Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resources filtered out in event handlers still get annotated by Kopf #374

Closed
kopf-archiver bot opened this issue Aug 18, 2020 · 4 comments · Fixed by #545
Closed

Resources filtered out in event handlers still get annotated by Kopf #374

kopf-archiver bot opened this issue Aug 18, 2020 · 4 comments · Fixed by #545
Assignees
@nolar
Labels
archive bug Something isn't working
Milestone
28: stability, re...

Comments

@kopf-archiver
Copy link

kopf-archiver bot commented Aug 18, 2020
edited
Loading

An issue by akojima at 2020-06-11 15:44:35+00:00
Original URL: zalando-incubator/kopf#374
 

Long story short

Resources that are indicated to be of no interest to an event handler through a filter (like label=) still get annotated with Kopf data like /last-handled-configuration, across the entire cluster.

Description

I have an Operator that watches Pod events with specific label values, so the event handlers use the label= filter. However, whenever the Operator runs all pods in all namespaces get updated with annotations for persisted progress and diffbase data, instead of just the filtered pods.

Coupled with issue #372, this could be disruptive to a cluster, since it's possible that unrelated operators can no longer add annotations to the pods they're managing, because the resource size grew too big with data from unrelated operators.

The code snippet to reproduce the issue 
import kopf

@kopf.on.create("", "v1", "pods", labels={"app": "dontmatchanything"})
def on_create(**kwargs):
    pass


@kopf.on.event("", "v1", "pods", labels={"app": "dontmatchanything"})
def on_event(**kwargs):
    pass
The exact command to reproduce the issue 
kopf run nulloperator.py --verbose
The full output of the command that failed 
$ kopf run nulloperator.py --verbose
[2020-06-11 08:39:24,029] kopf.reactor.activit [INFO    ] Initial authentication has been initiated.
[2020-06-11 08:39:24,029] kopf.activities.auth [DEBUG   ] Activity 'login_via_client' is invoked.
[2020-06-11 08:39:24,038] kopf.activities.auth [DEBUG   ] Client is configured via kubeconfig file.
[2020-06-11 08:39:24,038] kopf.activities.auth [INFO    ] Activity 'login_via_client' succeeded.
[2020-06-11 08:39:24,038] kopf.reactor.activit [INFO    ] Initial authentication has finished.
[2020-06-11 08:39:24,052] kopf.engines.peering [WARNING ] Default peering object not found, falling back to the standalone mode.
[2020-06-11 08:39:24,165] kopf.objects         [DEBUG   ] [docker/compose-78f95d4f8c-pj4pl] Creation event: {'metadata': {'name': 'compose-78f95d4f8c-pj4pl', 'generateName': 'compose-78f95d4f8c-', 'namespace': 'docker', 'selfLink': '/api/v1/namespaces/docker/pods/compose-78f95d4f8c-pj4pl', 'uid': '1fa38a26-ccec-4784-97a6-88ac76a48af4', 'resourceVersion': '680', 'creationTimestamp': '2020-06-11T15:29:18Z', 'labels': {'com.docker.default-service-type': '', 'com.docker.deploy-namespace': 'docker', 'com.docker.fry': 'compose', 'com.docker.image-tag': 'v0.4.25-alpha1', 'pod-template-hash': '78f95d4f8c'}, 'annotations': {'nulloperator/last-handled-configuration': '{"spec": {"volumes": [{"name": "compose-token-6bn9v", "secret": {"secretName": "compose-token-6bn9v", "defaultMode": 420}}], "containers": [{"name": "compose", "image": "docker/kube-compose-controller:v0.4.25-alpha1", "args": ["--kubeconfig", "", "--reconciliation-interval", "12h0m0s", "--healthz-check-port", "0"], "resources": {}, "volumeMounts": [{"name": "compose-token-6bn9v", "readOnly": true, "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"}], "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent"}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "serviceAccountName": "compose", "serviceAccount": "compose", "nodeName": "docker-desktop", "securityContext": {}, "affinity": {"nodeAffinity": {"requiredDuringSchedulingIgnoredDuringExecution": {"nodeSelectorTerms": [{"matchExpressions": [{"key": "beta.kubernetes.io/os", "operator": "In", "values": ["linux"]}, {"key": "beta.kubernetes.io/arch", "operator": "In", "values": ["amd64"]}]}]}}}, "schedulerName": "default-scheduler", "tolerations": [{"key": "node.kubernetes.io/not-ready", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}, {"key": "node.kubernetes.io/unreachable", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}], "priority": 0, "enableServiceLinks": true}, "metadata": {"labels": {"com.docker.default-service-type": "", "com.docker.deploy-namespace": "docker", "com.docker.fry": "compose", "com.docker.image-tag": "v0.4.25-alpha1", "pod-template-hash": "78f95d4f8c"}, "annotations": {}}}'}, 'ownerReferences': [{'apiVersion': 'apps/v1', 'kind': 'ReplicaSet', 'name': 'compose-78f95d4f8c', 'uid': '359a6ca7-3658-4709-bd20-8c96a8c5dd4b', 'controller': True, 'blockOwnerDeletion': True}]}, 'spec': {'volumes': [{'name': 'compose-token-6bn9v', 'secret': {'secretName': 'compose-token-6bn9v', 'defaultMode': 420}}], 'containers': [{'name': 'compose', 'image': 'docker/kube-compose-controller:v0.4.25-alpha1', 'args': ['--kubeconfig', '', '--reconciliation-interval', '12h0m0s', '--healthz-check-port', '0'], 'resources': {}, 'volumeMounts': [{'name': 'compose-token-6bn9v', 'readOnly': True, 'mountPath': '/var/run/secrets/kubernetes.io/serviceaccount'}], 'terminationMessagePath': '/dev/termination-log', 'terminationMessagePolicy': 'File', 'imagePullPolicy': 'IfNotPresent'}], 'restartPolicy': 'Always', 'terminationGracePeriodSeconds': 30, 'dnsPolicy': 'ClusterFirst', 'serviceAccountName': 'compose', 'serviceAccount': 'compose', 'nodeName': 'docker-desktop', 'securityContext': {}, 'affinity': {'nodeAffinity': {'requiredDuringSchedulingIgnoredDuringExecution': {'nodeSelectorTerms': [{'matchExpressions': [{'key': 'beta.kubernetes.io/os', 'operator': 'In', 'values': ['linux']}, {'key': 'beta.kubernetes.io/arch', 'operator': 'In', 'values': ['amd64']}]}]}}}, 'schedulerName': 'default-scheduler', 'tolerations': [{'key': 'node.kubernetes.io/not-ready', 'operator': 'Exists', 'effect': 'NoExecute', 'tolerationSeconds': 300}, {'key': 'node.kubernetes.io/unreachable', 'operator': 'Exists', 'effect': 'NoExecute', 'tolerationSeconds': 300}], 'priority': 0, 'enableServiceLinks': True}, 'status': {'phase': 'Running', 'conditions': [{'type': 'Initialized', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:29:18Z'}, {'type': 'Ready', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:29:21Z'}, {'type': 'ContainersReady', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:29:21Z'}, {'type': 'PodScheduled', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:29:18Z'}], 'hostIP': '192.168.65.3', 'podIP': '10.1.5.90', 'podIPs': [{'ip': '10.1.5.90'}], 'startTime': '2020-06-11T15:29:18Z', 'containerStatuses': [{'name': 'compose', 'state': {'running': {'startedAt': '2020-06-11T15:29:21Z'}}, 'lastState': {}, 'ready': True, 'restartCount': 0, 'image': 'docker/kube-compose-controller:v0.4.25-alpha1', 'imageID': 'docker-pullable://docker/kube-compose-controller@sha256:6ad2d6a2cc1909fbc477f64e3292c16b88db31eb83458f420eb223f119f3dffd', 'containerID': 'docker://eaa9e44fe9ba3f3d09e1f6b676cd5db357067205bfe4d353fbf1f5ce022ddfab', 'started': True}], 'qosClass': 'BestEffort'}, 'kind': 'Pod', 'apiVersion': 'v1'}
[2020-06-11 08:39:24,166] kopf.objects         [DEBUG   ] [docker/compose-78f95d4f8c-pj4pl] Patching with: {'metadata': {'annotations': {'kopf.zalando.org/last-handled-configuration': '{"spec": {"volumes": [{"name": "compose-token-6bn9v", "secret": {"secretName": "compose-token-6bn9v", "defaultMode": 420}}], "containers": [{"name": "compose", "image": "docker/kube-compose-controller:v0.4.25-alpha1", "args": ["--kubeconfig", "", "--reconciliation-interval", "12h0m0s", "--healthz-check-port", "0"], "resources": {}, "volumeMounts": [{"name": "compose-token-6bn9v", "readOnly": true, "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"}], "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent"}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "serviceAccountName": "compose", "serviceAccount": "compose", "nodeName": "docker-desktop", "securityContext": {}, "affinity": {"nodeAffinity": {"requiredDuringSchedulingIgnoredDuringExecution": {"nodeSelectorTerms": [{"matchExpressions": [{"key": "beta.kubernetes.io/os", "operator": "In", "values": ["linux"]}, {"key": "beta.kubernetes.io/arch", "operator": "In", "values": ["amd64"]}]}]}}}, "schedulerName": "default-scheduler", "tolerations": [{"key": "node.kubernetes.io/not-ready", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}, {"key": "node.kubernetes.io/unreachable", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}], "priority": 0, "enableServiceLinks": true}, "metadata": {"labels": {"com.docker.default-service-type": "", "com.docker.deploy-namespace": "docker", "com.docker.fry": "compose", "com.docker.image-tag": "v0.4.25-alpha1", "pod-template-hash": "78f95d4f8c"}, "annotations": {"nulloperator/last-handled-configuration": "{\\"spec\\": {\\"volumes\\": [{\\"name\\": \\"compose-token-6bn9v\\", \\"secret\\": {\\"secretName\\": \\"compose-token-6bn9v\\", \\"defaultMode\\": 420}}], \\"containers\\": [{\\"name\\": \\"compose\\", \\"image\\": \\"docker/kube-compose-controller:v0.4.25-alpha1\\", \\"args\\": [\\"--kubeconfig\\", \\"\\", \\"--reconciliation-interval\\", \\"12h0m0s\\", \\"--healthz-check-port\\", \\"0\\"], \\"resources\\": {}, \\"volumeMounts\\": [{\\"name\\": \\"compose-token-6bn9v\\", \\"readOnly\\": true, \\"mountPath\\": \\"/var/run/secrets/kubernetes.io/serviceaccount\\"}], \\"terminationMessagePath\\": \\"/dev/termination-log\\", \\"terminationMessagePolicy\\": \\"File\\", \\"imagePullPolicy\\": \\"IfNotPresent\\"}], \\"restartPolicy\\": \\"Always\\", \\"terminationGracePeriodSeconds\\": 30, \\"dnsPolicy\\": \\"ClusterFirst\\", \\"serviceAccountName\\": \\"compose\\", \\"serviceAccount\\": \\"compose\\", \\"nodeName\\": \\"docker-desktop\\", \\"securityContext\\": {}, \\"affinity\\": {\\"nodeAffinity\\": {\\"requiredDuringSchedulingIgnoredDuringExecution\\": {\\"nodeSelectorTerms\\": [{\\"matchExpressions\\": [{\\"key\\": \\"beta.kubernetes.io/os\\", \\"operator\\": \\"In\\", \\"values\\": [\\"linux\\"]}, {\\"key\\": \\"beta.kubernetes.io/arch\\", \\"operator\\": \\"In\\", \\"values\\": [\\"amd64\\"]}]}]}}}, \\"schedulerName\\": \\"default-scheduler\\", \\"tolerations\\": [{\\"key\\": \\"node.kubernetes.io/not-ready\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\", \\"tolerationSeconds\\": 300}, {\\"key\\": \\"node.kubernetes.io/unreachable\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\", \\"tolerationSeconds\\": 300}], \\"priority\\": 0, \\"enableServiceLinks\\": true}, \\"metadata\\": {\\"labels\\": {\\"com.docker.default-service-type\\": \\"\\", \\"com.docker.deploy-namespace\\": \\"docker\\", \\"com.docker.fry\\": \\"compose\\", \\"com.docker.image-tag\\": \\"v0.4.25-alpha1\\", \\"pod-template-hash\\": \\"78f95d4f8c\\"}, \\"annotations\\": {}}}"}}}'}}}
[2020-06-11 08:39:24,167] kopf.objects         [DEBUG   ] [docker/compose-api-6ffb89dc58-2fpc2] Creation event: {'metadata': {'name': 'compose-api-6ffb89dc58-2fpc2', 'generateName': 'compose-api-6ffb89dc58-', 'namespace': 'docker', 'selfLink': '/api/v1/namespaces/docker/pods/compose-api-6ffb89dc58-2fpc2', 'uid': '38d7f3e8-8b86-404d-bc8d-a235af112802', 'resourceVersion': '679', 'creationTimestamp': '2020-06-11T15:29:18Z', 'labels': {'com.docker.deploy-namespace': 'docker', 'com.docker.fry': 'compose.api', 'com.docker.image-tag': 'v0.4.25-alpha1', 'pod-template-hash': '6ffb89dc58'}, 'annotations': {'nulloperator/last-handled-configuration': '{"spec": {"volumes": [{"name": "etcd-secret", "secret": {"secretName": "compose-etcd", "items": [{"key": "ca", "path": "ca.crt"}, {"key": "cert", "path": "client.crt"}, {"key": "key", "path": "client.key"}], "defaultMode": 420}}, {"name": "compose-token-6bn9v", "secret": {"secretName": "compose-token-6bn9v", "defaultMode": 420}}], "containers": [{"name": "compose", "image": "docker/kube-compose-api-server:v0.4.25-alpha1", "args": ["--kubeconfig", "", "--authentication-kubeconfig=", "--authorization-kubeconfig=", "--service-name=compose-api", "--service-namespace", "docker", "--healthz-check-port", "0", "--etcd-servers=https://127.0.0.1:2379", "--etcd-cafile=/etc/docker-compose/etcd/ca.crt", "--etcd-certfile=/etc/docker-compose/etcd/client.crt", "--etcd-keyfile=/etc/docker-compose/etcd/client.key", "--secure-port=9443"], "resources": {}, "volumeMounts": [{"name": "etcd-secret", "readOnly": true, "mountPath": "/etc/docker-compose/etcd"}, {"name": "compose-token-6bn9v", "readOnly": true, "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"}], "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent"}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "serviceAccountName": "compose", "serviceAccount": "compose", "nodeName": "docker-desktop", "hostNetwork": true, "securityContext": {}, "affinity": {"nodeAffinity": {"requiredDuringSchedulingIgnoredDuringExecution": {"nodeSelectorTerms": [{"matchExpressions": [{"key": "beta.kubernetes.io/os", "operator": "In", "values": ["linux"]}, {"key": "beta.kubernetes.io/arch", "operator": "In", "values": ["amd64"]}]}]}}}, "schedulerName": "default-scheduler", "tolerations": [{"key": "node.kubernetes.io/not-ready", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}, {"key": "node.kubernetes.io/unreachable", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}], "priority": 0, "enableServiceLinks": true}, "metadata": {"labels": {"com.docker.deploy-namespace": "docker", "com.docker.fry": "compose.api", "com.docker.image-tag": "v0.4.25-alpha1", "pod-template-hash": "6ffb89dc58"}, "annotations": {}}}'}, 'ownerReferences': [{'apiVersion': 'apps/v1', 'kind': 'ReplicaSet', 'name': 'compose-api-6ffb89dc58', 'uid': '9e6add08-df06-4227-b079-aa8c8ddf710e', 'controller': True, 'blockOwnerDeletion': True}]}, 'spec': {'volumes': [{'name': 'etcd-secret', 'secret': {'secretName': 'compose-etcd', 'items': [{'key': 'ca', 'path': 'ca.crt'}, {'key': 'cert', 'path': 'client.crt'}, {'key': 'key', 'path': 'client.key'}], 'defaultMode': 420}}, {'name': 'compose-token-6bn9v', 'secret': {'secretName': 'compose-token-6bn9v', 'defaultMode': 420}}], 'containers': [{'name': 'compose', 'image': 'docker/kube-compose-api-server:v0.4.25-alpha1', 'args': ['--kubeconfig', '', '--authentication-kubeconfig=', '--authorization-kubeconfig=', '--service-name=compose-api', '--service-namespace', 'docker', '--healthz-check-port', '0', '--etcd-servers=https://127.0.0.1:2379', '--etcd-cafile=/etc/docker-compose/etcd/ca.crt', '--etcd-certfile=/etc/docker-compose/etcd/client.crt', '--etcd-keyfile=/etc/docker-compose/etcd/client.key', '--secure-port=9443'], 'resources': {}, 'volumeMounts': [{'name': 'etcd-secret', 'readOnly': True, 'mountPath': '/etc/docker-compose/etcd'}, {'name': 'compose-token-6bn9v', 'readOnly': True, 'mountPath': '/var/run/secrets/kubernetes.io/serviceaccount'}], 'terminationMessagePath': '/dev/termination-log', 'terminationMessagePolicy': 'File', 'imagePullPolicy': 'IfNotPresent'}], 'restartPolicy': 'Always', 'terminationGracePeriodSeconds': 30, 'dnsPolicy': 'ClusterFirst', 'serviceAccountName': 'compose', 'serviceAccount': 'compose', 'nodeName': 'docker-desktop', 'hostNetwork': True, 'securityContext': {}, 'affinity': {'nodeAffinity': {'requiredDuringSchedulingIgnoredDuringExecution': {'nodeSelectorTerms': [{'matchExpressions': [{'key': 'beta.kubernetes.io/os', 'operator': 'In', 'values': ['linux']}, {'key': 'beta.kubernetes.io/arch', 'operator': 'In', 'values': ['amd64']}]}]}}}, 'schedulerName': 'default-scheduler', 'tolerations': [{'key': 'node.kubernetes.io/not-ready', 'operator': 'Exists', 'effect': 'NoExecute', 'tolerationSeconds': 300}, {'key': 'node.kubernetes.io/unreachable', 'operator': 'Exists', 'effect': 'NoExecute', 'tolerationSeconds': 300}], 'priority': 0, 'enableServiceLinks': True}, 'status': {'phase': 'Running', 'conditions': [{'type': 'Initialized', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:29:18Z'}, {'type': 'Ready', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:29:21Z'}, {'type': 'ContainersReady', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:29:21Z'}, {'type': 'PodScheduled', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:29:18Z'}], 'hostIP': '192.168.65.3', 'podIP': '192.168.65.3', 'podIPs': [{'ip': '192.168.65.3'}], 'startTime': '2020-06-11T15:29:18Z', 'containerStatuses': [{'name': 'compose', 'state': {'running': {'startedAt': '2020-06-11T15:29:20Z'}}, 'lastState': {}, 'ready': True, 'restartCount': 0, 'image': 'docker/kube-compose-api-server:v0.4.25-alpha1', 'imageID': 'docker-pullable://docker/kube-compose-api-server@sha256:17593177ba90d0ece33fa82c0075953df1f29beb89f71c1ee8b13abee31da494', 'containerID': 'docker://5bcf7150adebd4276871364e4dfe3aab1ec26c97940bbc89f86fa116be6af4db', 'started': True}], 'qosClass': 'BestEffort'}, 'kind': 'Pod', 'apiVersion': 'v1'}
[2020-06-11 08:39:24,168] kopf.objects         [DEBUG   ] [docker/compose-api-6ffb89dc58-2fpc2] Patching with: {'metadata': {'annotations': {'kopf.zalando.org/last-handled-configuration': '{"spec": {"volumes": [{"name": "etcd-secret", "secret": {"secretName": "compose-etcd", "items": [{"key": "ca", "path": "ca.crt"}, {"key": "cert", "path": "client.crt"}, {"key": "key", "path": "client.key"}], "defaultMode": 420}}, {"name": "compose-token-6bn9v", "secret": {"secretName": "compose-token-6bn9v", "defaultMode": 420}}], "containers": [{"name": "compose", "image": "docker/kube-compose-api-server:v0.4.25-alpha1", "args": ["--kubeconfig", "", "--authentication-kubeconfig=", "--authorization-kubeconfig=", "--service-name=compose-api", "--service-namespace", "docker", "--healthz-check-port", "0", "--etcd-servers=https://127.0.0.1:2379", "--etcd-cafile=/etc/docker-compose/etcd/ca.crt", "--etcd-certfile=/etc/docker-compose/etcd/client.crt", "--etcd-keyfile=/etc/docker-compose/etcd/client.key", "--secure-port=9443"], "resources": {}, "volumeMounts": [{"name": "etcd-secret", "readOnly": true, "mountPath": "/etc/docker-compose/etcd"}, {"name": "compose-token-6bn9v", "readOnly": true, "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"}], "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent"}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "serviceAccountName": "compose", "serviceAccount": "compose", "nodeName": "docker-desktop", "hostNetwork": true, "securityContext": {}, "affinity": {"nodeAffinity": {"requiredDuringSchedulingIgnoredDuringExecution": {"nodeSelectorTerms": [{"matchExpressions": [{"key": "beta.kubernetes.io/os", "operator": "In", "values": ["linux"]}, {"key": "beta.kubernetes.io/arch", "operator": "In", "values": ["amd64"]}]}]}}}, "schedulerName": "default-scheduler", "tolerations": [{"key": "node.kubernetes.io/not-ready", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}, {"key": "node.kubernetes.io/unreachable", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}], "priority": 0, "enableServiceLinks": true}, "metadata": {"labels": {"com.docker.deploy-namespace": "docker", "com.docker.fry": "compose.api", "com.docker.image-tag": "v0.4.25-alpha1", "pod-template-hash": "6ffb89dc58"}, "annotations": {"nulloperator/last-handled-configuration": "{\\"spec\\": {\\"volumes\\": [{\\"name\\": \\"etcd-secret\\", \\"secret\\": {\\"secretName\\": \\"compose-etcd\\", \\"items\\": [{\\"key\\": \\"ca\\", \\"path\\": \\"ca.crt\\"}, {\\"key\\": \\"cert\\", \\"path\\": \\"client.crt\\"}, {\\"key\\": \\"key\\", \\"path\\": \\"client.key\\"}], \\"defaultMode\\": 420}}, {\\"name\\": \\"compose-token-6bn9v\\", \\"secret\\": {\\"secretName\\": \\"compose-token-6bn9v\\", \\"defaultMode\\": 420}}], \\"containers\\": [{\\"name\\": \\"compose\\", \\"image\\": \\"docker/kube-compose-api-server:v0.4.25-alpha1\\", \\"args\\": [\\"--kubeconfig\\", \\"\\", \\"--authentication-kubeconfig=\\", \\"--authorization-kubeconfig=\\", \\"--service-name=compose-api\\", \\"--service-namespace\\", \\"docker\\", \\"--healthz-check-port\\", \\"0\\", \\"--etcd-servers=https://127.0.0.1:2379\\", \\"--etcd-cafile=/etc/docker-compose/etcd/ca.crt\\", \\"--etcd-certfile=/etc/docker-compose/etcd/client.crt\\", \\"--etcd-keyfile=/etc/docker-compose/etcd/client.key\\", \\"--secure-port=9443\\"], \\"resources\\": {}, \\"volumeMounts\\": [{\\"name\\": \\"etcd-secret\\", \\"readOnly\\": true, \\"mountPath\\": \\"/etc/docker-compose/etcd\\"}, {\\"name\\": \\"compose-token-6bn9v\\", \\"readOnly\\": true, \\"mountPath\\": \\"/var/run/secrets/kubernetes.io/serviceaccount\\"}], \\"terminationMessagePath\\": \\"/dev/termination-log\\", \\"terminationMessagePolicy\\": \\"File\\", \\"imagePullPolicy\\": \\"IfNotPresent\\"}], \\"restartPolicy\\": \\"Always\\", \\"terminationGracePeriodSeconds\\": 30, \\"dnsPolicy\\": \\"ClusterFirst\\", \\"serviceAccountName\\": \\"compose\\", \\"serviceAccount\\": \\"compose\\", \\"nodeName\\": \\"docker-desktop\\", \\"hostNetwork\\": true, \\"securityContext\\": {}, \\"affinity\\": {\\"nodeAffinity\\": {\\"requiredDuringSchedulingIgnoredDuringExecution\\": {\\"nodeSelectorTerms\\": [{\\"matchExpressions\\": [{\\"key\\": \\"beta.kubernetes.io/os\\", \\"operator\\": \\"In\\", \\"values\\": [\\"linux\\"]}, {\\"key\\": \\"beta.kubernetes.io/arch\\", \\"operator\\": \\"In\\", \\"values\\": [\\"amd64\\"]}]}]}}}, \\"schedulerName\\": \\"default-scheduler\\", \\"tolerations\\": [{\\"key\\": \\"node.kubernetes.io/not-ready\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\", \\"tolerationSeconds\\": 300}, {\\"key\\": \\"node.kubernetes.io/unreachable\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\", \\"tolerationSeconds\\": 300}], \\"priority\\": 0, \\"enableServiceLinks\\": true}, \\"metadata\\": {\\"labels\\": {\\"com.docker.deploy-namespace\\": \\"docker\\", \\"com.docker.fry\\": \\"compose.api\\", \\"com.docker.image-tag\\": \\"v0.4.25-alpha1\\", \\"pod-template-hash\\": \\"6ffb89dc58\\"}, \\"annotations\\": {}}}"}}}'}}}
[2020-06-11 08:39:24,169] kopf.objects         [DEBUG   ] [kube-system/coredns-5644d7b6d9-qbjrv] Creation event: {'metadata': {'name': 'coredns-5644d7b6d9-qbjrv', 'generateName': 'coredns-5644d7b6d9-', 'namespace': 'kube-system', 'selfLink': '/api/v1/namespaces/kube-system/pods/coredns-5644d7b6d9-qbjrv', 'uid': '86f55d3e-59f4-4773-9890-1310e02ea67c', 'resourceVersion': '682', 'creationTimestamp': '2020-06-11T15:28:12Z', 'labels': {'k8s-app': 'kube-dns', 'pod-template-hash': '5644d7b6d9'}, 'annotations': {'nulloperator/last-handled-configuration': '{"spec": {"volumes": [{"name": "config-volume", "configMap": {"name": "coredns", "items": [{"key": "Corefile", "path": "Corefile"}], "defaultMode": 420}}, {"name": "coredns-token-jg8cw", "secret": {"secretName": "coredns-token-jg8cw", "defaultMode": 420}}], "containers": [{"name": "coredns", "image": "k8s.gcr.io/coredns:1.6.2", "args": ["-conf", "/etc/coredns/Corefile"], "ports": [{"name": "dns", "containerPort": 53, "protocol": "UDP"}, {"name": "dns-tcp", "containerPort": 53, "protocol": "TCP"}, {"name": "metrics", "containerPort": 9153, "protocol": "TCP"}], "resources": {"limits": {"memory": "170Mi"}, "requests": {"cpu": "100m", "memory": "70Mi"}}, "volumeMounts": [{"name": "config-volume", "readOnly": true, "mountPath": "/etc/coredns"}, {"name": "coredns-token-jg8cw", "readOnly": true, "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"}], "livenessProbe": {"httpGet": {"path": "/health", "port": 8080, "scheme": "HTTP"}, "initialDelaySeconds": 60, "timeoutSeconds": 5, "periodSeconds": 10, "successThreshold": 1, "failureThreshold": 5}, "readinessProbe": {"httpGet": {"path": "/ready", "port": 8181, "scheme": "HTTP"}, "timeoutSeconds": 1, "periodSeconds": 10, "successThreshold": 1, "failureThreshold": 3}, "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent", "securityContext": {"capabilities": {"add": ["NET_BIND_SERVICE"], "drop": ["all"]}, "readOnlyRootFilesystem": true, "allowPrivilegeEscalation": false}}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "Default", "nodeSelector": {"beta.kubernetes.io/os": "linux"}, "serviceAccountName": "coredns", "serviceAccount": "coredns", "nodeName": "docker-desktop", "securityContext": {}, "schedulerName": "default-scheduler", "tolerations": [{"key": "CriticalAddonsOnly", "operator": "Exists"}, {"key": "node-role.kubernetes.io/master", "effect": "NoSchedule"}, {"key": "node.kubernetes.io/not-ready", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}, {"key": "node.kubernetes.io/unreachable", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}], "priorityClassName": "system-cluster-critical", "priority": 2000000000, "enableServiceLinks": true}, "metadata": {"labels": {"k8s-app": "kube-dns", "pod-template-hash": "5644d7b6d9"}, "annotations": {}}}'}, 'ownerReferences': [{'apiVersion': 'apps/v1', 'kind': 'ReplicaSet', 'name': 'coredns-5644d7b6d9', 'uid': 'e338728a-336e-4c22-846c-57484d8d71b5', 'controller': True, 'blockOwnerDeletion': True}]}, 'spec': {'volumes': [{'name': 'config-volume', 'configMap': {'name': 'coredns', 'items': [{'key': 'Corefile', 'path': 'Corefile'}], 'defaultMode': 420}}, {'name': 'coredns-token-jg8cw', 'secret': {'secretName': 'coredns-token-jg8cw', 'defaultMode': 420}}], 'containers': [{'name': 'coredns', 'image': 'k8s.gcr.io/coredns:1.6.2', 'args': ['-conf', '/etc/coredns/Corefile'], 'ports': [{'name': 'dns', 'containerPort': 53, 'protocol': 'UDP'}, {'name': 'dns-tcp', 'containerPort': 53, 'protocol': 'TCP'}, {'name': 'metrics', 'containerPort': 9153, 'protocol': 'TCP'}], 'resources': {'limits': {'memory': '170Mi'}, 'requests': {'cpu': '100m', 'memory': '70Mi'}}, 'volumeMounts': [{'name': 'config-volume', 'readOnly': True, 'mountPath': '/etc/coredns'}, {'name': 'coredns-token-jg8cw', 'readOnly': True, 'mountPath': '/var/run/secrets/kubernetes.io/serviceaccount'}], 'livenessProbe': {'httpGet': {'path': '/health', 'port': 8080, 'scheme': 'HTTP'}, 'initialDelaySeconds': 60, 'timeoutSeconds': 5, 'periodSeconds': 10, 'successThreshold': 1, 'failureThreshold': 5}, 'readinessProbe': {'httpGet': {'path': '/ready', 'port': 8181, 'scheme': 'HTTP'}, 'timeoutSeconds': 1, 'periodSeconds': 10, 'successThreshold': 1, 'failureThreshold': 3}, 'terminationMessagePath': '/dev/termination-log', 'terminationMessagePolicy': 'File', 'imagePullPolicy': 'IfNotPresent', 'securityContext': {'capabilities': {'add': ['NET_BIND_SERVICE'], 'drop': ['all']}, 'readOnlyRootFilesystem': True, 'allowPrivilegeEscalation': False}}], 'restartPolicy': 'Always', 'terminationGracePeriodSeconds': 30, 'dnsPolicy': 'Default', 'nodeSelector': {'beta.kubernetes.io/os': 'linux'}, 'serviceAccountName': 'coredns', 'serviceAccount': 'coredns', 'nodeName': 'docker-desktop', 'securityContext': {}, 'schedulerName': 'default-scheduler', 'tolerations': [{'key': 'CriticalAddonsOnly', 'operator': 'Exists'}, {'key': 'node-role.kubernetes.io/master', 'effect': 'NoSchedule'}, {'key': 'node.kubernetes.io/not-ready', 'operator': 'Exists', 'effect': 'NoExecute', 'tolerationSeconds': 300}, {'key': 'node.kubernetes.io/unreachable', 'operator': 'Exists', 'effect': 'NoExecute', 'tolerationSeconds': 300}], 'priorityClassName': 'system-cluster-critical', 'priority': 2000000000, 'enableServiceLinks': True}, 'status': {'phase': 'Running', 'conditions': [{'type': 'Initialized', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:14Z'}, {'type': 'Ready', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:18Z'}, {'type': 'ContainersReady', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:18Z'}, {'type': 'PodScheduled', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:14Z'}], 'hostIP': '192.168.65.3', 'podIP': '10.1.5.86', 'podIPs': [{'ip': '10.1.5.86'}], 'startTime': '2020-06-11T15:28:14Z', 'containerStatuses': [{'name': 'coredns', 'state': {'running': {'startedAt': '2020-06-11T15:28:15Z'}}, 'lastState': {}, 'ready': True, 'restartCount': 0, 'image': 'k8s.gcr.io/coredns:1.6.2', 'imageID': 'docker-pullable://k8s.gcr.io/coredns@sha256:12eb885b8685b1b13a04ecf5c23bc809c2e57917252fd7b0be9e9c00644e8ee5', 'containerID': 'docker://74d58e5cfa81858238b0e8e00471e48b16859170af12c5be86686fed6ba7cdb2', 'started': True}], 'qosClass': 'Burstable'}, 'kind': 'Pod', 'apiVersion': 'v1'}
