash: b5bd46b6c - spec: - containers: - - env: - - name: POSTGRES_HOST - value: nextcloud-postgresql - - name: POSTGRES_DB - value: nextcloud - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: db-password - name: nextcloud-db - - name: NEXTCLOUD_ADMIN_USER - valueFrom: - secretKeyRef: - key: nextcloud-username - name: nextcloud - - name: NEXTCLOUD_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: nextcloud-password - name: nextcloud - - name: NEXTCLOUD_TRUSTED_DOMAINS - value: 192.168.31.54 192.168.31.54:32080 nextcloud - - name: NEXTCLOUD_DATA_DIR - value: /var/www/html/data - image: nextcloud:30.0.14-apache - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: nextcloud - ports: - - containerPort: 80 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: - - name: Host - value: 192.168.31.54 - path: /status.php - port: 80 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/www/ - name: nextcloud-main - subPath: root - - mountPath: /var/www/html - name: nextcloud-main - subPath: html - - mountPath: /var/www/html/data - name: nextcloud-main - subPath: data - - mountPath: /var/www/html/config - name: nextcloud-main - subPath: config - - mountPath: /var/www/html/custom_apps - name: nextcloud-main - subPath: custom_apps - - mountPath: /var/www/tmp - name: nextcloud-main - subPath: tmp - - mountPath: /var/www/html/themes - name: nextcloud-main - subPath: themes - dnsPolicy: ClusterFirst - initContainers: - - command: - - sh - - -c - - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 - ; done - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - key: db-username - name: nextcloud-db - - name: POSTGRES_HOST - value: nextcloud-postgresql - image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 - imagePullPolicy: IfNotPresent - name: postgresql-isready - resources: {} - securityContext: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 33 - terminationGracePeriodSeconds: 30 - volumes: - - name: nextcloud-main - persistentVolumeClaim: - claimName: nextcloud-nextcloud - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: StatefulSet - metadata: - annotations: - meta.helm.sh/release-name: nextcloud - meta.helm.sh/release-namespace: nextcloud - creationTimestamp: "2025-08-24T18:31:46Z" - generation: 1 - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 17.5.0 - helm.sh/chart: postgresql-16.7.4 - name: nextcloud-postgresql - namespace: nextcloud - resourceVersion: "14723193" - uid: e648b386-1cd1-42db-8e16-6b383dd87d70 - spec: - persistentVolumeClaimRetentionPolicy: - whenDeleted: Retain - whenScaled: Retain - podManagementPolicy: OrderedReady - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-84vpf + readOnly: true + recursiveReadOnly: Disabled + phase: Running + podIP: 10.244.0.111 + podIPs: + - ip: 10.244.0.111 + qosClass: BestEffort + startTime: '2025-09-10T18:14:12Z' + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-08-24T18:31:46Z' + generateName: nextcloud-postgresql- + labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud + app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - serviceName: nextcloud-postgresql-hl - template: - metadata: - creationTimestamp: null - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: nextcloud - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 17.5.0 - helm.sh/chart: postgresql-16.7.4 - name: nextcloud-postgresql - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: + app.kubernetes.io/version: 17.5.0 + apps.kubernetes.io/pod-index: '0' + controller-revision-hash: nextcloud-postgresql-797775c5fb + helm.sh/chart: postgresql-16.7.4 + statefulset.kubernetes.io/pod-name: nextcloud-postgresql-0 + name: nextcloud-postgresql-0 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: StatefulSet + name: nextcloud-postgresql + uid: e648b386-1cd1-42db-8e16-6b383dd87d70 + resourceVersion: '20356554' + uid: daf6ad29-f5fe-4c42-8d83-b0d132889928 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchLabels: @@ -2895,50 +447,50 @@ items: app.kubernetes.io/name: postgresql topologyKey: kubernetes.io/hostname weight: 1 - automountServiceAccountToken: false - containers: + automountServiceAccountToken: false + containers: - env: - - name: BITNAMI_DEBUG - value: "false" - - name: POSTGRESQL_PORT_NUMBER - value: "5432" - - name: POSTGRESQL_VOLUME_DIR - value: /bitnami/postgresql - - name: PGDATA - value: /bitnami/postgresql/data - - name: POSTGRES_USER - value: nextcloud - - name: POSTGRES_PASSWORD_FILE - value: /opt/bitnami/postgresql/secrets/password - - name: POSTGRES_POSTGRES_PASSWORD_FILE - value: /opt/bitnami/postgresql/secrets/postgres-password - - name: POSTGRES_DATABASE - value: nextcloud - - name: POSTGRESQL_ENABLE_LDAP - value: "no" - - name: POSTGRESQL_ENABLE_TLS - value: "no" - - name: POSTGRESQL_LOG_HOSTNAME - value: "false" - - name: POSTGRESQL_LOG_CONNECTIONS - value: "false" - - name: POSTGRESQL_LOG_DISCONNECTIONS - value: "false" - - name: POSTGRESQL_PGAUDIT_LOG_CATALOG - value: "off" - - name: POSTGRESQL_CLIENT_MIN_MESSAGES - value: error - - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES - value: pgaudit + - name: BITNAMI_DEBUG + value: 'false' + - name: POSTGRESQL_PORT_NUMBER + value: '5432' + - name: POSTGRESQL_VOLUME_DIR + value: /bitnami/postgresql + - name: PGDATA + value: /bitnami/postgresql/data + - name: POSTGRES_USER + value: nextcloud + - name: POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/password + - name: POSTGRES_POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/postgres-password + - name: POSTGRES_DATABASE + value: nextcloud + - name: POSTGRESQL_ENABLE_LDAP + value: 'no' + - name: POSTGRESQL_ENABLE_TLS + value: 'no' + - name: POSTGRESQL_LOG_HOSTNAME + value: 'false' + - name: POSTGRESQL_LOG_CONNECTIONS + value: 'false' + - name: POSTGRESQL_LOG_DISCONNECTIONS + value: 'false' + - name: POSTGRESQL_PGAUDIT_LOG_CATALOG + value: 'off' + - name: POSTGRESQL_CLIENT_MIN_MESSAGES + value: error + - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES + value: pgaudit image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 imagePullPolicy: IfNotPresent livenessProbe: exec: command: - - /bin/sh - - -c - - exec pg_isready -U "nextcloud" -d "dbname=nextcloud" -h 127.0.0.1 - -p 5432 + - /bin/sh + - -c + - exec pg_isready -U "nextcloud" -d "dbname=nextcloud" -h 127.0.0.1 + -p 5432 failureThreshold: 6 initialDelaySeconds: 30 periodSeconds: 10 @@ -2946,18 +498,22 @@ items: timeoutSeconds: 5 name: postgresql ports: - - containerPort: 5432 - name: tcp-postgresql - protocol: TCP + - containerPort: 5432 + name: tcp-postgresql + protocol: TCP readinessProbe: exec: command: - - /bin/sh - - -c - - -e - - | - exec pg_isready -U "nextcloud" -d "dbname=nextcloud" -h 127.0.0.1 -p 5432 - [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] + - /bin/sh + - -c + - -e + - 'exec pg_isready -U "nextcloud" -d "dbname=nextcloud" -h 127.0.0.1 + -p 5432 + + [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized + ] + + ' failureThreshold: 6 initialDelaySeconds: 5 periodSeconds: 10 @@ -2976,7 +532,7 @@ items: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL privileged: false readOnlyRootFilesystem: true runAsGroup: 1001 @@ -2988,31 +544,46 @@ items: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /tmp - name: empty-dir - subPath: tmp-dir - - mountPath: /opt/bitnami/postgresql/conf - name: empty-dir - subPath: app-conf-dir - - mountPath: /opt/bitnami/postgresql/tmp - name: empty-dir - subPath: app-tmp-dir - - mountPath: /opt/bitnami/postgresql/secrets/ - name: postgresql-password - - mountPath: /dev/shm - name: dshm - - mountPath: /bitnami/postgresql - name: data - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: - fsGroup: 1001 - fsGroupChangePolicy: Always - serviceAccount: nextcloud-postgresql - serviceAccountName: nextcloud-postgresql - terminationGracePeriodSeconds: 30 - volumes: + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + subPath: app-conf-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + subPath: app-tmp-dir + - mountPath: /opt/bitnami/postgresql/secrets/ + name: postgresql-password + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + dnsPolicy: ClusterFirst + enableServiceLinks: true + hostname: nextcloud-postgresql-0 + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: nextcloud-postgresql + serviceAccountName: nextcloud-postgresql + subdomain: nextcloud-postgresql-hl + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: - emptyDir: {} name: empty-dir - name: postgresql-password @@ -3024,20 +595,2461 @@ items: name: dshm - emptyDir: {} name: data - updateStrategy: - rollingUpdate: - partition: 0 - type: RollingUpdate - status: - availableReplicas: 1 - collisionCount: 0 - currentReplicas: 1 - currentRevision: nextcloud-postgresql-797775c5fb - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 - updateRevision: nextcloud-postgresql-797775c5fb - updatedReplicas: 1 + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T18:31:48Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-08-24T18:31:46Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-09-12T11:29:31Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-09-12T11:29:31Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-08-24T18:31:46Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://f8e95b50afee2a0ac1e6eb497d3b63a17b2da613265284fa8f8f79c2a462fb0b + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imageID: docker.io/bitnami/postgresql@sha256:5cf757a084469da93ca39a294c9ec7c1aaf2d2a5f728001676ece1a9607fa57f + lastState: + terminated: + containerID: containerd://4390cfa5d9bc3faebd41e1394b9e9fcae4c7be44218b44e76b88a2716850a5ff + exitCode: 137 + finishedAt: '2025-09-12T11:29:19Z' + reason: OOMKilled + startedAt: '2025-09-10T20:46:24Z' + name: postgresql + ready: true + restartCount: 3 + started: true + state: + running: + startedAt: '2025-09-12T11:29:20Z' + volumeMounts: + - mountPath: /tmp + name: empty-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + - mountPath: /opt/bitnami/postgresql/secrets/ + name: postgresql-password + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.52 + podIPs: + - ip: 10.244.0.52 + qosClass: Burstable + startTime: '2025-08-24T18:31:46Z' + - apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"elasticsearch","namespace":"nextcloud"},"spec":{"ports":[{"port":9200,"targetPort":9200}],"selector":{"app":"elasticsearch"}}} + + ' + creationTimestamp: '2025-08-25T18:32:31Z' + name: elasticsearch + namespace: nextcloud + resourceVersion: '12502038' + uid: ac66f0f0-787a-40a8-b574-e9856421eaeb + spec: + clusterIP: 10.104.186.33 + clusterIPs: + - 10.104.186.33 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - port: 9200 + protocol: TCP + targetPort: 9200 + selector: + app: elasticsearch + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: '2025-08-24T18:31:46Z' + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nextcloud + app.kubernetes.io/version: 31.0.8 + helm.sh/chart: nextcloud-7.0.2 + name: nextcloud + namespace: nextcloud + resourceVersion: '12365787' + uid: 12fce161-edc8-42ef-a5a3-ff0ef6470098 + spec: + clusterIP: 10.105.83.190 + clusterIPs: + - 10.105.83.190 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + nodePort: 32080 + port: 80 + protocol: TCP + targetPort: 80 + selector: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: '2025-08-24T18:31:46Z' + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.5.0 + helm.sh/chart: postgresql-16.7.4 + name: nextcloud-postgresql + namespace: nextcloud + resourceVersion: '12365780' + uid: cdc36770-a3be-4d6b-ac0e-a3ca646fe619 + spec: + clusterIP: 10.107.224.100 + clusterIPs: + - 10.107.224.100 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-postgresql + port: 5432 + protocol: TCP + targetPort: tcp-postgresql + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: postgresql + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: '2025-08-24T18:31:46Z' + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.5.0 + helm.sh/chart: postgresql-16.7.4 + name: nextcloud-postgresql-hl + namespace: nextcloud + resourceVersion: '12365777' + uid: 52f65006-c02e-4913-8fb6-07f49128b08a + spec: + clusterIP: None + clusterIPs: + - None + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-postgresql + port: 5432 + protocol: