Name: cilium Selector: k8s-app=cilium Node-Selector: kubernetes.io/os=linux Labels: app.kubernetes.io/managed-by=Helm app.kubernetes.io/name=cilium-agent app.kubernetes.io/part-of=cilium k8s-app=cilium Annotations: deprecated.daemonset.template.generation: 1 meta.helm.sh/release-name: cilium meta.helm.sh/release-namespace: kube-system Desired Number of Nodes Scheduled: 1 Current Number of Nodes Scheduled: 1 Number of Nodes Scheduled with Up-to-date Pods: 1 Number of Nodes Scheduled with Available Pods: 1 Number of Nodes Misscheduled: 0 Pods Status: 1 Running / 0 Waiting / 0 Succeeded / 0 Failed Pod Template: Labels: app.kubernetes.io/name=cilium-agent app.kubernetes.io/part-of=cilium k8s-app=cilium Annotations: container.apparmor.security.beta.kubernetes.io/apply-sysctl-overwrites: unconfined container.apparmor.security.beta.kubernetes.io/cilium-agent: unconfined container.apparmor.security.beta.kubernetes.io/clean-cilium-state: unconfined container.apparmor.security.beta.kubernetes.io/mount-cgroup: unconfined Service Account: cilium Init Containers: config: Image: harbor.atmosphere.dev/quay.io/cilium/cilium:v1.14.8 Port: Host Port: Command: cilium build-config Environment: K8S_NODE_NAME: (v1:spec.nodeName) CILIUM_K8S_NAMESPACE: (v1:metadata.namespace) Mounts: /tmp from tmp (rw) mount-cgroup: Image: harbor.atmosphere.dev/quay.io/cilium/cilium:v1.14.8 Port: Host Port: Command: sh -ec cp /usr/bin/cilium-mount /hostbin/cilium-mount; nsenter --cgroup=/hostproc/1/ns/cgroup --mount=/hostproc/1/ns/mnt "${BIN_PATH}/cilium-mount" $CGROUP_ROOT; rm /hostbin/cilium-mount Environment: CGROUP_ROOT: /run/cilium/cgroupv2 BIN_PATH: /opt/cni/bin Mounts: /hostbin from cni-path (rw) /hostproc from hostproc (rw) apply-sysctl-overwrites: Image: harbor.atmosphere.dev/quay.io/cilium/cilium:v1.14.8 Port: Host Port: Command: sh -ec cp /usr/bin/cilium-sysctlfix /hostbin/cilium-sysctlfix; nsenter --mount=/hostproc/1/ns/mnt "${BIN_PATH}/cilium-sysctlfix"; rm /hostbin/cilium-sysctlfix Environment: BIN_PATH: /opt/cni/bin Mounts: /hostbin from cni-path (rw) /hostproc from hostproc (rw) mount-bpf-fs: Image: harbor.atmosphere.dev/quay.io/cilium/cilium:v1.14.8 Port: Host Port: Command: /bin/bash -c -- Args: mount | grep "/sys/fs/bpf type bpf" || mount -t bpf bpf /sys/fs/bpf Environment: Mounts: /sys/fs/bpf from bpf-maps (rw) clean-cilium-state: Image: harbor.atmosphere.dev/quay.io/cilium/cilium:v1.14.8 Port: Host Port: Command: /init-container.sh Environment: CILIUM_ALL_STATE: Optional: true CILIUM_BPF_STATE: Optional: true Mounts: /run/cilium/cgroupv2 from cilium-cgroup (rw) /sys/fs/bpf from bpf-maps (rw) /var/run/cilium from cilium-run (rw) install-cni-binaries: Image: harbor.atmosphere.dev/quay.io/cilium/cilium:v1.14.8 Port: Host Port: Command: /install-plugin.sh Requests: cpu: 100m memory: 10Mi Environment: Mounts: /host/opt/cni/bin from cni-path (rw) Containers: cilium-agent: Image: harbor.atmosphere.dev/quay.io/cilium/cilium:v1.14.8 Port: Host Port: Command: cilium-agent Args: --config-dir=/tmp/cilium/config-map Liveness: http-get http://127.0.0.1:9879/healthz delay=0s timeout=5s period=30s #success=1 #failure=10 Readiness: http-get http://127.0.0.1:9879/healthz delay=0s timeout=5s period=30s #success=1 #failure=3 Startup: http-get http://127.0.0.1:9879/healthz delay=0s timeout=1s period=2s #success=1 #failure=105 Environment: K8S_NODE_NAME: (v1:spec.nodeName) CILIUM_K8S_NAMESPACE: (v1:metadata.namespace) CILIUM_CLUSTERMESH_CONFIG: /var/lib/cilium/clustermesh/ Mounts: /host/etc/cni/net.d from etc-cni-netd (rw) /host/proc/sys/kernel from host-proc-sys-kernel (rw) /host/proc/sys/net from host-proc-sys-net (rw) /lib/modules from lib-modules (ro) /run/xtables.lock from xtables-lock (rw) /sys/fs/bpf from bpf-maps (rw) /tmp from tmp (rw) /var/lib/cilium/clustermesh from clustermesh-secrets (ro) /var/run/cilium from cilium-run (rw) Volumes: tmp: Type: EmptyDir (a temporary directory that shares a pod's lifetime) Medium: SizeLimit: cilium-run: Type: HostPath (bare host directory volume) Path: /var/run/cilium HostPathType: DirectoryOrCreate bpf-maps: Type: HostPath (bare host directory volume) Path: /sys/fs/bpf HostPathType: DirectoryOrCreate hostproc: Type: HostPath (bare host directory volume) Path: /proc HostPathType: Directory cilium-cgroup: Type: HostPath (bare host directory volume) Path: /run/cilium/cgroupv2 HostPathType: DirectoryOrCreate cni-path: Type: HostPath (bare host directory volume) Path: /opt/cni/bin HostPathType: DirectoryOrCreate etc-cni-netd: Type: HostPath (bare host directory volume) Path: /etc/cni/net.d HostPathType: DirectoryOrCreate lib-modules: Type: HostPath (bare host directory volume) Path: /lib/modules HostPathType: xtables-lock: Type: HostPath (bare host directory volume) Path: /run/xtables.lock HostPathType: FileOrCreate clustermesh-secrets: Type: Projected (a volume that contains injected data from multiple sources) SecretName: cilium-clustermesh SecretOptionalName: 0xc000b95648 SecretName: clustermesh-apiserver-remote-cert SecretOptionalName: 0xc000b956fe host-proc-sys-net: Type: HostPath (bare host directory volume) Path: /proc/sys/net HostPathType: Directory host-proc-sys-kernel: Type: HostPath (bare host directory volume) Path: /proc/sys/kernel HostPathType: Directory Priority Class Name: system-node-critical Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal SuccessfulCreate 24m daemonset-controller Created pod: cilium-2tjhv