Open heidsoft opened 3 years ago
apiVersion: v1 kind: Pod metadata: annotations: cni.projectcalico.org/podIP: 10.233.109.24/32 cni.projectcalico.org/podIPs: 10.233.109.24/32 kubectl.kubernetes.io/default-container: reviews kubectl.kubernetes.io/default-logs-container: reviews prometheus.io/path: /stats/prometheus prometheus.io/port: "15020" prometheus.io/scrape: "true" sidecar.istio.io/status: '{"initContainers":["istio-init"],"containers":["istio-proxy"],"volumes":["istio-envoy","istio-data","istio-podinfo","istio-token","istiod-ca-cert"],"imagePullSecrets":null}' creationTimestamp: "2021-06-01T08:49:29Z" generateName: reviews-v1-545db77b95- labels: app: reviews istio.io/rev: default pod-template-hash: 545db77b95 security.istio.io/tlsMode: istio service.istio.io/canonical-name: reviews service.istio.io/canonical-revision: v1 version: v1 managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:generateName: {} f:labels: .: {} f:app: {} f:pod-template-hash: {} f:version: {} f:ownerReferences: .: {} k:{"uid":"c2b51e91-08d2-454d-a6d4-f5c06da70e91"}: .: {} f:apiVersion: {} f:blockOwnerDeletion: {} f:controller: {} f:kind: {} f:name: {} f:uid: {} f:spec: f:containers: k:{"name":"reviews"}: .: {} f:env: .: {} k:{"name":"LOG_DIR"}: .: {} f:name: {} f:value: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:ports: .: {} k:{"containerPort":9080,"protocol":"TCP"}: .: {} f:containerPort: {} f:protocol: {} f:resources: {} f:securityContext: .: {} f:runAsUser: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:volumeMounts: .: {} k:{"mountPath":"/opt/ibm/wlp/output"}: .: {} f:mountPath: {} f:name: {} k:{"mountPath":"/tmp"}: .: {} f:mountPath: {} f:name: {} f:dnsPolicy: {} f:enableServiceLinks: {} f:restartPolicy: {} f:schedulerName: {} f:securityContext: {} f:serviceAccount: {} f:serviceAccountName: {} f:terminationGracePeriodSeconds: {} f:volumes: .: {} k:{"name":"tmp"}: .: {} f:emptyDir: {} f:name: {} k:{"name":"wlp-output"}: .: {} f:emptyDir: {} f:name: {} manager: kube-controller-manager operation: Update time: "2021-06-01T08:49:29Z" - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: f:cni.projectcalico.org/podIP: {} f:cni.projectcalico.org/podIPs: {} manager: calico operation: Update time: "2021-06-01T08:49:31Z" - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:status: f:conditions: k:{"type":"ContainersReady"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Initialized"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Ready"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} f:containerStatuses: {} f:hostIP: {} f:initContainerStatuses: {} f:phase: {} f:podIP: {} f:podIPs: .: {} k:{"ip":"10.233.109.24"}: .: {} f:ip: {} f:startTime: {} manager: kubelet operation: Update time: "2021-06-01T08:49:34Z" name: reviews-v1-545db77b95-dntjx namespace: default ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: reviews-v1-545db77b95 uid: c2b51e91-08d2-454d-a6d4-f5c06da70e91 resourceVersion: "3854569" selfLink: /api/v1/namespaces/default/pods/reviews-v1-545db77b95-dntjx uid: df6077b5-71e3-480b-aa1d-8ecca3f72dae spec: containers: - env: - name: LOG_DIR value: /tmp/logs image: docker.io/istio/examples-bookinfo-reviews-v1:1.16.2 imagePullPolicy: IfNotPresent name: reviews ports: - containerPort: 9080 protocol: TCP resources: {} securityContext: runAsUser: 1000 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /tmp name: tmp - mountPath: /opt/ibm/wlp/output name: wlp-output - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: bookinfo-reviews-token-6q525 readOnly: true - args: - proxy - sidecar - --domain - $(POD_NAMESPACE).svc.cluster.local - --serviceCluster - reviews.$(POD_NAMESPACE) - --proxyLogLevel=warning - --proxyComponentLogLevel=misc:error - --log_output_level=default:info - --concurrency - "2" env: - name: JWT_POLICY value: third-party-jwt - name: PILOT_CERT_PROVIDER value: istiod - name: CA_ADDR value: istiod.istio-system.svc:15012 - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - name: INSTANCE_IP valueFrom: fieldRef: apiVersion: v1 fieldPath: status.podIP - name: SERVICE_ACCOUNT valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.serviceAccountName - name: HOST_IP valueFrom: fieldRef: apiVersion: v1 fieldPath: status.hostIP - name: CANONICAL_SERVICE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.labels['service.istio.io/canonical-name'] - name: CANONICAL_REVISION valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.labels['service.istio.io/canonical-revision'] - name: PROXY_CONFIG value: | {} - name: ISTIO_META_POD_PORTS value: |- [ {"containerPort":9080,"protocol":"TCP"} ] - name: ISTIO_META_APP_CONTAINERS value: reviews - name: ISTIO_META_CLUSTER_ID value: Kubernetes - name: ISTIO_META_INTERCEPTION_MODE value: REDIRECT - name: ISTIO_META_WORKLOAD_NAME value: reviews-v1 - name: ISTIO_META_OWNER value: kubernetes://apis/apps/v1/namespaces/default/deployments/reviews-v1 - name: ISTIO_META_MESH_ID value: cluster.local - name: TRUST_DOMAIN value: cluster.local image: docker.io/istio/proxyv2:1.10.0 imagePullPolicy: IfNotPresent name: istio-proxy ports: - containerPort: 15090 name: http-envoy-prom protocol: TCP readinessProbe: failureThreshold: 30 httpGet: path: /healthz/ready port: 15021 scheme: HTTP initialDelaySeconds: 1 periodSeconds: 2 successThreshold: 1 timeoutSeconds: 3 resources: limits: cpu: "2" memory: 1Gi requests: cpu: 100m memory: 128Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL privileged: false readOnlyRootFilesystem: true runAsGroup: 1337 runAsNonRoot: true runAsUser: 1337 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /var/run/secrets/istio name: istiod-ca-cert - mountPath: /var/lib/istio/data name: istio-data - mountPath: /etc/istio/proxy name: istio-envoy - mountPath: /var/run/secrets/tokens name: istio-token - mountPath: /etc/istio/pod name: istio-podinfo - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: bookinfo-reviews-token-6q525 readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true initContainers: - args: - istio-iptables - -p - "15001" - -z - "15006" - -u - "1337" - -m - REDIRECT - -i - '*' - -x - "" - -b - '*' - -d - 15090,15021,15020 image: docker.io/istio/proxyv2:1.10.0 imagePullPolicy: IfNotPresent name: istio-init resources: limits: cpu: "2" memory: 1Gi requests: cpu: 100m memory: 128Mi securityContext: allowPrivilegeEscalation: false capabilities: add: - NET_ADMIN - NET_RAW drop: - ALL privileged: false readOnlyRootFilesystem: false runAsGroup: 0 runAsNonRoot: false runAsUser: 0 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: bookinfo-reviews-token-6q525 readOnly: true nodeName: master-2 preemptionPolicy: PreemptLowerPriority priority: 0 restartPolicy: Always schedulerName: default-scheduler securityContext: fsGroup: 1337 serviceAccount: bookinfo-reviews serviceAccountName: bookinfo-reviews terminationGracePeriodSeconds: 30 tolerations: - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - emptyDir: medium: Memory name: istio-envoy - emptyDir: {} name: istio-data - downwardAPI: defaultMode: 420 items: - fieldRef: apiVersion: v1 fieldPath: metadata.labels path: labels - fieldRef: apiVersion: v1 fieldPath: metadata.annotations path: annotations - path: cpu-limit resourceFieldRef: containerName: istio-proxy divisor: 1m resource: limits.cpu - path: cpu-request resourceFieldRef: containerName: istio-proxy divisor: 1m resource: requests.cpu name: istio-podinfo - name: istio-token projected: defaultMode: 420 sources: - serviceAccountToken: audience: istio-ca expirationSeconds: 43200 path: istio-token - configMap: defaultMode: 420 name: istio-ca-root-cert name: istiod-ca-cert - emptyDir: {} name: wlp-output - emptyDir: {} name: tmp - name: bookinfo-reviews-token-6q525 secret: defaultMode: 420 secretName: bookinfo-reviews-token-6q525 status: conditions: - lastProbeTime: null lastTransitionTime: "2021-06-01T08:49:32Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2021-06-01T08:49:34Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2021-06-01T08:49:34Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2021-06-01T08:49:29Z" status: "True" type: PodScheduled containerStatuses: - containerID: docker://1735c06ab4c9118df525d8a34c37adc9f76725fdac0d58795790820a85657e68 image: istio/proxyv2:1.10.0 imageID: docker-pullable://istio/proxyv2@sha256:88c6c693e67a0f2492191a0e7d8020ddc85603bfc704f252655cb9eb5eeb3f58 lastState: {} name: istio-proxy ready: true restartCount: 0 started: true state: running: startedAt: "2021-06-01T08:49:32Z" - containerID: docker://10e9fa5782f5bbe318e427cc932ff5246382eb7a41390049700d5111c3f7ec83 image: istio/examples-bookinfo-reviews-v1:1.16.2 imageID: docker-pullable://istio/examples-bookinfo-reviews-v1@sha256:d1b8447be70549f1f7303f266d88c16112e2695cc110603fdb1c8ee432a627bf lastState: {} name: reviews ready: true restartCount: 0 started: true state: running: startedAt: "2021-06-01T08:49:32Z" hostIP: 10.88.27.176 initContainerStatuses: - containerID: docker://680ce3af4a0482c62b2842ca16595f0301e31c6c59e3e8a9124ad1d6a9f520fb image: istio/proxyv2:1.10.0 imageID: docker-pullable://istio/proxyv2@sha256:88c6c693e67a0f2492191a0e7d8020ddc85603bfc704f252655cb9eb5eeb3f58 lastState: {} name: istio-init ready: true restartCount: 0 state: terminated: containerID: docker://680ce3af4a0482c62b2842ca16595f0301e31c6c59e3e8a9124ad1d6a9f520fb exitCode: 0 finishedAt: "2021-06-01T08:49:31Z" reason: Completed startedAt: "2021-06-01T08:49:31Z" phase: Running podIP: 10.233.109.24 podIPs: - ip: 10.233.109.24 qosClass: Burstable startTime: "2021-06-01T08:49:30Z"
1stio