[2020-06-11 08:39:24,170] kopf.objects         [DEBUG   ] [kube-system/coredns-5644d7b6d9-qbjrv] Patching with: {'metadata': {'annotations': {'kopf.zalando.org/last-handled-configuration': '{"spec": {"volumes": [{"name": "config-volume", "configMap": {"name": "coredns", "items": [{"key": "Corefile", "path": "Corefile"}], "defaultMode": 420}}, {"name": "coredns-token-jg8cw", "secret": {"secretName": "coredns-token-jg8cw", "defaultMode": 420}}], "containers": [{"name": "coredns", "image": "k8s.gcr.io/coredns:1.6.2", "args": ["-conf", "/etc/coredns/Corefile"], "ports": [{"name": "dns", "containerPort": 53, "protocol": "UDP"}, {"name": "dns-tcp", "containerPort": 53, "protocol": "TCP"}, {"name": "metrics", "containerPort": 9153, "protocol": "TCP"}], "resources": {"limits": {"memory": "170Mi"}, "requests": {"cpu": "100m", "memory": "70Mi"}}, "volumeMounts": [{"name": "config-volume", "readOnly": true, "mountPath": "/etc/coredns"}, {"name": "coredns-token-jg8cw", "readOnly": true, "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"}], "livenessProbe": {"httpGet": {"path": "/health", "port": 8080, "scheme": "HTTP"}, "initialDelaySeconds": 60, "timeoutSeconds": 5, "periodSeconds": 10, "successThreshold": 1, "failureThreshold": 5}, "readinessProbe": {"httpGet": {"path": "/ready", "port": 8181, "scheme": "HTTP"}, "timeoutSeconds": 1, "periodSeconds": 10, "successThreshold": 1, "failureThreshold": 3}, "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent", "securityContext": {"capabilities": {"add": ["NET_BIND_SERVICE"], "drop": ["all"]}, "readOnlyRootFilesystem": true, "allowPrivilegeEscalation": false}}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "Default", "nodeSelector": {"beta.kubernetes.io/os": "linux"}, "serviceAccountName": "coredns", "serviceAccount": "coredns", "nodeName": "docker-desktop", "securityContext": {}, "schedulerName": "default-scheduler", "tolerations": [{"key": "CriticalAddonsOnly", "operator": "Exists"}, {"key": "node-role.kubernetes.io/master", "effect": "NoSchedule"}, {"key": "node.kubernetes.io/not-ready", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}, {"key": "node.kubernetes.io/unreachable", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}], "priorityClassName": "system-cluster-critical", "priority": 2000000000, "enableServiceLinks": true}, "metadata": {"labels": {"k8s-app": "kube-dns", "pod-template-hash": "5644d7b6d9"}, "annotations": {"nulloperator/last-handled-configuration": "{\\"spec\\": {\\"volumes\\": [{\\"name\\": \\"config-volume\\", \\"configMap\\": {\\"name\\": \\"coredns\\", \\"items\\": [{\\"key\\": \\"Corefile\\", \\"path\\": \\"Corefile\\"}], \\"defaultMode\\": 420}}, {\\"name\\": \\"coredns-token-jg8cw\\", \\"secret\\": {\\"secretName\\": \\"coredns-token-jg8cw\\", \\"defaultMode\\": 420}}], \\"containers\\": [{\\"name\\": \\"coredns\\", \\"image\\": \\"k8s.gcr.io/coredns:1.6.2\\", \\"args\\": [\\"-conf\\", \\"/etc/coredns/Corefile\\"], \\"ports\\": [{\\"name\\": \\"dns\\", \\"containerPort\\": 53, \\"protocol\\": \\"UDP\\"}, {\\"name\\": \\"dns-tcp\\", \\"containerPort\\": 53, \\"protocol\\": \\"TCP\\"}, {\\"name\\": \\"metrics\\", \\"containerPort\\": 9153, \\"protocol\\": \\"TCP\\"}], \\"resources\\": {\\"limits\\": {\\"memory\\": \\"170Mi\\"}, \\"requests\\": {\\"cpu\\": \\"100m\\", \\"memory\\": \\"70Mi\\"}}, \\"volumeMounts\\": [{\\"name\\": \\"config-volume\\", \\"readOnly\\": true, \\"mountPath\\": \\"/etc/coredns\\"}, {\\"name\\": \\"coredns-token-jg8cw\\", \\"readOnly\\": true, \\"mountPath\\": \\"/var/run/secrets/kubernetes.io/serviceaccount\\"}], \\"livenessProbe\\": {\\"httpGet\\": {\\"path\\": \\"/health\\", \\"port\\": 8080, \\"scheme\\": \\"HTTP\\"}, \\"initialDelaySeconds\\": 60, \\"timeoutSeconds\\": 5, \\"periodSeconds\\": 10, \\"successThreshold\\": 1, \\"failureThreshold\\": 5}, \\"readinessProbe\\": {\\"httpGet\\": {\\"path\\": \\"/ready\\", \\"port\\": 8181, \\"scheme\\": \\"HTTP\\"}, \\"timeoutSeconds\\": 1, \\"periodSeconds\\": 10, \\"successThreshold\\": 1, \\"failureThreshold\\": 3}, \\"terminationMessagePath\\": \\"/dev/termination-log\\", \\"terminationMessagePolicy\\": \\"File\\", \\"imagePullPolicy\\": \\"IfNotPresent\\", \\"securityContext\\": {\\"capabilities\\": {\\"add\\": [\\"NET_BIND_SERVICE\\"], \\"drop\\": [\\"all\\"]}, \\"readOnlyRootFilesystem\\": true, \\"allowPrivilegeEscalation\\": false}}], \\"restartPolicy\\": \\"Always\\", \\"terminationGracePeriodSeconds\\": 30, \\"dnsPolicy\\": \\"Default\\", \\"nodeSelector\\": {\\"beta.kubernetes.io/os\\": \\"linux\\"}, \\"serviceAccountName\\": \\"coredns\\", \\"serviceAccount\\": \\"coredns\\", \\"nodeName\\": \\"docker-desktop\\", \\"securityContext\\": {}, \\"schedulerName\\": \\"default-scheduler\\", \\"tolerations\\": [{\\"key\\": \\"CriticalAddonsOnly\\", \\"operator\\": \\"Exists\\"}, {\\"key\\": \\"node-role.kubernetes.io/master\\", \\"effect\\": \\"NoSchedule\\"}, {\\"key\\": \\"node.kubernetes.io/not-ready\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\", \\"tolerationSeconds\\": 300}, {\\"key\\": \\"node.kubernetes.io/unreachable\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\", \\"tolerationSeconds\\": 300}], \\"priorityClassName\\": \\"system-cluster-critical\\", \\"priority\\": 2000000000, \\"enableServiceLinks\\": true}, \\"metadata\\": {\\"labels\\": {\\"k8s-app\\": \\"kube-dns\\", \\"pod-template-hash\\": \\"5644d7b6d9\\"}, \\"annotations\\": {}}}"}}}'}}}
[2020-06-11 08:39:24,171] kopf.objects         [DEBUG   ] [kube-system/coredns-5644d7b6d9-vf6ft] Creation event: {'metadata': {'name': 'coredns-5644d7b6d9-vf6ft', 'generateName': 'coredns-5644d7b6d9-', 'namespace': 'kube-system', 'selfLink': '/api/v1/namespaces/kube-system/pods/coredns-5644d7b6d9-vf6ft', 'uid': '4d278368-0152-459b-bbca-ca0ca09d11e9', 'resourceVersion': '683', 'creationTimestamp': '2020-06-11T15:28:12Z', 'labels': {'k8s-app': 'kube-dns', 'pod-template-hash': '5644d7b6d9'}, 'annotations': {'nulloperator/last-handled-configuration': '{"spec": {"volumes": [{"name": "config-volume", "configMap": {"name": "coredns", "items": [{"key": "Corefile", "path": "Corefile"}], "defaultMode": 420}}, {"name": "coredns-token-jg8cw", "secret": {"secretName": "coredns-token-jg8cw", "defaultMode": 420}}], "containers": [{"name": "coredns", "image": "k8s.gcr.io/coredns:1.6.2", "args": ["-conf", "/etc/coredns/Corefile"], "ports": [{"name": "dns", "containerPort": 53, "protocol": "UDP"}, {"name": "dns-tcp", "containerPort": 53, "protocol": "TCP"}, {"name": "metrics", "containerPort": 9153, "protocol": "TCP"}], "resources": {"limits": {"memory": "170Mi"}, "requests": {"cpu": "100m", "memory": "70Mi"}}, "volumeMounts": [{"name": "config-volume", "readOnly": true, "mountPath": "/etc/coredns"}, {"name": "coredns-token-jg8cw", "readOnly": true, "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"}], "livenessProbe": {"httpGet": {"path": "/health", "port": 8080, "scheme": "HTTP"}, "initialDelaySeconds": 60, "timeoutSeconds": 5, "periodSeconds": 10, "successThreshold": 1, "failureThreshold": 5}, "readinessProbe": {"httpGet": {"path": "/ready", "port": 8181, "scheme": "HTTP"}, "timeoutSeconds": 1, "periodSeconds": 10, "successThreshold": 1, "failureThreshold": 3}, "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent", "securityContext": {"capabilities": {"add": ["NET_BIND_SERVICE"], "drop": ["all"]}, "readOnlyRootFilesystem": true, "allowPrivilegeEscalation": false}}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "Default", "nodeSelector": {"beta.kubernetes.io/os": "linux"}, "serviceAccountName": "coredns", "serviceAccount": "coredns", "nodeName": "docker-desktop", "securityContext": {}, "schedulerName": "default-scheduler", "tolerations": [{"key": "CriticalAddonsOnly", "operator": "Exists"}, {"key": "node-role.kubernetes.io/master", "effect": "NoSchedule"}, {"key": "node.kubernetes.io/not-ready", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}, {"key": "node.kubernetes.io/unreachable", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}], "priorityClassName": "system-cluster-critical", "priority": 2000000000, "enableServiceLinks": true}, "metadata": {"labels": {"k8s-app": "kube-dns", "pod-template-hash": "5644d7b6d9"}, "annotations": {}}}'}, 'ownerReferences': [{'apiVersion': 'apps/v1', 'kind': 'ReplicaSet', 'name': 'coredns-5644d7b6d9', 'uid': 'e338728a-336e-4c22-846c-57484d8d71b5', 'controller': True, 'blockOwnerDeletion': True}]}, 'spec': {'volumes': [{'name': 'config-volume', 'configMap': {'name': 'coredns', 'items': [{'key': 'Corefile', 'path': 'Corefile'}], 'defaultMode': 420}}, {'name': 'coredns-token-jg8cw', 'secret': {'secretName': 'coredns-token-jg8cw', 'defaultMode': 420}}], 'containers': [{'name': 'coredns', 'image': 'k8s.gcr.io/coredns:1.6.2', 'args': ['-conf', '/etc/coredns/Corefile'], 'ports': [{'name': 'dns', 'containerPort': 53, 'protocol': 'UDP'}, {'name': 'dns-tcp', 'containerPort': 53, 'protocol': 'TCP'}, {'name': 'metrics', 'containerPort': 9153, 'protocol': 'TCP'}], 'resources': {'limits': {'memory': '170Mi'}, 'requests': {'cpu': '100m', 'memory': '70Mi'}}, 'volumeMounts': [{'name': 'config-volume', 'readOnly': True, 'mountPath': '/etc/coredns'}, {'name': 'coredns-token-jg8cw', 'readOnly': True, 'mountPath': '/var/run/secrets/kubernetes.io/serviceaccount'}], 'livenessProbe': {'httpGet': {'path': '/health', 'port': 8080, 'scheme': 'HTTP'}, 'initialDelaySeconds': 60, 'timeoutSeconds': 5, 'periodSeconds': 10, 'successThreshold': 1, 'failureThreshold': 5}, 'readinessProbe': {'httpGet': {'path': '/ready', 'port': 8181, 'scheme': 'HTTP'}, 'timeoutSeconds': 1, 'periodSeconds': 10, 'successThreshold': 1, 'failureThreshold': 3}, 'terminationMessagePath': '/dev/termination-log', 'terminationMessagePolicy': 'File', 'imagePullPolicy': 'IfNotPresent', 'securityContext': {'capabilities': {'add': ['NET_BIND_SERVICE'], 'drop': ['all']}, 'readOnlyRootFilesystem': True, 'allowPrivilegeEscalation': False}}], 'restartPolicy': 'Always', 'terminationGracePeriodSeconds': 30, 'dnsPolicy': 'Default', 'nodeSelector': {'beta.kubernetes.io/os': 'linux'}, 'serviceAccountName': 'coredns', 'serviceAccount': 'coredns', 'nodeName': 'docker-desktop', 'securityContext': {}, 'schedulerName': 'default-scheduler', 'tolerations': [{'key': 'CriticalAddonsOnly', 'operator': 'Exists'}, {'key': 'node-role.kubernetes.io/master', 'effect': 'NoSchedule'}, {'key': 'node.kubernetes.io/not-ready', 'operator': 'Exists', 'effect': 'NoExecute', 'tolerationSeconds': 300}, {'key': 'node.kubernetes.io/unreachable', 'operator': 'Exists', 'effect': 'NoExecute', 'tolerationSeconds': 300}], 'priorityClassName': 'system-cluster-critical', 'priority': 2000000000, 'enableServiceLinks': True}, 'status': {'phase': 'Running', 'conditions': [{'type': 'Initialized', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:14Z'}, {'type': 'Ready', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:19Z'}, {'type': 'ContainersReady', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:19Z'}, {'type': 'PodScheduled', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:14Z'}], 'hostIP': '192.168.65.3', 'podIP': '10.1.5.87', 'podIPs': [{'ip': '10.1.5.87'}], 'startTime': '2020-06-11T15:28:14Z', 'containerStatuses': [{'name': 'coredns', 'state': {'running': {'startedAt': '2020-06-11T15:28:15Z'}}, 'lastState': {}, 'ready': True, 'restartCount': 0, 'image': 'k8s.gcr.io/coredns:1.6.2', 'imageID': 'docker-pullable://k8s.gcr.io/coredns@sha256:12eb885b8685b1b13a04ecf5c23bc809c2e57917252fd7b0be9e9c00644e8ee5', 'containerID': 'docker://3bb0045cf6b555b3419499c4acdcd9f4ea99b1fa12007a107340cbd223401ba3', 'started': True}], 'qosClass': 'Burstable'}, 'kind': 'Pod', 'apiVersion': 'v1'}
[2020-06-11 08:39:24,172] kopf.objects         [DEBUG   ] [kube-system/coredns-5644d7b6d9-vf6ft] Patching with: {'metadata': {'annotations': {'kopf.zalando.org/last-handled-configuration': '{"spec": {"volumes": [{"name": "config-volume", "configMap": {"name": "coredns", "items": [{"key": "Corefile", "path": "Corefile"}], "defaultMode": 420}}, {"name": "coredns-token-jg8cw", "secret": {"secretName": "coredns-token-jg8cw", "defaultMode": 420}}], "containers": [{"name": "coredns", "image": "k8s.gcr.io/coredns:1.6.2", "args": ["-conf", "/etc/coredns/Corefile"], "ports": [{"name": "dns", "containerPort": 53, "protocol": "UDP"}, {"name": "dns-tcp", "containerPort": 53, "protocol": "TCP"}, {"name": "metrics", "containerPort": 9153, "protocol": "TCP"}], "resources": {"limits": {"memory": "170Mi"}, "requests": {"cpu": "100m", "memory": "70Mi"}}, "volumeMounts": [{"name": "config-volume", "readOnly": true, "mountPath": "/etc/coredns"}, {"name": "coredns-token-jg8cw", "readOnly": true, "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"}], "livenessProbe": {"httpGet": {"path": "/health", "port": 8080, "scheme": "HTTP"}, "initialDelaySeconds": 60, "timeoutSeconds": 5, "periodSeconds": 10, "successThreshold": 1, "failureThreshold": 5}, "readinessProbe": {"httpGet": {"path": "/ready", "port": 8181, "scheme": "HTTP"}, "timeoutSeconds": 1, "periodSeconds": 10, "successThreshold": 1, "failureThreshold": 3}, "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent", "securityContext": {"capabilities": {"add": ["NET_BIND_SERVICE"], "drop": ["all"]}, "readOnlyRootFilesystem": true, "allowPrivilegeEscalation": false}}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "Default", "nodeSelector": {"beta.kubernetes.io/os": "linux"}, "serviceAccountName": "coredns", "serviceAccount": "coredns", "nodeName": "docker-desktop", "securityContext": {}, "schedulerName": "default-scheduler", "tolerations": [{"key": "CriticalAddonsOnly", "operator": "Exists"}, {"key": "node-role.kubernetes.io/master", "effect": "NoSchedule"}, {"key": "node.kubernetes.io/not-ready", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}, {"key": "node.kubernetes.io/unreachable", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}], "priorityClassName": "system-cluster-critical", "priority": 2000000000, "enableServiceLinks": true}, "metadata": {"labels": {"k8s-app": "kube-dns", "pod-template-hash": "5644d7b6d9"}, "annotations": {"nulloperator/last-handled-configuration": "{\\"spec\\": {\\"volumes\\": [{\\"name\\": \\"config-volume\\", \\"configMap\\": {\\"name\\": \\"coredns\\", \\"items\\": [{\\"key\\": \\"Corefile\\", \\"path\\": \\"Corefile\\"}], \\"defaultMode\\": 420}}, {\\"name\\": \\"coredns-token-jg8cw\\", \\"secret\\": {\\"secretName\\": \\"coredns-token-jg8cw\\", \\"defaultMode\\": 420}}], \\"containers\\": [{\\"name\\": \\"coredns\\", \\"image\\": \\"k8s.gcr.io/coredns:1.6.2\\", \\"args\\": [\\"-conf\\", \\"/etc/coredns/Corefile\\"], \\"ports\\": [{\\"name\\": \\"dns\\", \\"containerPort\\": 53, \\"protocol\\": \\"UDP\\"}, {\\"name\\": \\"dns-tcp\\", \\"containerPort\\": 53, \\"protocol\\": \\"TCP\\"}, {\\"name\\": \\"metrics\\", \\"containerPort\\": 9153, \\"protocol\\": \\"TCP\\"}], \\"resources\\": {\\"limits\\": {\\"memory\\": \\"170Mi\\"}, \\"requests\\": {\\"cpu\\": \\"100m\\", \\"memory\\": \\"70Mi\\"}}, \\"volumeMounts\\": [{\\"name\\": \\"config-volume\\", \\"readOnly\\": true, \\"mountPath\\": \\"/etc/coredns\\"}, {\\"name\\": \\"coredns-token-jg8cw\\", \\"readOnly\\": true, \\"mountPath\\": \\"/var/run/secrets/kubernetes.io/serviceaccount\\"}], \\"livenessProbe\\": {\\"httpGet\\": {\\"path\\": \\"/health\\", \\"port\\": 8080, \\"scheme\\": \\"HTTP\\"}, \\"initialDelaySeconds\\": 60, \\"timeoutSeconds\\": 5, \\"periodSeconds\\": 10, \\"successThreshold\\": 1, \\"failureThreshold\\": 5}, \\"readinessProbe\\": {\\"httpGet\\": {\\"path\\": \\"/ready\\", \\"port\\": 8181, \\"scheme\\": \\"HTTP\\"}, \\"timeoutSeconds\\": 1, \\"periodSeconds\\": 10, \\"successThreshold\\": 1, \\"failureThreshold\\": 3}, \\"terminationMessagePath\\": \\"/dev/termination-log\\", \\"terminationMessagePolicy\\": \\"File\\", \\"imagePullPolicy\\": \\"IfNotPresent\\", \\"securityContext\\": {\\"capabilities\\": {\\"add\\": [\\"NET_BIND_SERVICE\\"], \\"drop\\": [\\"all\\"]}, \\"readOnlyRootFilesystem\\": true, \\"allowPrivilegeEscalation\\": false}}], \\"restartPolicy\\": \\"Always\\", \\"terminationGracePeriodSeconds\\": 30, \\"dnsPolicy\\": \\"Default\\", \\"nodeSelector\\": {\\"beta.kubernetes.io/os\\": \\"linux\\"}, \\"serviceAccountName\\": \\"coredns\\", \\"serviceAccount\\": \\"coredns\\", \\"nodeName\\": \\"docker-desktop\\", \\"securityContext\\": {}, \\"schedulerName\\": \\"default-scheduler\\", \\"tolerations\\": [{\\"key\\": \\"CriticalAddonsOnly\\", \\"operator\\": \\"Exists\\"}, {\\"key\\": \\"node-role.kubernetes.io/master\\", \\"effect\\": \\"NoSchedule\\"}, {\\"key\\": \\"node.kubernetes.io/not-ready\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\", \\"tolerationSeconds\\": 300}, {\\"key\\": \\"node.kubernetes.io/unreachable\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\", \\"tolerationSeconds\\": 300}], \\"priorityClassName\\": \\"system-cluster-critical\\", \\"priority\\": 2000000000, \\"enableServiceLinks\\": true}, \\"metadata\\": {\\"labels\\": {\\"k8s-app\\": \\"kube-dns\\", \\"pod-template-hash\\": \\"5644d7b6d9\\"}, \\"annotations\\": {}}}"}}}'}}}
[2020-06-11 08:39:24,173] kopf.objects         [DEBUG   ] [kube-system/etcd-docker-desktop] Creation event: {'metadata': {'name': 'etcd-docker-desktop', 'namespace': 'kube-system', 'selfLink': '/api/v1/namespaces/kube-system/pods/etcd-docker-desktop', 'uid': '8c22141a-7321-4700-bf66-9d45e2314776', 'resourceVersion': '670', 'creationTimestamp': '2020-06-11T15:29:21Z', 'labels': {'component': 'etcd', 'tier': 'control-plane'}, 'annotations': {'kubernetes.io/config.hash': 'bc3eca0122540ccc59e959a7805e87e8', 'kubernetes.io/config.mirror': 'bc3eca0122540ccc59e959a7805e87e8', 'kubernetes.io/config.seen': '2020-06-11T15:27:37.96661434Z', 'kubernetes.io/config.source': 'file', 'nulloperator/last-handled-configuration': '{"spec": {"volumes": [{"name": "etcd-certs", "hostPath": {"path": "/run/config/pki/etcd", "type": "DirectoryOrCreate"}}, {"name": "etcd-data", "hostPath": {"path": "/var/lib/etcd", "type": "DirectoryOrCreate"}}], "containers": [{"name": "etcd", "image": "k8s.gcr.io/etcd:3.3.15-0", "command": ["etcd", "--advertise-client-urls=https://192.168.65.3:2379", "--cert-file=/run/config/pki/etcd/server.crt", "--client-cert-auth=true", "--data-dir=/var/lib/etcd", "--initial-advertise-peer-urls=https://192.168.65.3:2380", "--initial-cluster=docker-desktop=https://192.168.65.3:2380", "--key-file=/run/config/pki/etcd/server.key", "--listen-client-urls=https://127.0.0.1:2379,https://192.168.65.3:2379", "--listen-metrics-urls=http://127.0.0.1:2381", "--listen-peer-urls=https://192.168.65.3:2380", "--name=docker-desktop", "--peer-cert-file=/run/config/pki/etcd/peer.crt", "--peer-client-cert-auth=true", "--peer-key-file=/run/config/pki/etcd/peer.key", "--peer-trusted-ca-file=/run/config/pki/etcd/ca.crt", "--snapshot-count=10000", "--trusted-ca-file=/run/config/pki/etcd/ca.crt"], "resources": {}, "volumeMounts": [{"name": "etcd-data", "mountPath": "/var/lib/etcd"}, {"name": "etcd-certs", "mountPath": "/run/config/pki/etcd"}], "livenessProbe": {"httpGet": {"path": "/health", "port": 2381, "host": "127.0.0.1", "scheme": "HTTP"}, "initialDelaySeconds": 15, "timeoutSeconds": 15, "periodSeconds": 10, "successThreshold": 1, "failureThreshold": 8}, "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent"}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "nodeName": "docker-desktop", "hostNetwork": true, "securityContext": {}, "schedulerName": "default-scheduler", "tolerations": [{"operator": "Exists", "effect": "NoExecute"}], "priorityClassName": "system-cluster-critical", "priority": 2000000000, "enableServiceLinks": true}, "metadata": {"labels": {"component": "etcd", "tier": "control-plane"}, "annotations": {"kubernetes.io/config.hash": "bc3eca0122540ccc59e959a7805e87e8", "kubernetes.io/config.mirror": "bc3eca0122540ccc59e959a7805e87e8", "kubernetes.io/config.seen": "2020-06-11T15:27:37.96661434Z", "kubernetes.io/config.source": "file"}}}'}}, 'spec': {'volumes': [{'name': 'etcd-certs', 'hostPath': {'path': '/run/config/pki/etcd', 'type': 'DirectoryOrCreate'}}, {'name': 'etcd-data', 'hostPath': {'path': '/var/lib/etcd', 'type': 'DirectoryOrCreate'}}], 'containers': [{'name': 'etcd', 'image': 'k8s.gcr.io/etcd:3.3.15-0', 'command': ['etcd', '--advertise-client-urls=https://192.168.65.3:2379', '--cert-file=/run/config/pki/etcd/server.crt', '--client-cert-auth=true', '--data-dir=/var/lib/etcd', '--initial-advertise-peer-urls=https://192.168.65.3:2380', '--initial-cluster=docker-desktop=https://192.168.65.3:2380', '--key-file=/run/config/pki/etcd/server.key', '--listen-client-urls=https://127.0.0.1:2379,https://192.168.65.3:2379', '--listen-metrics-urls=http://127.0.0.1:2381', '--listen-peer-urls=https://192.168.65.3:2380', '--name=docker-desktop', '--peer-cert-file=/run/config/pki/etcd/peer.crt', '--peer-client-cert-auth=true', '--peer-key-file=/run/config/pki/etcd/peer.key', '--peer-trusted-ca-file=/run/config/pki/etcd/ca.crt', '--snapshot-count=10000', '--trusted-ca-file=/run/config/pki/etcd/ca.crt'], 'resources': {}, 'volumeMounts': [{'name': 'etcd-data', 'mountPath': '/var/lib/etcd'}, {'name': 'etcd-certs', 'mountPath': '/run/config/pki/etcd'}], 'livenessProbe': {'httpGet': {'path': '/health', 'port': 2381, 'host': '127.0.0.1', 'scheme': 'HTTP'}, 'initialDelaySeconds': 15, 'timeoutSeconds': 15, 'periodSeconds': 10, 'successThreshold': 1, 'failureThreshold': 8}, 'terminationMessagePath': '/dev/termination-log', 'terminationMessagePolicy': 'File', 'imagePullPolicy': 'IfNotPresent'}], 'restartPolicy': 'Always', 'terminationGracePeriodSeconds': 30, 'dnsPolicy': 'ClusterFirst', 'nodeName': 'docker-desktop', 'hostNetwork': True, 'securityContext': {}, 'schedulerName': 'default-scheduler', 'tolerations': [{'operator': 'Exists', 'effect': 'NoExecute'}], 'priorityClassName': 'system-cluster-critical', 'priority': 2000000000, 'enableServiceLinks': True}, 'status': {'phase': 'Running', 'conditions': [{'type': 'Initialized', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:27:58Z'}, {'type': 'Ready', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:00Z'}, {'type': 'ContainersReady', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:00Z'}, {'type': 'PodScheduled', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:27:58Z'}], 'hostIP': '192.168.65.3', 'podIP': '192.168.65.3', 'podIPs': [{'ip': '192.168.65.3'}], 'startTime': '2020-06-11T15:27:58Z', 'containerStatuses': [{'name': 'etcd', 'state': {'running': {'startedAt': '2020-06-11T15:27:59Z'}}, 'lastState': {}, 'ready': True, 'restartCount': 0, 'image': 'k8s.gcr.io/etcd:3.3.15-0', 'imageID': 'docker-pullable://k8s.gcr.io/etcd@sha256:12c2c5e5731c3bcd56e6f1c05c0f9198b6f06793fa7fca2fb43aab9622dc4afa', 'containerID': 'docker://8f5b331ae0f8d8d533de208c25a47e5db9ebebbbde6870f57f61eeed83ead948', 'started': True}], 'qosClass': 'BestEffort'}, 'kind': 'Pod', 'apiVersion': 'v1'}
