src/foundation/scripts/cni/danm/integration/manifests/netwatcher/netwatcher_ds.yaml

   1 # yamllint disable rule:hyphens rule:commas rule:indentation
   2 apiVersion: apps/v1beta2
   3 kind: DaemonSet
   4 metadata:
   5   name: netwatcher
   6   namespace: kube-system
   7 spec:
   8   selector:
   9     matchLabels:
  10       danm.k8s.io: netwatcher
  11   template:
  12     metadata:
  13       labels:
  14         danm.k8s.io: netwatcher
  15     spec:
  16       serviceAccount: netwatcher
  17       hostNetwork: true
  18       dnsPolicy: ClusterFirst
  19       hostIPC: true
  20       hostPID: true
  21       containers:
  22         - name: netwatcher
  23           image: iecedge/netwatcher:v4.0.0
  24           securityContext:
  25             capabilities:
  26               add:
  27                 - SYS_PTRACE
  28                 - SYS_ADMIN
  29                 - NET_ADMIN
  30                 - NET_RAW
  31       tolerations:
  32        - effect: NoSchedule
  33          operator: Exists
  34        - effect: NoExecute
  35          operator: Exists
  36       terminationGracePeriodSeconds: 0