Last active
August 16, 2017 00:37
-
-
Save joejulian/07d7d93b7d1998df0e4fee68d20fd364 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"apiVersion": "rbac.authorization.k8s.io/v1beta1", | |
"kind": "ClusterRole", | |
"metadata": { | |
"annotations": { | |
"kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"rbac.authorization.k8s.io/v1beta1\",\"kind\":\"ClusterRole\",\"metadata\":{\"annotations\":{},\"name\":\"flannel\",\"namespace\":\"\"},\"rules\":[{\"apiGroups\":[\"\"],\"resources\":[\"pods\"],\"verbs\":[\"get\"]},{\"apiGroups\":[\"\"],\"resources\":[\"nodes\"],\"verbs\":[\"list\",\"watch\"]},{\"apiGroups\":[\"\"],\"resources\":[\"nodes/status\"],\"verbs\":[\"patch\"]}]}\n" | |
}, | |
"creationTimestamp": "2017-08-14T21:57:24Z", | |
"name": "flannel", | |
"resourceVersion": "10897091", | |
"selfLink": "/apis/rbac.authorization.k8s.io/v1beta1/clusterroles/flannel", | |
"uid": "8e56f2c5-813b-11e7-8652-b827eb900888" | |
}, | |
"rules": [ | |
{ | |
"apiGroups": [ | |
"" | |
], | |
"resources": [ | |
"pods" | |
], | |
"verbs": [ | |
"get" | |
] | |
}, | |
{ | |
"apiGroups": [ | |
"" | |
], | |
"resources": [ | |
"nodes" | |
], | |
"verbs": [ | |
"list", | |
"watch" | |
] | |
}, | |
{ | |
"apiGroups": [ | |
"" | |
], | |
"resources": [ | |
"nodes/status" | |
], | |
"verbs": [ | |
"patch" | |
] | |
} | |
] | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"apiVersion": "rbac.authorization.k8s.io/v1beta1", | |
"kind": "ClusterRoleBinding", | |
"metadata": { | |
"annotations": { | |
"kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"rbac.authorization.k8s.io/v1beta1\",\"kind\":\"ClusterRoleBinding\",\"metadata\":{\"annotations\":{},\"name\":\"flannel\",\"namespace\":\"\"},\"roleRef\":{\"apiGroup\":\"rbac.authorization.k8s.io\",\"kind\":\"ClusterRole\",\"name\":\"flannel\"},\"subjects\":[{\"kind\":\"ServiceAccount\",\"name\":\"flannel\",\"namespace\":\"kube-system\"}]}\n" | |
}, | |
"creationTimestamp": "2017-08-14T21:57:25Z", | |
"name": "flannel", | |
"resourceVersion": "10897092", | |
"selfLink": "/apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindings/flannel", | |
"uid": "8e67c0e4-813b-11e7-8652-b827eb900888" | |
}, | |
"roleRef": { | |
"apiGroup": "rbac.authorization.k8s.io", | |
"kind": "ClusterRole", | |
"name": "flannel" | |
}, | |
"subjects": [ | |
{ | |
"kind": "ServiceAccount", | |
"name": "flannel", | |
"namespace": "kube-system" | |
} | |
] | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# curl -v --cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt -H "User-Agent: flanneld/v1.6.7 (linux/amd64) kubernetes/$Format" -H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" -H "Accept: application/json, */*" https://10.96.0.1:443/api/v1/namespaces/kube-system/pods | |
* Trying 10.96.0.1... | |
* TCP_NODELAY set | |
* Connected to 10.96.0.1 (10.96.0.1) port 443 (#0) | |
* ALPN, offering http/1.1 | |
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH | |
* successfully set certificate verify locations: | |
* CAfile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt | |
CApath: none | |
* TLSv1.2 (OUT), TLS handshake, Client hello (1): | |
* TLSv1.2 (IN), TLS handshake, Server hello (2): | |
* TLSv1.2 (IN), TLS handshake, Certificate (11): | |
* TLSv1.2 (IN), TLS handshake, Server key exchange (12): | |
* TLSv1.2 (IN), TLS handshake, Request CERT (13): | |
* TLSv1.2 (IN), TLS handshake, Server finished (14): | |
* TLSv1.2 (OUT), TLS handshake, Certificate (11): | |
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16): | |
* TLSv1.2 (OUT), TLS change cipher, Client hello (1): | |
* TLSv1.2 (OUT), TLS handshake, Finished (20): | |
* TLSv1.2 (IN), TLS change cipher, Client hello (1): | |
* TLSv1.2 (IN), TLS handshake, Finished (20): | |
* SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305 | |
* ALPN, server accepted to use http/1.1 | |
* Server certificate: | |
* subject: C=US; ST=Washington; L=Lynnwood; O=Kubernetes; OU=Cluster; CN=kube-apiserver | |
* start date: Aug 15 02:06:00 2017 GMT | |
* expire date: Aug 15 02:06:00 2018 GMT | |
* subjectAltName: host "10.96.0.1" matched cert's IP address! | |
* issuer: C=US; ST=Washington; L=Lynnwood; O=Julian Family; OU=CA; CN=Kubernetes | |
* SSL certificate verify ok. | |
> GET /api/v1/namespaces/kube-system/pods HTTP/1.1 | |
> Host: 10.96.0.1 | |
> User-Agent: flanneld/v1.6.7 (linux/amd64) kubernetes/ | |
> Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJmbGFubmVsLXRva2VuLWpnNHpiIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImZsYW5uZWwiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiIzZjI5ZjU2NC04MWRkLTExZTctODllNy1iODI3ZWI5MDA4ODgiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06Zmxhbm5lbCJ9.SKOpnXfUndPcgm-Ab0gfF7a0m4zdGjKhaimRR1_rvji8-_11XTeH0TipiRoUfiQIWjNOLS7cZbZ0IG3xdfXBO1OsydzxcLUt7ky7yGrnwp9OZ0XhbtATu1TYdChVArmrYK2-RAgM4FmEBZKwrRTDpxu9ca2ip6H6MkYKftx7MlAqrPHm1rJb10MeUMp_Eq2cJoEcaQzOBGYrdMSF7Wq8lyEYklL0ZzMMw6MHWJF-wPDl9eD00Xyxuez5Aq5bjzX9eSoemV0z8_Ozogz1Hfx2l-Hm5MJKiJphcVsyHwR9_sn6OY6y81t5EGSNsICFqB8eF-N75CbpSV6pJwHkqc908Q | |
> Accept: application/json, */* | |
> | |
< HTTP/1.1 401 Unauthorized | |
< Content-Type: text/plain; charset=utf-8 | |
< X-Content-Type-Options: nosniff | |
< Date: Tue, 15 Aug 2017 18:40:20 GMT | |
< Content-Length: 13 | |
< | |
Unauthorized |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"apiVersion": "v1", | |
"kind": "Pod", | |
"metadata": { | |
"annotations": { | |
"kubernetes.io/created-by": "{\"kind\":\"SerializedReference\",\"apiVersion\":\"v1\",\"reference\":{\"kind\":\"DaemonSet\",\"namespace\":\"kube-system\",\"name\":\"kube-flannel-ds\",\"uid\":\"3f8d4612-81dd-11e7-89e7-b827eb900888\",\"apiVersion\":\"extensions\",\"resourceVersion\":\"11003259\"}}\n" | |
}, | |
"creationTimestamp": "2017-08-15T17:14:51Z", | |
"generateName": "kube-flannel-ds-", | |
"labels": { | |
"app": "flannel", | |
"controller-revision-hash": "741088730", | |
"pod-template-generation": "1", | |
"tier": "node" | |
}, | |
"name": "kube-flannel-ds-9w2q3", | |
"namespace": "kube-system", | |
"ownerReferences": [ | |
{ | |
"apiVersion": "extensions/v1beta1", | |
"blockOwnerDeletion": true, | |
"controller": true, | |
"kind": "DaemonSet", | |
"name": "kube-flannel-ds", | |
"uid": "3f8d4612-81dd-11e7-89e7-b827eb900888" | |
} | |
], | |
"resourceVersion": "11026859", | |
"selfLink": "/api/v1/namespaces/kube-system/pods/kube-flannel-ds-9w2q3", | |
"uid": "3f9de327-81dd-11e7-89e7-b827eb900888" | |
}, | |
"spec": { | |
"containers": [ | |
{ | |
"command": [ | |
"/bin/sleep", | |
"10000" | |
], | |
"env": [ | |
{ | |
"name": "POD_NAME", | |
"valueFrom": { | |
"fieldRef": { | |
"apiVersion": "v1", | |
"fieldPath": "metadata.name" | |
} | |
} | |
}, | |
{ | |
"name": "POD_NAMESPACE", | |
"valueFrom": { | |
"fieldRef": { | |
"apiVersion": "v1", | |
"fieldPath": "metadata.namespace" | |
} | |
} | |
} | |
], | |
"image": "quay.io/coreos/flannel:v0.8.0-amd64", | |
"imagePullPolicy": "IfNotPresent", | |
"name": "kube-flannel", | |
"resources": {}, | |
"securityContext": { | |
"privileged": true | |
}, | |
"terminationMessagePath": "/dev/termination-log", | |
"terminationMessagePolicy": "File", | |
"volumeMounts": [ | |
{ | |
"mountPath": "/run", | |
"name": "run" | |
}, | |
{ | |
"mountPath": "/etc/kube-flannel/", | |
"name": "flannel-cfg" | |
}, | |
{ | |
"mountPath": "/var/run/secrets/kubernetes.io/serviceaccount", | |
"name": "flannel-token-jg4zb", | |
"readOnly": true | |
} | |
] | |
}, | |
{ | |
"command": [ | |
