# Copyright 2018 Google Inc. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http:#www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: apps/v1 kind: DaemonSet metadata: labels: name: node-termination-handler name: node-termination-handler namespace: kube-system spec: selector: matchLabels: name: node-termination-handler updateStrategy: type: RollingUpdate template: metadata: labels: name: node-termination-handler spec: # Necessary to hit the node's metadata server when using Workload Identity hostNetwork: true # Necessary to reboot node hostPID: true serviceAccountName: node-termination-handler affinity: nodeAffinity: # Restrict to GPU nodes or preemptible nodes requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: cloud.google.com/gke-accelerator operator: Exists - matchExpressions: - key: cloud.google.com/gke-preemptible operator: Exists containers: # TODO: Update to an official image once the build is automated via GCB. - image: k8s.gcr.io/gke-node-termination-handler@sha256:aca12d17b222dfed755e28a44d92721e477915fb73211d0a0f8925a1fa847cca name: node-termination-handler command: ["./node-termination-handler"] args: ["--logtostderr", "--exclude-pods=$(POD_NAME):$(POD_NAMESPACE)", "-v=10", "--taint=cloud.google.com/impending-node-termination::NoSchedule"] securityContext: capabilities: # Necessary to reboot node add: ["SYS_BOOT"] env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: SLACK_WEBHOOK_URL value: "" resources: limits: cpu: 150m memory: 30Mi tolerations: # Run regardless of any existing taints. - effect: NoSchedule operator: Exists - effect: NoExecute operator: Exists