Kubernetes/Containers Tips and Tricks
=====================================
Quickly spin up a Pod with a running shell to test stuff
--------------------------------------------------------
```
kubectl run my-shell --rm -i --tty --image ubuntu -- bash
```
Create docker pull secret
-------------------------
```
kubectl create secret docker-registry regcred --docker-server=https://ghcr.io --docker-username=udder-machine --docker-password=password --docker-email=email
# inspect
kubectl get secret regcred --output=yaml
```
Strimzi Operator
----------------
Always use at least 3 replicas of Kafka and ZooKeeper otherwise it will probably not work.
###### tags: `k8s` `ops`
Find container with high memory consumption on node
---------------------------------------------------
```
ps aux --sort -rss
```
example output
```
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 4601 12.0 22.4 3630904 885752 ? Ssl Sep07 2771:07 /usr/bin/java -jar spigot.jar --nogui
root 16242 11.9 21.0 3621644 828592 ? Ssl Sep03 3421:56 /usr/bin/java -jar spigot.jar --nogui
root 16144 11.8 18.0 3610596 711864 ? Ssl 19:51 5:42 /usr/bin/java -jar spigot.jar --nogui
1001 16197 0.5 4.6 3038844 184776 ? Sl 19:51 0:16 java -Xms389236653 -Xmx389236653 -server -XX:+UseG1GC -XX:MaxGCPauseMillis=20 -XX:InitiatingHeapOccupancyPercent=35 -XX:+ExplicitGCInvokesConcurrent
root 19214 0.7 4.4 3524268 175500 ? Ssl Sep03 224:10 /usr/bin/java -jar proxy.jar
root 3582 0.8 2.5 1355604 99712 ? Ssl May27 1488:09 /usr/bin/containerd
root 15952 0.6 2.1 770888 85072 ? Ssl 19:51 0:18 cilium-agent --config-dir=/tmp/cilium/config-map
root 6809 2.9 1.6 2073172 66480 ? Ssl May27 5110:48 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var/lib/kubelet/c
root 315 0.0 1.0 78052 42952 ? Ss May27 130:37 /lib/systemd/systemd-journald
9987 21335 0.6 0.4 40168 19176 ? Ssl Jun21 885:44 ts3server inifile=/var/run/ts3server/ts3server.ini
root 16081 0.0 0.4 715076 16552 ? Ssl 19:51 0:01 /bin/hcloud-csi-driver
root 8054 0.1 0.2 113376 9404 ? Sl May27 299:19 /usr/bin/containerd-shim-runc-v2 -namespace k8s.io -id ccd25c1d250f214cfae9433cd8b709c5243e82c3670aaeff4c79cdd45fc440db -address /run/containerd/cont