[2020-06-11 08:39:24,173] kopf.objects         [DEBUG   ] [kube-system/etcd-docker-desktop] Patching with: {'metadata': {'annotations': {'kopf.zalando.org/last-handled-configuration': '{"spec": {"volumes": [{"name": "etcd-certs", "hostPath": {"path": "/run/config/pki/etcd", "type": "DirectoryOrCreate"}}, {"name": "etcd-data", "hostPath": {"path": "/var/lib/etcd", "type": "DirectoryOrCreate"}}], "containers": [{"name": "etcd", "image": "k8s.gcr.io/etcd:3.3.15-0", "command": ["etcd", "--advertise-client-urls=https://192.168.65.3:2379", "--cert-file=/run/config/pki/etcd/server.crt", "--client-cert-auth=true", "--data-dir=/var/lib/etcd", "--initial-advertise-peer-urls=https://192.168.65.3:2380", "--initial-cluster=docker-desktop=https://192.168.65.3:2380", "--key-file=/run/config/pki/etcd/server.key", "--listen-client-urls=https://127.0.0.1:2379,https://192.168.65.3:2379", "--listen-metrics-urls=http://127.0.0.1:2381", "--listen-peer-urls=https://192.168.65.3:2380", "--name=docker-desktop", "--peer-cert-file=/run/config/pki/etcd/peer.crt", "--peer-client-cert-auth=true", "--peer-key-file=/run/config/pki/etcd/peer.key", "--peer-trusted-ca-file=/run/config/pki/etcd/ca.crt", "--snapshot-count=10000", "--trusted-ca-file=/run/config/pki/etcd/ca.crt"], "resources": {}, "volumeMounts": [{"name": "etcd-data", "mountPath": "/var/lib/etcd"}, {"name": "etcd-certs", "mountPath": "/run/config/pki/etcd"}], "livenessProbe": {"httpGet": {"path": "/health", "port": 2381, "host": "127.0.0.1", "scheme": "HTTP"}, "initialDelaySeconds": 15, "timeoutSeconds": 15, "periodSeconds": 10, "successThreshold": 1, "failureThreshold": 8}, "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent"}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "nodeName": "docker-desktop", "hostNetwork": true, "securityContext": {}, "schedulerName": "default-scheduler", "tolerations": [{"operator": "Exists", "effect": "NoExecute"}], "priorityClassName": "system-cluster-critical", "priority": 2000000000, "enableServiceLinks": true}, "metadata": {"labels": {"component": "etcd", "tier": "control-plane"}, "annotations": {"kubernetes.io/config.hash": "bc3eca0122540ccc59e959a7805e87e8", "kubernetes.io/config.mirror": "bc3eca0122540ccc59e959a7805e87e8", "kubernetes.io/config.seen": "2020-06-11T15:27:37.96661434Z", "kubernetes.io/config.source": "file", "nulloperator/last-handled-configuration": "{\\"spec\\": {\\"volumes\\": [{\\"name\\": \\"etcd-certs\\", \\"hostPath\\": {\\"path\\": \\"/run/config/pki/etcd\\", \\"type\\": \\"DirectoryOrCreate\\"}}, {\\"name\\": \\"etcd-data\\", \\"hostPath\\": {\\"path\\": \\"/var/lib/etcd\\", \\"type\\": \\"DirectoryOrCreate\\"}}], \\"containers\\": [{\\"name\\": \\"etcd\\", \\"image\\": \\"k8s.gcr.io/etcd:3.3.15-0\\", \\"command\\": [\\"etcd\\", \\"--advertise-client-urls=https://192.168.65.3:2379\\", \\"--cert-file=/run/config/pki/etcd/server.crt\\", \\"--client-cert-auth=true\\", \\"--data-dir=/var/lib/etcd\\", \\"--initial-advertise-peer-urls=https://192.168.65.3:2380\\", \\"--initial-cluster=docker-desktop=https://192.168.65.3:2380\\", \\"--key-file=/run/config/pki/etcd/server.key\\", \\"--listen-client-urls=https://127.0.0.1:2379,https://192.168.65.3:2379\\", \\"--listen-metrics-urls=http://127.0.0.1:2381\\", \\"--listen-peer-urls=https://192.168.65.3:2380\\", \\"--name=docker-desktop\\", \\"--peer-cert-file=/run/config/pki/etcd/peer.crt\\", \\"--peer-client-cert-auth=true\\", \\"--peer-key-file=/run/config/pki/etcd/peer.key\\", \\"--peer-trusted-ca-file=/run/config/pki/etcd/ca.crt\\", \\"--snapshot-count=10000\\", \\"--trusted-ca-file=/run/config/pki/etcd/ca.crt\\"], \\"resources\\": {}, \\"volumeMounts\\": [{\\"name\\": \\"etcd-data\\", \\"mountPath\\": \\"/var/lib/etcd\\"}, {\\"name\\": \\"etcd-certs\\", \\"mountPath\\": \\"/run/config/pki/etcd\\"}], \\"livenessProbe\\": {\\"httpGet\\": {\\"path\\": \\"/health\\", \\"port\\": 2381, \\"host\\": \\"127.0.0.1\\", \\"scheme\\": \\"HTTP\\"}, \\"initialDelaySeconds\\": 15, \\"timeoutSeconds\\": 15, \\"periodSeconds\\": 10, \\"successThreshold\\": 1, \\"failureThreshold\\": 8}, \\"terminationMessagePath\\": \\"/dev/termination-log\\", \\"terminationMessagePolicy\\": \\"File\\", \\"imagePullPolicy\\": \\"IfNotPresent\\"}], \\"restartPolicy\\": \\"Always\\", \\"terminationGracePeriodSeconds\\": 30, \\"dnsPolicy\\": \\"ClusterFirst\\", \\"nodeName\\": \\"docker-desktop\\", \\"hostNetwork\\": true, \\"securityContext\\": {}, \\"schedulerName\\": \\"default-scheduler\\", \\"tolerations\\": [{\\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\"}], \\"priorityClassName\\": \\"system-cluster-critical\\", \\"priority\\": 2000000000, \\"enableServiceLinks\\": true}, \\"metadata\\": {\\"labels\\": {\\"component\\": \\"etcd\\", \\"tier\\": \\"control-plane\\"}, \\"annotations\\": {\\"kubernetes.io/config.hash\\": \\"bc3eca0122540ccc59e959a7805e87e8\\", \\"kubernetes.io/config.mirror\\": \\"bc3eca0122540ccc59e959a7805e87e8\\", \\"kubernetes.io/config.seen\\": \\"2020-06-11T15:27:37.96661434Z\\", \\"kubernetes.io/config.source\\": \\"file\\"}}}"}}}'}}}
[2020-06-11 08:39:24,174] kopf.objects         [DEBUG   ] [kube-system/kube-apiserver-docker-desktop] Creation event: {'metadata': {'name': 'kube-apiserver-docker-desktop', 'namespace': 'kube-system', 'selfLink': '/api/v1/namespaces/kube-system/pods/kube-apiserver-docker-desktop', 'uid': 'a0752155-88aa-4c45-a962-de9053d519c0', 'resourceVersion': '672', 'creationTimestamp': '2020-06-11T15:29:16Z', 'labels': {'component': 'kube-apiserver', 'tier': 'control-plane'}, 'annotations': {'kubernetes.io/config.hash': '2966bdea771eade42b079889c75cf17e', 'kubernetes.io/config.mirror': '2966bdea771eade42b079889c75cf17e', 'kubernetes.io/config.seen': '2020-06-11T15:27:37.966615476Z', 'kubernetes.io/config.source': 'file', 'nulloperator/last-handled-configuration': '{"spec": {"volumes": [{"name": "ca-certs", "hostPath": {"path": "/etc/ssl/certs", "type": "DirectoryOrCreate"}}, {"name": "etc-ca-certificates", "hostPath": {"path": "/etc/ca-certificates", "type": "DirectoryOrCreate"}}, {"name": "k8s-certs", "hostPath": {"path": "/run/config/pki", "type": "DirectoryOrCreate"}}, {"name": "usr-local-share-ca-certificates", "hostPath": {"path": "/usr/local/share/ca-certificates", "type": "DirectoryOrCreate"}}, {"name": "usr-share-ca-certificates", "hostPath": {"path": "/usr/share/ca-certificates", "type": "DirectoryOrCreate"}}], "containers": [{"name": "kube-apiserver", "image": "k8s.gcr.io/kube-apiserver:v1.16.5", "command": ["kube-apiserver", "--advertise-address=192.168.65.3", "--allow-privileged=true", "--authorization-mode=Node,RBAC", "--client-ca-file=/run/config/pki/ca.crt", "--enable-admission-plugins=NodeRestriction", "--enable-bootstrap-token-auth=true", "--etcd-cafile=/run/config/pki/etcd/ca.crt", "--etcd-certfile=/run/config/pki/apiserver-etcd-client.crt", "--etcd-keyfile=/run/config/pki/apiserver-etcd-client.key", "--etcd-servers=https://127.0.0.1:2379", "--insecure-port=0", "--kubelet-client-certificate=/run/config/pki/apiserver-kubelet-client.crt", "--kubelet-client-key=/run/config/pki/apiserver-kubelet-client.key", "--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname", "--proxy-client-cert-file=/run/config/pki/front-proxy-client.crt", "--proxy-client-key-file=/run/config/pki/front-proxy-client.key", "--requestheader-allowed-names=front-proxy-client", "--requestheader-client-ca-file=/run/config/pki/front-proxy-ca.crt", "--requestheader-extra-headers-prefix=X-Remote-Extra-", "--requestheader-group-headers=X-Remote-Group", "--requestheader-username-headers=X-Remote-User", "--secure-port=6443", "--service-account-key-file=/run/config/pki/sa.pub", "--service-cluster-ip-range=10.96.0.0/12", "--tls-cert-file=/run/config/pki/apiserver.crt", "--tls-private-key-file=/run/config/pki/apiserver.key"], "resources": {"requests": {"cpu": "250m"}}, "volumeMounts": [{"name": "ca-certs", "readOnly": true, "mountPath": "/etc/ssl/certs"}, {"name": "etc-ca-certificates", "readOnly": true, "mountPath": "/etc/ca-certificates"}, {"name": "k8s-certs", "readOnly": true, "mountPath": "/run/config/pki"}, {"name": "usr-local-share-ca-certificates", "readOnly": true, "mountPath": "/usr/local/share/ca-certificates"}, {"name": "usr-share-ca-certificates", "readOnly": true, "mountPath": "/usr/share/ca-certificates"}], "livenessProbe": {"httpGet": {"path": "/healthz", "port": 6443, "host": "192.168.65.3", "scheme": "HTTPS"}, "initialDelaySeconds": 15, "timeoutSeconds": 15, "periodSeconds": 10, "successThreshold": 1, "failureThreshold": 8}, "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent"}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "nodeName": "docker-desktop", "hostNetwork": true, "securityContext": {}, "schedulerName": "default-scheduler", "tolerations": [{"operator": "Exists", "effect": "NoExecute"}], "priorityClassName": "system-cluster-critical", "priority": 2000000000, "enableServiceLinks": true}, "metadata": {"labels": {"component": "kube-apiserver", "tier": "control-plane"}, "annotations": {"kubernetes.io/config.hash": "2966bdea771eade42b079889c75cf17e", "kubernetes.io/config.mirror": "2966bdea771eade42b079889c75cf17e", "kubernetes.io/config.seen": "2020-06-11T15:27:37.966615476Z", "kubernetes.io/config.source": "file"}}}'}}, 'spec': {'volumes': [{'name': 'ca-certs', 'hostPath': {'path': '/etc/ssl/certs', 'type': 'DirectoryOrCreate'}}, {'name': 'etc-ca-certificates', 'hostPath': {'path': '/etc/ca-certificates', 'type': 'DirectoryOrCreate'}}, {'name': 'k8s-certs', 'hostPath': {'path': '/run/config/pki', 'type': 'DirectoryOrCreate'}}, {'name': 'usr-local-share-ca-certificates', 'hostPath': {'path': '/usr/local/share/ca-certificates', 'type': 'DirectoryOrCreate'}}, {'name': 'usr-share-ca-certificates', 'hostPath': {'path': '/usr/share/ca-certificates', 'type': 'DirectoryOrCreate'}}], 'containers': [{'name': 'kube-apiserver', 'image': 'k8s.gcr.io/kube-apiserver:v1.16.5', 'command': ['kube-apiserver', '--advertise-address=192.168.65.3', '--allow-privileged=true', '--authorization-mode=Node,RBAC', '--client-ca-file=/run/config/pki/ca.crt', '--enable-admission-plugins=NodeRestriction', '--enable-bootstrap-token-auth=true', '--etcd-cafile=/run/config/pki/etcd/ca.crt', '--etcd-certfile=/run/config/pki/apiserver-etcd-client.crt', '--etcd-keyfile=/run/config/pki/apiserver-etcd-client.key', '--etcd-servers=https://127.0.0.1:2379', '--insecure-port=0', '--kubelet-client-certificate=/run/config/pki/apiserver-kubelet-client.crt', '--kubelet-client-key=/run/config/pki/apiserver-kubelet-client.key', '--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname', '--proxy-client-cert-file=/run/config/pki/front-proxy-client.crt', '--proxy-client-key-file=/run/config/pki/front-proxy-client.key', '--requestheader-allowed-names=front-proxy-client', '--requestheader-client-ca-file=/run/config/pki/front-proxy-ca.crt', '--requestheader-extra-headers-prefix=X-Remote-Extra-', '--requestheader-group-headers=X-Remote-Group', '--requestheader-username-headers=X-Remote-User', '--secure-port=6443', '--service-account-key-file=/run/config/pki/sa.pub', '--service-cluster-ip-range=10.96.0.0/12', '--tls-cert-file=/run/config/pki/apiserver.crt', '--tls-private-key-file=/run/config/pki/apiserver.key'], 'resources': {'requests': {'cpu': '250m'}}, 'volumeMounts': [{'name': 'ca-certs', 'readOnly': True, 'mountPath': '/etc/ssl/certs'}, {'name': 'etc-ca-certificates', 'readOnly': True, 'mountPath': '/etc/ca-certificates'}, {'name': 'k8s-certs', 'readOnly': True, 'mountPath': '/run/config/pki'}, {'name': 'usr-local-share-ca-certificates', 'readOnly': True, 'mountPath': '/usr/local/share/ca-certificates'}, {'name': 'usr-share-ca-certificates', 'readOnly': True, 'mountPath': '/usr/share/ca-certificates'}], 'livenessProbe': {'httpGet': {'path': '/healthz', 'port': 6443, 'host': '192.168.65.3', 'scheme': 'HTTPS'}, 'initialDelaySeconds': 15, 'timeoutSeconds': 15, 'periodSeconds': 10, 'successThreshold': 1, 'failureThreshold': 8}, 'terminationMessagePath': '/dev/termination-log', 'terminationMessagePolicy': 'File', 'imagePullPolicy': 'IfNotPresent'}], 'restartPolicy': 'Always', 'terminationGracePeriodSeconds': 30, 'dnsPolicy': 'ClusterFirst', 'nodeName': 'docker-desktop', 'hostNetwork': True, 'securityContext': {}, 'schedulerName': 'default-scheduler', 'tolerations': [{'operator': 'Exists', 'effect': 'NoExecute'}], 'priorityClassName': 'system-cluster-critical', 'priority': 2000000000, 'enableServiceLinks': True}, 'status': {'phase': 'Running', 'conditions': [{'type': 'Initialized', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:27:58Z'}, {'type': 'Ready', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:00Z'}, {'type': 'ContainersReady', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:00Z'}, {'type': 'PodScheduled', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:27:58Z'}], 'hostIP': '192.168.65.3', 'podIP': '192.168.65.3', 'podIPs': [{'ip': '192.168.65.3'}], 'startTime': '2020-06-11T15:27:58Z', 'containerStatuses': [{'name': 'kube-apiserver', 'state': {'running': {'startedAt': '2020-06-11T15:27:59Z'}}, 'lastState': {}, 'ready': True, 'restartCount': 0, 'image': 'k8s.gcr.io/kube-apiserver:v1.16.5', 'imageID': 'docker-pullable://k8s.gcr.io/kube-apiserver@sha256:1ec8f8d41f67f3263b86d71f3a7d3d925b2458dd14292baecfbdf18c234a1855', 'containerID': 'docker://6135b4f71067057209ea096797f12519edac748d7decfdc60e0ec5d614b512b1', 'started': True}], 'qosClass': 'Burstable'}, 'kind': 'Pod', 'apiVersion': 'v1'}
[2020-06-11 08:39:24,175] kopf.objects         [DEBUG   ] [kube-system/kube-apiserver-docker-desktop] Patching with: {'metadata': {'annotations': {'kopf.zalando.org/last-handled-configuration': '{"spec": {"volumes": [{"name": "ca-certs", "hostPath": {"path": "/etc/ssl/certs", "type": "DirectoryOrCreate"}}, {"name": "etc-ca-certificates", "hostPath": {"path": "/etc/ca-certificates", "type": "DirectoryOrCreate"}}, {"name": "k8s-certs", "hostPath": {"path": "/run/config/pki", "type": "DirectoryOrCreate"}}, {"name": "usr-local-share-ca-certificates", "hostPath": {"path": "/usr/local/share/ca-certificates", "type": "DirectoryOrCreate"}}, {"name": "usr-share-ca-certificates", "hostPath": {"path": "/usr/share/ca-certificates", "type": "DirectoryOrCreate"}}], "containers": [{"name": "kube-apiserver", "image": "k8s.gcr.io/kube-apiserver:v1.16.5", "command": ["kube-apiserver", "--advertise-address=192.168.65.3", "--allow-privileged=true", "--authorization-mode=Node,RBAC", "--client-ca-file=/run/config/pki/ca.crt", "--enable-admission-plugins=NodeRestriction", "--enable-bootstrap-token-auth=true", "--etcd-cafile=/run/config/pki/etcd/ca.crt", "--etcd-certfile=/run/config/pki/apiserver-etcd-client.crt", "--etcd-keyfile=/run/config/pki/apiserver-etcd-client.key", "--etcd-servers=https://127.0.0.1:2379", "--insecure-port=0", "--kubelet-client-certificate=/run/config/pki/apiserver-kubelet-client.crt", "--kubelet-client-key=/run/config/pki/apiserver-kubelet-client.key", "--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname", "--proxy-client-cert-file=/run/config/pki/front-proxy-client.crt", "--proxy-client-key-file=/run/config/pki/front-proxy-client.key", "--requestheader-allowed-names=front-proxy-client", "--requestheader-client-ca-file=/run/config/pki/front-proxy-ca.crt", "--requestheader-extra-headers-prefix=X-Remote-Extra-", "--requestheader-group-headers=X-Remote-Group", "--requestheader-username-headers=X-Remote-User", "--secure-port=6443", "--service-account-key-file=/run/config/pki/sa.pub", "--service-cluster-ip-range=10.96.0.0/12", "--tls-cert-file=/run/config/pki/apiserver.crt", "--tls-private-key-file=/run/config/pki/apiserver.key"], "resources": {"requests": {"cpu": "250m"}}, "volumeMounts": [{"name": "ca-certs", "readOnly": true, "mountPath": "/etc/ssl/certs"}, {"name": "etc-ca-certificates", "readOnly": true, "mountPath": "/etc/ca-certificates"}, {"name": "k8s-certs", "readOnly": true, "mountPath": "/run/config/pki"}, {"name": "usr-local-share-ca-certificates", "readOnly": true, "mountPath": "/usr/local/share/ca-certificates"}, {"name": "usr-share-ca-certificates", "readOnly": true, "mountPath": "/usr/share/ca-certificates"}], "livenessProbe": {"httpGet": {"path": "/healthz", "port": 6443, "host": "192.168.65.3", "scheme": "HTTPS"}, "initialDelaySeconds": 15, "timeoutSeconds": 15, "periodSeconds": 10, "successThreshold": 1, "failureThreshold": 8}, "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent"}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "nodeName": "docker-desktop", "hostNetwork": true, "securityContext": {}, "schedulerName": "default-scheduler", "tolerations": [{"operator": "Exists", "effect": "NoExecute"}], "priorityClassName": "system-cluster-critical", "priority": 2000000000, "enableServiceLinks": true}, "metadata": {"labels": {"component": "kube-apiserver", "tier": "control-plane"}, "annotations": {"kubernetes.io/config.hash": "2966bdea771eade42b079889c75cf17e", "kubernetes.io/config.mirror": "2966bdea771eade42b079889c75cf17e", "kubernetes.io/config.seen": "2020-06-11T15:27:37.966615476Z", "kubernetes.io/config.source": "file", "nulloperator/last-handled-configuration": "{\\"spec\\": {\\"volumes\\": [{\\"name\\": \\"ca-certs\\", \\"hostPath\\": {\\"path\\": \\"/etc/ssl/certs\\", \\"type\\": \\"DirectoryOrCreate\\"}}, {\\"name\\": \\"etc-ca-certificates\\", \\"hostPath\\": {\\"path\\": \\"/etc/ca-certificates\\", \\"type\\": \\"DirectoryOrCreate\\"}}, {\\"name\\": \\"k8s-certs\\", \\"hostPath\\": {\\"path\\": \\"/run/config/pki\\", \\"type\\": \\"DirectoryOrCreate\\"}}, {\\"name\\": \\"usr-local-share-ca-certificates\\", \\"hostPath\\": {\\"path\\": \\"/usr/local/share/ca-certificates\\", \\"type\\": \\"DirectoryOrCreate\\"}}, {\\"name\\": \\"usr-share-ca-certificates\\", \\"hostPath\\": {\\"path\\": \\"/usr/share/ca-certificates\\", \\"type\\": \\"DirectoryOrCreate\\"}}], \\"containers\\": [{\\"name\\": \\"kube-apiserver\\", \\"image\\": \\"k8s.gcr.io/kube-apiserver:v1.16.5\\", \\"command\\": [\\"kube-apiserver\\", \\"--advertise-address=192.168.65.3\\", \\"--allow-privileged=true\\", \\"--authorization-mode=Node,RBAC\\", \\"--client-ca-file=/run/config/pki/ca.crt\\", \\"--enable-admission-plugins=NodeRestriction\\", \\"--enable-bootstrap-token-auth=true\\", \\"--etcd-cafile=/run/config/pki/etcd/ca.crt\\", \\"--etcd-certfile=/run/config/pki/apiserver-etcd-client.crt\\", \\"--etcd-keyfile=/run/config/pki/apiserver-etcd-client.key\\", \\"--etcd-servers=https://127.0.0.1:2379\\", \\"--insecure-port=0\\", \\"--kubelet-client-certificate=/run/config/pki/apiserver-kubelet-client.crt\\", \\"--kubelet-client-key=/run/config/pki/apiserver-kubelet-client.key\\", \\"--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname\\", \\"--proxy-client-cert-file=/run/config/pki/front-proxy-client.crt\\", \\"--proxy-client-key-file=/run/config/pki/front-proxy-client.key\\", \\"--requestheader-allowed-names=front-proxy-client\\", \\"--requestheader-client-ca-file=/run/config/pki/front-proxy-ca.crt\\", \\"--requestheader-extra-headers-prefix=X-Remote-Extra-\\", \\"--requestheader-group-headers=X-Remote-Group\\", \\"--requestheader-username-headers=X-Remote-User\\", \\"--secure-port=6443\\", \\"--service-account-key-file=/run/config/pki/sa.pub\\", \\"--service-cluster-ip-range=10.96.0.0/12\\", \\"--tls-cert-file=/run/config/pki/apiserver.crt\\", \\"--tls-private-key-file=/run/config/pki/apiserver.key\\"], \\"resources\\": {\\"requests\\": {\\"cpu\\": \\"250m\\"}}, \\"volumeMounts\\": [{\\"name\\": \\"ca-certs\\", \\"readOnly\\": true, \\"mountPath\\": \\"/etc/ssl/certs\\"}, {\\"name\\": \\"etc-ca-certificates\\", \\"readOnly\\": true, \\"mountPath\\": \\"/etc/ca-certificates\\"}, {\\"name\\": \\"k8s-certs\\", \\"readOnly\\": true, \\"mountPath\\": \\"/run/config/pki\\"}, {\\"name\\": \\"usr-local-share-ca-certificates\\", \\"readOnly\\": true, \\"mountPath\\": \\"/usr/local/share/ca-certificates\\"}, {\\"name\\": \\"usr-share-ca-certificates\\", \\"readOnly\\": true, \\"mountPath\\": \\"/usr/share/ca-certificates\\"}], \\"livenessProbe\\": {\\"httpGet\\": {\\"path\\": \\"/healthz\\", \\"port\\": 6443, \\"host\\": \\"192.168.65.3\\", \\"scheme\\": \\"HTTPS\\"}, \\"initialDelaySeconds\\": 15, \\"timeoutSeconds\\": 15, \\"periodSeconds\\": 10, \\"successThreshold\\": 1, \\"failureThreshold\\": 8}, \\"terminationMessagePath\\": \\"/dev/termination-log\\", \\"terminationMessagePolicy\\": \\"File\\", \\"imagePullPolicy\\": \\"IfNotPresent\\"}], \\"restartPolicy\\": \\"Always\\", \\"terminationGracePeriodSeconds\\": 30, \\"dnsPolicy\\": \\"ClusterFirst\\", \\"nodeName\\": \\"docker-desktop\\", \\"hostNetwork\\": true, \\"securityContext\\": {}, \\"schedulerName\\": \\"default-scheduler\\", \\"tolerations\\": [{\\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\"}], \\"priorityClassName\\": \\"system-cluster-critical\\", \\"priority\\": 2000000000, \\"enableServiceLinks\\": true}, \\"metadata\\": {\\"labels\\": {\\"component\\": \\"kube-apiserver\\", \\"tier\\": \\"control-plane\\"}, \\"annotations\\": {\\"kubernetes.io/config.hash\\": \\"2966bdea771eade42b079889c75cf17e\\", \\"kubernetes.io/config.mirror\\": \\"2966bdea771eade42b079889c75cf17e\\", \\"kubernetes.io/config.seen\\": \\"2020-06-11T15:27:37.966615476Z\\", \\"kubernetes.io/config.source\\": \\"file\\"}}}"}}}'}}}
[2020-06-11 08:39:24,176] kopf.objects         [DEBUG   ] [kube-system/kube-controller-manager-docker-desktop] Creation event: {'metadata': {'name': 'kube-controller-manager-docker-desktop', 'namespace': 'kube-system', 'selfLink': '/api/v1/namespaces/kube-system/pods/kube-controller-manager-docker-desktop', 'uid': '65be4cc5-eff6-4eda-ad9d-8522ad8763cc', 'resourceVersion': '671', 'creationTimestamp': '2020-06-11T15:29:17Z', 'labels': {'component': 'kube-controller-manager', 'tier': 'control-plane'}, 'annotations': {'kubernetes.io/config.hash': '9076958db0c2cc26f76def745bfc1928', 'kubernetes.io/config.mirror': '9076958db0c2cc26f76def745bfc1928', 'kubernetes.io/config.seen': '2020-06-11T15:27:37.966616437Z', 'kubernetes.io/config.source': 'file', 'nulloperator/last-handled-configuration': '{"spec": {"volumes": [{"name": "ca-certs", "hostPath": {"path": "/etc/ssl/certs", "type": "DirectoryOrCreate"}}, {"name": "etc-ca-certificates", "hostPath": {"path": "/etc/ca-certificates", "type": "DirectoryOrCreate"}}, {"name": "flexvolume-dir", "hostPath": {"path": "/usr/libexec/kubernetes/kubelet-plugins/volume/exec", "type": "DirectoryOrCreate"}}, {"name": "k8s-certs", "hostPath": {"path": "/run/config/pki", "type": "DirectoryOrCreate"}}, {"name": "kubeconfig", "hostPath": {"path": "/etc/kubernetes/controller-manager.conf", "type": "FileOrCreate"}}, {"name": "usr-local-share-ca-certificates", "hostPath": {"path": "/usr/local/share/ca-certificates", "type": "DirectoryOrCreate"}}, {"name": "usr-share-ca-certificates", "hostPath": {"path": "/usr/share/ca-certificates", "type": "DirectoryOrCreate"}}], "containers": [{"name": "kube-controller-manager", "image": "k8s.gcr.io/kube-controller-manager:v1.16.5", "command": ["kube-controller-manager", "--authentication-kubeconfig=/etc/kubernetes/controller-manager.conf", "--authorization-kubeconfig=/etc/kubernetes/controller-manager.conf", "--bind-address=127.0.0.1", "--client-ca-file=/run/config/pki/ca.crt", "--cluster-signing-cert-file=/run/config/pki/ca.crt", "--cluster-signing-key-file=/run/config/pki/ca.key", "--controllers=*,bootstrapsigner,tokencleaner", "--kubeconfig=/etc/kubernetes/controller-manager.conf", "--leader-elect=true", "--requestheader-client-ca-file=/run/config/pki/front-proxy-ca.crt", "--root-ca-file=/run/config/pki/ca.crt", "--service-account-private-key-file=/run/config/pki/sa.key", "--use-service-account-credentials=true"], "resources": {"requests": {"cpu": "200m"}}, "volumeMounts": [{"name": "ca-certs", "readOnly": true, "mountPath": "/etc/ssl/certs"}, {"name": "etc-ca-certificates", "readOnly": true, "mountPath": "/etc/ca-certificates"}, {"name": "flexvolume-dir", "mountPath": "/usr/libexec/kubernetes/kubelet-plugins/volume/exec"}, {"name": "k8s-certs", "readOnly": true, "mountPath": "/run/config/pki"}, {"name": "kubeconfig", "readOnly": true, "mountPath": "/etc/kubernetes/controller-manager.conf"}, {"name": "usr-local-share-ca-certificates", "readOnly": true, "mountPath": "/usr/local/share/ca-certificates"}, {"name": "usr-share-ca-certificates", "readOnly": true, "mountPath": "/usr/share/ca-certificates"}], "livenessProbe": {"httpGet": {"path": "/healthz", "port": 10252, "host": "127.0.0.1", "scheme": "HTTP"}, "initialDelaySeconds": 15, "timeoutSeconds": 15, "periodSeconds": 10, "successThreshold": 1, "failureThreshold": 8}, "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent"}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "nodeName": "docker-desktop", "hostNetwork": true, "securityContext": {}, "schedulerName": "default-scheduler", "tolerations": [{"operator": "Exists", "effect": "NoExecute"}], "priorityClassName": "system-cluster-critical", "priority": 2000000000, "enableServiceLinks": true}, "metadata": {"labels": {"component": "kube-controller-manager", "tier": "control-plane"}, "annotations": {"kubernetes.io/config.hash": "9076958db0c2cc26f76def745bfc1928", "kubernetes.io/config.mirror": "9076958db0c2cc26f76def745bfc1928", "kubernetes.io/config.seen": "2020-06-11T15:27:37.966616437Z", "kubernetes.io/config.source": "file"}}}'}}, 'spec': {'volumes': [{'name': 'ca-certs', 'hostPath': {'path': '/etc/ssl/certs', 'type': 'DirectoryOrCreate'}}, {'name': 'etc-ca-certificates', 'hostPath': {'path': '/etc/ca-certificates', 'type': 'DirectoryOrCreate'}}, {'name': 'flexvolume-dir', 'hostPath': {'path': '/usr/libexec/kubernetes/kubelet-plugins/volume/exec', 'type': 'DirectoryOrCreate'}}, {'name': 'k8s-certs', 'hostPath': {'path': '/run/config/pki', 'type': 'DirectoryOrCreate'}}, {'name': 'kubeconfig', 'hostPath': {'path': '/etc/kubernetes/controller-manager.conf', 'type': 'FileOrCreate'}}, {'name': 'usr-local-share-ca-certificates', 'hostPath': {'path': '/usr/local/share/ca-certificates', 'type': 'DirectoryOrCreate'}}, {'name': 'usr-share-ca-certificates', 'hostPath': {'path': '/usr/share/ca-certificates', 'type': 'DirectoryOrCreate'}}], 'containers': [{'name': 'kube-controller-manager', 'image': 'k8s.gcr.io/kube-controller-manager:v1.16.5', 'command': ['kube-controller-manager', '--authentication-kubeconfig=/etc/kubernetes/controller-manager.conf', '--authorization-kubeconfig=/etc/kubernetes/controller-manager.conf', '--bind-address=127.0.0.1', '--client-ca-file=/run/config/pki/ca.crt', '--cluster-signing-cert-file=/run/config/pki/ca.crt', '--cluster-signing-key-file=/run/config/pki/ca.key', '--controllers=*,bootstrapsigner,tokencleaner', '--kubeconfig=/etc/kubernetes/controller-manager.conf', '--leader-elect=true', '--requestheader-client-ca-file=/run/config/pki/front-proxy-ca.crt', '--root-ca-file=/run/config/pki/ca.crt', '--service-account-private-key-file=/run/config/pki/sa.key', '--use-service-account-credentials=true'], 'resources': {'requests': {'cpu': '200m'}}, 'volumeMounts': [{'name': 'ca-certs', 'readOnly': True, 'mountPath': '/etc/ssl/certs'}, {'name': 'etc-ca-certificates', 'readOnly': True, 'mountPath': '/etc/ca-certificates'}, {'name': 'flexvolume-dir', 'mountPath': '/usr/libexec/kubernetes/kubelet-plugins/volume/exec'}, {'name': 'k8s-certs', 'readOnly': True, 'mountPath': '/run/config/pki'}, {'name': 'kubeconfig', 'readOnly': True, 'mountPath': '/etc/kubernetes/controller-manager.conf'}, {'name': 'usr-local-share-ca-certificates', 'readOnly': True, 'mountPath': '/usr/local/share/ca-certificates'}, {'name': 'usr-share-ca-certificates', 'readOnly': True, 'mountPath': '/usr/share/ca-certificates'}], 'livenessProbe': {'httpGet': {'path': '/healthz', 'port': 10252, 'host': '127.0.0.1', 'scheme': 'HTTP'}, 'initialDelaySeconds': 15, 'timeoutSeconds': 15, 'periodSeconds': 10, 'successThreshold': 1, 'failureThreshold': 8}, 'terminationMessagePath': '/dev/termination-log', 'terminationMessagePolicy': 'File', 'imagePullPolicy': 'IfNotPresent'}], 'restartPolicy': 'Always', 'terminationGracePeriodSeconds': 30, 'dnsPolicy': 'ClusterFirst', 'nodeName': 'docker-desktop', 'hostNetwork': True, 'securityContext': {}, 'schedulerName': 'default-scheduler', 'tolerations': [{'operator': 'Exists', 'effect': 'NoExecute'}], 'priorityClassName': 'system-cluster-critical', 'priority': 2000000000, 'enableServiceLinks': True}, 'status': {'phase': 'Running', 'conditions': [{'type': 'Initialized', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:27:58Z'}, {'type': 'Ready', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:00Z'}, {'type': 'ContainersReady', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:00Z'}, {'type': 'PodScheduled', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:27:58Z'}], 'hostIP': '192.168.65.3', 'podIP': '192.168.65.3', 'podIPs': [{'ip': '192.168.65.3'}], 'startTime': '2020-06-11T15:27:58Z', 'containerStatuses': [{'name': 'kube-controller-manager', 'state': {'running': {'startedAt': '2020-06-11T15:27:59Z'}}, 'lastState': {}, 'ready': True, 'restartCount': 0, 'image': 'k8s.gcr.io/kube-controller-manager:v1.16.5', 'imageID': 'docker-pullable://k8s.gcr.io/kube-controller-manager@sha256:d807554df171ba4f3b56aa2a63c2ef5b56af095fd7aebdeafedbbfcda5275d10', 'containerID': 'docker://4e6449610088727a8af4334c24f6b5e46f5599325de2b48d366f96b339e691cd', 'started': True}], 'qosClass': 'Burstable'}, 'kind': 'Pod', 'apiVersion': 'v1'}
