apiVersion: v1 kind: Pod metadata: annotations: cluster-autoscaler.kubernetes.io/safe-to-evict: "true" container.apparmor.security.beta.kubernetes.io/node-exporter: unconfined creationTimestamp: "2026-04-15T18:53:53Z" generateName: kube-prometheus-stack-prometheus-node-exporter- labels: app.kubernetes.io/component: metrics app.kubernetes.io/instance: kube-prometheus-stack app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: prometheus-node-exporter app.kubernetes.io/part-of: prometheus-node-exporter app.kubernetes.io/version: 1.8.1 controller-revision-hash: 6f87bd9c74 helm.sh/chart: prometheus-node-exporter-4.36.0 jobLabel: node-exporter pod-template-generation: "1" release: kube-prometheus-stack name: kube-prometheus-stack-prometheus-node-exporter-fg7mp namespace: monitoring ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: DaemonSet name: kube-prometheus-stack-prometheus-node-exporter uid: 28cedb49-3941-4788-b0c2-9b2177ed607d resourceVersion: "5323" uid: 6f5c0f20-f346-4490-b204-b419ee44d2f9 spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchFields: - key: metadata.name operator: In values: - instance automountServiceAccountToken: true containers: - args: - --path.procfs=/host/proc - --path.sysfs=/host/sys - --path.rootfs=/host/root - --path.udev.data=/host/root/run/udev/data - --web.listen-address=[$(HOST_IP)]:9100 - --collector.diskstats.ignored-devices=^(ram|loop|nbd|fd|(h|s|v|xv)d[a-z]|nvme\\d+n\\d+p)\\d+$ - --collector.filesystem.fs-types-exclude=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|fuse.squashfuse_ll|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$ - --collector.filesystem.mount-points-exclude=^/(dev|proc|run/credentials/.+|sys|var/lib/docker/.+|var/lib/kubelet/pods/.+|var/lib/kubelet/plugins/kubernetes.io/csi/.+|run/containerd/.+)($|/) - --collector.netclass.ignored-devices=^(lxc|cilium_|qbr|qvb|qvo|tap|ovs-system|br|tbr|gre_sys|[0-9a-f]+_eth|vxlan).*$ - --collector.netdev.device-exclude=^(lxc|cilium_|qbr|qvb|qvo|tap|ovs-system|br|tbr|gre_sys|[0-9a-f]+_eth|vxlan).*$ - --collector.processes - --collector.systemd - --collector.stat.softirq - --web.config.file=/config/node-exporter.yml env: - name: HOST_IP value: 0.0.0.0 image: harbor.atmosphere.dev/quay.io/prometheus/node-exporter:v1.8.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 httpGet: path: / port: 9100 scheme: HTTPS periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 name: node-exporter ports: - containerPort: 9100 hostPort: 9100 name: http-metrics protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: / port: 9100 scheme: HTTPS periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 resources: {} securityContext: readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /host/proc name: proc readOnly: true - mountPath: /host/sys name: sys readOnly: true - mountPath: /host/root mountPropagation: HostToContainer name: root readOnly: true - mountPath: /certs name: certs readOnly: true - mountPath: /config name: kube-prometheus-stack-node-exporter - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-nj4zf readOnly: true - args: - --template=/config/certificate-template.yml - --ca-path=/certs/ca.crt - --cert-path=/certs/tls.crt - --key-path=/certs/tls.key env: - name: POD_UID valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.uid - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - name: POD_IP valueFrom: fieldRef: apiVersion: v1 fieldPath: status.podIP image: harbor.atmosphere.dev/ghcr.io/vexxhost/pod-tls-sidecar:v1.0.0 imagePullPolicy: IfNotPresent name: pod-tls-sidecar resources: {} securityContext: readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /certs name: certs - mountPath: /config name: kube-prometheus-stack-node-exporter - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-nj4zf readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true hostNetwork: true hostPID: true nodeName: instance nodeSelector: kubernetes.io/os: linux preemptionPolicy: PreemptLowerPriority priority: 0 restartPolicy: Always schedulerName: default-scheduler securityContext: fsGroup: 65534 runAsGroup: 65534 runAsNonRoot: true runAsUser: 65534 serviceAccount: kube-prometheus-stack-prometheus-node-exporter serviceAccountName: kube-prometheus-stack-prometheus-node-exporter terminationGracePeriodSeconds: 30 tolerations: - effect: NoSchedule operator: Exists - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists - effect: NoSchedule key: node.kubernetes.io/disk-pressure operator: Exists - effect: NoSchedule key: node.kubernetes.io/memory-pressure operator: Exists - effect: NoSchedule key: node.kubernetes.io/pid-pressure operator: Exists - effect: NoSchedule key: node.kubernetes.io/unschedulable operator: Exists - effect: NoSchedule key: node.kubernetes.io/network-unavailable operator: Exists volumes: - hostPath: path: /proc type: "" name: proc - hostPath: path: /sys type: "" name: sys - hostPath: path: / type: "" name: root - emptyDir: medium: Memory name: certs - configMap: defaultMode: 420 name: kube-prometheus-stack-node-exporter name: kube-prometheus-stack-node-exporter - name: kube-api-access-nj4zf projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace status: conditions: - lastProbeTime: null lastTransitionTime: "2026-04-15T18:53:53Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2026-04-15T18:54:19Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2026-04-15T18:54:19Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2026-04-15T18:53:53Z" status: "True" type: PodScheduled containerStatuses: - containerID: containerd://fff71b7ac8f1ed802e4788d238c38e198b75c150c0dab007cf975e4dc9b8f1fe image: harbor.atmosphere.dev/quay.io/prometheus/node-exporter:v1.8.1 imageID: harbor.atmosphere.dev/quay.io/prometheus/node-exporter@sha256:fa7fa12a57eff607176d5c363d8bb08dfbf636b36ac3cb5613a202f3c61a6631 lastState: terminated: containerID: containerd://7e04f224fcaa8fa0fa3394f6e28d2ca0ce013b22c2be6a84639d5d752a7dafba exitCode: 1 finishedAt: "2026-04-15T18:54:02Z" reason: Error startedAt: "2026-04-15T18:54:02Z" name: node-exporter ready: true restartCount: 2 started: true state: running: startedAt: "2026-04-15T18:54:19Z" - containerID: containerd://911cca1550aaf1be0525fc3a3740c549f98d87032f828ffa8185fb564013bf0d image: harbor.atmosphere.dev/ghcr.io/vexxhost/pod-tls-sidecar:v1.0.0 imageID: harbor.atmosphere.dev/ghcr.io/vexxhost/pod-tls-sidecar@sha256:7a030f8b86c1503006e7d82312a3c8e98769c3b8e3a2e834aee3c60df184161a lastState: {} name: pod-tls-sidecar ready: true restartCount: 0 started: true state: running: startedAt: "2026-04-15T18:54:02Z" hostIP: 199.204.45.69 phase: Running podIP: 199.204.45.69 podIPs: - ip: 199.204.45.69 qosClass: BestEffort startTime: "2026-04-15T18:53:53Z"