root 17600 0.0 0.2 720384 7944 ? Ssl Sep03 3:08 ./app
```
**note**: the pid from the process running inside the container.
retrieve container id
```
cat /proc/$PID/cgroup
```
example output
```
11:devices:/kubepods/besteffort/pod5eef3865-1dbc-4fdb-8cf1-464bcb8b3059/159f39ecfcddcc4815cde768a68b6e5db6209b19ab97f3eb9ff33fe25e2de68f
10:memory:/kubepods/besteffort/pod5eef3865-1dbc-4fdb-8cf1-464bcb8b3059/159f39ecfcddcc4815cde768a68b6e5db6209b19ab97f3eb9ff33fe25e2de68f
9:perf_event:/kubepods/besteffort/pod5eef3865-1dbc-4fdb-8cf1-464bcb8b3059/159f39ecfcddcc4815cde768a68b6e5db6209b19ab97f3eb9ff33fe25e2de68f
8:rdma:/
7:pids:/kubepods/besteffort/pod5eef3865-1dbc-4fdb-8cf1-464bcb8b3059/159f39ecfcddcc4815cde768a68b6e5db6209b19ab97f3eb9ff33fe25e2de68f
6:blkio:/kubepods/besteffort/pod5eef3865-1dbc-4fdb-8cf1-464bcb8b3059/159f39ecfcddcc4815cde768a68b6e5db6209b19ab97f3eb9ff33fe25e2de68f
5:cpu,cpuacct:/kubepods/besteffort/pod5eef3865-1dbc-4fdb-8cf1-464bcb8b3059/159f39ecfcddcc4815cde768a68b6e5db6209b19ab97f3eb9ff33fe25e2de68f
4:net_cls,net_prio:/kubepods/besteffort/pod5eef3865-1dbc-4fdb-8cf1-464bcb8b3059/159f39ecfcddcc4815cde768a68b6e5db6209b19ab97f3eb9ff33fe25e2de68f
3:freezer:/kubepods/besteffort/pod5eef3865-1dbc-4fdb-8cf1-464bcb8b3059/159f39ecfcddcc4815cde768a68b6e5db6209b19ab97f3eb9ff33fe25e2de68f
2:cpuset:/kubepods/besteffort/pod5eef3865-1dbc-4fdb-8cf1-464bcb8b3059/159f39ecfcddcc4815cde768a68b6e5db6209b19ab97f3eb9ff33fe25e2de68f
1:name=systemd:/kubepods/besteffort/pod5eef3865-1dbc-4fdb-8cf1-464bcb8b3059/159f39ecfcddcc4815cde768a68b6e5db6209b19ab97f3eb9ff33fe25e2de68f
0::/system.slice/containerd.service
```
the container id is the hex string after the last `/`. In this case it's `159f39ecfcddcc4815cde768a68b6e5db6209b19ab97f3eb9ff33fe25e2de68f`
then ask `containerd` for container info
```
ctr --namespace k8s.io c info $CONTAINER_ID
```
example output
```
ctr --namespace k8s.io c info 159f39ecfcddcc4815cde768a68b6e5db6209b19ab97f3eb9ff33fe25e2de68f
{
"ID": "159f39ecfcddcc4815cde768a68b6e5db6209b19ab97f3eb9ff33fe25e2de68f",
"Labels": {
"io.cri-containerd.kind": "container",
"io.kubernetes.container.name": "service",
"io.kubernetes.pod.name": "lobby-646484d448-ww2h2",
"io.kubernetes.pod.namespace": "minecraft",
"io.kubernetes.pod.uid": "5eef3865-1dbc-4fdb-8cf1-464bcb8b3059"
},
"Image": "ghcr.io/cownetwork/lobby:v0.25.3",
"Runtime": {
"Name": "io.containerd.runc.v2",
"Options": {
"type_url": "containerd.runc.v1.Options"
}
},
"SnapshotKey": "159f39ecfcddcc4815cde768a68b6e5db6209b19ab97f3eb9ff33fe25e2de68f",
"Snapshotter": "overlayfs",
"CreatedAt": "2021-09-23T17:51:33.788469651Z",
"UpdatedAt": "2021-09-23T17:51:33.788469651Z",
"Extensions": {
"io.cri-containerd.container.metadata": {
"type_url": "github.com/containerd/cri/pkg/store/container/Metadata",
"value": "eyJWZXJzaW9uIjoidjEiLCJNZXRhZGF0YSI6eyJJRCI6IjE1OWYzOWVjZmNkZGNjNDgxNWNkZTc2OGE2OGI2ZTVkYjYyMDliMTlhYjk3ZjNlYjlmZjMzZmUyNWUyZGU2OGYiLCJOYW1lIjoic2VydmljZV9sb2JieS02NDY0ODRkNDQ4LXd3MmgyX21pbmVjcmFmdF81ZWVmMzg2NS0xZGJjLTRmZGItOGNmMS00NjRiY2I4YjMwNTlfMyIsIlNhbmRib3hJRCI6IjcyYTQ2ZWQ2ZTYyMDZlY2ZiNmM2MTQyMDliYTU4N2M2MTc2Y2MwOThiOThiNThmMDQwMzQyZThlMzU0OWE3ZWIiLCJDb25maWciOnsibWV0YWRhdGEiOnsibmFtZSI6InNlcnZpY2UiLCJhdHRlbXB0IjozfSwiaW1hZ2UiOnsiaW1hZ2UiOiJzaGEyNTY6YjMzMzM3NmZhY2ZjYzZkOTIyZjRlYTU0Zjk0NjExMzY1YjIyYmUxNGVhZmExNjEyYTk3MGEwYWUxODNhZTA3MSJ9LCJlbnZzIjpbeyJrZXkiOiJMT0JCWV9QT1JUXzI1NTY1X1RDUF9QUk9UTyIsInZhbHVlIjoidGNwIn0seyJrZXkiOiJMT0JCWV9QT1JUXzI1NTY1X1RDUF9QT1JUIiwidmFsdWUiOiIyNTU2NSJ9LHsia2V5IjoiS1VCRVJORVRFU19TRVJWSUNFX0hPU1QiLCJ2YWx1ZSI6IjEwLjk2LjAuMSJ9LHsia2V5IjoiVkVMT0NJVFlfU0VSVklDRV9QT1JUIiwidmFsdWUiOiIyNTU3NyJ9LHsia2V5IjoiVkVMT0NJVFlfUE9SVF8yNTU3N19UQ1BfUFJPVE8iLCJ2YWx1ZSI6InRjcCJ9LHsia2V5IjoiTE9CQllfUE9SVF8yNTU2NV9UQ1BfQUREUiIsInZhbHVlIjoiMTAuOTYuNy4xMTMifSx7ImtleSI6IlBJWExFUlNfUE9SVF8yNTU2NV9UQ1BfQUREUiIsInZhbHVlIjoiMTAuMTA3LjM0LjE5MSJ9LHsia2V5IjoiS1VCRVJORVRFU19QT1JUXzQ0M19UQ1BfUFJPVE8iLCJ2YWx1ZSI6InRjcCJ9LHsia2V5IjoiVkVMT0NJVFlfU0VSVklDRV9IT1NUIiwidmFsdWUiOiIxMC4xMDQuMTkzLjIzOCJ9LHsia2V5IjoiVkVMT0NJVFlfUE9SVF8yNTU3N19UQ1AiLCJ2YWx1ZSI6InRjcDovLzEwLjEwNC4xOTMuMjM4OjI1NTc3In0seyJrZXkiOiJQSVhMRVJTX1NFUlZJQ0VfUE9SVCIsInZhbHVlIjoiMjU1NjUifSx7ImtleSI6IlBJWExFUlNfUE9SVF8yNTU2NV9UQ1BfUE9SVCIsInZhbHVlIjoiMjU1NjUifSx7ImtleSI6IktVQkVSTkVURVNfUE9SVF80NDNfVENQX1BPUlQiLCJ2YWx1ZSI6IjQ0MyJ9LHsia2V5IjoiTE9CQllfU0VSVklDRV9IT1NUIiwidmFsdWUiOiIxMC45Ni43LjExMyJ9LHsia2V5IjoiTE9CQllfUE9SVCIsInZhbHVlIjoidGNwOi8vMTAuOTYuNy4xMTM6MjU1NjUifSx7ImtleSI6IlBJWExFUlNfUE9SVF8yNTU2NV9UQ1AiLCJ2YWx1ZSI6InRjcDovLzEwLjEwNy4zNC4xOTE6MjU1NjUifSx7ImtleSI6IktVQkVSTkVURVNfUE9SVCIsInZhbHVlIjoidGNwOi8vMTAuOTYuMC4xOjQ0MyJ9LHsia2V5IjoiVkVMT0NJVFlfUE9SVCIsInZhbHVlIjoidGNwOi8vMTAuMTA0LjE5My4yMzg6MjU1NzcifSx7ImtleSI6IlBJWExFUlNfU0VSVklDRV9IT1NUIiwidmFsdWUiOiIxMC4xMDcuMzQuMTkxIn0seyJrZXkiOiJQSVhMRVJTX1BPUlRfMjU1NjVfVENQX1BST1RPIiwidmFsdWUiOiJ0Y3AifSx7ImtleSI6IktVQkVSTkVURVNfU0VSVklDRV9QT1JUIiwidmFsdWUiOiI0NDMifSx7ImtleSI6IkxPQkJZX1NFUlZJQ0VfUE9SVCIsInZhbHVlIjoiMjU1NjUifSx7ImtleSI6IlBJWExFUlNfUE9SVCIsInZhbHVlIjoidGNwOi8vMTAuMTA3LjM0LjE5MToyNTU2NSJ9LHsia2V5IjoiS1VCRVJORVRFU19QT1JUXzQ0M19UQ1AiLCJ2YWx1ZSI6InRjcDovLzEwLjk2LjAuMTo0NDMifSx7ImtleSI6IlZFTE9DSVRZX1BPUlRfMjU1NzdfVENQX0FERFIiLCJ2YWx1ZSI6IjEwLjEwNC4xOTMuMjM4In0seyJrZXkiOiJMT0JCWV9QT1JUXzI1NTY1X1RDUCIsInZhbHVlIjoidGNwOi8vMTAuOTYuNy4xMTM6MjU1NjUifSx7ImtleSI6IktVQkVSTkVURVNfU0VSVklDRV9QT1JUX0hUVFBTIiwidmFsdWUiOiI0NDMifSx7ImtleSI6IktVQkVSTkVURVNfUE9SVF80NDNfVENQX0FERFIiLCJ2YWx1ZSI6IjEwLjk2LjAuMSJ9LHsia2V5IjoiVkVMT0NJVFlfUE9SVF8yNTU3N19UQ1BfUE9SVCIsInZhbHVlIjoiMjU1NzcifV0sIm1vdW50cyI6W3siY29udGFpbmVyX3BhdGgiOiIvdmFyL3J1bi9zZWNyZXRzL2t1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQiLCJob3N0X3BhdGgiOiIvdmFyL2xpYi9rdWJlbGV0L3BvZHMvNWVlZjM4NjUtMWRiYy00ZmRiLThjZjEtNDY0YmNiOGIzMDU5L3ZvbHVtZXMva3ViZXJuZXRlcy5pb35zZWNyZXQvZGVmYXVsdC10b2tlbi1zejZrayIsInJlYWRvbmx5Ijp0cnVlfSx7ImNvbnRhaW5lcl9wYXRoIjoiL2V0Yy9ob3N0cyIsImhvc3RfcGF0aCI6Ii92YXIvbGliL2t1YmVsZXQvcG9kcy81ZWVmMzg2NS0xZGJjLTRmZGItOGNmMS00NjRiY2I4YjMwNTkvZXRjLWhvc3RzIn0seyJjb250YWluZXJfcGF0aCI6Ii9kZXYvdGVybWluYXRpb24tbG9nIiwiaG9zdF9wYXRoIjoiL3Zhci9saWIva3ViZWxldC9wb2RzLzVlZWYzODY1LTFkYmMtNGZkYi04Y2YxLTQ2NGJjYjhiMzA1OS9jb250YWluZXJzL3NlcnZpY2UvMWFmMzA5Y2UifV0sImxhYmVscyI6eyJpby5rdWJlcm5ldGVzLmNvbnRhaW5lci5uYW1lIjoic2VydmljZSIsImlvLmt1YmVybmV0ZXMucG9kLm5hbWUiOiJsb2JieS02NDY0ODRkNDQ4LXd3MmgyIiwiaW8ua3ViZXJuZXRlcy5wb2QubmFtZXNwYWNlIjoibWluZWNyYWZ0IiwiaW8ua3ViZXJuZXRlcy5wb2QudWlkIjoiNWVlZjM4NjUtMWRiYy00ZmRiLThjZjEtNDY0YmNiOGIzMDU5In0sImFubm90YXRpb25zIjp7ImlvLmt1YmVybmV0ZXMuY29udGFpbmVyLmhhc2giOiJjYzZhM2YzNSIsImlvLmt1YmVybmV0ZXMuY29udGFpbmVyLnBvcnRzIjoiW3tcImNvbnRhaW5lclBvcnRcIjoyNTU2NSxcInByb3RvY29sXCI6XCJUQ1BcIn1dIiwiaW8ua3ViZXJuZXRlcy5jb250YWluZXIucmVzdGFydENvdW50IjoiMyIsImlvLmt1YmVybmV0ZXMuY29udGFpbmVyLnRlcm1pbmF0aW9uTWVzc2FnZVBhdGgiOiIvZGV