# Create Amazon CloudWatch Network Flow Monitor Agent DaemonSet apiVersion: apps/v1 kind: DaemonSet metadata: name: {{ .Values.daemonSet.name }} namespace: {{ .Release.Namespace }} labels: {{- include "aws-network-flow-monitor-agent.labels" . | nindent 4}} spec: selector: matchLabels: name: {{ .Values.daemonSet.name }} {{- if .Values.podLabels }} {{ toYaml .Values.podLabels | indent 6 }} {{- end }} template: metadata: {{- if .Values.podAnnotations }} annotations: {{- range $key, $value := .Values.podAnnotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} labels: name: {{ .Values.daemonSet.name }} {{- if .Values.podLabels }} {{ toYaml .Values.podLabels | indent 8 }} {{- end }} spec: hostNetwork: true containers: - name: {{ .Values.daemonSet.name }} image: {{ include "aws-network-flow-monitor-agent.image" . }} securityContext: privileged: true resources: {{ toYaml .Values.resources | nindent 12 }} env: {{- range $key, $value := .Values.env }} - name: {{ $key }} value: {{ $value | quote }} {{- end }} - name: K8S_NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName - name: K8S_POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: K8S_POD_NAME valueFrom: fieldRef: fieldPath: metadata.name nodeSelector: kubernetes.io/os: linux terminationGracePeriodSeconds: 5 serviceAccountName: {{ .Values.serviceAccount.name }} {{- with .Values.priorityClassName }} priorityClassName: {{ . }} {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }}