deploy/helm/templates/daemonset.yaml (135 lines of code) (raw):

apiVersion: apps/v1 kind: DaemonSet metadata: name: agent namespace: {{ .Release.Namespace }} labels: app: kubeskoop-agent {{- with .Values.agent }} spec: selector: matchLabels: app: kubeskoop-agent template: metadata: labels: app: kubeskoop-agent annotations: prometheus.io/path: /metrics prometheus.io/port: "{{ .config.port }}" prometheus.io/scheme: http prometheus.io/scrape: "true" spec: hostNetwork: true hostPID: true automountServiceAccountToken: false dnsPolicy: ClusterFirstWithHostNet {{- if .btfhack.enabled }} initContainers: - name: btfhack image: "{{ .btfhack.repository }}:{{ .btfhack.tag }}" imagePullPolicy: {{ .btfhack.imagePullPolicy }} volumeMounts: - name: btf-rawdata mountPath: /etc/net-exporter/btf - mountPath: /boot/ name: boot command: - btfhack - discover - -p - /etc/net-exporter/btf/ {{- end }} containers: - name: inspector image: "{{ .image.repository }}:{{ .image.tag }}" ports: - name: http containerPort: {{ .config.port }} imagePullPolicy: {{ .image.imagePullPolicy }} env: - name: INSPECTOR_NODENAME valueFrom: fieldRef: fieldPath: spec.nodeName volumeMounts: - name: config-volume mountPath: /etc/config/ - name: btf-rawdata mountPath: /etc/net-exporter/btf - name: proc mountPath: /proc - mountPath: /run/containerd/ name: containerd - mountPath: /var/run/ name: dockershim - mountPath: /sys/fs/bpf name: bpf-maps mountPropagation: HostToContainer - mountPath: /sys/fs/cgroup name: cgroup mountPropagation: HostToContainer - mountPath: /sys/kernel/debug name: bpf-events mountPropagation: HostToContainer - mountPath: /etc/node-hostname name: hostname command: - /bin/inspector - server - -d securityContext: capabilities: add: - NET_ADMIN - SYS_PTRACE - SYS_ADMIN - SYS_RESOURCE - DAC_OVERRIDE drop: - ALL resources: {{- toYaml .resources | nindent 12 }} {{- with .nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} volumes: - name: proc hostPath: path: /proc - name: containerd hostPath: path: /run/containerd/ - name: dockershim hostPath: path: /var/run/ - hostPath: path: /sys/fs/bpf type: DirectoryOrCreate name: bpf-maps - name: boot hostPath: path: /boot type: DirectoryOrCreate - hostPath: path: /sys/fs/cgroup type: DirectoryOrCreate name: cgroup - hostPath: path: /sys/kernel/debug name: bpf-events - name: hostname hostPath: path: /etc/hostname type: FileOrCreate - name: config-volume configMap: name: kubeskoop-config - name: btf-rawdata emptyDir: {} {{- end }}