2L3Rlcm1pbmF0aW9uLWxvZyIsImlvLmt1YmVybmV0ZXMuY29udGFpbmVyLnRlcm1pbmF0aW9uTWVzc2FnZVBvbGljeSI6IkZpbGUiLCJpby5rdWJlcm5ldGVzLnBvZC50ZXJtaW5hdGlvbkdyYWNlUGVyaW9kIjoiMzAifSwibG9nX3BhdGgiOiJzZXJ2aWNlLzMubG9nIiwibGludXgiOnsicmVzb3VyY2VzIjp7ImNwdV9wZXJpb2QiOjEwMDAwMCwiY3B1X3NoYXJlcyI6Miwib29tX3Njb3JlX2FkaiI6MTAwMCwiaHVnZXBhZ2VfbGltaXRzIjpbeyJwYWdlX3NpemUiOiIxR0IifSx7InBhZ2Vfc2l6ZSI6IjJNQiJ9XX0sInNlY3VyaXR5X2NvbnRleHQiOnsibmFtZXNwYWNlX29wdGlvbnMiOnsicGlkIjoxfSwicnVuX2FzX3VzZXIiOnt9LCJtYXNrZWRfcGF0aHMiOlsiL3Byb2MvYWNwaSIsIi9wcm9jL2tjb3JlIiwiL3Byb2Mva2V5cyIsIi9wcm9jL2xhdGVuY3lfc3RhdHMiLCIvcHJvYy90aW1lcl9saXN0IiwiL3Byb2MvdGltZXJfc3RhdHMiLCIvcHJvYy9zY2hlZF9kZWJ1ZyIsIi9wcm9jL3Njc2kiLCIvc3lzL2Zpcm13YXJlIl0sInJlYWRvbmx5X3BhdGhzIjpbIi9wcm9jL2Fzb3VuZCIsIi9wcm9jL2J1cyIsIi9wcm9jL2ZzIiwiL3Byb2MvaXJxIiwiL3Byb2Mvc3lzIiwiL3Byb2Mvc3lzcnEtdHJpZ2dlciJdfX19LCJJbWFnZVJlZiI6InNoYTI1NjpiMzMzMzc2ZmFjZmNjNmQ5MjJmNGVhNTRmOTQ2MTEzNjViMjJiZTE0ZWFmYTE2MTJhOTcwYTBhZTE4M2FlMDcxIiwiTG9nUGF0aCI6Ii92YXIvbG9nL3BvZHMvbWluZWNyYWZ0X2xvYmJ5LTY0NjQ4NGQ0NDgtd3cyaDJfNWVlZjM4NjUtMWRiYy00ZmRiLThjZjEtNDY0YmNiOGIzMDU5L3NlcnZpY2UvMy5sb2ciLCJTdG9wU2lnbmFsIjoiIiwiUHJvY2Vzc0xhYmVsIjoiIn19"
}
},
"Spec": {
"ociVersion": "1.0.2-dev",
"process": {
"user": {
"uid": 0,
"gid": 0
},
"args": [
"/usr/bin/java",
"-jar",
"spigot.jar",
"--nogui"
],
"env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"HOSTNAME=lobby-646484d448-ww2h2",
"JAVA_VERSION=11.0.11",
"LANG=C.UTF-8",
"SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt",
"JAVA_TOOL_OPTIONS=-Dcom.mojang.eula.agree=true",
"LOBBY_PORT_25565_TCP_PROTO=tcp",
"LOBBY_PORT_25565_TCP_PORT=25565",
"KUBERNETES_SERVICE_HOST=10.96.0.1",
"VELOCITY_SERVICE_PORT=25577",
"VELOCITY_PORT_25577_TCP_PROTO=tcp",
"LOBBY_PORT_25565_TCP_ADDR=10.96.7.113",
"PIXLERS_PORT_25565_TCP_ADDR=10.107.34.191",
"KUBERNETES_PORT_443_TCP_PROTO=tcp",
"VELOCITY_SERVICE_HOST=10.104.193.238",
"VELOCITY_PORT_25577_TCP=tcp://10.104.193.238:25577",
"PIXLERS_SERVICE_PORT=25565",
"PIXLERS_PORT_25565_TCP_PORT=25565",
"KUBERNETES_PORT_443_TCP_PORT=443",
"LOBBY_SERVICE_HOST=10.96.7.113",
"LOBBY_PORT=tcp://10.96.7.113:25565",
"PIXLERS_PORT_25565_TCP=tcp://10.107.34.191:25565",
"KUBERNETES_PORT=tcp://10.96.0.1:443",
"VELOCITY_PORT=tcp://10.104.193.238:25577",
"PIXLERS_SERVICE_HOST=10.107.34.191",
"PIXLERS_PORT_25565_TCP_PROTO=tcp",
"KUBERNETES_SERVICE_PORT=443",
"LOBBY_SERVICE_PORT=25565",
"PIXLERS_PORT=tcp://10.107.34.191:25565",
"KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443",
"VELOCITY_PORT_25577_TCP_ADDR=10.104.193.238",
"LOBBY_PORT_25565_TCP=tcp://10.96.7.113:25565",
"KUBERNETES_SERVICE_PORT_HTTPS=443",
"KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1",
"VELOCITY_PORT_25577_TCP_PORT=25577"
],
"cwd": "/opt/spigot",
"capabilities": {
"bounding": [
"CAP_CHOWN",
"CAP_DAC_OVERRIDE",
"CAP_FSETID",
"CAP_FOWNER",
"CAP_MKNOD",
"CAP_NET_RAW",
"CAP_SETGID",
"CAP_SETUID",
"CAP_SETFCAP",
"CAP_SETPCAP",
"CAP_NET_BIND_SERVICE",
"CAP_SYS_CHROOT",
"CAP_KILL",
"CAP_AUDIT_WRITE"
],
"effective": [
"CAP_CHOWN",
"CAP_DAC_OVERRIDE",
"CAP_FSETID",
"CAP_FOWNER",
"CAP_MKNOD",
"CAP_NET_RAW",
"CAP_SETGID",
"CAP_SETUID",
"CAP_SETFCAP",
"CAP_SETPCAP",
"CAP_NET_BIND_SERVICE",
"CAP_SYS_CHROOT",
"CAP_KILL",
"CAP_AUDIT_WRITE"
],
"inheritable": [
"CAP_CHOWN",
"CAP_DAC_OVERRIDE",
"CAP_FSETID",
"CAP_FOWNER",
"CAP_MKNOD",
"CAP_NET_RAW",
"CAP_SETGID",
"CAP_SETUID",
"CAP_SETFCAP",
"CAP_SETPCAP",
"CAP_NET_BIND_SERVICE",
"CAP_SYS_CHROOT",
"CAP_KILL",
"CAP_AUDIT_WRITE"
],
"permitted": [
"CAP_CHOWN",
"CAP_DAC_OVERRIDE",
"CAP_FSETID",
"CAP_FOWNER",
"CAP_MKNOD",
"CAP_NET_RAW",
"CAP_SETGID",
"CAP_SETUID",
"CAP_SETFCAP",
"CAP_SETPCAP",
"CAP_NET_BIND_SERVICE",
"CAP_SYS_CHROOT",
"CAP_KILL",
"CAP_AUDIT_WRITE"
]
},
"oomScoreAdj": 1000
},
"root": {
"path": "rootfs"
},
"mounts": [
{
"destination": "/proc",
"type": "proc",
"source": "proc",
"options": [
"nosuid",
"noexec",
"nodev"
]
},
{
"destination": "/dev",
"type": "tmpfs",
"source": "tmpfs",
"options": [
"nosuid",
"strictatime",
"mode=755",
"size=65536k"
]
},
{
"destination": "/dev/pts",
"type": "devpts",
"source": "devpts",
"options": [
"nosuid",
"noexec",
"newinstance",
"ptmxmode=0666",
"mode=0620",
"gid=5"
]
},
{
"destination": "/dev/mqueue",
"type": "mqueue",
"source": "mqueue",
"options": [
"nosuid",
"noexec",
"nodev"
]
},
{
"destination": "/sys",
"type": "sysfs",
"source": "sysfs",
"options": [
"nosuid",
"noexec",
"nodev",
"ro"
]
},
{
"destination": "/sys/fs/cgroup",
"type": "cgroup",
"source": "cgroup",
"options": [
"nosuid",
"noexec",
"nodev",
"relatime",
