k8s.io/kubernetes@v1.31.0-alpha.0.0.20240520171757-56147500dadc/cluster/addons/kube-proxy/kube-proxy-ds.yaml (about) 1 # Please keep kube-proxy configuration in-sync with: 2 # cluster/saltbase/salt/kube-proxy/kube-proxy.manifest 3 4 apiVersion: apps/v1 5 kind: DaemonSet 6 metadata: 7 labels: 8 k8s-app: kube-proxy 9 addonmanager.kubernetes.io/mode: Reconcile 10 name: kube-proxy 11 namespace: kube-system 12 spec: 13 selector: 14 matchLabels: 15 k8s-app: kube-proxy 16 updateStrategy: 17 type: RollingUpdate 18 rollingUpdate: 19 maxUnavailable: 10% 20 template: 21 metadata: 22 labels: 23 k8s-app: kube-proxy 24 spec: 25 priorityClassName: system-node-critical 26 hostNetwork: true 27 nodeSelector: 28 kubernetes.io/os: linux 29 node.kubernetes.io/kube-proxy-ds-ready: "true" 30 tolerations: 31 - operator: "Exists" 32 effect: "NoExecute" 33 - operator: "Exists" 34 effect: "NoSchedule" 35 containers: 36 - name: kube-proxy 37 image: {{pillar['kube_docker_registry']}}/kube-proxy-{{pillar['host_arch']}}:{{pillar['kube-proxy_docker_tag']}} 38 resources: 39 requests: 40 cpu: {{ cpurequest }} 41 memory: {{ memoryrequest }} 42 command: 43 - /bin/sh 44 - -c 45 - kube-proxy {{cluster_cidr}} --oom-score-adj=-998 {{params}} 1>>/var/log/kube-proxy.log 2>&1 46 env: 47 - name: KUBERNETES_SERVICE_HOST 48 value: {{kubernetes_service_host_env_value}} 49 {{kube_cache_mutation_detector_env_name}} 50 {{kube_cache_mutation_detector_env_value}} 51 securityContext: 52 privileged: true 53 volumeMounts: 54 - mountPath: /var/log 55 name: varlog 56 readOnly: false 57 - mountPath: /run/xtables.lock 58 name: xtables-lock 59 readOnly: false 60 - mountPath: /lib/modules 61 name: lib-modules 62 readOnly: true 63 volumes: 64 - name: varlog 65 hostPath: 66 path: /var/log 67 - name: xtables-lock 68 hostPath: 69 path: /run/xtables.lock 70 type: FileOrCreate 71 - name: lib-modules 72 hostPath: 73 path: /lib/modules 74 serviceAccountName: kube-proxy