Permalink
Switch branches/tags
0.17.0-patch-cherrypick 0.17.0-patch aks-20180621 aks-images aks-nil-linux-profile aks-patch-release-v0.21.2 aksrp-cherry-pick auxvendor delete-app hcp hyperkube-with-docker jack mas master new-vhd ostest patch-release-0.19.3 patch-release-0.22.4 patch-release-v0.12.1 patch-release-v0.12.2 patch-release-v0.12.3 patch-release-v0.12.4 patch-release-v0.12.5 patch-release-v0.13.1 patch-release-v0.14.1 patch-release-v0.14.2 patch-release-v0.14.3 patch-release-v0.14.4 patch-release-v0.14.5 patch-release-v0.14.6 patch-release-v0.15.1 patch-release-v0.15.2 patch-release-v0.16.1 patch-release-v0.16.2 patch-release-v0.17.1 patch-release-v0.18.1 patch-release-v0.18.2 patch-release-v0.18.3 patch-release-v0.18.4 patch-release-v0.18.5 patch-release-v0.18.6 patch-release-v0.18.7 patch-release-v0.18.8 patch-release-v0.18.9 patch-release-v0.19.1 patch-release-v0.19.2 patch-release-v0.19.3 patch-release-v0.19.4 patch-release-v0.19.5 patch-release-v0.19.6 patch-release-v0.20.1 patch-release-v0.20.2 patch-release-v0.20.3 patch-release-v0.20.4-hotfix patch-release-v0.20.4 patch-release-v0.20.5 patch-release-v0.20.6 patch-release-v0.20.7 patch-release-v0.20.8 patch-release-v0.20.9 patch-release-v0.21.1 patch-release-v0.21.2 patch-release-v0.22.1 patch-release-v0.22.2 patch-release-v0.22.3 patch-release-v0.22.4 patch-release-v0.23.1 patch-release-v0.23.2 patch-release-v0.24.1 patch-release-v0.24.2 patch-release-v0.24.3 patch-release-v0.25.1 patch-release-v0.25.2 patch-release-v0.25.3 patch-release-v0.26.1 patch-release-v0.26.2 release-aks-2018-08-15 release-v0.18.0 release-v0.19.0 release-v0.20.0 release-v0.21.0 release-v0.22.0-rc.2 release-v0.22.0 release-v0.23.0 release-v0.25.0 release-v0.26.0 v0.1.0 v0.15.0 v0.16.0-rc.5 v0.24.0 vars-back-compat vendor-dir-update
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
103 lines (102 sloc) 2.28 KB
apiVersion: v1
kind: ServiceAccount
metadata:
name: azure-npm
namespace: kube-system
labels:
addonmanager.kubernetes.io/mode: EnsureExists
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: azure-npm
namespace: kube-system
labels:
addonmanager.kubernetes.io/mode: EnsureExists
rules:
- apiGroups:
- ""
resources:
- pods
- nodes
- namespaces
verbs:
- get
- list
- watch
- apiGroups:
- networking.k8s.io
resources:
- networkpolicies
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: azure-npm-binding
namespace: kube-system
labels:
addonmanager.kubernetes.io/mode: EnsureExists
subjects:
- kind: ServiceAccount
name: azure-npm
namespace: kube-system
roleRef:
kind: ClusterRole
name: azure-npm
apiGroup: rbac.authorization.k8s.io
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: azure-npm
namespace: kube-system
labels:
app: azure-npm
addonmanager.kubernetes.io/mode: EnsureExists
spec:
selector:
matchLabels:
k8s-app: azure-npm
template:
metadata:
labels:
k8s-app: azure-npm
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
tolerations:
- key: CriticalAddonsOnly
operator: Exists
nodeSelector:
beta.kubernetes.io/os: linux
containers:
- name: azure-npm
image: containernetworking/azure-npm:v1.0.13
securityContext:
privileged: true
env:
- name: HOSTNAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
volumeMounts:
- name: xtables-lock
mountPath: /run/xtables.lock
- name: log
mountPath: /var/log
hostNetwork: true
volumes:
- name: log
hostPath:
path: /var/log
type: Directory
- name: xtables-lock
hostPath:
path: /run/xtables.lock
type: File
serviceAccountName: azure-npm