[2020-06-11 08:39:24,177] kopf.objects         [DEBUG   ] [kube-system/kube-controller-manager-docker-desktop] Patching with: {'metadata': {'annotations': {'kopf.zalando.org/last-handled-configuration': '{"spec": {"volumes": [{"name": "ca-certs", "hostPath": {"path": "/etc/ssl/certs", "type": "DirectoryOrCreate"}}, {"name": "etc-ca-certificates", "hostPath": {"path": "/etc/ca-certificates", "type": "DirectoryOrCreate"}}, {"name": "flexvolume-dir", "hostPath": {"path": "/usr/libexec/kubernetes/kubelet-plugins/volume/exec", "type": "DirectoryOrCreate"}}, {"name": "k8s-certs", "hostPath": {"path": "/run/config/pki", "type": "DirectoryOrCreate"}}, {"name": "kubeconfig", "hostPath": {"path": "/etc/kubernetes/controller-manager.conf", "type": "FileOrCreate"}}, {"name": "usr-local-share-ca-certificates", "hostPath": {"path": "/usr/local/share/ca-certificates", "type": "DirectoryOrCreate"}}, {"name": "usr-share-ca-certificates", "hostPath": {"path": "/usr/share/ca-certificates", "type": "DirectoryOrCreate"}}], "containers": [{"name": "kube-controller-manager", "image": "k8s.gcr.io/kube-controller-manager:v1.16.5", "command": ["kube-controller-manager", "--authentication-kubeconfig=/etc/kubernetes/controller-manager.conf", "--authorization-kubeconfig=/etc/kubernetes/controller-manager.conf", "--bind-address=127.0.0.1", "--client-ca-file=/run/config/pki/ca.crt", "--cluster-signing-cert-file=/run/config/pki/ca.crt", "--cluster-signing-key-file=/run/config/pki/ca.key", "--controllers=*,bootstrapsigner,tokencleaner", "--kubeconfig=/etc/kubernetes/controller-manager.conf", "--leader-elect=true", "--requestheader-client-ca-file=/run/config/pki/front-proxy-ca.crt", "--root-ca-file=/run/config/pki/ca.crt", "--service-account-private-key-file=/run/config/pki/sa.key", "--use-service-account-credentials=true"], "resources": {"requests": {"cpu": "200m"}}, "volumeMounts": [{"name": "ca-certs", "readOnly": true, "mountPath": "/etc/ssl/certs"}, {"name": "etc-ca-certificates", "readOnly": true, "mountPath": "/etc/ca-certificates"}, {"name": "flexvolume-dir", "mountPath": "/usr/libexec/kubernetes/kubelet-plugins/volume/exec"}, {"name": "k8s-certs", "readOnly": true, "mountPath": "/run/config/pki"}, {"name": "kubeconfig", "readOnly": true, "mountPath": "/etc/kubernetes/controller-manager.conf"}, {"name": "usr-local-share-ca-certificates", "readOnly": true, "mountPath": "/usr/local/share/ca-certificates"}, {"name": "usr-share-ca-certificates", "readOnly": true, "mountPath": "/usr/share/ca-certificates"}], "livenessProbe": {"httpGet": {"path": "/healthz", "port": 10252, "host": "127.0.0.1", "scheme": "HTTP"}, "initialDelaySeconds": 15, "timeoutSeconds": 15, "periodSeconds": 10, "successThreshold": 1, "failureThreshold": 8}, "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent"}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "nodeName": "docker-desktop", "hostNetwork": true, "securityContext": {}, "schedulerName": "default-scheduler", "tolerations": [{"operator": "Exists", "effect": "NoExecute"}], "priorityClassName": "system-cluster-critical", "priority": 2000000000, "enableServiceLinks": true}, "metadata": {"labels": {"component": "kube-controller-manager", "tier": "control-plane"}, "annotations": {"kubernetes.io/config.hash": "9076958db0c2cc26f76def745bfc1928", "kubernetes.io/config.mirror": "9076958db0c2cc26f76def745bfc1928", "kubernetes.io/config.seen": "2020-06-11T15:27:37.966616437Z", "kubernetes.io/config.source": "file", "nulloperator/last-handled-configuration": "{\\"spec\\": {\\"volumes\\": [{\\"name\\": \\"ca-certs\\", \\"hostPath\\": {\\"path\\": \\"/etc/ssl/certs\\", \\"type\\": \\"DirectoryOrCreate\\"}}, {\\"name\\": \\"etc-ca-certificates\\", \\"hostPath\\": {\\"path\\": \\"/etc/ca-certificates\\", \\"type\\": \\"DirectoryOrCreate\\"}}, {\\"name\\": \\"flexvolume-dir\\", \\"hostPath\\": {\\"path\\": \\"/usr/libexec/kubernetes/kubelet-plugins/volume/exec\\", \\"type\\": \\"DirectoryOrCreate\\"}}, {\\"name\\": \\"k8s-certs\\", \\"hostPath\\": {\\"path\\": \\"/run/config/pki\\", \\"type\\": \\"DirectoryOrCreate\\"}}, {\\"name\\": \\"kubeconfig\\", \\"hostPath\\": {\\"path\\": \\"/etc/kubernetes/controller-manager.conf\\", \\"type\\": \\"FileOrCreate\\"}}, {\\"name\\": \\"usr-local-share-ca-certificates\\", \\"hostPath\\": {\\"path\\": \\"/usr/local/share/ca-certificates\\", \\"type\\": \\"DirectoryOrCreate\\"}}, {\\"name\\": \\"usr-share-ca-certificates\\", \\"hostPath\\": {\\"path\\": \\"/usr/share/ca-certificates\\", \\"type\\": \\"DirectoryOrCreate\\"}}], \\"containers\\": [{\\"name\\": \\"kube-controller-manager\\", \\"image\\": \\"k8s.gcr.io/kube-controller-manager:v1.16.5\\", \\"command\\": [\\"kube-controller-manager\\", \\"--authentication-kubeconfig=/etc/kubernetes/controller-manager.conf\\", \\"--authorization-kubeconfig=/etc/kubernetes/controller-manager.conf\\", \\"--bind-address=127.0.0.1\\", \\"--client-ca-file=/run/config/pki/ca.crt\\", \\"--cluster-signing-cert-file=/run/config/pki/ca.crt\\", \\"--cluster-signing-key-file=/run/config/pki/ca.key\\", \\"--controllers=*,bootstrapsigner,tokencleaner\\", \\"--kubeconfig=/etc/kubernetes/controller-manager.conf\\", \\"--leader-elect=true\\", \\"--requestheader-client-ca-file=/run/config/pki/front-proxy-ca.crt\\", \\"--root-ca-file=/run/config/pki/ca.crt\\", \\"--service-account-private-key-file=/run/config/pki/sa.key\\", \\"--use-service-account-credentials=true\\"], \\"resources\\": {\\"requests\\": {\\"cpu\\": \\"200m\\"}}, \\"volumeMounts\\": [{\\"name\\": \\"ca-certs\\", \\"readOnly\\": true, \\"mountPath\\": \\"/etc/ssl/certs\\"}, {\\"name\\": \\"etc-ca-certificates\\", \\"readOnly\\": true, \\"mountPath\\": \\"/etc/ca-certificates\\"}, {\\"name\\": \\"flexvolume-dir\\", \\"mountPath\\": \\"/usr/libexec/kubernetes/kubelet-plugins/volume/exec\\"}, {\\"name\\": \\"k8s-certs\\", \\"readOnly\\": true, \\"mountPath\\": \\"/run/config/pki\\"}, {\\"name\\": \\"kubeconfig\\", \\"readOnly\\": true, \\"mountPath\\": \\"/etc/kubernetes/controller-manager.conf\\"}, {\\"name\\": \\"usr-local-share-ca-certificates\\", \\"readOnly\\": true, \\"mountPath\\": \\"/usr/local/share/ca-certificates\\"}, {\\"name\\": \\"usr-share-ca-certificates\\", \\"readOnly\\": true, \\"mountPath\\": \\"/usr/share/ca-certificates\\"}], \\"livenessProbe\\": {\\"httpGet\\": {\\"path\\": \\"/healthz\\", \\"port\\": 10252, \\"host\\": \\"127.0.0.1\\", \\"scheme\\": \\"HTTP\\"}, \\"initialDelaySeconds\\": 15, \\"timeoutSeconds\\": 15, \\"periodSeconds\\": 10, \\"successThreshold\\": 1, \\"failureThreshold\\": 8}, \\"terminationMessagePath\\": \\"/dev/termination-log\\", \\"terminationMessagePolicy\\": \\"File\\", \\"imagePullPolicy\\": \\"IfNotPresent\\"}], \\"restartPolicy\\": \\"Always\\", \\"terminationGracePeriodSeconds\\": 30, \\"dnsPolicy\\": \\"ClusterFirst\\", \\"nodeName\\": \\"docker-desktop\\", \\"hostNetwork\\": true, \\"securityContext\\": {}, \\"schedulerName\\": \\"default-scheduler\\", \\"tolerations\\": [{\\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\"}], \\"priorityClassName\\": \\"system-cluster-critical\\", \\"priority\\": 2000000000, \\"enableServiceLinks\\": true}, \\"metadata\\": {\\"labels\\": {\\"component\\": \\"kube-controller-manager\\", \\"tier\\": \\"control-plane\\"}, \\"annotations\\": {\\"kubernetes.io/config.hash\\": \\"9076958db0c2cc26f76def745bfc1928\\", \\"kubernetes.io/config.mirror\\": \\"9076958db0c2cc26f76def745bfc1928\\", \\"kubernetes.io/config.seen\\": \\"2020-06-11T15:27:37.966616437Z\\", \\"kubernetes.io/config.source\\": \\"file\\"}}}"}}}'}}}
[2020-06-11 08:39:24,178] kopf.objects         [DEBUG   ] [kube-system/kube-proxy-cxcgf] Creation event: {'metadata': {'name': 'kube-proxy-cxcgf', 'generateName': 'kube-proxy-', 'namespace': 'kube-system', 'selfLink': '/api/v1/namespaces/kube-system/pods/kube-proxy-cxcgf', 'uid': '11af7ac5-f91c-4147-9278-42895babeca0', 'resourceVersion': '684', 'creationTimestamp': '2020-06-11T15:28:13Z', 'labels': {'controller-revision-hash': '759676c746', 'k8s-app': 'kube-proxy', 'pod-template-generation': '1'}, 'annotations': {'nulloperator/last-handled-configuration': '{"spec": {"volumes": [{"name": "kube-proxy", "configMap": {"name": "kube-proxy", "defaultMode": 420}}, {"name": "xtables-lock", "hostPath": {"path": "/run/xtables.lock", "type": "FileOrCreate"}}, {"name": "lib-modules", "hostPath": {"path": "/lib/modules", "type": ""}}, {"name": "kube-proxy-token-j7zjh", "secret": {"secretName": "kube-proxy-token-j7zjh", "defaultMode": 420}}], "containers": [{"name": "kube-proxy", "image": "k8s.gcr.io/kube-proxy:v1.16.5", "command": ["/usr/local/bin/kube-proxy", "--config=/var/lib/kube-proxy/config.conf", "--hostname-override=$(NODE_NAME)"], "env": [{"name": "NODE_NAME", "valueFrom": {"fieldRef": {"apiVersion": "v1", "fieldPath": "spec.nodeName"}}}], "resources": {}, "volumeMounts": [{"name": "kube-proxy", "mountPath": "/var/lib/kube-proxy"}, {"name": "xtables-lock", "mountPath": "/run/xtables.lock"}, {"name": "lib-modules", "readOnly": true, "mountPath": "/lib/modules"}, {"name": "kube-proxy-token-j7zjh", "readOnly": true, "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"}], "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent", "securityContext": {"privileged": true}}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "nodeSelector": {"beta.kubernetes.io/os": "linux"}, "serviceAccountName": "kube-proxy", "serviceAccount": "kube-proxy", "nodeName": "docker-desktop", "hostNetwork": true, "securityContext": {}, "affinity": {"nodeAffinity": {"requiredDuringSchedulingIgnoredDuringExecution": {"nodeSelectorTerms": [{"matchFields": [{"key": "metadata.name", "operator": "In", "values": ["docker-desktop"]}]}]}}}, "schedulerName": "default-scheduler", "tolerations": [{"key": "CriticalAddonsOnly", "operator": "Exists"}, {"operator": "Exists"}, {"key": "node.kubernetes.io/not-ready", "operator": "Exists", "effect": "NoExecute"}, {"key": "node.kubernetes.io/unreachable", "operator": "Exists", "effect": "NoExecute"}, {"key": "node.kubernetes.io/disk-pressure", "operator": "Exists", "effect": "NoSchedule"}, {"key": "node.kubernetes.io/memory-pressure", "operator": "Exists", "effect": "NoSchedule"}, {"key": "node.kubernetes.io/pid-pressure", "operator": "Exists", "effect": "NoSchedule"}, {"key": "node.kubernetes.io/unschedulable", "operator": "Exists", "effect": "NoSchedule"}, {"key": "node.kubernetes.io/network-unavailable", "operator": "Exists", "effect": "NoSchedule"}], "priorityClassName": "system-node-critical", "priority": 2000001000, "enableServiceLinks": true}, "metadata": {"labels": {"controller-revision-hash": "759676c746", "k8s-app": "kube-proxy", "pod-template-generation": "1"}, "annotations": {}}}'}, 'ownerReferences': [{'apiVersion': 'apps/v1', 'kind': 'DaemonSet', 'name': 'kube-proxy', 'uid': '6bc2e7ef-1681-4423-8617-7c20448ac0cf', 'controller': True, 'blockOwnerDeletion': True}]}, 'spec': {'volumes': [{'name': 'kube-proxy', 'configMap': {'name': 'kube-proxy', 'defaultMode': 420}}, {'name': 'xtables-lock', 'hostPath': {'path': '/run/xtables.lock', 'type': 'FileOrCreate'}}, {'name': 'lib-modules', 'hostPath': {'path': '/lib/modules', 'type': ''}}, {'name': 'kube-proxy-token-j7zjh', 'secret': {'secretName': 'kube-proxy-token-j7zjh', 'defaultMode': 420}}], 'containers': [{'name': 'kube-proxy', 'image': 'k8s.gcr.io/kube-proxy:v1.16.5', 'command': ['/usr/local/bin/kube-proxy', '--config=/var/lib/kube-proxy/config.conf', '--hostname-override=$(NODE_NAME)'], 'env': [{'name': 'NODE_NAME', 'valueFrom': {'fieldRef': {'apiVersion': 'v1', 'fieldPath': 'spec.nodeName'}}}], 'resources': {}, 'volumeMounts': [{'name': 'kube-proxy', 'mountPath': '/var/lib/kube-proxy'}, {'name': 'xtables-lock', 'mountPath': '/run/xtables.lock'}, {'name': 'lib-modules', 'readOnly': True, 'mountPath': '/lib/modules'}, {'name': 'kube-proxy-token-j7zjh', 'readOnly': True, 'mountPath': '/var/run/secrets/kubernetes.io/serviceaccount'}], 'terminationMessagePath': '/dev/termination-log', 'terminationMessagePolicy': 'File', 'imagePullPolicy': 'IfNotPresent', 'securityContext': {'privileged': True}}], 'restartPolicy': 'Always', 'terminationGracePeriodSeconds': 30, 'dnsPolicy': 'ClusterFirst', 'nodeSelector': {'beta.kubernetes.io/os': 'linux'}, 'serviceAccountName': 'kube-proxy', 'serviceAccount': 'kube-proxy', 'nodeName': 'docker-desktop', 'hostNetwork': True, 'securityContext': {}, 'affinity': {'nodeAffinity': {'requiredDuringSchedulingIgnoredDuringExecution': {'nodeSelectorTerms': [{'matchFields': [{'key': 'metadata.name', 'operator': 'In', 'values': ['docker-desktop']}]}]}}}, 'schedulerName': 'default-scheduler', 'tolerations': [{'key': 'CriticalAddonsOnly', 'operator': 'Exists'}, {'operator': 'Exists'}, {'key': 'node.kubernetes.io/not-ready', 'operator': 'Exists', 'effect': 'NoExecute'}, {'key': 'node.kubernetes.io/unreachable', 'operator': 'Exists', 'effect': 'NoExecute'}, {'key': 'node.kubernetes.io/disk-pressure', 'operator': 'Exists', 'effect': 'NoSchedule'}, {'key': 'node.kubernetes.io/memory-pressure', 'operator': 'Exists', 'effect': 'NoSchedule'}, {'key': 'node.kubernetes.io/pid-pressure', 'operator': 'Exists', 'effect': 'NoSchedule'}, {'key': 'node.kubernetes.io/unschedulable', 'operator': 'Exists', 'effect': 'NoSchedule'}, {'key': 'node.kubernetes.io/network-unavailable', 'operator': 'Exists', 'effect': 'NoSchedule'}], 'priorityClassName': 'system-node-critical', 'priority': 2000001000, 'enableServiceLinks': True}, 'status': {'phase': 'Running', 'conditions': [{'type': 'Initialized', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:13Z'}, {'type': 'Ready', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:13Z'}, {'type': 'ContainersReady', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:13Z'}, {'type': 'PodScheduled', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:28:13Z'}], 'hostIP': '192.168.65.3', 'podIP': '192.168.65.3', 'podIPs': [{'ip': '192.168.65.3'}], 'startTime': '2020-06-11T15:28:13Z', 'containerStatuses': [{'name': 'kube-proxy', 'state': {'running': {'startedAt': '2020-06-11T15:28:13Z'}}, 'lastState': {}, 'ready': True, 'restartCount': 0, 'image': 'k8s.gcr.io/kube-proxy:v1.16.5', 'imageID': 'docker-pullable://k8s.gcr.io/kube-proxy@sha256:166939d1b8d0988d675a027f459e40fbded092887905cc1b62b7e4cb67d493c5', 'containerID': 'docker://06a92a736159d79c6796916701636559c6cab9def15d26bf0ca721e283e10a9b', 'started': True}], 'qosClass': 'BestEffort'}, 'kind': 'Pod', 'apiVersion': 'v1'}
[2020-06-11 08:39:24,179] kopf.objects         [DEBUG   ] [kube-system/kube-proxy-cxcgf] Patching with: {'metadata': {'annotations': {'kopf.zalando.org/last-handled-configuration': '{"spec": {"volumes": [{"name": "kube-proxy", "configMap": {"name": "kube-proxy", "defaultMode": 420}}, {"name": "xtables-lock", "hostPath": {"path": "/run/xtables.lock", "type": "FileOrCreate"}}, {"name": "lib-modules", "hostPath": {"path": "/lib/modules", "type": ""}}, {"name": "kube-proxy-token-j7zjh", "secret": {"secretName": "kube-proxy-token-j7zjh", "defaultMode": 420}}], "containers": [{"name": "kube-proxy", "image": "k8s.gcr.io/kube-proxy:v1.16.5", "command": ["/usr/local/bin/kube-proxy", "--config=/var/lib/kube-proxy/config.conf", "--hostname-override=$(NODE_NAME)"], "env": [{"name": "NODE_NAME", "valueFrom": {"fieldRef": {"apiVersion": "v1", "fieldPath": "spec.nodeName"}}}], "resources": {}, "volumeMounts": [{"name": "kube-proxy", "mountPath": "/var/lib/kube-proxy"}, {"name": "xtables-lock", "mountPath": "/run/xtables.lock"}, {"name": "lib-modules", "readOnly": true, "mountPath": "/lib/modules"}, {"name": "kube-proxy-token-j7zjh", "readOnly": true, "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"}], "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent", "securityContext": {"privileged": true}}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "nodeSelector": {"beta.kubernetes.io/os": "linux"}, "serviceAccountName": "kube-proxy", "serviceAccount": "kube-proxy", "nodeName": "docker-desktop", "hostNetwork": true, "securityContext": {}, "affinity": {"nodeAffinity": {"requiredDuringSchedulingIgnoredDuringExecution": {"nodeSelectorTerms": [{"matchFields": [{"key": "metadata.name", "operator": "In", "values": ["docker-desktop"]}]}]}}}, "schedulerName": "default-scheduler", "tolerations": [{"key": "CriticalAddonsOnly", "operator": "Exists"}, {"operator": "Exists"}, {"key": "node.kubernetes.io/not-ready", "operator": "Exists", "effect": "NoExecute"}, {"key": "node.kubernetes.io/unreachable", "operator": "Exists", "effect": "NoExecute"}, {"key": "node.kubernetes.io/disk-pressure", "operator": "Exists", "effect": "NoSchedule"}, {"key": "node.kubernetes.io/memory-pressure", "operator": "Exists", "effect": "NoSchedule"}, {"key": "node.kubernetes.io/pid-pressure", "operator": "Exists", "effect": "NoSchedule"}, {"key": "node.kubernetes.io/unschedulable", "operator": "Exists", "effect": "NoSchedule"}, {"key": "node.kubernetes.io/network-unavailable", "operator": "Exists", "effect": "NoSchedule"}], "priorityClassName": "system-node-critical", "priority": 2000001000, "enableServiceLinks": true}, "metadata": {"labels": {"controller-revision-hash": "759676c746", "k8s-app": "kube-proxy", "pod-template-generation": "1"}, "annotations": {"nulloperator/last-handled-configuration": "{\\"spec\\": {\\"volumes\\": [{\\"name\\": \\"kube-proxy\\", \\"configMap\\": {\\"name\\": \\"kube-proxy\\", \\"defaultMode\\": 420}}, {\\"name\\": \\"xtables-lock\\", \\"hostPath\\": {\\"path\\": \\"/run/xtables.lock\\", \\"type\\": \\"FileOrCreate\\"}}, {\\"name\\": \\"lib-modules\\", \\"hostPath\\": {\\"path\\": \\"/lib/modules\\", \\"type\\": \\"\\"}}, {\\"name\\": \\"kube-proxy-token-j7zjh\\", \\"secret\\": {\\"secretName\\": \\"kube-proxy-token-j7zjh\\", \\"defaultMode\\": 420}}], \\"containers\\": [{\\"name\\": \\"kube-proxy\\", \\"image\\": \\"k8s.gcr.io/kube-proxy:v1.16.5\\", \\"command\\": [\\"/usr/local/bin/kube-proxy\\", \\"--config=/var/lib/kube-proxy/config.conf\\", \\"--hostname-override=$(NODE_NAME)\\"], \\"env\\": [{\\"name\\": \\"NODE_NAME\\", \\"valueFrom\\": {\\"fieldRef\\": {\\"apiVersion\\": \\"v1\\", \\"fieldPath\\": \\"spec.nodeName\\"}}}], \\"resources\\": {}, \\"volumeMounts\\": [{\\"name\\": \\"kube-proxy\\", \\"mountPath\\": \\"/var/lib/kube-proxy\\"}, {\\"name\\": \\"xtables-lock\\", \\"mountPath\\": \\"/run/xtables.lock\\"}, {\\"name\\": \\"lib-modules\\", \\"readOnly\\": true, \\"mountPath\\": \\"/lib/modules\\"}, {\\"name\\": \\"kube-proxy-token-j7zjh\\", \\"readOnly\\": true, \\"mountPath\\": \\"/var/run/secrets/kubernetes.io/serviceaccount\\"}], \\"terminationMessagePath\\": \\"/dev/termination-log\\", \\"terminationMessagePolicy\\": \\"File\\", \\"imagePullPolicy\\": \\"IfNotPresent\\", \\"securityContext\\": {\\"privileged\\": true}}], \\"restartPolicy\\": \\"Always\\", \\"terminationGracePeriodSeconds\\": 30, \\"dnsPolicy\\": \\"ClusterFirst\\", \\"nodeSelector\\": {\\"beta.kubernetes.io/os\\": \\"linux\\"}, \\"serviceAccountName\\": \\"kube-proxy\\", \\"serviceAccount\\": \\"kube-proxy\\", \\"nodeName\\": \\"docker-desktop\\", \\"hostNetwork\\": true, \\"securityContext\\": {}, \\"affinity\\": {\\"nodeAffinity\\": {\\"requiredDuringSchedulingIgnoredDuringExecution\\": {\\"nodeSelectorTerms\\": [{\\"matchFields\\": [{\\"key\\": \\"metadata.name\\", \\"operator\\": \\"In\\", \\"values\\": [\\"docker-desktop\\"]}]}]}}}, \\"schedulerName\\": \\"default-scheduler\\", \\"tolerations\\": [{\\"key\\": \\"CriticalAddonsOnly\\", \\"operator\\": \\"Exists\\"}, {\\"operator\\": \\"Exists\\"}, {\\"key\\": \\"node.kubernetes.io/not-ready\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\"}, {\\"key\\": \\"node.kubernetes.io/unreachable\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\"}, {\\"key\\": \\"node.kubernetes.io/disk-pressure\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoSchedule\\"}, {\\"key\\": \\"node.kubernetes.io/memory-pressure\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoSchedule\\"}, {\\"key\\": \\"node.kubernetes.io/pid-pressure\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoSchedule\\"}, {\\"key\\": \\"node.kubernetes.io/unschedulable\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoSchedule\\"}, {\\"key\\": \\"node.kubernetes.io/network-unavailable\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoSchedule\\"}], \\"priorityClassName\\": \\"system-node-critical\\", \\"priority\\": 2000001000, \\"enableServiceLinks\\": true}, \\"metadata\\": {\\"labels\\": {\\"controller-revision-hash\\": \\"759676c746\\", \\"k8s-app\\": \\"kube-proxy\\", \\"pod-template-generation\\": \\"1\\"}, \\"annotations\\": {}}}"}}}'}}}
[2020-06-11 08:39:24,180] kopf.objects         [DEBUG   ] [kube-system/kube-scheduler-docker-desktop] Creation event: {'metadata': {'name': 'kube-scheduler-docker-desktop', 'namespace': 'kube-system', 'selfLink': '/api/v1/namespaces/kube-system/pods/kube-scheduler-docker-desktop', 'uid': 'd9aad591-b398-425f-bffe-6f135567b489', 'resourceVersion': '673', 'creationTimestamp': '2020-06-11T15:29:31Z', 'labels': {'component': 'kube-scheduler', 'tier': 'control-plane'}, 'annotations': {'kubernetes.io/config.hash': '28dd1b1230fbe15350eb1b896ae9493d', 'kubernetes.io/config.mirror': '28dd1b1230fbe15350eb1b896ae9493d', 'kubernetes.io/config.seen': '2020-06-11T15:27:37.966609353Z', 'kubernetes.io/config.source': 'file', 'nulloperator/last-handled-configuration': '{"spec": {"volumes": [{"name": "kubeconfig", "hostPath": {"path": "/etc/kubernetes/scheduler.conf", "type": "FileOrCreate"}}], "containers": [{"name": "kube-scheduler", "image": "k8s.gcr.io/kube-scheduler:v1.16.5", "command": ["kube-scheduler", "--authentication-kubeconfig=/etc/kubernetes/scheduler.conf", "--authorization-kubeconfig=/etc/kubernetes/scheduler.conf", "--bind-address=127.0.0.1", "--kubeconfig=/etc/kubernetes/scheduler.conf", "--leader-elect=true"], "resources": {"requests": {"cpu": "100m"}}, "volumeMounts": [{"name": "kubeconfig", "readOnly": true, "mountPath": "/etc/kubernetes/scheduler.conf"}], "livenessProbe": {"httpGet": {"path": "/healthz", "port": 10251, "host": "127.0.0.1", "scheme": "HTTP"}, "initialDelaySeconds": 15, "timeoutSeconds": 15, "periodSeconds": 10, "successThreshold": 1, "failureThreshold": 8}, "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent"}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "nodeName": "docker-desktop", "hostNetwork": true, "securityContext": {}, "schedulerName": "default-scheduler", "tolerations": [{"operator": "Exists", "effect": "NoExecute"}], "priorityClassName": "system-cluster-critical", "priority": 2000000000, "enableServiceLinks": true}, "metadata": {"labels": {"component": "kube-scheduler", "tier": "control-plane"}, "annotations": {"kubernetes.io/config.hash": "28dd1b1230fbe15350eb1b896ae9493d", "kubernetes.io/config.mirror": "28dd1b1230fbe15350eb1b896ae9493d", "kubernetes.io/config.seen": "2020-06-11T15:27:37.966609353Z", "kubernetes.io/config.source": "file"}}}'}}, 'spec': {'volumes': [{'name': 'kubeconfig', 'hostPath': {'path': '/etc/kubernetes/scheduler.conf', 'type': 'FileOrCreate'}}], 'containers': [{'name': 'kube-scheduler', 'image': 'k8s.gcr.io/kube-scheduler:v1.16.5', 'command': ['kube-scheduler', '--authentication-kubeconfig=/etc/kubernetes/scheduler.conf', '--authorization-kubeconfig=/etc/kubernetes/scheduler.conf', '--bind-address=127.0.0.1', '--kubeconfig=/etc/kubernetes/scheduler.conf', '--leader-elect=true'], 'resources': {'requests': {'cpu': '100m'}}, 'volumeMounts': [{'name': 'kubeconfig', 'readOnly': True, 'mountPath': '/etc/kubernetes/scheduler.conf'}], 'livenessProbe': {'httpGet': {'path': '/healthz', 'port': 10251, 'host': '127.0.0.1', 'scheme': 'HTTP'}, 'initialDelaySeconds': 15, 'timeoutSeconds': 15, 'periodSeconds': 10, 'successThreshold': 1, 'failureThreshold': 8}, 'terminationMessagePath': '/dev/termination-log', 'terminationMessagePolicy': 'File', 'imagePullPolicy': 'IfNotPresent'}], 'restartPolicy': 'Always', 'terminationGracePeriodSeconds': 30, 'dnsPolicy': 'ClusterFirst', 'nodeName': 'docker-desktop', 'hostNetwork': True, 'securityContext': {}, 'schedulerName': 'default-scheduler', 'tolerations': [{'operator': 'Exists', 'effect': 'NoExecute'}], 'priorityClassName': 'system-cluster-critical', 'priority': 2000000000, 'enableServiceLinks': True}, 'status': {'phase': 'Running', 'conditions': [{'type': 'Initialized', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:27:58Z'}, {'type': 'Ready', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:27:59Z'}, {'type': 'ContainersReady', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:27:59Z'}, {'type': 'PodScheduled', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:27:58Z'}], 'hostIP': '192.168.65.3', 'podIP': '192.168.65.3', 'podIPs': [{'ip': '192.168.65.3'}], 'startTime': '2020-06-11T15:27:58Z', 'containerStatuses': [{'name': 'kube-scheduler', 'state': {'running': {'startedAt': '2020-06-11T15:27:59Z'}}, 'lastState': {}, 'ready': True, 'restartCount': 0, 'image': 'k8s.gcr.io/kube-scheduler:v1.16.5', 'imageID': 'docker-pullable://k8s.gcr.io/kube-scheduler@sha256:8f20c90afce972ae51acaf425b7bdb6445f54168b52ea311b2b89adf5db1acac', 'containerID': 'docker://5c541991da5b3ca9f2123a1599700091e1f965487ca1b388458615542e77998b', 'started': True}], 'qosClass': 'Burstable'}, 'kind': 'Pod', 'apiVersion': 'v1'}
