apiVersion: extensions/v1beta1 kind: DaemonSet metadata: labels: k8s-app: kube-router tier: node name: kube-router namespace: kube-system spec: template: metadata: labels: k8s-app: kube-router tier: node spec: priorityClassName: system-node-critical containers: - name: kube-router image: cloudnativelabs/kube-router imagePullPolicy: Always args: - --run-router=true - --run-firewall=true - --run-service-proxy=true - --advertise-loadbalancer-ip=true - --kubeconfig=/etc/kubernetes/kubeconfig env: - name: NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName securityContext: privileged: true volumeMounts: - name: lib-modules mountPath: /lib/modules readOnly: true - name: cni-conf-dir mountPath: /etc/cni/net.d - name: kubeconfig mountPath: /etc/kubernetes/kubeconfig readOnly: true initContainers: - name: install-cni image: busybox imagePullPolicy: Always command: - /bin/sh - -c - set -e -x; if [ ! -f /etc/cni/net.d/10-kuberouter.conf ]; then TMP=/etc/cni/net.d/.tmp-kuberouter-cfg; cp /etc/kube-router/cni-conf.json ${TMP}; mv ${TMP} /etc/cni/net.d/10-kuberouter.conf; fi volumeMounts: - name: cni-conf-dir mountPath: /etc/cni/net.d - name: kube-router-cfg mountPath: /etc/kube-router hostNetwork: true tolerations: - key: CriticalAddonsOnly operator: Exists - effect: NoSchedule key: node-role.kubernetes.io/master operator: Exists volumes: - name: lib-modules hostPath: path: /lib/modules - name: cni-conf-dir hostPath: path: /etc/kubernetes/cni/net.d - name: kube-router-cfg configMap: name: kube-router-cfg - name: kubeconfig hostPath: path: /etc/kubernetes/kubeconfig