apiVersion: apps/v1 kind: DaemonSet metadata: name: kedge-daemon namespace: kedge labels: app: kedge component: daemon spec: selector: matchLabels: app: kedge component: daemon template: metadata: labels: app: kedge component: daemon spec: serviceAccountName: kedge-daemon hostNetwork: true hostPID: false tolerations: - operator: Exists containers: - name: kedge-daemon image: kedge-daemon:latest imagePullPolicy: IfNotPresent securityContext: privileged: true capabilities: add: - NET_ADMIN - SYS_ADMIN ports: - name: shellstream containerPort: 8443 protocol: TCP - name: metrics containerPort: 9090 protocol: TCP env: - name: KEDGE_NODE_ID valueFrom: fieldRef: fieldPath: spec.nodeName - name: KEDGE_CLUSTER_ID valueFrom: configMapKeyRef: name: kedge-mesh key: cluster_id - name: KEDGE_OVERLAY_ENABLED value: "true" - name: KEDGE_UNDERLAY_ENABLED value: "false" - name: KEDGE_QM_ENDPOINT value: "quartermaster.guildhouse.svc:50051" volumeMounts: - name: kedge-config mountPath: /etc/kedge readOnly: true - name: kedge-run mountPath: /var/run/kedge - name: cni-bin mountPath: /opt/cni/bin - name: cni-conf mountPath: /etc/cni/net.d - name: spire-bundle mountPath: /run/spire/bundle readOnly: true livenessProbe: httpGet: path: /healthz port: metrics initialDelaySeconds: 10 periodSeconds: 30 readinessProbe: httpGet: path: /readyz port: metrics initialDelaySeconds: 5 periodSeconds: 10 initContainers: - name: install-cni image: kedge-cni:latest imagePullPolicy: IfNotPresent command: ["cp", "/kedge-cni", "/opt/cni/bin/kedge-cni"] volumeMounts: - name: cni-bin mountPath: /opt/cni/bin volumes: - name: kedge-config projected: sources: - configMap: name: kedge-mesh - configMap: name: kedge-underlay optional: true - name: kedge-run hostPath: path: /var/run/kedge type: DirectoryOrCreate - name: cni-bin hostPath: path: /opt/cni/bin type: DirectoryOrCreate - name: cni-conf hostPath: path: /etc/cni/net.d type: Directory - name: spire-bundle configMap: name: spire-bundle optional: true