65 lines
1.6 KiB
YAML
65 lines
1.6 KiB
YAML
# services/maintenance/metis-sentinel-daemonset.yaml
|
|
apiVersion: apps/v1
|
|
kind: DaemonSet
|
|
metadata:
|
|
name: metis-sentinel
|
|
namespace: maintenance
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: metis-sentinel
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: metis-sentinel
|
|
annotations:
|
|
prometheus.io/scrape: "true"
|
|
prometheus.io/port: "8080"
|
|
prometheus.io/path: "/metrics"
|
|
spec:
|
|
serviceAccountName: metis
|
|
nodeSelector:
|
|
kubernetes.io/os: linux
|
|
node-role.kubernetes.io/worker: "true"
|
|
containers:
|
|
- name: metis-sentinel
|
|
image: registry.bstein.dev/bstein/metis-sentinel:latest
|
|
imagePullPolicy: Always
|
|
envFrom:
|
|
- configMapRef:
|
|
name: metis
|
|
env:
|
|
- name: METIS_SENTINEL_NODE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: spec.nodeName
|
|
ports:
|
|
- name: http
|
|
containerPort: 8080
|
|
volumeMounts:
|
|
- name: host-root
|
|
mountPath: /host
|
|
readOnly: true
|
|
- name: sentinel-output
|
|
mountPath: /var/run/metis-sentinel
|
|
resources:
|
|
requests:
|
|
cpu: 25m
|
|
memory: 64Mi
|
|
limits:
|
|
cpu: 250m
|
|
memory: 256Mi
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
runAsUser: 0
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
volumes:
|
|
- name: host-root
|
|
hostPath:
|
|
path: /
|
|
- name: sentinel-output
|
|
emptyDir: {}
|