[2020-06-11 08:39:24,180] kopf.objects         [DEBUG   ] [kube-system/kube-scheduler-docker-desktop] Patching with: {'metadata': {'annotations': {'kopf.zalando.org/last-handled-configuration': '{"spec": {"volumes": [{"name": "kubeconfig", "hostPath": {"path": "/etc/kubernetes/scheduler.conf", "type": "FileOrCreate"}}], "containers": [{"name": "kube-scheduler", "image": "k8s.gcr.io/kube-scheduler:v1.16.5", "command": ["kube-scheduler", "--authentication-kubeconfig=/etc/kubernetes/scheduler.conf", "--authorization-kubeconfig=/etc/kubernetes/scheduler.conf", "--bind-address=127.0.0.1", "--kubeconfig=/etc/kubernetes/scheduler.conf", "--leader-elect=true"], "resources": {"requests": {"cpu": "100m"}}, "volumeMounts": [{"name": "kubeconfig", "readOnly": true, "mountPath": "/etc/kubernetes/scheduler.conf"}], "livenessProbe": {"httpGet": {"path": "/healthz", "port": 10251, "host": "127.0.0.1", "scheme": "HTTP"}, "initialDelaySeconds": 15, "timeoutSeconds": 15, "periodSeconds": 10, "successThreshold": 1, "failureThreshold": 8}, "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent"}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "nodeName": "docker-desktop", "hostNetwork": true, "securityContext": {}, "schedulerName": "default-scheduler", "tolerations": [{"operator": "Exists", "effect": "NoExecute"}], "priorityClassName": "system-cluster-critical", "priority": 2000000000, "enableServiceLinks": true}, "metadata": {"labels": {"component": "kube-scheduler", "tier": "control-plane"}, "annotations": {"kubernetes.io/config.hash": "28dd1b1230fbe15350eb1b896ae9493d", "kubernetes.io/config.mirror": "28dd1b1230fbe15350eb1b896ae9493d", "kubernetes.io/config.seen": "2020-06-11T15:27:37.966609353Z", "kubernetes.io/config.source": "file", "nulloperator/last-handled-configuration": "{\\"spec\\": {\\"volumes\\": [{\\"name\\": \\"kubeconfig\\", \\"hostPath\\": {\\"path\\": \\"/etc/kubernetes/scheduler.conf\\", \\"type\\": \\"FileOrCreate\\"}}], \\"containers\\": [{\\"name\\": \\"kube-scheduler\\", \\"image\\": \\"k8s.gcr.io/kube-scheduler:v1.16.5\\", \\"command\\": [\\"kube-scheduler\\", \\"--authentication-kubeconfig=/etc/kubernetes/scheduler.conf\\", \\"--authorization-kubeconfig=/etc/kubernetes/scheduler.conf\\", \\"--bind-address=127.0.0.1\\", \\"--kubeconfig=/etc/kubernetes/scheduler.conf\\", \\"--leader-elect=true\\"], \\"resources\\": {\\"requests\\": {\\"cpu\\": \\"100m\\"}}, \\"volumeMounts\\": [{\\"name\\": \\"kubeconfig\\", \\"readOnly\\": true, \\"mountPath\\": \\"/etc/kubernetes/scheduler.conf\\"}], \\"livenessProbe\\": {\\"httpGet\\": {\\"path\\": \\"/healthz\\", \\"port\\": 10251, \\"host\\": \\"127.0.0.1\\", \\"scheme\\": \\"HTTP\\"}, \\"initialDelaySeconds\\": 15, \\"timeoutSeconds\\": 15, \\"periodSeconds\\": 10, \\"successThreshold\\": 1, \\"failureThreshold\\": 8}, \\"terminationMessagePath\\": \\"/dev/termination-log\\", \\"terminationMessagePolicy\\": \\"File\\", \\"imagePullPolicy\\": \\"IfNotPresent\\"}], \\"restartPolicy\\": \\"Always\\", \\"terminationGracePeriodSeconds\\": 30, \\"dnsPolicy\\": \\"ClusterFirst\\", \\"nodeName\\": \\"docker-desktop\\", \\"hostNetwork\\": true, \\"securityContext\\": {}, \\"schedulerName\\": \\"default-scheduler\\", \\"tolerations\\": [{\\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\"}], \\"priorityClassName\\": \\"system-cluster-critical\\", \\"priority\\": 2000000000, \\"enableServiceLinks\\": true}, \\"metadata\\": {\\"labels\\": {\\"component\\": \\"kube-scheduler\\", \\"tier\\": \\"control-plane\\"}, \\"annotations\\": {\\"kubernetes.io/config.hash\\": \\"28dd1b1230fbe15350eb1b896ae9493d\\", \\"kubernetes.io/config.mirror\\": \\"28dd1b1230fbe15350eb1b896ae9493d\\", \\"kubernetes.io/config.seen\\": \\"2020-06-11T15:27:37.966609353Z\\", \\"kubernetes.io/config.source\\": \\"file\\"}}}"}}}'}}}
[2020-06-11 08:39:24,181] kopf.objects         [DEBUG   ] [kube-system/storage-provisioner] Creation event: {'metadata': {'name': 'storage-provisioner', 'namespace': 'kube-system', 'selfLink': '/api/v1/namespaces/kube-system/pods/storage-provisioner', 'uid': '78c5193c-a1ca-4a06-a4fb-6260545ceb14', 'resourceVersion': '678', 'creationTimestamp': '2020-06-11T15:29:18Z', 'labels': {'component': 'storage-provisioner'}, 'annotations': {'kubectl.kubernetes.io/last-applied-configuration': '{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"labels":{"component":"storage-provisioner"},"name":"storage-provisioner","namespace":"kube-system"},"spec":{"containers":[{"args":["/var/lib/k8s-pvs"],"image":"docker/desktop-storage-provisioner:v1.1","imagePullPolicy":"IfNotPresent","name":"storage-provisioner","volumeMounts":[{"mountPath":"/var/lib/k8s-pvs","name":"pvs"}]}],"serviceAccountName":"storage-provisioner","volumes":[{"hostPath":{"path":"/var/lib/k8s-pvs","type":"Directory"},"name":"pvs"}]}}\n', 'nulloperator/last-handled-configuration': '{"spec": {"volumes": [{"name": "pvs", "hostPath": {"path": "/var/lib/k8s-pvs", "type": "Directory"}}, {"name": "storage-provisioner-token-m9w9c", "secret": {"secretName": "storage-provisioner-token-m9w9c", "defaultMode": 420}}], "containers": [{"name": "storage-provisioner", "image": "docker/desktop-storage-provisioner:v1.1", "args": ["/var/lib/k8s-pvs"], "resources": {}, "volumeMounts": [{"name": "pvs", "mountPath": "/var/lib/k8s-pvs"}, {"name": "storage-provisioner-token-m9w9c", "readOnly": true, "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"}], "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent"}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "serviceAccountName": "storage-provisioner", "serviceAccount": "storage-provisioner", "nodeName": "docker-desktop", "securityContext": {}, "schedulerName": "default-scheduler", "tolerations": [{"key": "node.kubernetes.io/not-ready", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}, {"key": "node.kubernetes.io/unreachable", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}], "priority": 0, "enableServiceLinks": true}, "metadata": {"labels": {"component": "storage-provisioner"}, "annotations": {}}}'}}, 'spec': {'volumes': [{'name': 'pvs', 'hostPath': {'path': '/var/lib/k8s-pvs', 'type': 'Directory'}}, {'name': 'storage-provisioner-token-m9w9c', 'secret': {'secretName': 'storage-provisioner-token-m9w9c', 'defaultMode': 420}}], 'containers': [{'name': 'storage-provisioner', 'image': 'docker/desktop-storage-provisioner:v1.1', 'args': ['/var/lib/k8s-pvs'], 'resources': {}, 'volumeMounts': [{'name': 'pvs', 'mountPath': '/var/lib/k8s-pvs'}, {'name': 'storage-provisioner-token-m9w9c', 'readOnly': True, 'mountPath': '/var/run/secrets/kubernetes.io/serviceaccount'}], 'terminationMessagePath': '/dev/termination-log', 'terminationMessagePolicy': 'File', 'imagePullPolicy': 'IfNotPresent'}], 'restartPolicy': 'Always', 'terminationGracePeriodSeconds': 30, 'dnsPolicy': 'ClusterFirst', 'serviceAccountName': 'storage-provisioner', 'serviceAccount': 'storage-provisioner', 'nodeName': 'docker-desktop', 'securityContext': {}, 'schedulerName': 'default-scheduler', 'tolerations': [{'key': 'node.kubernetes.io/not-ready', 'operator': 'Exists', 'effect': 'NoExecute', 'tolerationSeconds': 300}, {'key': 'node.kubernetes.io/unreachable', 'operator': 'Exists', 'effect': 'NoExecute', 'tolerationSeconds': 300}], 'priority': 0, 'enableServiceLinks': True}, 'status': {'phase': 'Running', 'conditions': [{'type': 'Initialized', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:29:18Z'}, {'type': 'Ready', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:29:19Z'}, {'type': 'ContainersReady', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:29:19Z'}, {'type': 'PodScheduled', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:29:18Z'}], 'hostIP': '192.168.65.3', 'podIP': '10.1.5.89', 'podIPs': [{'ip': '10.1.5.89'}], 'startTime': '2020-06-11T15:29:18Z', 'containerStatuses': [{'name': 'storage-provisioner', 'state': {'running': {'startedAt': '2020-06-11T15:29:19Z'}}, 'lastState': {}, 'ready': True, 'restartCount': 0, 'image': 'docker/desktop-storage-provisioner:v1.1', 'imageID': 'docker-pullable://docker/desktop-storage-provisioner@sha256:b39d74c0eb50b82375f916ff2bf0d10cccff09015e01c55eaa123ec6549c4177', 'containerID': 'docker://427f935a3497df610797ad050d3e42a7d820dde546eea45483b5d0254b97bcd5', 'started': True}], 'qosClass': 'BestEffort'}, 'kind': 'Pod', 'apiVersion': 'v1'}
[2020-06-11 08:39:24,182] kopf.objects         [DEBUG   ] [kube-system/storage-provisioner] Patching with: {'metadata': {'annotations': {'kopf.zalando.org/last-handled-configuration': '{"spec": {"volumes": [{"name": "pvs", "hostPath": {"path": "/var/lib/k8s-pvs", "type": "Directory"}}, {"name": "storage-provisioner-token-m9w9c", "secret": {"secretName": "storage-provisioner-token-m9w9c", "defaultMode": 420}}], "containers": [{"name": "storage-provisioner", "image": "docker/desktop-storage-provisioner:v1.1", "args": ["/var/lib/k8s-pvs"], "resources": {}, "volumeMounts": [{"name": "pvs", "mountPath": "/var/lib/k8s-pvs"}, {"name": "storage-provisioner-token-m9w9c", "readOnly": true, "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"}], "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent"}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "serviceAccountName": "storage-provisioner", "serviceAccount": "storage-provisioner", "nodeName": "docker-desktop", "securityContext": {}, "schedulerName": "default-scheduler", "tolerations": [{"key": "node.kubernetes.io/not-ready", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}, {"key": "node.kubernetes.io/unreachable", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}], "priority": 0, "enableServiceLinks": true}, "metadata": {"labels": {"component": "storage-provisioner"}, "annotations": {"nulloperator/last-handled-configuration": "{\\"spec\\": {\\"volumes\\": [{\\"name\\": \\"pvs\\", \\"hostPath\\": {\\"path\\": \\"/var/lib/k8s-pvs\\", \\"type\\": \\"Directory\\"}}, {\\"name\\": \\"storage-provisioner-token-m9w9c\\", \\"secret\\": {\\"secretName\\": \\"storage-provisioner-token-m9w9c\\", \\"defaultMode\\": 420}}], \\"containers\\": [{\\"name\\": \\"storage-provisioner\\", \\"image\\": \\"docker/desktop-storage-provisioner:v1.1\\", \\"args\\": [\\"/var/lib/k8s-pvs\\"], \\"resources\\": {}, \\"volumeMounts\\": [{\\"name\\": \\"pvs\\", \\"mountPath\\": \\"/var/lib/k8s-pvs\\"}, {\\"name\\": \\"storage-provisioner-token-m9w9c\\", \\"readOnly\\": true, \\"mountPath\\": \\"/var/run/secrets/kubernetes.io/serviceaccount\\"}], \\"terminationMessagePath\\": \\"/dev/termination-log\\", \\"terminationMessagePolicy\\": \\"File\\", \\"imagePullPolicy\\": \\"IfNotPresent\\"}], \\"restartPolicy\\": \\"Always\\", \\"terminationGracePeriodSeconds\\": 30, \\"dnsPolicy\\": \\"ClusterFirst\\", \\"serviceAccountName\\": \\"storage-provisioner\\", \\"serviceAccount\\": \\"storage-provisioner\\", \\"nodeName\\": \\"docker-desktop\\", \\"securityContext\\": {}, \\"schedulerName\\": \\"default-scheduler\\", \\"tolerations\\": [{\\"key\\": \\"node.kubernetes.io/not-ready\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\", \\"tolerationSeconds\\": 300}, {\\"key\\": \\"node.kubernetes.io/unreachable\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\", \\"tolerationSeconds\\": 300}], \\"priority\\": 0, \\"enableServiceLinks\\": true}, \\"metadata\\": {\\"labels\\": {\\"component\\": \\"storage-provisioner\\"}, \\"annotations\\": {}}}"}}}'}}}
[2020-06-11 08:39:24,183] kopf.objects         [DEBUG   ] [kube-system/vpnkit-controller] Creation event: {'metadata': {'name': 'vpnkit-controller', 'namespace': 'kube-system', 'selfLink': '/api/v1/namespaces/kube-system/pods/vpnkit-controller', 'uid': '8594161b-2d1b-46a3-898b-609a975b637c', 'resourceVersion': '681', 'creationTimestamp': '2020-06-11T15:29:18Z', 'labels': {'component': 'vpnkit-controller'}, 'annotations': {'kubectl.kubernetes.io/last-applied-configuration': '{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"labels":{"component":"vpnkit-controller"},"name":"vpnkit-controller","namespace":"kube-system"},"spec":{"containers":[{"command":["/kube-vpnkit-forwarder","-path","/run/host-services/backend.sock"],"image":"docker/desktop-vpnkit-controller:v1.0","imagePullPolicy":"IfNotPresent","name":"vpnkit-controller","volumeMounts":[{"mountPath":"/run/host-services/backend.sock","name":"api"}]}],"serviceAccountName":"vpnkit-controller","volumes":[{"hostPath":{"path":"/run/host-services/backend.sock"},"name":"api"}]}}\n', 'nulloperator/last-handled-configuration': '{"spec": {"volumes": [{"name": "api", "hostPath": {"path": "/run/host-services/backend.sock", "type": ""}}, {"name": "vpnkit-controller-token-zm9gt", "secret": {"secretName": "vpnkit-controller-token-zm9gt", "defaultMode": 420}}], "containers": [{"name": "vpnkit-controller", "image": "docker/desktop-vpnkit-controller:v1.0", "command": ["/kube-vpnkit-forwarder", "-path", "/run/host-services/backend.sock"], "resources": {}, "volumeMounts": [{"name": "api", "mountPath": "/run/host-services/backend.sock"}, {"name": "vpnkit-controller-token-zm9gt", "readOnly": true, "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"}], "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent"}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "serviceAccountName": "vpnkit-controller", "serviceAccount": "vpnkit-controller", "nodeName": "docker-desktop", "securityContext": {}, "schedulerName": "default-scheduler", "tolerations": [{"key": "node.kubernetes.io/not-ready", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}, {"key": "node.kubernetes.io/unreachable", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}], "priority": 0, "enableServiceLinks": true}, "metadata": {"labels": {"component": "vpnkit-controller"}, "annotations": {}}}'}}, 'spec': {'volumes': [{'name': 'api', 'hostPath': {'path': '/run/host-services/backend.sock', 'type': ''}}, {'name': 'vpnkit-controller-token-zm9gt', 'secret': {'secretName': 'vpnkit-controller-token-zm9gt', 'defaultMode': 420}}], 'containers': [{'name': 'vpnkit-controller', 'image': 'docker/desktop-vpnkit-controller:v1.0', 'command': ['/kube-vpnkit-forwarder', '-path', '/run/host-services/backend.sock'], 'resources': {}, 'volumeMounts': [{'name': 'api', 'mountPath': '/run/host-services/backend.sock'}, {'name': 'vpnkit-controller-token-zm9gt', 'readOnly': True, 'mountPath': '/var/run/secrets/kubernetes.io/serviceaccount'}], 'terminationMessagePath': '/dev/termination-log', 'terminationMessagePolicy': 'File', 'imagePullPolicy': 'IfNotPresent'}], 'restartPolicy': 'Always', 'terminationGracePeriodSeconds': 30, 'dnsPolicy': 'ClusterFirst', 'serviceAccountName': 'vpnkit-controller', 'serviceAccount': 'vpnkit-controller', 'nodeName': 'docker-desktop', 'securityContext': {}, 'schedulerName': 'default-scheduler', 'tolerations': [{'key': 'node.kubernetes.io/not-ready', 'operator': 'Exists', 'effect': 'NoExecute', 'tolerationSeconds': 300}, {'key': 'node.kubernetes.io/unreachable', 'operator': 'Exists', 'effect': 'NoExecute', 'tolerationSeconds': 300}], 'priority': 0, 'enableServiceLinks': True}, 'status': {'phase': 'Running', 'conditions': [{'type': 'Initialized', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:29:18Z'}, {'type': 'Ready', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:29:20Z'}, {'type': 'ContainersReady', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:29:20Z'}, {'type': 'PodScheduled', 'status': 'True', 'lastProbeTime': None, 'lastTransitionTime': '2020-06-11T15:29:18Z'}], 'hostIP': '192.168.65.3', 'podIP': '10.1.5.88', 'podIPs': [{'ip': '10.1.5.88'}], 'startTime': '2020-06-11T15:29:18Z', 'containerStatuses': [{'name': 'vpnkit-controller', 'state': {'running': {'startedAt': '2020-06-11T15:29:19Z'}}, 'lastState': {}, 'ready': True, 'restartCount': 0, 'image': 'docker/desktop-vpnkit-controller:v1.0', 'imageID': 'docker-pullable://docker/desktop-vpnkit-controller@sha256:6800d69751e483710a0949fbd01c459934a18ede9d227166def0af44f3a46970', 'containerID': 'docker://c9e27f4891a58743f3c0d9d53bb2b0173a92451fa58dcf1c4ffd728cd4015644', 'started': True}], 'qosClass': 'BestEffort'}, 'kind': 'Pod', 'apiVersion': 'v1'}
[2020-06-11 08:39:24,183] kopf.objects         [DEBUG   ] [kube-system/vpnkit-controller] Patching with: {'metadata': {'annotations': {'kopf.zalando.org/last-handled-configuration': '{"spec": {"volumes": [{"name": "api", "hostPath": {"path": "/run/host-services/backend.sock", "type": ""}}, {"name": "vpnkit-controller-token-zm9gt", "secret": {"secretName": "vpnkit-controller-token-zm9gt", "defaultMode": 420}}], "containers": [{"name": "vpnkit-controller", "image": "docker/desktop-vpnkit-controller:v1.0", "command": ["/kube-vpnkit-forwarder", "-path", "/run/host-services/backend.sock"], "resources": {}, "volumeMounts": [{"name": "api", "mountPath": "/run/host-services/backend.sock"}, {"name": "vpnkit-controller-token-zm9gt", "readOnly": true, "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"}], "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "IfNotPresent"}], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "serviceAccountName": "vpnkit-controller", "serviceAccount": "vpnkit-controller", "nodeName": "docker-desktop", "securityContext": {}, "schedulerName": "default-scheduler", "tolerations": [{"key": "node.kubernetes.io/not-ready", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}, {"key": "node.kubernetes.io/unreachable", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}], "priority": 0, "enableServiceLinks": true}, "metadata": {"labels": {"component": "vpnkit-controller"}, "annotations": {"nulloperator/last-handled-configuration": "{\\"spec\\": {\\"volumes\\": [{\\"name\\": \\"api\\", \\"hostPath\\": {\\"path\\": \\"/run/host-services/backend.sock\\", \\"type\\": \\"\\"}}, {\\"name\\": \\"vpnkit-controller-token-zm9gt\\", \\"secret\\": {\\"secretName\\": \\"vpnkit-controller-token-zm9gt\\", \\"defaultMode\\": 420}}], \\"containers\\": [{\\"name\\": \\"vpnkit-controller\\", \\"image\\": \\"docker/desktop-vpnkit-controller:v1.0\\", \\"command\\": [\\"/kube-vpnkit-forwarder\\", \\"-path\\", \\"/run/host-services/backend.sock\\"], \\"resources\\": {}, \\"volumeMounts\\": [{\\"name\\": \\"api\\", \\"mountPath\\": \\"/run/host-services/backend.sock\\"}, {\\"name\\": \\"vpnkit-controller-token-zm9gt\\", \\"readOnly\\": true, \\"mountPath\\": \\"/var/run/secrets/kubernetes.io/serviceaccount\\"}], \\"terminationMessagePath\\": \\"/dev/termination-log\\", \\"terminationMessagePolicy\\": \\"File\\", \\"imagePullPolicy\\": \\"IfNotPresent\\"}], \\"restartPolicy\\": \\"Always\\", \\"terminationGracePeriodSeconds\\": 30, \\"dnsPolicy\\": \\"ClusterFirst\\", \\"serviceAccountName\\": \\"vpnkit-controller\\", \\"serviceAccount\\": \\"vpnkit-controller\\", \\"nodeName\\": \\"docker-desktop\\", \\"securityContext\\": {}, \\"schedulerName\\": \\"default-scheduler\\", \\"tolerations\\": [{\\"key\\": \\"node.kubernetes.io/not-ready\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\", \\"tolerationSeconds\\": 300}, {\\"key\\": \\"node.kubernetes.io/unreachable\\", \\"operator\\": \\"Exists\\", \\"effect\\": \\"NoExecute\\", \\"tolerationSeconds\\": 300}], \\"priority\\": 0, \\"enableServiceLinks\\": true}, \\"metadata\\": {\\"labels\\": {\\"component\\": \\"vpnkit-controller\\"}, \\"annotations\\": {}}}"}}}'}}}
[2020-06-11 08:39:24,320] kopf.objects         [DEBUG   ] [kube-system/vpnkit-controller] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,320] kopf.objects         [DEBUG   ] [kube-system/vpnkit-controller] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,320] kopf.objects         [DEBUG   ] [kube-system/vpnkit-controller] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,320] kopf.objects         [DEBUG   ] [kube-system/vpnkit-controller] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,336] kopf.objects         [DEBUG   ] [docker/compose-78f95d4f8c-pj4pl] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,336] kopf.objects         [DEBUG   ] [docker/compose-78f95d4f8c-pj4pl] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,338] kopf.objects         [DEBUG   ] [kube-system/storage-provisioner] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,338] kopf.objects         [DEBUG   ] [kube-system/storage-provisioner] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,338] kopf.objects         [DEBUG   ] [docker/compose-78f95d4f8c-pj4pl] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,339] kopf.objects         [DEBUG   ] [docker/compose-78f95d4f8c-pj4pl] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,339] kopf.objects         [DEBUG   ] [kube-system/kube-proxy-cxcgf] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,339] kopf.objects         [DEBUG   ] [kube-system/kube-proxy-cxcgf] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,340] kopf.objects         [DEBUG   ] [kube-system/storage-provisioner] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,340] kopf.objects         [DEBUG   ] [kube-system/storage-provisioner] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,340] kopf.objects         [DEBUG   ] [kube-system/kube-apiserver-docker-desktop] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,340] kopf.objects         [DEBUG   ] [kube-system/kube-apiserver-docker-desktop] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,341] kopf.objects         [DEBUG   ] [kube-system/kube-proxy-cxcgf] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,341] kopf.objects         [DEBUG   ] [kube-system/kube-proxy-cxcgf] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,342] kopf.objects         [DEBUG   ] [kube-system/kube-apiserver-docker-desktop] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,342] kopf.objects         [DEBUG   ] [kube-system/kube-apiserver-docker-desktop] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,347] kopf.objects         [DEBUG   ] [kube-system/coredns-5644d7b6d9-qbjrv] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,347] kopf.objects         [DEBUG   ] [kube-system/coredns-5644d7b6d9-qbjrv] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,348] kopf.objects         [DEBUG   ] [kube-system/kube-scheduler-docker-desktop] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,348] kopf.objects         [DEBUG   ] [kube-system/kube-scheduler-docker-desktop] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,349] kopf.objects         [DEBUG   ] [kube-system/coredns-5644d7b6d9-qbjrv] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,349] kopf.objects         [DEBUG   ] [kube-system/coredns-5644d7b6d9-qbjrv] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,350] kopf.objects         [DEBUG   ] [kube-system/kube-scheduler-docker-desktop] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,350] kopf.objects         [DEBUG   ] [kube-system/kube-scheduler-docker-desktop] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,351] kopf.objects         [DEBUG   ] [kube-system/etcd-docker-desktop] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,351] kopf.objects         [DEBUG   ] [kube-system/etcd-docker-desktop] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,352] kopf.objects         [DEBUG   ] [kube-system/etcd-docker-desktop] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,352] kopf.objects         [DEBUG   ] [kube-system/etcd-docker-desktop] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,353] kopf.objects         [DEBUG   ] [docker/compose-api-6ffb89dc58-2fpc2] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,353] kopf.objects         [DEBUG   ] [docker/compose-api-6ffb89dc58-2fpc2] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,353] kopf.objects         [DEBUG   ] [docker/compose-api-6ffb89dc58-2fpc2] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,353] kopf.objects         [DEBUG   ] [docker/compose-api-6ffb89dc58-2fpc2] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,355] kopf.objects         [DEBUG   ] [kube-system/kube-controller-manager-docker-desktop] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,355] kopf.objects         [DEBUG   ] [kube-system/kube-controller-manager-docker-desktop] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,355] kopf.objects         [DEBUG   ] [kube-system/kube-controller-manager-docker-desktop] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,356] kopf.objects         [DEBUG   ] [kube-system/kube-controller-manager-docker-desktop] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,358] kopf.objects         [DEBUG   ] [kube-system/coredns-5644d7b6d9-vf6ft] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,358] kopf.objects         [DEBUG   ] [kube-system/coredns-5644d7b6d9-vf6ft] Something has changed, but we are not interested (the essence is the same).
[2020-06-11 08:39:24,358] kopf.objects         [DEBUG   ] [kube-system/coredns-5644d7b6d9-vf6ft] Handling cycle is finished, waiting for new changes since now.
[2020-06-11 08:39:24,358] kopf.objects         [DEBUG   ] [kube-system/coredns-5644d7b6d9-vf6ft] Handling cycle is finished, waiting for new changes since now.


