falco/test/trace_files/psp/host_ipc.json

{"kind":"Event","apiVersion":"audit.k8s.io/v1","level":"RequestResponse","auditID":"e2c061fc-7b81-4e1e-b1d2-a54b5ee93920","stage":"ResponseComplete","requestURI":"/api/v1/namespaces/default/pods","verb":"create","user":{"username":"system:serviceaccount:kube-system:replicaset-controller","uid":"73a5fa38-9230-11e9-9af2-08002760e39e","groups":["system:serviceaccounts","system:serviceaccounts:kube-system","system:authenticated"]},"sourceIPs":["127.0.0.1"],"userAgent":"kube-controller-manager/v1.13.2 (linux/amd64) kubernetes/cff46ab/system:serviceaccount:kube-system:replicaset-controller","objectRef":{"resource":"pods","namespace":"default","apiVersion":"v1"},"responseStatus":{"metadata":{},"code":201},"requestObject":{"kind":"Pod","apiVersion":"v1","metadata":{"generateName":"nginx-deployment-755c58cb7c-","creationTimestamp":null,"labels":{"app":"nginx","pod-template-hash":"755c58cb7c"},"ownerReferences":[{"apiVersion":"apps/v1","kind":"ReplicaSet","name":"nginx-deployment-755c58cb7c","uid":"cd652bbf-9232-11e9-b061-08002760e39e","controller":true,"blockOwnerDeletion":true}]},"spec":{"containers":[{"name":"nginx1","image":"nginx","resources":{},"terminationMessagePath":"/dev/termination-log","terminationMessagePolicy":"File","imagePullPolicy":"Always"}],"restartPolicy":"Always","terminationGracePeriodSeconds":30,"dnsPolicy":"ClusterFirst","hostIPC":true,"securityContext":{},"schedulerName":"default-scheduler","enableServiceLinks":true},"status":{}},"responseObject":{"kind":"Pod","apiVersion":"v1","metadata":{"name":"nginx-deployment-755c58cb7c-vrx4n","generateName":"nginx-deployment-755c58cb7c-","namespace":"default","selfLink":"/api/v1/namespaces/default/pods/nginx-deployment-755c58cb7c-vrx4n","uid":"cd67586f-9232-11e9-b061-08002760e39e","resourceVersion":"1628","creationTimestamp":"2019-06-19T01:37:30Z","labels":{"app":"nginx","pod-template-hash":"755c58cb7c"},"ownerReferences":[{"apiVersion":"apps/v1","kind":"ReplicaSet","name":"nginx-deployment-755c58cb7c","uid":"cd652bbf-9232-11e9-b061-08002760e39e","controller":true,"blockOwnerDeletion":true}]},"spec":{"volumes":[{"name":"default-token-7t8xw","secret":{"secretName":"default-token-7t8xw","defaultMode":420}}],"containers":[{"name":"nginx1","image":"nginx","resources":{},"volumeMounts":[{"name":"default-token-7t8xw","readOnly":true,"mountPath":"/var/run/secrets/kubernetes.io/serviceaccount"}],"terminationMessagePath":"/dev/termination-log","terminationMessagePolicy":"File","imagePullPolicy":"Always"}],"restartPolicy":"Always","terminationGracePeriodSeconds":30,"dnsPolicy":"ClusterFirst","serviceAccountName":"default","serviceAccount":"default","hostIPC":true,"securityContext":{},"schedulerName":"default-scheduler","tolerations":[{"key":"node.kubernetes.io/not-ready","operator":"Exists","effect":"NoExecute","tolerationSeconds":300},{"key":"node.kubernetes.io/unreachable","operator":"Exists","effect":"NoExecute","tolerationSeconds":300}],"priority":0,"enableServiceLinks":true},"status":{"phase":"Pending","qosClass":"BestEffort"}},"requestReceivedTimestamp":"2019-06-19T01:37:30.360992Z","stageTimestamp":"2019-06-19T01:37:30.365019Z","annotations":{"authorization.k8s.io/decision":"allow","authorization.k8s.io/reason":"RBAC: allowed by ClusterRoleBinding \"system:controller:replicaset-controller\" of ClusterRole \"system:controller:replicaset-controller\" to ServiceAccount \"replicaset-controller/kube-system\""}}