# services/maintenance/k3s-agent-restart-daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: k3s-agent-restart
  namespace: maintenance
spec:
  selector:
    matchLabels:
      app: k3s-agent-restart
  updateStrategy:
    type: RollingUpdate
  template:
    metadata:
      labels:
        app: k3s-agent-restart
    spec:
      serviceAccountName: node-nofile
      hostPID: true
      hostNetwork: true
      nodeSelector:
        kubernetes.io/arch: arm64
        node-role.kubernetes.io/worker: "true"
      tolerations:
        - key: node-role.kubernetes.io/control-plane
          operator: Exists
          effect: NoSchedule
        - key: node-role.kubernetes.io/master
          operator: Exists
          effect: NoSchedule
      containers:
        - name: restart
          image: bitnami/kubectl@sha256:554ab88b1858e8424c55de37ad417b16f2a0e65d1607aa0f3fe3ce9b9f10b131
          command:
            - /bin/sh
            - -c
          args:
            - |
              set -euo pipefail
              if nsenter -t 1 -m -u -i -n -p -- /usr/bin/systemctl restart k3s-agent; then
                echo "k3s-agent restarted"
              else
                nsenter -t 1 -m -u -i -n -p -- /bin/systemctl restart k3s-agent
                echo "k3s-agent restarted via /bin/systemctl"
              fi
              sleep infinity
          securityContext:
            privileged: true
            runAsUser: 0