apiVersion: v1
kind: ServiceAccount
metadata:
name: metadata-proxy
namespace: kube-system
labels:
k8s-app: metadata-proxy
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: metadata-proxy-v0.1
namespace: kube-system
labels:
k8s-app: metadata-proxy
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
version: v0.1
spec:
selector:
matchLabels:
k8s-app: metadata-proxy
version: v0.1
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
k8s-app: metadata-proxy
kubernetes.io/cluster-service: "true"
version: v0.1
spec:
priorityClassName: system-node-critical
serviceAccountName: metadata-proxy
hostNetwork: true
dnsPolicy: Default
tolerations:
- operator: "Exists"
effect: "NoExecute"
- operator: "Exists"
effect: "NoSchedule"
containers:
- name: metadata-proxy
image: registry.k8s.io/metadata-proxy:v0.1.12
args: ["--addr=0.0.0.0:988"]
securityContext:
privileged: true
# Request and limit resources to get guaranteed QoS.
resources:
requests:
memory: "25Mi"
cpu: "30m"
limits:
memory: "25Mi"
cpu: "30m"
# BEGIN_PROMETHEUS_TO_SD
- name: prometheus-to-sd-exporter
image: gke.gcr.io/prometheus-to-sd:v0.11.1-gke.1
# Request and limit resources to get guaranteed QoS.
resources:
requests:
memory: "20Mi"
cpu: "2m"
limits:
memory: "20Mi"
cpu: "2m"
command:
- /monitor
- --stackdriver-prefix={{ prometheus_to_sd_prefix }}/addons
- --api-override={{ prometheus_to_sd_endpoint }}
- --source=metadata_proxy:http://127.0.0.1:989?whitelisted=request_count
- --pod-id=$(POD_NAME)
- --namespace-id=$(POD_NAMESPACE)
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
# END_PROMETHEUS_TO_SD
nodeSelector:
cloud.google.com/metadata-proxy-ready: "true"
kubernetes.io/os: linux
terminationGracePeriodSeconds: 30