---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
  name: dnsmasq
  namespace: kube-system
  labels:
    k8s-app: dnsmasq
spec:
  template:
    metadata:
      labels:
        k8s-app: dnsmasq
    spec:
      containers:
        - name: dnsmasq
          image: andyshinn/dnsmasq:2.72
          command:
            - dnsmasq
          args:
            - -k
            - "-7"
            - /etc/dnsmasq.d
          securityContext:
            capabilities:
              add:
                - NET_ADMIN
          imagePullPolicy: IfNotPresent
          resources:
            limits:
              cpu: 100m
              memory: 256M
          ports:
            - name: dns
              containerPort: 53
              protocol: UDP
            - name: dns-tcp
              containerPort: 53
              protocol: TCP
          volumeMounts:
            - name: etcdnsmasqd
              mountPath: /etc/dnsmasq.d
            - name: etcdnsmasqdavailable
              mountPath: /etc/dnsmasq.d-available

      volumes:
        - name: etcdnsmasqd
          hostPath:
            path: /etc/dnsmasq.d
        - name: etcdnsmasqdavailable
          hostPath:
            path: /etc/dnsmasq.d-available
      dnsPolicy: Default  # Don't use cluster DNS.