122 lines
3.2 KiB
YAML
122 lines
3.2 KiB
YAML
apiVersion: apps/v1
|
|
kind: DaemonSet
|
|
metadata:
|
|
labels:
|
|
app: sshd
|
|
name: sshd
|
|
namespace: kube-system
|
|
spec:
|
|
revisionHistoryLimit: 3
|
|
selector:
|
|
matchLabels:
|
|
app: sshd
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: sshd
|
|
spec:
|
|
containers:
|
|
- image: ghcr.io/aarnaud/talos-debug-tools:latest-6.6.29
|
|
imagePullPolicy: IfNotPresent
|
|
name: debug-container
|
|
resources: {}
|
|
securityContext:
|
|
allowPrivilegeEscalation: true
|
|
capabilities:
|
|
add:
|
|
- SYS_ADMIN
|
|
privileged: true
|
|
terminationMessagePath: /dev/termination-log
|
|
terminationMessagePolicy: File
|
|
volumeMounts:
|
|
- mountPath: /run/containerd
|
|
name: run-containerd
|
|
- mountPath: /var/log/pods
|
|
name: var-log-pods
|
|
- mountPath: /var/lib/kubelet
|
|
mountPropagation: Bidirectional
|
|
name: kubelet-dir
|
|
- mountPath: /lib/modules
|
|
name: modules-dir
|
|
readOnly: true
|
|
- mountPath: /etc/localtime
|
|
name: localtime
|
|
readOnly: true
|
|
- mountPath: /run/udev
|
|
name: udev-data
|
|
- mountPath: /host
|
|
mountPropagation: Bidirectional
|
|
name: host-dir
|
|
- mountPath: /sys
|
|
name: sys-dir
|
|
- mountPath: /dev
|
|
name: dev-dir
|
|
dnsPolicy: ClusterFirstWithHostNet
|
|
hostIPC: true
|
|
hostPID: true
|
|
hostNetwork: true
|
|
restartPolicy: Always
|
|
schedulerName: default-scheduler
|
|
securityContext:
|
|
runAsNonRoot: false
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
terminationGracePeriodSeconds: 30
|
|
volumes:
|
|
- hostPath:
|
|
path: /
|
|
type: ""
|
|
name: hostfs
|
|
- hostPath:
|
|
path: /run/containerd
|
|
type: ""
|
|
name: run-containerd
|
|
- hostPath:
|
|
path: /var/lib/kubelet/plugins
|
|
type: Directory
|
|
name: plugins-dir
|
|
- hostPath:
|
|
path: /var/lib/kubelet/plugins_registry
|
|
type: Directory
|
|
name: registration-dir
|
|
- hostPath:
|
|
path: /var/lib/kubelet
|
|
type: Directory
|
|
name: kubelet-dir
|
|
- hostPath:
|
|
path: /dev
|
|
type: Directory
|
|
name: dev-dir
|
|
- hostPath:
|
|
path: /lib/modules
|
|
type: ""
|
|
name: modules-dir
|
|
- hostPath:
|
|
path: /etc/localtime
|
|
type: ""
|
|
name: localtime
|
|
- hostPath:
|
|
path: /run/udev
|
|
type: ""
|
|
name: udev-data
|
|
- hostPath:
|
|
path: /sys
|
|
type: Directory
|
|
name: sys-dir
|
|
- hostPath:
|
|
path: /
|
|
type: Directory
|
|
name: host-dir
|
|
- hostPath:
|
|
path: /var/log/pods
|
|
type: ""
|
|
name: var-log-pods
|
|
- hostPath:
|
|
path: /sys/firmware/efi/efivars
|
|
type: ""
|
|
name: efivars
|
|
updateStrategy:
|
|
rollingUpdate:
|
|
maxSurge: 0
|
|
maxUnavailable: 1
|
|
type: RollingUpdate
|