$ kubectl get pod -n kube-system vpnkit-controller -oyaml
apiVersion: v1
kind: Pod
metadata:
  annotations:
    kopf.zalando.org/last-handled-configuration: '{"spec": {"volumes": [{"name": "api",
      "hostPath": {"path": "/run/host-services/backend.sock", "type": ""}}, {"name":
      "vpnkit-controller-token-zm9gt", "secret": {"secretName": "vpnkit-controller-token-zm9gt",
      "defaultMode": 420}}], "containers": [{"name": "vpnkit-controller", "image":
      "docker/desktop-vpnkit-controller:v1.0", "command": ["/kube-vpnkit-forwarder",
      "-path", "/run/host-services/backend.sock"], "resources": {}, "volumeMounts":
      [{"name": "api", "mountPath": "/run/host-services/backend.sock"}, {"name": "vpnkit-controller-token-zm9gt",
      "readOnly": true, "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"}],
      "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy":
      "File", "imagePullPolicy": "IfNotPresent"}], "restartPolicy": "Always", "terminationGracePeriodSeconds":
      30, "dnsPolicy": "ClusterFirst", "serviceAccountName": "vpnkit-controller",
      "serviceAccount": "vpnkit-controller", "nodeName": "docker-desktop", "securityContext":
      {}, "schedulerName": "default-scheduler", "tolerations": [{"key": "node.kubernetes.io/not-ready",
      "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300}, {"key":
      "node.kubernetes.io/unreachable", "operator": "Exists", "effect": "NoExecute",
      "tolerationSeconds": 300}], "priority": 0, "enableServiceLinks": true}, "metadata":
      {"labels": {"component": "vpnkit-controller"}, "annotations": {"nulloperator/last-handled-configuration":
      "{\"spec\": {\"volumes\": [{\"name\": \"api\", \"hostPath\": {\"path\": \"/run/host-services/backend.sock\",
      \"type\": \"\"}}, {\"name\": \"vpnkit-controller-token-zm9gt\", \"secret\":
      {\"secretName\": \"vpnkit-controller-token-zm9gt\", \"defaultMode\": 420}}],
      \"containers\": [{\"name\": \"vpnkit-controller\", \"image\": \"docker/desktop-vpnkit-controller:v1.0\",
      \"command\": [\"/kube-vpnkit-forwarder\", \"-path\", \"/run/host-services/backend.sock\"],
      \"resources\": {}, \"volumeMounts\": [{\"name\": \"api\", \"mountPath\": \"/run/host-services/backend.sock\"},
      {\"name\": \"vpnkit-controller-token-zm9gt\", \"readOnly\": true, \"mountPath\":
      \"/var/run/secrets/kubernetes.io/serviceaccount\"}], \"terminationMessagePath\":
      \"/dev/termination-log\", \"terminationMessagePolicy\": \"File\", \"imagePullPolicy\":
      \"IfNotPresent\"}], \"restartPolicy\": \"Always\", \"terminationGracePeriodSeconds\":
      30, \"dnsPolicy\": \"ClusterFirst\", \"serviceAccountName\": \"vpnkit-controller\",
      \"serviceAccount\": \"vpnkit-controller\", \"nodeName\": \"docker-desktop\",
      \"securityContext\": {}, \"schedulerName\": \"default-scheduler\", \"tolerations\":
      [{\"key\": \"node.kubernetes.io/not-ready\", \"operator\": \"Exists\", \"effect\":
      \"NoExecute\", \"tolerationSeconds\": 300}, {\"key\": \"node.kubernetes.io/unreachable\",
      \"operator\": \"Exists\", \"effect\": \"NoExecute\", \"tolerationSeconds\":
      300}], \"priority\": 0, \"enableServiceLinks\": true}, \"metadata\": {\"labels\":
      {\"component\": \"vpnkit-controller\"}, \"annotations\": {}}}"}}}'
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"labels":{"component":"vpnkit-controller"},"name":"vpnkit-controller","namespace":"kube-system"},"spec":{"containers":[{"command":["/kube-vpnkit-forwarder","-path","/run/host-services/backend.sock"],"image":"docker/desktop-vpnkit-controller:v1.0","imagePullPolicy":"IfNotPresent","name":"vpnkit-controller","volumeMounts":[{"mountPath":"/run/host-services/backend.sock","name":"api"}]}],"serviceAccountName":"vpnkit-controller","volumes":[{"hostPath":{"path":"/run/host-services/backend.sock"},"name":"api"}]}}
  creationTimestamp: "2020-06-11T15:29:18Z"
  labels:
    component: vpnkit-controller
  name: vpnkit-controller
  namespace: kube-system
  resourceVersion: "1635"
  selfLink: /api/v1/namespaces/kube-system/pods/vpnkit-controller
  uid: 8594161b-2d1b-46a3-898b-609a975b637c
spec:
  containers:
  - command:
    - /kube-vpnkit-forwarder
    - -path
    - /run/host-services/backend.sock
    image: docker/desktop-vpnkit-controller:v1.0
    imagePullPolicy: IfNotPresent
(snip)