TCP + targetPort: tcp-postgresql + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: postgresql + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '1' + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"elasticsearch","namespace":"nextcloud"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"elasticsearch"}},"template":{"metadata":{"labels":{"app":"elasticsearch"}},"spec":{"containers":[{"env":[{"name":"discovery.type","value":"single-node"},{"name":"xpack.security.enabled","value":"false"},{"name":"ES_JAVA_OPTS","value":"-Xms512m + -Xmx512m"}],"image":"docker.elastic.co/elasticsearch/elasticsearch:8.6.1","name":"elasticsearch","ports":[{"containerPort":9200}],"volumeMounts":[{"mountPath":"/usr/share/elasticsearch/data","name":"data"}]}],"volumes":[{"emptyDir":{},"name":"data"}]}}}} + + ' + creationTimestamp: '2025-08-25T19:58:43Z' + generation: 1 + name: elasticsearch + namespace: nextcloud + resourceVersion: '12502083' + uid: 28d17310-00fa-4cca-8fd8-8b6bf6361915 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: elasticsearch + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: elasticsearch + spec: + containers: + - env: + - name: discovery.type + value: single-node + - name: xpack.security.enabled + value: 'false' + - name: ES_JAVA_OPTS + value: -Xms512m -Xmx512m + image: docker.elastic.co/elasticsearch/elasticsearch:8.6.1 + imagePullPolicy: IfNotPresent + name: elasticsearch + ports: + - containerPort: 9200 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/share/elasticsearch/data + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: data + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-08-25T19:59:08Z' + lastUpdateTime: '2025-08-25T19:59:08Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + - lastTransitionTime: '2025-08-25T19:58:43Z' + lastUpdateTime: '2025-08-25T19:59:08Z' + message: ReplicaSet "elasticsearch-6b8cd75846" has successfully progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '10' + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: '2025-08-24T18:31:46Z' + generation: 14 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nextcloud + app.kubernetes.io/version: 31.0.8 + helm.sh/chart: nextcloud-7.0.2 + name: nextcloud + namespace: nextcloud + resourceVersion: '14520176' + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + strategy: + type: Recreate + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: '2025-08-25T15:46:47+02:00' + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:31.0.8-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep + 2 ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud-media + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-08-24T18:31:46Z' + lastUpdateTime: '2025-09-10T18:14:24Z' + message: ReplicaSet "nextcloud-579d6957cd" has successfully progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + - lastTransitionTime: '2025-09-10T20:47:08Z' + lastUpdateTime: '2025-09-10T20:47:08Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + observedGeneration: 14 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '1' + creationTimestamp: '2025-08-25T19:58:43Z' + generation: 1 + labels: + app: elasticsearch + pod-template-hash: 6b8cd75846 + name: elasticsearch-6b8cd75846 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: elasticsearch + uid: 28d17310-00fa-4cca-8fd8-8b6bf6361915 + resourceVersion: '12502082' + uid: 5f730c22-0c63-4cb7-81a7-a4eeea5189a0 + spec: + replicas: 1 + selector: + matchLabels: + app: elasticsearch + pod-template-hash: 6b8cd75846 + template: + metadata: + creationTimestamp: null + labels: + app: elasticsearch + pod-template-hash: 6b8cd75846 + spec: + containers: + - env: + - name: discovery.type + value: single-node + - name: xpack.security.enabled + value: 'false' + - name: ES_JAVA_OPTS + value: -Xms512m -Xmx512m + image: docker.elastic.co/elasticsearch/elasticsearch:8.6.1 + imagePullPolicy: IfNotPresent + name: elasticsearch + ports: + - containerPort: 9200 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/share/elasticsearch/data + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: data + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '3' + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: '2025-08-25T13:34:57Z' + generation: 2 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 55d9785497 + name: nextcloud-55d9785497 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: '12467934' + uid: 934925dd-e1e1-43d4-9f05-666f3d01e643 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 55d9785497 + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 55d9785497 + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:29.0.3-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep + 2 ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '10' + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: '2025-09-10T18:14:12Z' + generation: 1 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 579d6957cd + name: nextcloud-579d6957cd + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: '14520175' + uid: 3f1c61ec-f722-48ee-93fb-c8e97dd37303 + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 579d6957cd + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: '2025-08-25T15:46:47+02:00' + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 579d6957cd + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:31.0.8-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep + 2 ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud-media + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '5' + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: '2025-08-25T13:46:49Z' + generation: 4 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 6c47bbdc9 + name: nextcloud-6c47bbdc9 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: '14497334' + uid: d13cc326-d8f5-410f-b245-6370203d8c0f + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 6c47bbdc9 + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: '2025-08-25T15:46:47+02:00' + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 6c47bbdc9 + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:29.0.3-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep + 2 ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud + status: + observedGeneration: 4 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '2' + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: '2025-08-25T13:28:33Z' + generation: 2 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 6dc4d48f86 + name: nextcloud-6dc4d48f86 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: '12466964' + uid: f1c26a26-e346-4d1d-bbc4-421e4ca37ecb + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 6dc4d48f86 + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 6dc4d48f86 + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: next.experlab.xyz nextcloud 192.168.31.54 192.168.31.54:32080 + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:29.0.3-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: next.experlab.xyz + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: next.experlab.xyz + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep + 2 ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '0' + deployment.kubernetes.io/max-replicas: '0' + deployment.kubernetes.io/revision: '8' + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: '2025-09-10T16:37:56Z' + generation: 2 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 74f4595559 + name: nextcloud-74f4595559 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: '14504722' + uid: d969aa34-cca2-4982-a37b-0da16808d5e5 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 74f4595559 + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: '2025-08-25T15:46:47+02:00' + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 74f4595559 + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:31.0.8-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep + 2 ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '1' + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: '2025-08-24T18:31:46Z' + generation: 2 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 7578b97497 + name: nextcloud-7578b97497 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: '12466308' + uid: 52457b02-27b5-4323-8f31-219477335265 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 7578b97497 + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 7578b97497 + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: next.experlab.xyz + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:29.0.3-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: next.experlab.xyz + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: next.experlab.xyz + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep + 2 ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '0' + deployment.kubernetes.io/max-replicas: '0' + deployment.kubernetes.io/revision: '9' + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: '2025-09-10T17:59:22Z' + generation: 2 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 7b9b9f8c44 + name: nextcloud-7b9b9f8c44 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: '14506281' + uid: 35abc7c9-fd0a-4810-8804-6542d6c2a5c3 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 7b9b9f8c44 + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: '2025-08-25T15:46:47+02:00' + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 7b9b9f8c44 + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:31.0.8-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep + 2 ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud-200gi + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '6' + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: '2025-09-10T16:31:19Z' + generation: 2 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 8599f69d4c + name: nextcloud-8599f69d4c + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: '14497617' + uid: 530f64a1-a1d0-4229-b9e4-448cf7f3a098 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 8599f69d4c + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: '2025-08-25T15:46:47+02:00' + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 8599f69d4c + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:29.0.16-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep + 2 ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '4' + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: '2025-08-25T13:43:20Z' + generation: 2 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 998947f4 + name: nextcloud-998947f4 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: '12468278' + uid: 2cb3bed7-6e22-4971-abac-5ff290007fde + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 998947f4 + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: '2025-08-25T15:43:18+02:00' + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 998947f4 + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:29.0.3-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep + 2 ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '7' + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: '2025-09-10T16:34:04Z' + generation: 2 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: b5bd46b6c + name: nextcloud-b5bd46b6c + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: '14497993' + uid: 7f5ec051-bc26-4e3a-b029-12dc6f5482f9 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: b5bd46b6c + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: '2025-08-25T15:46:47+02:00' + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: b5bd46b6c + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:30.0.14-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep + 2 ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: StatefulSet + metadata: + annotations: + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: '2025-08-24T18:31:46Z' + generation: 1 + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.5.0 + helm.sh/chart: postgresql-16.7.4 + name: nextcloud-postgresql + namespace: nextcloud + resourceVersion: '14723193' + uid: e648b386-1cd1-42db-8e16-6b383dd87d70 + spec: + persistentVolumeClaimRetentionPolicy: + whenDeleted: Retain + whenScaled: Retain + podManagementPolicy: OrderedReady + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: postgresql + serviceName: nextcloud-postgresql-hl + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.5.0 + helm.sh/chart: postgresql-16.7.4 + name: nextcloud-postgresql + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: postgresql + topologyKey: kubernetes.io/hostname + weight: 1 + automountServiceAccountToken: false + containers: + - env: + - name: BITNAMI_DEBUG + value: 'false' + - name: POSTGRESQL_PORT_NUMBER + value: '5432' + - name: POSTGRESQL_VOLUME_DIR + value: /bitnami/postgresql + - name: PGDATA + value: /bitnami/postgresql/data + - name: POSTGRES_USER + value: nextcloud + - name: POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/password + - name: POSTGRES_POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/postgres-password + - name: POSTGRES_DATABASE + value: nextcloud + - name: POSTGRESQL_ENABLE_LDAP + value: 'no' + - name: POSTGRESQL_ENABLE_TLS + value: 'no' + - name: POSTGRESQL_LOG_HOSTNAME + value: 'false' + - name: POSTGRESQL_LOG_CONNECTIONS + value: 'false' + - name: POSTGRESQL_LOG_DISCONNECTIONS + value: 'false' + - name: POSTGRESQL_PGAUDIT_LOG_CATALOG + value: 'off' + - name: POSTGRESQL_CLIENT_MIN_MESSAGES + value: error + - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES + value: pgaudit + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - /bin/sh + - -c + - exec pg_isready -U "nextcloud" -d "dbname=nextcloud" -h 127.0.0.1 + -p 5432 + failureThreshold: 6 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: postgresql + ports: + - containerPort: 5432 + name: tcp-postgresql + protocol: TCP + readinessProbe: + exec: + command: + - /bin/sh + - -c + - -e + - 'exec pg_isready -U "nextcloud" -d "dbname=nextcloud" -h 127.0.0.1 + -p 5432 + + [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized + ] + + ' + failureThreshold: 6 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: + cpu: 150m + ephemeral-storage: 2Gi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + subPath: app-conf-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + subPath: app-tmp-dir + - mountPath: /opt/bitnami/postgresql/secrets/ + name: postgresql-password + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: nextcloud-postgresql + serviceAccountName: nextcloud-postgresql + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: empty-dir + - name: postgresql-password + secret: + defaultMode: 420 + secretName: nextcloud-postgresql + - emptyDir: + medium: Memory + name: dshm + - emptyDir: {} + name: data + updateStrategy: + rollingUpdate: + partition: 0 + type: RollingUpdate + status: + availableReplicas: 1 + collisionCount: 0 + currentReplicas: 1 + currentRevision: nextcloud-postgresql-797775c5fb + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updateRevision: nextcloud-postgresql-797775c5fb + updatedReplicas: 1 kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/nginx-demo/all.yaml b/manifests/nginx-demo/all.yaml index f49a460..8106cda 100644 --- a/manifests/nginx-demo/all.yaml +++ b/manifests/nginx-demo/all.yaml @@ -1,284 +1,285 @@ apiVersion: v1 items: -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-10-27T21:31:07Z" - generateName: nginx-demo-6748f5c784- - labels: - app: nginx-demo - pod-template-hash: 6748f5c784 - name: nginx-demo-6748f5c784-g8kfj - namespace: nginx-demo - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: nginx-demo-6748f5c784 - uid: 64b36a88-a697-458f-94eb-a91e7b474cf0 - resourceVersion: "20408523" - uid: 30e71238-2d23-456f-9f72-f63b4a447a5e - spec: - containers: - - image: nginx:1.27 - imagePullPolicy: IfNotPresent - name: nginx - ports: - - containerPort: 80 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-d852g - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: kube-api-access-d852g - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:31:14Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:31:07Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:31:14Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:31:14Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-10-27T21:31:07Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://b263caf1cf71726aa91ca0908467be294db4248957f98ecbbc769b29d2bf3207 - image: docker.io/library/nginx:1.27 - imageID: docker.io/library/nginx@sha256:6784fb0834aa7dbbe12e3d7471e69c290df3e6ba810dc38b34ae33d3c1c05f7d - lastState: {} - name: nginx - ready: true - restartCount: 0 - started: true - state: - running: - startedAt: "2025-10-27T21:31:13Z" - volumeMounts: - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-d852g - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.153 - podIPs: - - ip: 10.244.0.153 - qosClass: BestEffort - startTime: "2025-10-27T21:31:07Z" -- apiVersion: v1 - kind: Service - metadata: - annotations: - argocd.argoproj.io/tracking-id: nginx-demo:/Service:nginx-demo/nginx-demo - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{"argocd.argoproj.io/tracking-id":"nginx-demo:/Service:nginx-demo/nginx-demo"},"name":"nginx-demo","namespace":"nginx-demo"},"spec":{"ports":[{"port":80,"targetPort":80}],"selector":{"app":"nginx-demo"}}} - creationTimestamp: "2025-10-27T21:31:07Z" - name: nginx-demo - namespace: nginx-demo - resourceVersion: "20408487" - uid: 3e502593-4bc3-48ce-a06b-438561b21440 - spec: - clusterIP: 10.97.52.37 - clusterIPs: - - 10.97.52.37 - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - port: 80 - protocol: TCP - targetPort: 80 - selector: - app: nginx-demo - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - argocd-image-updater.argoproj.io/image-list: nginx=nginx - argocd-image-updater.argoproj.io/nginx.update-strategy: latest - argocd.argoproj.io/tracking-id: nginx-demo:apps/Deployment:nginx-demo/nginx-demo - deployment.kubernetes.io/revision: "1" - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{"argocd-image-updater.argoproj.io/image-list":"nginx=nginx","argocd-image-updater.argoproj.io/nginx.update-strategy":"latest","argocd.argoproj.io/tracking-id":"nginx-demo:apps/Deployment:nginx-demo/nginx-demo"},"name":"nginx-demo","namespace":"nginx-demo"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"nginx-demo"}},"template":{"metadata":{"labels":{"app":"nginx-demo"}},"spec":{"containers":[{"image":"nginx:1.27","name":"nginx","ports":[{"containerPort":80}]}]}}}} - creationTimestamp: "2025-10-27T21:31:07Z" - generation: 1 - name: nginx-demo - namespace: nginx-demo - resourceVersion: "20408527" - uid: b66cfbb3-d63c-4ec6-bd97-c74887e4f0ef - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app: nginx-demo - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - creationTimestamp: null - labels: - app: nginx-demo - spec: - containers: - - image: nginx:1.27 - imagePullPolicy: IfNotPresent - name: nginx - ports: - - containerPort: 80 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-10-27T21:31:14Z" - lastUpdateTime: "2025-10-27T21:31:14Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - - lastTransitionTime: "2025-10-27T21:31:07Z" - lastUpdateTime: "2025-10-27T21:31:14Z" - message: ReplicaSet "nginx-demo-6748f5c784" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - argocd-image-updater.argoproj.io/image-list: nginx=nginx - argocd-image-updater.argoproj.io/nginx.update-strategy: latest - argocd.argoproj.io/tracking-id: nginx-demo:apps/Deployment:nginx-demo/nginx-demo - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "1" - creationTimestamp: "2025-10-27T21:31:07Z" - generation: 1 - labels: - app: nginx-demo - pod-template-hash: 6748f5c784 - name: nginx-demo-6748f5c784 - namespace: nginx-demo - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: nginx-demo - uid: b66cfbb3-d63c-4ec6-bd97-c74887e4f0ef - resourceVersion: "20408526" - uid: 64b36a88-a697-458f-94eb-a91e7b474cf0 - spec: - replicas: 1 - selector: - matchLabels: + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-10-27T21:31:07Z' + generateName: nginx-demo-6748f5c784- + labels: app: nginx-demo pod-template-hash: 6748f5c784 - template: - metadata: - creationTimestamp: null - labels: - app: nginx-demo - pod-template-hash: 6748f5c784 - spec: - containers: + name: nginx-demo-6748f5c784-g8kfj + namespace: nginx-demo + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: nginx-demo-6748f5c784 + uid: 64b36a88-a697-458f-94eb-a91e7b474cf0 + resourceVersion: '20408523' + uid: 30e71238-2d23-456f-9f72-f63b4a447a5e + spec: + containers: - image: nginx:1.27 imagePullPolicy: IfNotPresent name: nginx ports: - - containerPort: 80 - protocol: TCP + - containerPort: 80 + protocol: TCP resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-d852g + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: kube-api-access-d852g + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:31:14Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:31:07Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:31:14Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:31:14Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-10-27T21:31:07Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://b263caf1cf71726aa91ca0908467be294db4248957f98ecbbc769b29d2bf3207 + image: docker.io/library/nginx:1.27 + imageID: docker.io/library/nginx@sha256:6784fb0834aa7dbbe12e3d7471e69c290df3e6ba810dc38b34ae33d3c1c05f7d + lastState: {} + name: nginx + ready: true + restartCount: 0 + started: true + state: + running: + startedAt: '2025-10-27T21:31:13Z' + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-d852g + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.153 + podIPs: + - ip: 10.244.0.153 + qosClass: BestEffort + startTime: '2025-10-27T21:31:07Z' + - apiVersion: v1 + kind: Service + metadata: + annotations: + argocd.argoproj.io/tracking-id: nginx-demo:/Service:nginx-demo/nginx-demo + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{"argocd.argoproj.io/tracking-id":"nginx-demo:/Service:nginx-demo/nginx-demo"},"name":"nginx-demo","namespace":"nginx-demo"},"spec":{"ports":[{"port":80,"targetPort":80}],"selector":{"app":"nginx-demo"}}} + + ' + creationTimestamp: '2025-10-27T21:31:07Z' + name: nginx-demo + namespace: nginx-demo + resourceVersion: '20408487' + uid: 3e502593-4bc3-48ce-a06b-438561b21440 + spec: + clusterIP: 10.97.52.37 + clusterIPs: + - 10.97.52.37 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - port: 80 + protocol: TCP + targetPort: 80 + selector: + app: nginx-demo + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + argocd-image-updater.argoproj.io/image-list: nginx=nginx + argocd-image-updater.argoproj.io/nginx.update-strategy: latest + argocd.argoproj.io/tracking-id: nginx-demo:apps/Deployment:nginx-demo/nginx-demo + deployment.kubernetes.io/revision: '1' + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{"argocd-image-updater.argoproj.io/image-list":"nginx=nginx","argocd-image-updater.argoproj.io/nginx.update-strategy":"latest","argocd.argoproj.io/tracking-id":"nginx-demo:apps/Deployment:nginx-demo/nginx-demo"},"name":"nginx-demo","namespace":"nginx-demo"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"nginx-demo"}},"template":{"metadata":{"labels":{"app":"nginx-demo"}},"spec":{"containers":[{"image":"nginx:1.27","name":"nginx","ports":[{"containerPort":80}]}]}}}} + + ' + creationTimestamp: '2025-10-27T21:31:07Z' + generation: 1 + name: nginx-demo + namespace: nginx-demo + resourceVersion: '20408527' + uid: b66cfbb3-d63c-4ec6-bd97-c74887e4f0ef + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: nginx-demo + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: nginx-demo + spec: + containers: + - image: nginx:1.27 + imagePullPolicy: IfNotPresent + name: nginx + ports: + - containerPort: 80 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-10-27T21:31:14Z' + lastUpdateTime: '2025-10-27T21:31:14Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + - lastTransitionTime: '2025-10-27T21:31:07Z' + lastUpdateTime: '2025-10-27T21:31:14Z' + message: ReplicaSet "nginx-demo-6748f5c784" has successfully progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + argocd-image-updater.argoproj.io/image-list: nginx=nginx + argocd-image-updater.argoproj.io/nginx.update-strategy: latest + argocd.argoproj.io/tracking-id: nginx-demo:apps/Deployment:nginx-demo/nginx-demo + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '1' + creationTimestamp: '2025-10-27T21:31:07Z' + generation: 1 + labels: + app: nginx-demo + pod-template-hash: 6748f5c784 + name: nginx-demo-6748f5c784 + namespace: nginx-demo + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nginx-demo + uid: b66cfbb3-d63c-4ec6-bd97-c74887e4f0ef + resourceVersion: '20408526' + uid: 64b36a88-a697-458f-94eb-a91e7b474cf0 + spec: + replicas: 1 + selector: + matchLabels: + app: nginx-demo + pod-template-hash: 6748f5c784 + template: + metadata: + creationTimestamp: null + labels: + app: nginx-demo + pod-template-hash: 6748f5c784 + spec: + containers: + - image: nginx:1.27 + imagePullPolicy: IfNotPresent + name: nginx + ports: + - containerPort: 80 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/nginx-demo/deployment.yaml b/manifests/nginx-demo/deployment.yaml index 4746545..a148b71 100644 --- a/manifests/nginx-demo/deployment.yaml +++ b/manifests/nginx-demo/deployment.yaml @@ -3,7 +3,6 @@ kind: Deployment metadata: name: nginx-demo annotations: - # 👇 These lines tell Argo CD Image Updater what to watch and how to update argocd-image-updater.argoproj.io/image-list: nginx=nginx argocd-image-updater.argoproj.io/nginx.update-strategy: latest spec: @@ -17,7 +16,7 @@ spec: app: nginx-demo spec: containers: - - name: nginx - image: nginx:1.27 - ports: - - containerPort: 80 + - name: nginx + image: nginx:1.27 + ports: + - containerPort: 80 diff --git a/manifests/nginx-demo/service.yaml b/manifests/nginx-demo/service.yaml index 3d4958c..262f708 100644 --- a/manifests/nginx-demo/service.yaml +++ b/manifests/nginx-demo/service.yaml @@ -6,5 +6,5 @@ spec: selector: app: nginx-demo ports: - - port: 80 - targetPort: 80 + - port: 80 + targetPort: 80 diff --git a/manifests/opensearch/all.yaml b/manifests/opensearch/all.yaml index ded9522..55012f4 100644 --- a/manifests/opensearch/all.yaml +++ b/manifests/opensearch/all.yaml @@ -1,5 +1,4 @@ apiVersion: v1 items: [] kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/osdfir/all.yaml b/manifests/osdfir/all.yaml index ded9522..55012f4 100644 --- a/manifests/osdfir/all.yaml +++ b/manifests/osdfir/all.yaml @@ -1,5 +1,4 @@ apiVersion: v1 items: [] kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/registry/all.yaml b/manifests/registry/all.yaml index 019eda1..cbc31d0 100644 --- a/manifests/registry/all.yaml +++ b/manifests/registry/all.yaml @@ -1,303 +1,304 @@ apiVersion: v1 items: -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-05-14T10:34:08Z" - generateName: registry-6b4d69c6d4- - labels: - app: registry - pod-template-hash: 6b4d69c6d4 - name: registry-6b4d69c6d4-z8c8s - namespace: registry - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: registry-6b4d69c6d4 - uid: 62a3ac29-be85-4b16-8396-416dcadb94ad - resourceVersion: "20356625" - uid: 457d674b-2137-469c-b738-f29b103f9e9a - spec: - containers: - - image: registry:2 - imagePullPolicy: IfNotPresent - name: registry - ports: - - containerPort: 5000 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/lib/registry - name: registry-storage - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-wt7wr - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - emptyDir: {} - name: registry-storage - - name: kube-api-access-wt7wr - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:07Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-05-14T10:34:08Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:07Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:07Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-05-14T10:34:08Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://b7bf5c27c57a87976824cf4acbb9ace00df86fcafb283e4829fb10dbd58c8903 - image: docker.io/library/registry:2 - imageID: docker.io/library/registry@sha256:a3d8aaa63ed8681a604f1dea0aa03f100d5895b6a58ace528858a7b332415373 - lastState: - terminated: - containerID: containerd://19cb806bcb7454c1c1ffb1de17f481fd5c0cf8d500b413c07076572b090e7141 - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:39Z" - name: registry - ready: true - restartCount: 7 - started: true - state: - running: - startedAt: "2025-08-24T01:02:07Z" - volumeMounts: - - mountPath: /var/lib/registry - name: registry-storage - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-wt7wr - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.43 - podIPs: - - ip: 10.244.0.43 - qosClass: BestEffort - startTime: "2025-05-14T10:34:08Z" -- apiVersion: v1 - kind: Service - metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"registry","namespace":"registry"},"spec":{"ports":[{"port":5000,"targetPort":5000}],"selector":{"app":"registry"},"type":"ClusterIP"}} - creationTimestamp: "2025-05-14T10:34:08Z" - name: registry - namespace: registry - resourceVersion: "1974083" - uid: ca00b8f1-81c1-4cdb-b05e-e1fe130f6e28 - spec: - clusterIP: 10.97.245.197 - clusterIPs: - - 10.97.245.197 - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - nodePort: 30471 - port: 5000 - protocol: TCP - targetPort: 5000 - selector: - app: registry - sessionAffinity: None - type: NodePort - status: - loadBalancer: {} -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "1" - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"registry","namespace":"registry"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"registry"}},"template":{"metadata":{"labels":{"app":"registry"}},"spec":{"containers":[{"image":"registry:2","name":"registry","ports":[{"containerPort":5000}],"volumeMounts":[{"mountPath":"/var/lib/registry","name":"registry-storage"}]}],"volumes":[{"emptyDir":{},"name":"registry-storage"}]}}}} - creationTimestamp: "2025-05-14T10:34:08Z" - generation: 3 - name: registry - namespace: registry - resourceVersion: "6373430" - uid: 4dbb6e6b-41b4-4f8d-955e-8c8e0e6a1c73 - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app: registry - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - creationTimestamp: null - labels: - app: registry - spec: - containers: - - image: registry:2 - imagePullPolicy: IfNotPresent - name: registry - ports: - - containerPort: 5000 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/lib/registry - name: registry-storage - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: registry-storage - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-05-14T10:34:08Z" - lastUpdateTime: "2025-05-14T10:34:12Z" - message: ReplicaSet "registry-6b4d69c6d4" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - - lastTransitionTime: "2025-06-17T12:39:28Z" - lastUpdateTime: "2025-06-17T12:39:28Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - observedGeneration: 3 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "1" - creationTimestamp: "2025-05-14T10:34:08Z" - generation: 3 - labels: - app: registry - pod-template-hash: 6b4d69c6d4 - name: registry-6b4d69c6d4 - namespace: registry - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: registry - uid: 4dbb6e6b-41b4-4f8d-955e-8c8e0e6a1c73 - resourceVersion: "6373428" - uid: 62a3ac29-be85-4b16-8396-416dcadb94ad - spec: - replicas: 1 - selector: - matchLabels: + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-05-14T10:34:08Z' + generateName: registry-6b4d69c6d4- + labels: app: registry pod-template-hash: 6b4d69c6d4 - template: - metadata: - creationTimestamp: null - labels: - app: registry - pod-template-hash: 6b4d69c6d4 - spec: - containers: + name: registry-6b4d69c6d4-z8c8s + namespace: registry + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: registry-6b4d69c6d4 + uid: 62a3ac29-be85-4b16-8396-416dcadb94ad + resourceVersion: '20356625' + uid: 457d674b-2137-469c-b738-f29b103f9e9a + spec: + containers: - image: registry:2 imagePullPolicy: IfNotPresent name: registry ports: - - containerPort: 5000 - protocol: TCP + - containerPort: 5000 + protocol: TCP resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /var/lib/registry - name: registry-storage - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: + - mountPath: /var/lib/registry + name: registry-storage + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-wt7wr + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: - emptyDir: {} name: registry-storage - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 3 - readyReplicas: 1 - replicas: 1 + - name: kube-api-access-wt7wr + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:07Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-05-14T10:34:08Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:07Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:07Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-05-14T10:34:08Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://b7bf5c27c57a87976824cf4acbb9ace00df86fcafb283e4829fb10dbd58c8903 + image: docker.io/library/registry:2 + imageID: docker.io/library/registry@sha256:a3d8aaa63ed8681a604f1dea0aa03f100d5895b6a58ace528858a7b332415373 + lastState: + terminated: + containerID: containerd://19cb806bcb7454c1c1ffb1de17f481fd5c0cf8d500b413c07076572b090e7141 + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:39Z' + name: registry + ready: true + restartCount: 7 + started: true + state: + running: + startedAt: '2025-08-24T01:02:07Z' + volumeMounts: + - mountPath: /var/lib/registry + name: registry-storage + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-wt7wr + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.43 + podIPs: + - ip: 10.244.0.43 + qosClass: BestEffort + startTime: '2025-05-14T10:34:08Z' + - apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"registry","namespace":"registry"},"spec":{"ports":[{"port":5000,"targetPort":5000}],"selector":{"app":"registry"},"type":"ClusterIP"}} + + ' + creationTimestamp: '2025-05-14T10:34:08Z' + name: registry + namespace: registry + resourceVersion: '1974083' + uid: ca00b8f1-81c1-4cdb-b05e-e1fe130f6e28 + spec: + clusterIP: 10.97.245.197 + clusterIPs: + - 10.97.245.197 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - nodePort: 30471 + port: 5000 + protocol: TCP + targetPort: 5000 + selector: + app: registry + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '1' + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"registry","namespace":"registry"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"registry"}},"template":{"metadata":{"labels":{"app":"registry"}},"spec":{"containers":[{"image":"registry:2","name":"registry","ports":[{"containerPort":5000}],"volumeMounts":[{"mountPath":"/var/lib/registry","name":"registry-storage"}]}],"volumes":[{"emptyDir":{},"name":"registry-storage"}]}}}} + + ' + creationTimestamp: '2025-05-14T10:34:08Z' + generation: 3 + name: registry + namespace: registry + resourceVersion: '6373430' + uid: 4dbb6e6b-41b4-4f8d-955e-8c8e0e6a1c73 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: registry + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: registry + spec: + containers: + - image: registry:2 + imagePullPolicy: IfNotPresent + name: registry + ports: + - containerPort: 5000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/lib/registry + name: registry-storage + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: registry-storage + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-05-14T10:34:08Z' + lastUpdateTime: '2025-05-14T10:34:12Z' + message: ReplicaSet "registry-6b4d69c6d4" has successfully progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + - lastTransitionTime: '2025-06-17T12:39:28Z' + lastUpdateTime: '2025-06-17T12:39:28Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + observedGeneration: 3 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '1' + creationTimestamp: '2025-05-14T10:34:08Z' + generation: 3 + labels: + app: registry + pod-template-hash: 6b4d69c6d4 + name: registry-6b4d69c6d4 + namespace: registry + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: registry + uid: 4dbb6e6b-41b4-4f8d-955e-8c8e0e6a1c73 + resourceVersion: '6373428' + uid: 62a3ac29-be85-4b16-8396-416dcadb94ad + spec: + replicas: 1 + selector: + matchLabels: + app: registry + pod-template-hash: 6b4d69c6d4 + template: + metadata: + creationTimestamp: null + labels: + app: registry + pod-template-hash: 6b4d69c6d4 + spec: + containers: + - image: registry:2 + imagePullPolicy: IfNotPresent + name: registry + ports: + - containerPort: 5000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/lib/registry + name: registry-storage + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: registry-storage + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 3 + readyReplicas: 1 + replicas: 1 kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/send/all.yaml b/manifests/send/all.yaml index 6c75110..8c2a680 100644 --- a/manifests/send/all.yaml +++ b/manifests/send/all.yaml @@ -1,774 +1,773 @@ apiVersion: v1 items: -- apiVersion: v1 - kind: Pod - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-08-12T15:56:32+02:00" - creationTimestamp: "2025-08-12T13:57:02Z" - generateName: send-7947f95576- - labels: - app.kubernetes.io/instance: send - app.kubernetes.io/name: send - pod-template-hash: 7947f95576 - name: send-7947f95576-p2ccg - namespace: send - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: send-7947f95576 - uid: 50a9793d-c34b-4fec-9f57-6fea6fbd1361 - resourceVersion: "20356520" - uid: 41e21fe5-7e64-437e-af39-e71eae9c3676 - spec: - automountServiceAccountToken: true - containers: - - env: - - name: BASE_URL - value: https://send.experlab.xyz - - name: DETECT_BASE_URL - value: "false" - - name: MAX_ANON_FILE_SIZE - value: "21474836480" - - name: MAX_FILE_SIZE - value: "21474836480" - - name: TZ - value: UTC - - name: UI_MAX_ANON_FILE_SIZE - value: "21474836480" - - name: UI_MAX_FILE_SIZE - value: "21474836480" - image: registry.gitlab.com/timvisee/send:v3.4.20 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - name: send - ports: - - containerPort: 1443 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - resources: {} - startupProbe: - failureThreshold: 30 - periodSeconds: 5 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /uploads - name: uploads - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-zf5fj - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: uploads - persistentVolumeClaim: - claimName: send-uploads - - name: kube-api-access-zf5fj - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:10Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-08-12T13:57:02Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:14Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:14Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-08-12T13:57:02Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://37e2d2372f50285e0c36a907a222c2dd88ef876888e24351c7aa84b1e0968c8a - image: registry.gitlab.com/timvisee/send:v3.4.20 - imageID: registry.gitlab.com/timvisee/send@sha256:47986cf6ef69743c97cab26b828335c6887d6b02ce2a1fb18039984d293e4d78 - lastState: - terminated: - containerID: containerd://c8d1e862c2d005b5bc085161da7dea412dd135c73c865a059e2319e961d35b5b - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:31Z" - name: send - ready: true - restartCount: 3 - started: true - state: - running: - startedAt: "2025-08-24T01:02:10Z" - volumeMounts: - - mountPath: /uploads - name: uploads - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-zf5fj - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.49 - podIPs: - - ip: 10.244.0.49 - qosClass: BestEffort - startTime: "2025-08-12T13:57:02Z" -- apiVersion: v1 - kind: Service - metadata: - annotations: - meta.helm.sh/release-name: send - meta.helm.sh/release-namespace: send - creationTimestamp: "2025-08-12T08:43:41Z" - labels: - app.kubernetes.io/instance: send - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: send - app.kubernetes.io/version: v3.4.20 - helm.sh/chart: send-1.2.2 - name: send - namespace: send - resourceVersion: "12122293" - uid: 182d27f5-7e86-4155-9c3d-2fc78e171e92 - spec: - clusterIP: 10.111.192.18 - clusterIPs: - - 10.111.192.18 - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - name: http - nodePort: 31030 - port: 1443 - protocol: TCP - targetPort: http - selector: - app.kubernetes.io/instance: send - app.kubernetes.io/name: send - sessionAffinity: None - type: NodePort - status: - loadBalancer: {} -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "10" - meta.helm.sh/release-name: send - meta.helm.sh/release-namespace: send - creationTimestamp: "2025-08-12T08:43:41Z" - generation: 11 - labels: - app.kubernetes.io/instance: send - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: send - app.kubernetes.io/version: v3.4.20 - helm.sh/chart: send-1.2.2 - name: send - namespace: send - resourceVersion: "12273742" - uid: 6b144969-395e-4bc5-9e94-c93a2cbc301a - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 3 - selector: - matchLabels: - app.kubernetes.io/instance: send - app.kubernetes.io/name: send - strategy: - type: Recreate - template: - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-08-12T15:56:32+02:00" - creationTimestamp: null - labels: - app.kubernetes.io/instance: send - app.kubernetes.io/name: send - spec: - automountServiceAccountToken: true - containers: - - env: - - name: BASE_URL - value: https://send.experlab.xyz - - name: DETECT_BASE_URL - value: "false" - - name: MAX_ANON_FILE_SIZE - value: "21474836480" - - name: MAX_FILE_SIZE - value: "21474836480" - - name: TZ - value: UTC - - name: UI_MAX_ANON_FILE_SIZE - value: "21474836480" - - name: UI_MAX_FILE_SIZE - value: "21474836480" - image: registry.gitlab.com/timvisee/send:v3.4.20 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - name: send - ports: - - containerPort: 1443 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - resources: {} - startupProbe: - failureThreshold: 30 - periodSeconds: 5 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /uploads - name: uploads - dnsPolicy: ClusterFirst - enableServiceLinks: true - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 30 - volumes: - - name: uploads - persistentVolumeClaim: - claimName: send-uploads - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-08-12T09:27:35Z" - lastUpdateTime: "2025-08-12T13:57:08Z" - message: ReplicaSet "send-7947f95576" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - - lastTransitionTime: "2025-08-24T01:02:15Z" - lastUpdateTime: "2025-08-24T01:02:15Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - observedGeneration: 11 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "7" - meta.helm.sh/release-name: send - meta.helm.sh/release-namespace: send - creationTimestamp: "2025-08-12T10:13:52Z" - generation: 2 - labels: - app.kubernetes.io/instance: send - app.kubernetes.io/name: send - pod-template-hash: 745ff75597 - name: send-745ff75597 - namespace: send - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: send - uid: 6b144969-395e-4bc5-9e94-c93a2cbc301a - resourceVersion: "12129988" - uid: 6231ade8-b8f5-478c-9f10-ceb3510b0b0b - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/instance: send - app.kubernetes.io/name: send - pod-template-hash: 745ff75597 - template: - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-08-12T10:51:34+02:00" - creationTimestamp: null - labels: - app.kubernetes.io/instance: send - app.kubernetes.io/name: send - pod-template-hash: 745ff75597 - spec: - automountServiceAccountToken: true - containers: - - env: - - name: BASE_URL - value: https://send.experlab.xyz - - name: DETECT_BASE_URL - value: "false" - - name: MAX_ANON_FILE_SIZE - value: "10737418240" - - name: MAX_FILE_SIZE - value: "10737418240" - - name: TZ - value: UTC - image: registry.gitlab.com/timvisee/send:v3.4.20 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - name: send - ports: - - containerPort: 1443 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - resources: {} - startupProbe: - failureThreshold: 30 - periodSeconds: 5 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /uploads - name: uploads - dnsPolicy: ClusterFirst - enableServiceLinks: true - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 30 - volumes: - - name: uploads - persistentVolumeClaim: - claimName: send-uploads - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "9" - meta.helm.sh/release-name: send - meta.helm.sh/release-namespace: send - creationTimestamp: "2025-08-12T10:17:07Z" - generation: 2 - labels: - app.kubernetes.io/instance: send - app.kubernetes.io/name: send - pod-template-hash: 764f47c8d6 - name: send-764f47c8d6 - namespace: send - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: send - uid: 6b144969-395e-4bc5-9e94-c93a2cbc301a - resourceVersion: "12150014" - uid: c8e51d73-76fe-4991-b1cb-d4fb46672593 - spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/instance: send - app.kubernetes.io/name: send - pod-template-hash: 764f47c8d6 - template: - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-08-12T10:51:34+02:00" - creationTimestamp: null - labels: - app.kubernetes.io/instance: send - app.kubernetes.io/name: send - pod-template-hash: 764f47c8d6 - spec: - automountServiceAccountToken: true - containers: - - env: - - name: BASE_URL - value: https://send.experlab.xyz - - name: DETECT_BASE_URL - value: "false" - - name: MAX_ANON_FILE_SIZE - value: "21474836480" - - name: MAX_FILE_SIZE - value: "21474836480" - - name: TZ - value: UTC - - name: UI_MAX_ANON_FILE_SIZE - value: "21474836480" - - name: UI_MAX_FILE_SIZE - value: "21474836480" - image: registry.gitlab.com/timvisee/send:v3.4.20 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - name: send - ports: - - containerPort: 1443 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - resources: {} - startupProbe: - failureThreshold: 30 - periodSeconds: 5 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /uploads - name: uploads - dnsPolicy: ClusterFirst - enableServiceLinks: true - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 30 - volumes: - - name: uploads - persistentVolumeClaim: - claimName: send-uploads - status: - observedGeneration: 2 - replicas: 0 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "10" - meta.helm.sh/release-name: send - meta.helm.sh/release-namespace: send - creationTimestamp: "2025-08-12T13:57:02Z" - generation: 1 - labels: - app.kubernetes.io/instance: send - app.kubernetes.io/name: send - pod-template-hash: 7947f95576 - name: send-7947f95576 - namespace: send - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: send - uid: 6b144969-395e-4bc5-9e94-c93a2cbc301a - resourceVersion: "12273740" - uid: 50a9793d-c34b-4fec-9f57-6fea6fbd1361 - spec: - replicas: 1 - selector: - matchLabels: + - apiVersion: v1 + kind: Pod + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-08-12T15:56:32+02:00' + creationTimestamp: '2025-08-12T13:57:02Z' + generateName: send-7947f95576- + labels: app.kubernetes.io/instance: send app.kubernetes.io/name: send pod-template-hash: 7947f95576 - template: - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-08-12T15:56:32+02:00" - creationTimestamp: null - labels: + name: send-7947f95576-p2ccg + namespace: send + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: send-7947f95576 + uid: 50a9793d-c34b-4fec-9f57-6fea6fbd1361 + resourceVersion: '20356520' + uid: 41e21fe5-7e64-437e-af39-e71eae9c3676 + spec: + automountServiceAccountToken: true + containers: + - env: + - name: BASE_URL + value: https://send.experlab.xyz + - name: DETECT_BASE_URL + value: 'false' + - name: MAX_ANON_FILE_SIZE + value: '21474836480' + - name: MAX_FILE_SIZE + value: '21474836480' + - name: TZ + value: UTC + - name: UI_MAX_ANON_FILE_SIZE + value: '21474836480' + - name: UI_MAX_FILE_SIZE + value: '21474836480' + image: registry.gitlab.com/timvisee/send:v3.4.20 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + name: send + ports: + - containerPort: 1443 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + resources: {} + startupProbe: + failureThreshold: 30 + periodSeconds: 5 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /uploads + name: uploads + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-zf5fj + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: uploads + persistentVolumeClaim: + claimName: send-uploads + - name: kube-api-access-zf5fj + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:10Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-08-12T13:57:02Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:14Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:14Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-08-12T13:57:02Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://37e2d2372f50285e0c36a907a222c2dd88ef876888e24351c7aa84b1e0968c8a + image: registry.gitlab.com/timvisee/send:v3.4.20 + imageID: registry.gitlab.com/timvisee/send@sha256:47986cf6ef69743c97cab26b828335c6887d6b02ce2a1fb18039984d293e4d78 + lastState: + terminated: + containerID: containerd://c8d1e862c2d005b5bc085161da7dea412dd135c73c865a059e2319e961d35b5b + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:31Z' + name: send + ready: true + restartCount: 3 + started: true + state: + running: + startedAt: '2025-08-24T01:02:10Z' + volumeMounts: + - mountPath: /uploads + name: uploads + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-zf5fj + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.49 + podIPs: + - ip: 10.244.0.49 + qosClass: BestEffort + startTime: '2025-08-12T13:57:02Z' + - apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: send + meta.helm.sh/release-namespace: send + creationTimestamp: '2025-08-12T08:43:41Z' + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: send + app.kubernetes.io/version: v3.4.20 + helm.sh/chart: send-1.2.2 + name: send + namespace: send + resourceVersion: '12122293' + uid: 182d27f5-7e86-4155-9c3d-2fc78e171e92 + spec: + clusterIP: 10.111.192.18 + clusterIPs: + - 10.111.192.18 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + nodePort: 31030 + port: 1443 + protocol: TCP + targetPort: http + selector: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '10' + meta.helm.sh/release-name: send + meta.helm.sh/release-namespace: send + creationTimestamp: '2025-08-12T08:43:41Z' + generation: 11 + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: send + app.kubernetes.io/version: v3.4.20 + helm.sh/chart: send-1.2.2 + name: send + namespace: send + resourceVersion: '12273742' + uid: 6b144969-395e-4bc5-9e94-c93a2cbc301a + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 3 + selector: + matchLabels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + strategy: + type: Recreate + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-08-12T15:56:32+02:00' + creationTimestamp: null + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + spec: + automountServiceAccountToken: true + containers: + - env: + - name: BASE_URL + value: https://send.experlab.xyz + - name: DETECT_BASE_URL + value: 'false' + - name: MAX_ANON_FILE_SIZE + value: '21474836480' + - name: MAX_FILE_SIZE + value: '21474836480' + - name: TZ + value: UTC + - name: UI_MAX_ANON_FILE_SIZE + value: '21474836480' + - name: UI_MAX_FILE_SIZE + value: '21474836480' + image: registry.gitlab.com/timvisee/send:v3.4.20 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + name: send + ports: + - containerPort: 1443 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + resources: {} + startupProbe: + failureThreshold: 30 + periodSeconds: 5 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /uploads + name: uploads + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + volumes: + - name: uploads + persistentVolumeClaim: + claimName: send-uploads + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-08-12T09:27:35Z' + lastUpdateTime: '2025-08-12T13:57:08Z' + message: ReplicaSet "send-7947f95576" has successfully progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + - lastTransitionTime: '2025-08-24T01:02:15Z' + lastUpdateTime: '2025-08-24T01:02:15Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + observedGeneration: 11 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '7' + meta.helm.sh/release-name: send + meta.helm.sh/release-namespace: send + creationTimestamp: '2025-08-12T10:13:52Z' + generation: 2 + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 745ff75597 + name: send-745ff75597 + namespace: send + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: send + uid: 6b144969-395e-4bc5-9e94-c93a2cbc301a + resourceVersion: '12129988' + uid: 6231ade8-b8f5-478c-9f10-ceb3510b0b0b + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 745ff75597 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-08-12T10:51:34+02:00' + creationTimestamp: null + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 745ff75597 + spec: + automountServiceAccountToken: true + containers: + - env: + - name: BASE_URL + value: https://send.experlab.xyz + - name: DETECT_BASE_URL + value: 'false' + - name: MAX_ANON_FILE_SIZE + value: '10737418240' + - name: MAX_FILE_SIZE + value: '10737418240' + - name: TZ + value: UTC + image: registry.gitlab.com/timvisee/send:v3.4.20 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + name: send + ports: + - containerPort: 1443 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + resources: {} + startupProbe: + failureThreshold: 30 + periodSeconds: 5 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /uploads + name: uploads + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + volumes: + - name: uploads + persistentVolumeClaim: + claimName: send-uploads + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '9' + meta.helm.sh/release-name: send + meta.helm.sh/release-namespace: send + creationTimestamp: '2025-08-12T10:17:07Z' + generation: 2 + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 764f47c8d6 + name: send-764f47c8d6 + namespace: send + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: send + uid: 6b144969-395e-4bc5-9e94-c93a2cbc301a + resourceVersion: '12150014' + uid: c8e51d73-76fe-4991-b1cb-d4fb46672593 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 764f47c8d6 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-08-12T10:51:34+02:00' + creationTimestamp: null + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 764f47c8d6 + spec: + automountServiceAccountToken: true + containers: + - env: + - name: BASE_URL + value: https://send.experlab.xyz + - name: DETECT_BASE_URL + value: 'false' + - name: MAX_ANON_FILE_SIZE + value: '21474836480' + - name: MAX_FILE_SIZE + value: '21474836480' + - name: TZ + value: UTC + - name: UI_MAX_ANON_FILE_SIZE + value: '21474836480' + - name: UI_MAX_FILE_SIZE + value: '21474836480' + image: registry.gitlab.com/timvisee/send:v3.4.20 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + name: send + ports: + - containerPort: 1443 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + resources: {} + startupProbe: + failureThreshold: 30 + periodSeconds: 5 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /uploads + name: uploads + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + volumes: + - name: uploads + persistentVolumeClaim: + claimName: send-uploads + status: + observedGeneration: 2 + replicas: 0 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '10' + meta.helm.sh/release-name: send + meta.helm.sh/release-namespace: send + creationTimestamp: '2025-08-12T13:57:02Z' + generation: 1 + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 7947f95576 + name: send-7947f95576 + namespace: send + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: send + uid: 6b144969-395e-4bc5-9e94-c93a2cbc301a + resourceVersion: '12273740' + uid: 50a9793d-c34b-4fec-9f57-6fea6fbd1361 + spec: + replicas: 1 + selector: + matchLabels: app.kubernetes.io/instance: send app.kubernetes.io/name: send pod-template-hash: 7947f95576 - spec: - automountServiceAccountToken: true - containers: - - env: - - name: BASE_URL - value: https://send.experlab.xyz - - name: DETECT_BASE_URL - value: "false" - - name: MAX_ANON_FILE_SIZE - value: "21474836480" - - name: MAX_FILE_SIZE - value: "21474836480" - - name: TZ - value: UTC - - name: UI_MAX_ANON_FILE_SIZE - value: "21474836480" - - name: UI_MAX_FILE_SIZE - value: "21474836480" - image: registry.gitlab.com/timvisee/send:v3.4.20 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - name: send - ports: - - containerPort: 1443 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - resources: {} - startupProbe: - failureThreshold: 30 - periodSeconds: 5 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /uploads - name: uploads - dnsPolicy: ClusterFirst - enableServiceLinks: true - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 30 - volumes: - - name: uploads - persistentVolumeClaim: - claimName: send-uploads - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "1" - deployment.kubernetes.io/revision: "8" - meta.helm.sh/release-name: send - meta.helm.sh/release-namespace: send - creationTimestamp: "2025-08-12T10:15:01Z" - generation: 2 - labels: - app.kubernetes.io/instance: send - app.kubernetes.io/name: send - pod-template-hash: 7cf87974b - name: send-7cf87974b - namespace: send - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: send - uid: 6b144969-395e-4bc5-9e94-c93a2cbc301a - resourceVersion: "12130228" - uid: c001e3d7-8254-4f9a-9f00-a64b8d7309b1 - spec: - replicas: 0 - selector: - matchLabels: + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-08-12T15:56:32+02:00' + creationTimestamp: null + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 7947f95576 + spec: + automountServiceAccountToken: true + containers: + - env: + - name: BASE_URL + value: https://send.experlab.xyz + - name: DETECT_BASE_URL + value: 'false' + - name: MAX_ANON_FILE_SIZE + value: '21474836480' + - name: MAX_FILE_SIZE + value: '21474836480' + - name: TZ + value: UTC + - name: UI_MAX_ANON_FILE_SIZE + value: '21474836480' + - name: UI_MAX_FILE_SIZE + value: '21474836480' + image: registry.gitlab.com/timvisee/send:v3.4.20 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + name: send + ports: + - containerPort: 1443 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + resources: {} + startupProbe: + failureThreshold: 30 + periodSeconds: 5 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /uploads + name: uploads + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + volumes: + - name: uploads + persistentVolumeClaim: + claimName: send-uploads + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '1' + deployment.kubernetes.io/revision: '8' + meta.helm.sh/release-name: send + meta.helm.sh/release-namespace: send + creationTimestamp: '2025-08-12T10:15:01Z' + generation: 2 + labels: app.kubernetes.io/instance: send app.kubernetes.io/name: send pod-template-hash: 7cf87974b - template: - metadata: - annotations: - kubectl.kubernetes.io/restartedAt: "2025-08-12T10:51:34+02:00" - creationTimestamp: null - labels: + name: send-7cf87974b + namespace: send + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: send + uid: 6b144969-395e-4bc5-9e94-c93a2cbc301a + resourceVersion: '12130228' + uid: c001e3d7-8254-4f9a-9f00-a64b8d7309b1 + spec: + replicas: 0 + selector: + matchLabels: app.kubernetes.io/instance: send app.kubernetes.io/name: send pod-template-hash: 7cf87974b - spec: - automountServiceAccountToken: true - containers: - - env: - - name: BASE_URL - value: https://send.experlab.xyz - - name: DETECT_BASE_URL - value: "false" - - name: MAX_ANON_FILE_SIZE - value: "10737418240" - - name: MAX_FILE_SIZE - value: "10737418240" - - name: TZ - value: UTC - - name: UI_MAX_ANON_FILE_SIZE - value: "10737418240" - - name: UI_MAX_FILE_SIZE - value: "10737418240" - image: registry.gitlab.com/timvisee/send:v3.4.20 - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - name: send - ports: - - containerPort: 1443 - name: http - protocol: TCP - readinessProbe: - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - resources: {} - startupProbe: - failureThreshold: 30 - periodSeconds: 5 - successThreshold: 1 - tcpSocket: - port: 1443 - timeoutSeconds: 1 - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /uploads - name: uploads - dnsPolicy: ClusterFirst - enableServiceLinks: true - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 30 - volumes: - - name: uploads - persistentVolumeClaim: - claimName: send-uploads - status: - observedGeneration: 2 - replicas: 0 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: '2025-08-12T10:51:34+02:00' + creationTimestamp: null + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 7cf87974b + spec: + automountServiceAccountToken: true + containers: + - env: + - name: BASE_URL + value: https://send.experlab.xyz + - name: DETECT_BASE_URL + value: 'false' + - name: MAX_ANON_FILE_SIZE + value: '10737418240' + - name: MAX_FILE_SIZE + value: '10737418240' + - name: TZ + value: UTC + - name: UI_MAX_ANON_FILE_SIZE + value: '10737418240' + - name: UI_MAX_FILE_SIZE + value: '10737418240' + image: registry.gitlab.com/timvisee/send:v3.4.20 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + name: send + ports: + - containerPort: 1443 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + resources: {} + startupProbe: + failureThreshold: 30 + periodSeconds: 5 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /uploads + name: uploads + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + volumes: + - name: uploads + persistentVolumeClaim: + claimName: send-uploads + status: + observedGeneration: 2 + replicas: 0 kind: List -metadata: - resourceVersion: "" +metadata: {} diff --git a/manifests/wiki/all.yaml b/manifests/wiki/all.yaml index 6a0dbb2..dc6ef78 100644 --- a/manifests/wiki/all.yaml +++ b/manifests/wiki/all.yaml @@ -1,644 +1,647 @@ apiVersion: v1 items: -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-05-21T13:55:04Z" - generateName: wikijs-6bd85497c7- - labels: - app: wikijs - pod-template-hash: 6bd85497c7 - name: wikijs-6bd85497c7-pms5l - namespace: wiki - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: wikijs-6bd85497c7 - uid: 457871f1-eb38-41a9-afb2-c4f248e68205 - resourceVersion: "20356518" - uid: 7a49f498-1cf4-49b6-b0c3-363769650655 - spec: - containers: - - env: - - name: DB_TYPE - value: postgres - - name: DB_HOST - value: wikijs-postgres - - name: DB_PORT - value: "5432" - - name: DB_USER - value: wikijs - - name: DB_PASS - value: wikijsrocks - - name: DB_NAME - value: wikijs - image: ghcr.io/requarks/wiki:latest - imagePullPolicy: Always - name: wiki - ports: - - containerPort: 3000 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-lq4rc - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: kube-api-access-lq4rc - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:42Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-05-21T13:55:04Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:42Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:42Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-05-21T13:55:04Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://7f8a57137386d6f90e200982b8b520c87febdc7eb2a4cf35e2b7efe4285d7f0c - image: ghcr.io/requarks/wiki:latest - imageID: ghcr.io/requarks/wiki@sha256:1eaa2de751c2925871a95a02e0ddbdd5c48bf2e016653b2e4a8f0c646cc4ff83 - lastState: - terminated: - containerID: containerd://911a250febab0b7babd609edb8458077efbbc4b16dd4381c17b3814d1aca762a - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:47Z" - name: wiki - ready: true - restartCount: 12 - started: true - state: - running: - startedAt: "2025-08-24T01:02:41Z" - volumeMounts: - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-lq4rc - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.46 - podIPs: - - ip: 10.244.0.46 - qosClass: BestEffort - startTime: "2025-05-21T13:55:04Z" -- apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: "2025-05-21T13:55:04Z" - generateName: wikijs-postgres-79d84f58b5- - labels: - app: wikijs-postgres - pod-template-hash: 79d84f58b5 - name: wikijs-postgres-79d84f58b5-jnff4 - namespace: wiki - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: ReplicaSet - name: wikijs-postgres-79d84f58b5 - uid: d3e5df36-d1f0-4dfd-aa76-30063a80fbb8 - resourceVersion: "20356480" - uid: d30024af-854a-40d2-8615-a2a40c525b60 - spec: - containers: - - env: - - name: POSTGRES_DB - value: wikijs - - name: POSTGRES_USER - value: wikijs - - name: POSTGRES_PASSWORD - value: wikijsrocks - image: postgres:14 - imagePullPolicy: IfNotPresent - name: postgres - ports: - - containerPort: 5432 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/lib/postgresql/data - name: postgres-data - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-djkxt - readOnly: true - dnsPolicy: ClusterFirst - enableServiceLinks: true - nodeName: server-thinkcentre-e73 - preemptionPolicy: PreemptLowerPriority - priority: 0 - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: default - serviceAccountName: default - terminationGracePeriodSeconds: 30 - tolerations: - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 300 - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 300 - volumes: - - name: postgres-data - persistentVolumeClaim: - claimName: wikijs-postgres-pvc - - name: kube-api-access-djkxt - projected: - defaultMode: 420 - sources: - - serviceAccountToken: - expirationSeconds: 3607 - path: token - - configMap: - items: - - key: ca.crt - path: ca.crt - name: kube-root-ca.crt - - downwardAPI: - items: - - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - path: namespace - status: - conditions: - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:09Z" - status: "True" - type: PodReadyToStartContainers - - lastProbeTime: null - lastTransitionTime: "2025-05-21T13:55:08Z" - status: "True" - type: Initialized - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:09Z" - status: "True" - type: Ready - - lastProbeTime: null - lastTransitionTime: "2025-08-24T01:02:09Z" - status: "True" - type: ContainersReady - - lastProbeTime: null - lastTransitionTime: "2025-05-21T13:55:08Z" - status: "True" - type: PodScheduled - containerStatuses: - - containerID: containerd://cf6866bbb5d81f8d0a0d5166f80f983acaf084333be58bb75f09b39b7affe779 - image: docker.io/library/postgres:14 - imageID: docker.io/library/postgres@sha256:e7e9c0b3470ebff1b693f3a0a3302eb02505e62d67fc1b42c86c2811b4c6e451 - lastState: - terminated: - containerID: containerd://748ff60cb1099d8223cb464cfa8b08acbc70f3f954e39d9a9657d8208c1f38b8 - exitCode: 255 - finishedAt: "2025-08-24T01:01:44Z" - reason: Unknown - startedAt: "2025-08-12T14:09:42Z" - name: postgres - ready: true - restartCount: 7 - started: true - state: - running: - startedAt: "2025-08-24T01:02:10Z" - volumeMounts: - - mountPath: /var/lib/postgresql/data - name: postgres-data - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: kube-api-access-djkxt - readOnly: true - recursiveReadOnly: Disabled - hostIP: 192.168.31.54 - hostIPs: - - ip: 192.168.31.54 - phase: Running - podIP: 10.244.0.47 - podIPs: - - ip: 10.244.0.47 - qosClass: BestEffort - startTime: "2025-05-21T13:55:08Z" -- apiVersion: v1 - kind: Service - metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"wikijs","namespace":"wiki"},"spec":{"ports":[{"nodePort":30080,"port":80,"targetPort":3000}],"selector":{"app":"wikijs"},"type":"NodePort"}} - creationTimestamp: "2025-05-21T13:55:04Z" - name: wikijs - namespace: wiki - resourceVersion: "2872068" - uid: d358248f-0bf0-459e-95cf-cc10ff21ad6a - spec: - clusterIP: 10.111.144.209 - clusterIPs: - - 10.111.144.209 - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - nodePort: 30080 - port: 80 - protocol: TCP - targetPort: 3000 - selector: - app: wikijs - sessionAffinity: None - type: NodePort - status: - loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"wikijs-postgres","namespace":"wiki"},"spec":{"ports":[{"port":5432,"targetPort":5432}],"selector":{"app":"wikijs-postgres"}}} - creationTimestamp: "2025-05-21T14:01:52Z" - name: wikijs-postgres - namespace: wiki - resourceVersion: "2872812" - uid: e4a14775-b709-4e22-845d-2b454f5c9296 - spec: - clusterIP: 10.106.106.142 - clusterIPs: - - 10.106.106.142 - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - port: 5432 - protocol: TCP - targetPort: 5432 - selector: - app: wikijs-postgres - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "1" - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"wikijs","namespace":"wiki"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"wikijs"}},"template":{"metadata":{"labels":{"app":"wikijs"}},"spec":{"containers":[{"env":[{"name":"DB_TYPE","value":"postgres"},{"name":"DB_HOST","value":"wikijs-postgres"},{"name":"DB_PORT","value":"5432"},{"name":"DB_USER","value":"wikijs"},{"name":"DB_PASS","value":"wikijsrocks"},{"name":"DB_NAME","value":"wikijs"}],"image":"ghcr.io/requarks/wiki:latest","name":"wiki","ports":[{"containerPort":3000}]}]}}}} - creationTimestamp: "2025-05-21T13:55:04Z" - generation: 1 - name: wikijs - namespace: wiki - resourceVersion: "12273871" - uid: 4bdf2b62-bcba-4549-b404-8063922f94fc - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app: wikijs - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - creationTimestamp: null - labels: - app: wikijs - spec: - containers: - - env: - - name: DB_TYPE - value: postgres - - name: DB_HOST - value: wikijs-postgres - - name: DB_PORT - value: "5432" - - name: DB_USER - value: wikijs - - name: DB_PASS - value: wikijsrocks - - name: DB_NAME - value: wikijs - image: ghcr.io/requarks/wiki:latest - imagePullPolicy: Always - name: wiki - ports: - - containerPort: 3000 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-05-21T13:55:04Z" - lastUpdateTime: "2025-05-21T13:55:53Z" - message: ReplicaSet "wikijs-6bd85497c7" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - - lastTransitionTime: "2025-08-24T01:02:42Z" - lastUpdateTime: "2025-08-24T01:02:42Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: Deployment - metadata: - annotations: - deployment.kubernetes.io/revision: "1" - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"wikijs-postgres","namespace":"wiki"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"wikijs-postgres"}},"template":{"metadata":{"labels":{"app":"wikijs-postgres"}},"spec":{"containers":[{"env":[{"name":"POSTGRES_DB","value":"wikijs"},{"name":"POSTGRES_USER","value":"wikijs"},{"name":"POSTGRES_PASSWORD","value":"wikijsrocks"}],"image":"postgres:14","name":"postgres","ports":[{"containerPort":5432}],"volumeMounts":[{"mountPath":"/var/lib/postgresql/data","name":"postgres-data"}]}],"volumes":[{"name":"postgres-data","persistentVolumeClaim":{"claimName":"wikijs-postgres-pvc"}}]}}}} - creationTimestamp: "2025-05-21T13:55:04Z" - generation: 1 - name: wikijs-postgres - namespace: wiki - resourceVersion: "8820198" - uid: 502330c7-9841-4df2-b4d7-f5664efe11b6 - spec: - progressDeadlineSeconds: 600 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app: wikijs-postgres - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - creationTimestamp: null - labels: - app: wikijs-postgres - spec: - containers: - - env: - - name: POSTGRES_DB - value: wikijs - - name: POSTGRES_USER - value: wikijs - - name: POSTGRES_PASSWORD - value: wikijsrocks - image: postgres:14 - imagePullPolicy: IfNotPresent - name: postgres - ports: - - containerPort: 5432 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/lib/postgresql/data - name: postgres-data - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: - - name: postgres-data - persistentVolumeClaim: - claimName: wikijs-postgres-pvc - status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2025-05-21T13:55:04Z" - lastUpdateTime: "2025-05-21T13:56:01Z" - message: ReplicaSet "wikijs-postgres-79d84f58b5" has successfully progressed. - reason: NewReplicaSetAvailable - status: "True" - type: Progressing - - lastTransitionTime: "2025-07-07T13:23:22Z" - lastUpdateTime: "2025-07-07T13:23:22Z" - message: Deployment has minimum availability. - reason: MinimumReplicasAvailable - status: "True" - type: Available - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 - updatedReplicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "1" - creationTimestamp: "2025-05-21T13:55:04Z" - generation: 1 - labels: - app: wikijs - pod-template-hash: 6bd85497c7 - name: wikijs-6bd85497c7 - namespace: wiki - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: wikijs - uid: 4bdf2b62-bcba-4549-b404-8063922f94fc - resourceVersion: "12273868" - uid: 457871f1-eb38-41a9-afb2-c4f248e68205 - spec: - replicas: 1 - selector: - matchLabels: + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-05-21T13:55:04Z' + generateName: wikijs-6bd85497c7- + labels: app: wikijs pod-template-hash: 6bd85497c7 - template: - metadata: - creationTimestamp: null - labels: - app: wikijs - pod-template-hash: 6bd85497c7 - spec: - containers: + name: wikijs-6bd85497c7-pms5l + namespace: wiki + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: wikijs-6bd85497c7 + uid: 457871f1-eb38-41a9-afb2-c4f248e68205 + resourceVersion: '20356518' + uid: 7a49f498-1cf4-49b6-b0c3-363769650655 + spec: + containers: - env: - - name: DB_TYPE - value: postgres - - name: DB_HOST - value: wikijs-postgres - - name: DB_PORT - value: "5432" - - name: DB_USER - value: wikijs - - name: DB_PASS - value: wikijsrocks - - name: DB_NAME - value: wikijs + - name: DB_TYPE + value: postgres + - name: DB_HOST + value: wikijs-postgres + - name: DB_PORT + value: '5432' + - name: DB_USER + value: wikijs + - name: DB_PASS + value: wikijsrocks + - name: DB_NAME + value: wikijs image: ghcr.io/requarks/wiki:latest imagePullPolicy: Always name: wiki ports: - - containerPort: 3000 - protocol: TCP - resources: {} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 -- apiVersion: apps/v1 - kind: ReplicaSet - metadata: - annotations: - deployment.kubernetes.io/desired-replicas: "1" - deployment.kubernetes.io/max-replicas: "2" - deployment.kubernetes.io/revision: "1" - creationTimestamp: "2025-05-21T13:55:04Z" - generation: 1 - labels: - app: wikijs-postgres - pod-template-hash: 79d84f58b5 - name: wikijs-postgres-79d84f58b5 - namespace: wiki - ownerReferences: - - apiVersion: apps/v1 - blockOwnerDeletion: true - controller: true - kind: Deployment - name: wikijs-postgres - uid: 502330c7-9841-4df2-b4d7-f5664efe11b6 - resourceVersion: "8820197" - uid: d3e5df36-d1f0-4dfd-aa76-30063a80fbb8 - spec: - replicas: 1 - selector: - matchLabels: - app: wikijs-postgres - pod-template-hash: 79d84f58b5 - template: - metadata: - creationTimestamp: null - labels: - app: wikijs-postgres - pod-template-hash: 79d84f58b5 - spec: - containers: - - env: - - name: POSTGRES_DB - value: wikijs - - name: POSTGRES_USER - value: wikijs - - name: POSTGRES_PASSWORD - value: wikijsrocks - image: postgres:14 - imagePullPolicy: IfNotPresent - name: postgres - ports: - - containerPort: 5432 - protocol: TCP + - containerPort: 3000 + protocol: TCP resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /var/lib/postgresql/data - name: postgres-data - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-lq4rc + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: kube-api-access-lq4rc + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:42Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-05-21T13:55:04Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:42Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:42Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-05-21T13:55:04Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://7f8a57137386d6f90e200982b8b520c87febdc7eb2a4cf35e2b7efe4285d7f0c + image: ghcr.io/requarks/wiki:latest + imageID: ghcr.io/requarks/wiki@sha256:1eaa2de751c2925871a95a02e0ddbdd5c48bf2e016653b2e4a8f0c646cc4ff83 + lastState: + terminated: + containerID: containerd://911a250febab0b7babd609edb8458077efbbc4b16dd4381c17b3814d1aca762a + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:47Z' + name: wiki + ready: true + restartCount: 12 + started: true + state: + running: + startedAt: '2025-08-24T01:02:41Z' + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-lq4rc + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.46 + podIPs: + - ip: 10.244.0.46 + qosClass: BestEffort + startTime: '2025-05-21T13:55:04Z' + - apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: '2025-05-21T13:55:04Z' + generateName: wikijs-postgres-79d84f58b5- + labels: + app: wikijs-postgres + pod-template-hash: 79d84f58b5 + name: wikijs-postgres-79d84f58b5-jnff4 + namespace: wiki + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: wikijs-postgres-79d84f58b5 + uid: d3e5df36-d1f0-4dfd-aa76-30063a80fbb8 + resourceVersion: '20356480' + uid: d30024af-854a-40d2-8615-a2a40c525b60 + spec: + containers: + - env: + - name: POSTGRES_DB + value: wikijs + - name: POSTGRES_USER + value: wikijs + - name: POSTGRES_PASSWORD + value: wikijsrocks + image: postgres:14 + imagePullPolicy: IfNotPresent + name: postgres + ports: + - containerPort: 5432 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgres-data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-djkxt + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: - name: postgres-data persistentVolumeClaim: claimName: wikijs-postgres-pvc - status: - availableReplicas: 1 - fullyLabeledReplicas: 1 - observedGeneration: 1 - readyReplicas: 1 - replicas: 1 + - name: kube-api-access-djkxt + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:09Z' + status: 'True' + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: '2025-05-21T13:55:08Z' + status: 'True' + type: Initialized + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:09Z' + status: 'True' + type: Ready + - lastProbeTime: null + lastTransitionTime: '2025-08-24T01:02:09Z' + status: 'True' + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: '2025-05-21T13:55:08Z' + status: 'True' + type: PodScheduled + containerStatuses: + - containerID: containerd://cf6866bbb5d81f8d0a0d5166f80f983acaf084333be58bb75f09b39b7affe779 + image: docker.io/library/postgres:14 + imageID: docker.io/library/postgres@sha256:e7e9c0b3470ebff1b693f3a0a3302eb02505e62d67fc1b42c86c2811b4c6e451 + lastState: + terminated: + containerID: containerd://748ff60cb1099d8223cb464cfa8b08acbc70f3f954e39d9a9657d8208c1f38b8 + exitCode: 255 + finishedAt: '2025-08-24T01:01:44Z' + reason: Unknown + startedAt: '2025-08-12T14:09:42Z' + name: postgres + ready: true + restartCount: 7 + started: true + state: + running: + startedAt: '2025-08-24T01:02:10Z' + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgres-data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-djkxt + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.47 + podIPs: + - ip: 10.244.0.47 + qosClass: BestEffort + startTime: '2025-05-21T13:55:08Z' + - apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"wikijs","namespace":"wiki"},"spec":{"ports":[{"nodePort":30080,"port":80,"targetPort":3000}],"selector":{"app":"wikijs"},"type":"NodePort"}} + + ' + creationTimestamp: '2025-05-21T13:55:04Z' + name: wikijs + namespace: wiki + resourceVersion: '2872068' + uid: d358248f-0bf0-459e-95cf-cc10ff21ad6a + spec: + clusterIP: 10.111.144.209 + clusterIPs: + - 10.111.144.209 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - nodePort: 30080 + port: 80 + protocol: TCP + targetPort: 3000 + selector: + app: wikijs + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} + - apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"wikijs-postgres","namespace":"wiki"},"spec":{"ports":[{"port":5432,"targetPort":5432}],"selector":{"app":"wikijs-postgres"}}} + + ' + creationTimestamp: '2025-05-21T14:01:52Z' + name: wikijs-postgres + namespace: wiki + resourceVersion: '2872812' + uid: e4a14775-b709-4e22-845d-2b454f5c9296 + spec: + clusterIP: 10.106.106.142 + clusterIPs: + - 10.106.106.142 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - port: 5432 + protocol: TCP + targetPort: 5432 + selector: + app: wikijs-postgres + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '1' + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"wikijs","namespace":"wiki"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"wikijs"}},"template":{"metadata":{"labels":{"app":"wikijs"}},"spec":{"containers":[{"env":[{"name":"DB_TYPE","value":"postgres"},{"name":"DB_HOST","value":"wikijs-postgres"},{"name":"DB_PORT","value":"5432"},{"name":"DB_USER","value":"wikijs"},{"name":"DB_PASS","value":"wikijsrocks"},{"name":"DB_NAME","value":"wikijs"}],"image":"ghcr.io/requarks/wiki:latest","name":"wiki","ports":[{"containerPort":3000}]}]}}}} + + ' + creationTimestamp: '2025-05-21T13:55:04Z' + generation: 1 + name: wikijs + namespace: wiki + resourceVersion: '12273871' + uid: 4bdf2b62-bcba-4549-b404-8063922f94fc + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: wikijs + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: wikijs + spec: + containers: + - env: + - name: DB_TYPE + value: postgres + - name: DB_HOST + value: wikijs-postgres + - name: DB_PORT + value: '5432' + - name: DB_USER + value: wikijs + - name: DB_PASS + value: wikijsrocks + - name: DB_NAME + value: wikijs + image: ghcr.io/requarks/wiki:latest + imagePullPolicy: Always + name: wiki + ports: + - containerPort: 3000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-05-21T13:55:04Z' + lastUpdateTime: '2025-05-21T13:55:53Z' + message: ReplicaSet "wikijs-6bd85497c7" has successfully progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + - lastTransitionTime: '2025-08-24T01:02:42Z' + lastUpdateTime: '2025-08-24T01:02:42Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: '1' + kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"wikijs-postgres","namespace":"wiki"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"wikijs-postgres"}},"template":{"metadata":{"labels":{"app":"wikijs-postgres"}},"spec":{"containers":[{"env":[{"name":"POSTGRES_DB","value":"wikijs"},{"name":"POSTGRES_USER","value":"wikijs"},{"name":"POSTGRES_PASSWORD","value":"wikijsrocks"}],"image":"postgres:14","name":"postgres","ports":[{"containerPort":5432}],"volumeMounts":[{"mountPath":"/var/lib/postgresql/data","name":"postgres-data"}]}],"volumes":[{"name":"postgres-data","persistentVolumeClaim":{"claimName":"wikijs-postgres-pvc"}}]}}}} + + ' + creationTimestamp: '2025-05-21T13:55:04Z' + generation: 1 + name: wikijs-postgres + namespace: wiki + resourceVersion: '8820198' + uid: 502330c7-9841-4df2-b4d7-f5664efe11b6 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: wikijs-postgres + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: wikijs-postgres + spec: + containers: + - env: + - name: POSTGRES_DB + value: wikijs + - name: POSTGRES_USER + value: wikijs + - name: POSTGRES_PASSWORD + value: wikijsrocks + image: postgres:14 + imagePullPolicy: IfNotPresent + name: postgres + ports: + - containerPort: 5432 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgres-data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: postgres-data + persistentVolumeClaim: + claimName: wikijs-postgres-pvc + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: '2025-05-21T13:55:04Z' + lastUpdateTime: '2025-05-21T13:56:01Z' + message: ReplicaSet "wikijs-postgres-79d84f58b5" has successfully progressed. + reason: NewReplicaSetAvailable + status: 'True' + type: Progressing + - lastTransitionTime: '2025-07-07T13:23:22Z' + lastUpdateTime: '2025-07-07T13:23:22Z' + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: 'True' + type: Available + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '1' + creationTimestamp: '2025-05-21T13:55:04Z' + generation: 1 + labels: + app: wikijs + pod-template-hash: 6bd85497c7 + name: wikijs-6bd85497c7 + namespace: wiki + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: wikijs + uid: 4bdf2b62-bcba-4549-b404-8063922f94fc + resourceVersion: '12273868' + uid: 457871f1-eb38-41a9-afb2-c4f248e68205 + spec: + replicas: 1 + selector: + matchLabels: + app: wikijs + pod-template-hash: 6bd85497c7 + template: + metadata: + creationTimestamp: null + labels: + app: wikijs + pod-template-hash: 6bd85497c7 + spec: + containers: + - env: + - name: DB_TYPE + value: postgres + - name: DB_HOST + value: wikijs-postgres + - name: DB_PORT + value: '5432' + - name: DB_USER + value: wikijs + - name: DB_PASS + value: wikijsrocks + - name: DB_NAME + value: wikijs + image: ghcr.io/requarks/wiki:latest + imagePullPolicy: Always + name: wiki + ports: + - containerPort: 3000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + - apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: '1' + deployment.kubernetes.io/max-replicas: '2' + deployment.kubernetes.io/revision: '1' + creationTimestamp: '2025-05-21T13:55:04Z' + generation: 1 + labels: + app: wikijs-postgres + pod-template-hash: 79d84f58b5 + name: wikijs-postgres-79d84f58b5 + namespace: wiki + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: wikijs-postgres + uid: 502330c7-9841-4df2-b4d7-f5664efe11b6 + resourceVersion: '8820197' + uid: d3e5df36-d1f0-4dfd-aa76-30063a80fbb8 + spec: + replicas: 1 + selector: + matchLabels: + app: wikijs-postgres + pod-template-hash: 79d84f58b5 + template: + metadata: + creationTimestamp: null + labels: + app: wikijs-postgres + pod-template-hash: 79d84f58b5 + spec: + containers: + - env: + - name: POSTGRES_DB + value: wikijs + - name: POSTGRES_USER + value: wikijs + - name: POSTGRES_PASSWORD + value: wikijsrocks + image: postgres:14 + imagePullPolicy: IfNotPresent + name: postgres + ports: + - containerPort: 5432 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgres-data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: postgres-data + persistentVolumeClaim: + claimName: wikijs-postgres-pvc + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 kind: List -metadata: - resourceVersion: "" +metadata: {}