Permalink
Branch: master
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
34 lines (33 sloc) 904 Bytes
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: kube-restrict-ip
namespace: kube-system
spec:
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
k8s-app: kube-restrict-ip
spec:
hostNetwork: true
containers:
- name: kube-restrict-ip
image: 3cky/kube-restrict-ip:v0.1.1
args:
- "--config-file=/etc/kube-restrict-ip/config.yaml"
securityContext:
capabilities:
add: ["NET_ADMIN"]
volumeMounts:
- name: config
mountPath: /etc/kube-restrict-ip
volumes:
- name: config
configMap:
# Note this ConfigMap must be created in the same namespace as the daemon pods - this spec uses kube-system
name: kube-restrict-ip
items:
- key: config.yaml
path: config.yaml