Environment

  • Kopf version: 0.27
  • Kubernetes version: v1.16.6-beta.0 (docker-desktop for macos)
  • Python version: 3.7.5
  • OS/platform: macos
Python packages installed 
aiohttp==3.6.1
aiojobs==0.2.2
astroid==2.0.4
async-timeout==3.0.1
attrs==19.2.0
autopep8==1.4.2
cachetools==3.1.1
certifi==2019.9.11
chardet==3.0.4
clang==6.0.0.2
Click==7.0
colored==1.4.0
google-auth==1.6.3
idna==2.8
iso8601==0.1.12
isort==4.3.4
kopf==0.27
kubernetes==10.0.1
lazy-object-proxy==1.3.1
mccabe==0.6.1
multidict==4.5.2
oauthlib==3.1.0
pip==20.1.1
prompt-toolkit==2.0.6
pyasn1==0.4.7
pyasn1-modules==0.2.7
pycodestyle==2.4.0
pykube-ng==19.10.0
pylint==2.1.1
python-dateutil==2.8.0
PyYAML==5.1.2
requests==2.22.0
requests-oauthlib==1.2.0
rsa==4.0
setuptools==42.0.2
six==1.11.0
typing-extensions==3.7.4.2
urllib3==1.25.6
wcwidth==0.1.7
websocket-client==0.56.0
wheel==0.33.6
wrapt==1.10.11
yarl==1.3.0
@kopf-archiver kopf-archiver bot closed this as completed Aug 18, 2020
@kopf-archiver kopf-archiver bot mentioned this issue Aug 19, 2020
Closed
@kopf-archiver kopf-archiver bot changed the title [archival placeholder] Resources filtered out in event handlers still get annotated by Kopf Aug 19, 2020
@kopf-archiver kopf-archiver bot added the bug Something isn't working label Aug 19, 2020
@kopf-archiver kopf-archiver bot reopened this Aug 19, 2020
@asteven
Copy link
Contributor

asteven commented Sep 1, 2020

Same problem here with @kopf.on.resume and a when filter function.
All objects are annotated with 'kopf.zalando.org/last-handled-configuration' no matter if the when filter matched or not.

This unfortunately renders kopf almost unusable for us as it means that kopf demands 'patch' access to basically all resources even if they are only watched and RBAC could be restricted otherwise (e.g. to get, list, watch).

Would be very glad if this could be addressed soon.
If you can point me in the right direction and/or give a high level overview of the flow I can try to put together a PR.
I did have a quick look, but the codebase seems quite abstract, it seem it would take quite some time investment to find my way around.

@nolar nolar self-assigned this Sep 2, 2020
@asteven
Copy link
Contributor

asteven commented Sep 2, 2020

This unfortunately renders kopf almost unusable for us as it means that kopf demands 'patch' access to basically all resources even if they are only watched and RBAC could be restricted otherwise (e.g. to get, list, watch).

Reading through all this again the RBAC related problems are probably caused by me using kopf wrongly.
It seems for any read-only watching of resources I need to use @kopf.on.event and not things like @kopf.on.resume.
Sorry for the noise.

@nolar
Copy link
Owner

nolar commented Sep 2, 2020

@asteven Don't worry, this is not the noise. Indeed, if the object is filtered out, Kopf should be completely blind to it, including the annotations — i.e. not to put them.

This behaviour is especially important with, for example, namespace filtering: if only the namespaces "teamname-*-pr-featurename" are configured for filter via the when= callback, then the operator definitely should not annotate or modify the objects in the namespaces like "teamname-appname-live" or "teamname-appname-pr-featurename", where other operators do their own job. Cross-operator ping-pong or loss of causation is one of the most difficult bugs to investigate (i.e. "who did change my last-seen state?" kind of questions).

This should be easily fixable, I hope. I'll take a look now.

@nolar nolar mentioned this issue Sep 12, 2020
Merged
5 tasks
@mhulscher
Copy link

@nolar Unfortunately, this is still a problem for me. I have a @kopf.on.field handler with a when= filter to check for label changes. The filter returns true only if a change was made to a particular label. Even if the when= filter returns false, kopf still applies the /last-handled-configuration annotation to the object. And yes, I am sure that the filter returns False 😅 . When running kopf in debug mode, kopf logs the following:

[2022-01-12 16:01:08,067] kopf.objects         [DEBUG   ] [mitch] Something has changed, but we are not interested (the essence is the same).

The handler looks like this:

@kopf.on.field('', 'v1', 'namespaces', field='metadata.labels', when=lambda old, new, **_:
               helpers.metadata_field_contains_key_change(old, new, 'labels', ["my-label.example.com"]))

Any idea what I might be doing wrong?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nolar nolar

Labels
archive bug Something isn't working
Projects
None yet
Milestone
28: stability, resilience, logging
Development

Successfully merging a pull request may close this issue.

Stealth mode for filtered out resources nolar/kopf
3 participants
@nolar @asteven @mhulscher