"/bin/sh", | |
"-c", | |
"set -e -x; cp -f /etc/kube-flannel/cni-conf.json /etc/cni/net.d/10-flannel.conf; while true; do sleep 3600; done" | |
], | |
"image": "quay.io/coreos/flannel:v0.8.0-amd64", | |
"imagePullPolicy": "IfNotPresent", | |
"name": "install-cni", | |
"resources": {}, | |
"terminationMessagePath": "/dev/termination-log", | |
"terminationMessagePolicy": "File", | |
"volumeMounts": [ | |
{ | |
"mountPath": "/etc/cni/net.d", | |
"name": "cni" | |
}, | |
{ | |
"mountPath": "/etc/kube-flannel/", | |
"name": "flannel-cfg" | |
}, | |
{ | |
"mountPath": "/var/run/secrets/kubernetes.io/serviceaccount", | |
"name": "flannel-token-jg4zb", | |
"readOnly": true | |
} | |
] | |
} | |
], | |
"dnsPolicy": "ClusterFirst", | |
"hostNetwork": true, | |
"nodeName": "strabo", | |
"nodeSelector": { | |
"beta.kubernetes.io/arch": "amd64" | |
}, | |
"restartPolicy": "Always", | |
"schedulerName": "default-scheduler", | |
"securityContext": {}, | |
"serviceAccount": "flannel", | |
"serviceAccountName": "flannel", | |
"terminationGracePeriodSeconds": 30, | |
"tolerations": [ | |
{ | |
"effect": "NoSchedule", | |
"key": "node-role.kubernetes.io/master", | |
"operator": "Exists" | |
}, | |
{ | |
"effect": "NoExecute", | |
"key": "node.alpha.kubernetes.io/notReady", | |
"operator": "Exists" | |
}, | |
{ | |
"effect": "NoExecute", | |
"key": "node.alpha.kubernetes.io/unreachable", | |
"operator": "Exists" | |
} | |
], | |
"volumes": [ | |
{ | |
"hostPath": { | |
"path": "/run" | |
}, | |
"name": "run" | |
}, | |
{ | |
"hostPath": { | |
"path": "/etc/cni/net.d" | |
}, | |
"name": "cni" | |
}, | |
{ | |
"configMap": { | |
"defaultMode": 420, | |
"name": "kube-flannel-cfg" | |
}, | |
"name": "flannel-cfg" | |
}, | |
{ | |
"name": "flannel-token-jg4zb", | |
"secret": { | |
"defaultMode": 420, | |
"secretName": "flannel-token-jg4zb" | |
} | |
} | |
] | |
}, | |
"status": { | |
"conditions": [ | |
{ | |
"lastProbeTime": null, | |
"lastTransitionTime": "2017-08-15T17:14:51Z", | |
"status": "True", | |
"type": "Initialized" | |
}, | |
{ | |
"lastProbeTime": null, | |
"lastTransitionTime": "2017-08-15T22:48:17Z", | |
"status": "True", | |
"type": "Ready" | |
}, | |
{ | |
"lastProbeTime": null, | |
"lastTransitionTime": "2017-08-15T17:14:55Z", | |
"status": "True", | |
"type": "PodScheduled" | |
} | |
], | |
"containerStatuses": [ | |
{ | |
"containerID": "docker://3b39bad3d35476750149665573433464f993a058fdc669313c712737fbf3e011", | |
"image": "quay.io/coreos/flannel:v0.8.0", | |
"imageID": "docker-pullable://quay.io/coreos/flannel@sha256:5fa9435c1e95be2ec4daa53a35c39d5e3cc99fce33ed4983f4bb707bc9fc175f", | |
"lastState": {}, | |
"name": "install-cni", | |
"ready": true, | |
"restartCount": 0, | |
"state": { | |
"running": { | |
"startedAt": "2017-08-15T17:14:54Z" | |
} | |
} | |
}, | |
{ | |
"containerID": "docker://f8b32ae22ca2104ef91e66afaba4dd4c9cfff8767a3b7751fd2366842ef33331", | |
"image": "quay.io/coreos/flannel:v0.8.0", | |
"imageID": "docker-pullable://quay.io/coreos/flannel@sha256:5fa9435c1e95be2ec4daa53a35c39d5e3cc99fce33ed4983f4bb707bc9fc175f", | |
"lastState": { | |
"terminated": { | |
"containerID": "docker://9a59d1896b82a7349d5299648dc3154f286e8186bf92f945306b7b1e990f2858", | |
"exitCode": 0, | |
"finishedAt": "2017-08-15T22:48:16Z", | |
"reason": "Completed", | |
"startedAt": "2017-08-15T20:01:35Z" | |
} | |
}, | |
"name": "kube-flannel", | |
"ready": true, | |
"restartCount": 2, | |
"state": { | |
"running": { | |
"startedAt": "2017-08-15T22:48:17Z" | |
} | |
} | |
} | |
], | |
"hostIP": "192.168.2.3", | |
"phase": "Running", | |
"podIP": "192.168.2.3", | |
"qosClass": "BestEffort", | |
"startTime": "2017-08-15T17:14:51Z" | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment