--- apiVersion: apps/v1 # This manifest deploys the contiv-ovs pod. kind: DaemonSet apiVersion: extensions/v1beta1 metadata: name: contiv-ovs namespace: kube-system labels: k8s-app: contiv-ovs spec: selector: matchLabels: k8s-app: contiv-ovs template: metadata: labels: k8s-app: contiv-ovs annotations: scheduler.alpha.kubernetes.io/critical-pod: '' spec: {% if kube_version|version_compare('v1.11.1', '>=') %} priorityClassName: system-node-critical {% endif %} hostNetwork: true hostPID: true tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule containers: # Runs ovs containers on each Kubernetes node. - name: contiv-ovsdb-server image: {{ contiv_ovs_image_repo }}:{{ contiv_ovs_image_tag }} command: ["/scripts/start-ovsdb-server.sh"] securityContext: privileged: false # Won't work until https://github.com/contiv/ovs-docker/pull/4 is merged and image is built again env: - name: OVSDBSERVER_EXTRA_FLAGS valueFrom: configMapKeyRef: name: contiv-config key: contiv_ovsdb_server_extra_flags volumeMounts: - mountPath: /etc/openvswitch name: etc-openvswitch readOnly: false - mountPath: /var/run name: var-run readOnly: false - name: contiv-ovs-vswitchd image: {{ contiv_ovs_image_repo }}:{{ contiv_ovs_image_tag }} command: ["/scripts/start-ovs-vswitchd.sh"] securityContext: privileged: true # Won't work until https://github.com/contiv/ovs-docker/pull/4 is merged and image is built again env: - name: OVSVSWITCHD_EXTRA_FLAGS valueFrom: configMapKeyRef: name: contiv-config key: contiv_ovs_vswitchd_extra_flags volumeMounts: - mountPath: /etc/openvswitch name: etc-openvswitch readOnly: false - mountPath: /lib/modules name: lib-modules readOnly: true - mountPath: /var/run name: var-run readOnly: false volumes: # Used by contiv-ovs - name: etc-openvswitch hostPath: path: /etc/openvswitch - name: lib-modules hostPath: path: /lib/modules - name: var-run hostPath: path: /var/run