kind: DaemonSet apiVersion: apps/v1 metadata: name: ovs namespace: openshift-sdn annotations: kubernetes.io/description: | This daemon set launches the openvswitch daemon. image.openshift.io/triggers: | [{"from":{"kind":"ImageStreamTag","name":"node:v3.9"},"fieldPath":"spec.template.spec.containers[?(@.name==\"openvswitch\")].image"}] spec: selector: matchLabels: app: ovs updateStrategy: type: RollingUpdate template: metadata: labels: app: ovs component: network type: infra openshift.io/component: network annotations: scheduler.alpha.kubernetes.io/critical-pod: '' spec: # Requires fairly broad permissions - ability to read all services and network functions as well # as all pods. serviceAccountName: sdn hostNetwork: true containers: - name: openvswitch image: " " command: - /bin/bash - -c - | #!/bin/bash set -euo pipefail function quit { /usr/share/openvswitch/scripts/ovs-ctl stop exit 0 } trap quit SIGTERM /usr/share/openvswitch/scripts/ovs-ctl start --system-id=random while true; do sleep 5; done securityContext: runAsUser: 0 privileged: true volumeMounts: - mountPath: /lib/modules name: host-modules readOnly: true - mountPath: /run/openvswitch name: host-run-ovs - mountPath: /var/run/openvswitch name: host-run-ovs - mountPath: /sys name: host-sys readOnly: true - mountPath: /etc/openvswitch name: host-config-openvswitch resources: requests: cpu: 100m memory: 200Mi limits: cpu: 200m memory: 300Mi volumes: - name: host-modules hostPath: path: /lib/modules - name: host-run-ovs hostPath: path: /run/openvswitch - name: host-sys hostPath: path: /sys - name: host-config-openvswitch hostPath: path: /etc/origin/openvswitch