k8s.io/kubernetes@v1.31.0-alpha.0.0.20240520171757-56147500dadc/cluster/addons/kube-network-policies/kube-network-policies.yaml

k8s.io/kubernetes@v1.31.0-alpha.0.0.20240520171757-56147500dadc/cluster/addons/kube-network-policies/kube-network-policies.yaml (about)

     1  ---
     2  apiVersion: apps/v1
     3  kind: DaemonSet
     4  metadata:
     5    name: kube-network-policies
     6    namespace: kube-system
     7    labels:
     8      tier: node
     9      app: kube-network-policies
    10      k8s-app: kube-network-policies
    11      addonmanager.kubernetes.io/mode: Reconcile
    12  spec:
    13    selector:
    14      matchLabels:
    15        app: kube-network-policies
    16    template:
    17      metadata:
    18        labels:
    19          tier: node
    20          app: kube-network-policies
    21          k8s-app: kube-network-policies
    22      spec:
    23        hostNetwork: true
    24        tolerations:
    25        - operator: Exists
    26          effect: NoSchedule
    27        serviceAccountName: kube-network-policies
    28        containers:
    29        - name: kube-network-policies
    30          image: registry.k8s.io/networking/kube-network-policies:v0.2.0
    31          command:
    32          - /bin/sh
    33          - -c
    34          - /bin/netpol -v 4 1>>/var/log/kube-network-policies.log 2>&1
    35          resources:
    36            requests:
    37              cpu: "100m"
    38              memory: "50Mi"
    39          securityContext:
    40            privileged: true
    41          volumeMounts:
    42          - mountPath: /var/log
    43            name: varlog
    44            readOnly: false
    45          - mountPath: /lib/modules
    46            name: lib-modules
    47            readOnly: true
    48        volumes:
    49        - name: varlog
    50          hostPath:
    51            path: /var/log
    52        - name: lib-modules
    53          hostPath:
    54            path: /lib/modules