github.com/k8snetworkplumbingwg/sriov-network-operator@v1.2.1-0.20240408194816-2d2e5a45d453/bindata/manifests/daemon/daemonset.yaml (about) 1 --- 2 kind: DaemonSet 3 apiVersion: apps/v1 4 metadata: 5 name: sriov-network-config-daemon 6 namespace: {{.Namespace}} 7 annotations: 8 release.openshift.io/version: "{{.ReleaseVersion}}" 9 spec: 10 selector: 11 matchLabels: 12 app: sriov-network-config-daemon 13 updateStrategy: 14 type: RollingUpdate 15 rollingUpdate: 16 maxUnavailable: 33% 17 template: 18 metadata: 19 labels: 20 app: sriov-network-config-daemon 21 component: network 22 type: infra 23 openshift.io/component: network 24 annotations: 25 kubectl.kubernetes.io/default-container: sriov-network-config-daemon 26 spec: 27 hostNetwork: true 28 hostPID: true 29 nodeSelector: 30 kubernetes.io/os: linux 31 node-role.kubernetes.io/worker: "" 32 tolerations: 33 - operator: Exists 34 serviceAccountName: sriov-network-config-daemon 35 priorityClassName: "system-node-critical" 36 {{- if .ImagePullSecrets }} 37 imagePullSecrets: 38 {{- range .ImagePullSecrets }} 39 - name: {{ . }} 40 {{- end }} 41 {{- end }} 42 initContainers: 43 - name: sriov-cni 44 image: {{.SRIOVCNIImage}} 45 args: ["--no-sleep"] 46 securityContext: 47 privileged: true 48 resources: 49 requests: 50 cpu: 10m 51 memory: 10Mi 52 volumeMounts: 53 - name: cnibin 54 mountPath: /host/opt/cni/bin 55 - name: os-release 56 mountPath: /host/etc/os-release 57 readOnly: true 58 - name: sriov-infiniband-cni 59 image: {{.SRIOVInfiniBandCNIImage}} 60 args: ["--no-sleep"] 61 securityContext: 62 privileged: true 63 resources: 64 requests: 65 cpu: 10m 66 memory: 10Mi 67 volumeMounts: 68 - name: cnibin 69 mountPath: /host/opt/cni/bin 70 - name: os-release 71 mountPath: /host/etc/os-release 72 readOnly: true 73 {{- if .OVSCNIImage }} 74 - name: ovs-cni 75 image: {{.OVSCNIImage}} 76 command: ["/bin/sh","-c"] 77 args: 78 - > 79 cp /ovs /host/opt/cni/bin/ovs && 80 cp /ovs-mirror-producer /host/opt/cni/bin/ovs-mirror-producer && 81 cp /ovs-mirror-consumer /host/opt/cni/bin/ovs-mirror-consumer 82 securityContext: 83 privileged: true 84 resources: 85 requests: 86 cpu: 10m 87 memory: 10Mi 88 volumeMounts: 89 - name: cnibin 90 mountPath: /host/opt/cni/bin 91 - name: os-release 92 mountPath: /host/etc/os-release 93 readOnly: true 94 {{- end }} 95 {{- if .UsedSystemdMode}} 96 - name: sriov-service-copy 97 image: {{.Image}} 98 command: 99 - /bin/bash 100 - -c 101 - mkdir -p /host/var/lib/sriov/ && cp /usr/bin/sriov-network-config-daemon /host/var/lib/sriov/sriov-network-config-daemon && chcon -t bin_t /host/var/lib/sriov/sriov-network-config-daemon | true # Allow systemd to run the file, use pipe true to not failed if the system doesn't have selinux or apparmor enabled 102 securityContext: 103 privileged: true 104 resources: 105 requests: 106 cpu: 10m 107 memory: 10Mi 108 volumeMounts: 109 - name: host 110 mountPath: /host 111 {{- end }} 112 containers: 113 - name: sriov-network-config-daemon 114 image: {{.Image}} 115 command: 116 - sriov-network-config-daemon 117 securityContext: 118 privileged: true 119 args: 120 - "start" 121 {{- if .UsedSystemdMode}} 122 - --use-systemd-service 123 {{- end }} 124 {{- with index . "DisablePlugins" }} 125 - --disable-plugins={{.}} 126 {{- end }} 127 {{- if .ParallelNicConfig }} 128 - --parallel-nic-config 129 {{- end }} 130 env: 131 - name: NODE_NAME 132 valueFrom: 133 fieldRef: 134 fieldPath: spec.nodeName 135 - name: NAMESPACE 136 valueFrom: 137 fieldRef: 138 fieldPath: metadata.namespace 139 - name: CLUSTER_TYPE 140 value: "{{.ClusterType}}" 141 - name: DEV_MODE 142 value: "{{.DevMode}}" 143 resources: 144 requests: 145 cpu: 100m 146 memory: 100Mi 147 volumeMounts: 148 - name: host 149 mountPath: /host 150 lifecycle: 151 preStop: 152 exec: 153 command: ["/bindata/scripts/clean-k8s-services.sh"] 154 volumes: 155 - name: host 156 hostPath: 157 path: / 158 - name: cnibin 159 hostPath: 160 path: {{.CNIBinPath}} 161 - name: os-release 162 hostPath: 163 path: /etc/os-release 164 type: File