--- apiVersion: apps/v1 kind: DaemonSet metadata: name: cilium-pre-flight-check namespace: kube-system spec: selector: matchLabels: k8s-app: cilium-pre-flight-check kubernetes.io/cluster-service: "true" template: metadata: labels: k8s-app: cilium-pre-flight-check kubernetes.io/cluster-service: "true" spec: affinity: podAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: "k8s-app" operator: In values: - cilium topologyKey: "kubernetes.io/hostname" initContainers: - name: clean-cilium-state image: docker.io/cilium/cilium-init:2019-04-05 imagePullPolicy: IfNotPresent command: ["/bin/echo"] args: - "hello" - name: rm-cilium-svc-v2 image: docker.io/cilium/cilium:v1.5.13 imagePullPolicy: IfNotPresent command: ["/bin/bash"] args: - -c - "rm /sys/fs/bpf/tc/globals/cilium_lb{4,6}_{services_v2,backends,rr_seq_v2}; true" volumeMounts: - mountPath: /sys/fs/bpf name: bpf-maps containers: - image: docker.io/cilium/cilium:v1.5.13 imagePullPolicy: IfNotPresent name: cilium-pre-flight-check command: ["/bin/sh"] args: - -c - "cilium preflight fqdn-poller --tofqdns-pre-cache /var/run/cilium/dns-precache-upgrade.json && touch /tmp/ready; sleep 1h" livenessProbe: exec: command: - cat - /tmp/ready initialDelaySeconds: 5 periodSeconds: 5 readinessProbe: exec: command: - cat - /tmp/ready initialDelaySeconds: 5 periodSeconds: 5 volumeMounts: - mountPath: /var/run/cilium name: cilium-run hostNetwork: true priorityClassName: system-node-critical restartPolicy: Always tolerations: - effect: NoSchedule key: node.kubernetes.io/not-ready - effect: NoSchedule key: node-role.kubernetes.io/master - effect: NoSchedule key: node.cloudprovider.kubernetes.io/uninitialized value: "true" - key: CriticalAddonsOnly operator: "Exists" volumes: # To keep state between restarts / upgrades - hostPath: path: /var/run/cilium type: DirectoryOrCreate name: cilium-run - hostPath: path: /sys/fs/bpf type: DirectoryOrCreate name: bpf-maps