apiVersion: apps/v1 kind: DaemonSet metadata: labels: app: debug-agent name: debug-agent spec: selector: matchLabels: app: debug-agent template: metadata: labels: app: debug-agent spec: hostPID: true tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule containers: - name: debug-agent image: aylei/debug-agent:latest imagePullPolicy: Always securityContext: privileged: true livenessProbe: failureThreshold: 3 httpGet: path: /healthz port: 10027 scheme: HTTP initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 ports: - containerPort: 10027 hostPort: 10027 name: http protocol: TCP volumeMounts: - name: cgroup mountPath: /sys/fs/cgroup - name: lxcfs mountPath: /var/lib/lxc mountPropagation: Bidirectional - name: docker mountPath: "/var/run/docker.sock" - name: runcontainerd mountPath: "/run/containerd" - name: runrunc mountPath: "/run/runc" - name: vardata mountPath: "/var/data" # hostNetwork: true volumes: - name: cgroup hostPath: path: /sys/fs/cgroup - name: lxcfs hostPath: path: /var/lib/lxc type: DirectoryOrCreate - name: docker hostPath: path: /var/run/docker.sock # containerd client will need to access /var/data, /run/containerd and /run/runc - name: vardata hostPath: path: /var/data - name: runcontainerd hostPath: path: /run/containerd - name: runrunc hostPath: path: /run/runc updateStrategy: rollingUpdate: maxUnavailable: 5 type: RollingUpdate