From d738bbf314aec262a11048cbc6139db3bd33e0dc Mon Sep 17 00:00:00 2001 From: Mark Burnett Date: Wed, 3 Oct 2018 14:40:00 -0500 Subject: [PATCH] Re-align Kubernetes proxy chart with upstream DS This brings the proxy chart into alignment with the upstream Daemonset yaml. * Add missing mounts * Set NODE_NAME explicitly Change-Id: I0fb0406a02735b4714df3c8082b313d200cd7721 --- charts/proxy/templates/daemonset.yaml | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/charts/proxy/templates/daemonset.yaml b/charts/proxy/templates/daemonset.yaml index ac77e107..4c991f13 100644 --- a/charts/proxy/templates/daemonset.yaml +++ b/charts/proxy/templates/daemonset.yaml @@ -50,18 +50,15 @@ spec: {{ tuple $envAll $envAll.Values.pod.resources.proxy | include "helm-toolkit.snippets.kubernetes_resources" | indent 8 }} securityContext: privileged: true - # volumeMounts: - # - mountPath: /run/xtables.lock - # name: xtables-lock - # readOnly: false - # - mountPath: /lib/modules - # name: lib-modules - # readOnly: true env: - name: KUBERNETES_SERVICE_HOST value: {{ .Values.kube_service.host }} - name: KUBERNETES_SERVICE_PORT value: {{ .Values.kube_service.port | quote }} + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName livenessProbe: {{ toYaml .Values.livenessProbe.config | indent 10 }} exec: @@ -76,10 +73,23 @@ spec: volumeMounts: - name: bin mountPath: /tmp/bin/ + - mountPath: /run/xtables.lock + name: xtables-lock + readOnly: false + - mountPath: /lib/modules + name: lib-modules + readOnly: true serviceAccountName: kube-proxy volumes: - name: bin configMap: name: kubernetes-proxy-bin defaultMode: 0555 + - name: xtables-lock + hostPath: + path: /run/xtables.lock + type: FileOrCreate + - name: lib-modules + hostPath: + path: /lib/modules {{- end }}