"ro"
]
},
{
"destination": "/etc/hosts",
"type": "bind",
"source": "/var/lib/kubelet/pods/5eef3865-1dbc-4fdb-8cf1-464bcb8b3059/etc-hosts",
"options": [
"rbind",
"rprivate",
"rw"
]
},
{
"destination": "/dev/termination-log",
"type": "bind",
"source": "/var/lib/kubelet/pods/5eef3865-1dbc-4fdb-8cf1-464bcb8b3059/containers/service/1af309ce",
"options": [
"rbind",
"rprivate",
"rw"
]
},
{
"destination": "/etc/hostname",
"type": "bind",
"source": "/var/lib/containerd/io.containerd.grpc.v1.cri/sandboxes/72a46ed6e6206ecfb6c614209ba587c6176cc098b98b58f040342e8e3549a7eb/hostname",
"options": [
"rbind",
"rprivate",
"rw"
]
},
{
"destination": "/etc/resolv.conf",
"type": "bind",
"source": "/var/lib/containerd/io.containerd.grpc.v1.cri/sandboxes/72a46ed6e6206ecfb6c614209ba587c6176cc098b98b58f040342e8e3549a7eb/resolv.conf",
"options": [
"rbind",
"rprivate",
"rw"
]
},
{
"destination": "/dev/shm",
"type": "bind",
"source": "/run/containerd/io.containerd.grpc.v1.cri/sandboxes/72a46ed6e6206ecfb6c614209ba587c6176cc098b98b58f040342e8e3549a7eb/shm",
"options": [
"rbind",
"rprivate",
"rw"
]
},
{
"destination": "/var/run/secrets/kubernetes.io/serviceaccount",
"type": "bind",
"source": "/var/lib/kubelet/pods/5eef3865-1dbc-4fdb-8cf1-464bcb8b3059/volumes/kubernetes.io~secret/default-token-sz6kk",
"options": [
"rbind",
"rprivate",
"ro"
]
}
],
"annotations": {
"io.kubernetes.cri.container-name": "service",
"io.kubernetes.cri.container-type": "container",
"io.kubernetes.cri.sandbox-id": "72a46ed6e6206ecfb6c614209ba587c6176cc098b98b58f040342e8e3549a7eb"
},
"linux": {
"resources": {
"devices": [
{
"allow": false,
"access": "rwm"
}
],
"memory": {},
"cpu": {
"shares": 2,
"period": 100000
}
},
"cgroupsPath": "/kubepods/besteffort/pod5eef3865-1dbc-4fdb-8cf1-464bcb8b3059/159f39ecfcddcc4815cde768a68b6e5db6209b19ab97f3eb9ff33fe25e2de68f",
"namespaces": [
{
"type": "pid"
},
{
"type": "ipc",
"path": "/proc/17954/ns/ipc"
},
{
"type": "uts",
"path": "/proc/17954/ns/uts"
},
{
"type": "mount"
},
{
"type": "network",
"path": "/proc/17954/ns/net"
}
],
"maskedPaths": [
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"readonlyPaths": [
"/proc/asound",
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
}
}
}
```
Sign in with Wallet
Connect another wallet