kubernetes/cluster/log-dump/logexporter-daemonset.yaml

# Template job config for running the log exporter on the cluster as a daemonset.
# Creates everything within 'logexporter' namespace.
#
# Note: Since daemonsets have "AlwaysRestart" policy for pods, we provide a long
# sleep-duration (24 hr) to the logexporter pods so they don't finish the work and
# get restarted while some pods are still running. So it is your duty to detect
# the work has been done (or use some timeout) and delete the daemonset yourself.

apiVersion: v1
kind: Namespace
metadata:
    name: {{.LogexporterNamespace}}
---
apiVersion: v1
kind: Secret
metadata:
  name: google-service-account
  namespace: {{.LogexporterNamespace}}
type: Opaque
data:
  service-account.json: {{.ServiceAccountCredentials}}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: logexporter
  namespace: {{.LogexporterNamespace}}
spec:
  selector:
    matchLabels:
      app: logexporter
  template:
    metadata:
      labels:
        app: logexporter
    spec:
      containers:
      - name: logexporter-test
        image: gcr.io/k8s-testimages/logexporter:v20200401-c3269f485
        env:
        - name: NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
        command:
        - logexporter
        - --node-name=$(NODE_NAME)
        - --cloud-provider={{.CloudProvider}}
        - --gcs-path={{.GCSPath}}
        - --gcloud-auth-file-path=/etc/service-account/service-account.json
        - --enable-hollow-node-logs={{.EnableHollowNodeLogs}}
        - --dump-systemd-journal={{.DumpSystemdJournal}}
        - --extra-log-files={{.ExtraLogFiles}}
        - --extra-systemd-services={{.ExtraSystemdServices}}
        - --sleep-duration=24h
        volumeMounts:
        - mountPath: /etc/service-account
          name: service
          readOnly: true
        - mountPath: /var/log
          name: varlog
          readOnly: true
        - mountPath: /workspace/etc
          name: hostetc
          readOnly: true
        resources:
          requests:
            cpu: 10m
            memory: 10Mi
      nodeSelector:
        {{.NodeSelector}}
      volumes:
      - name: service
        secret:
          secretName: google-service-account
      - name: varlog
        hostPath:
          path: /var/log
      - name: hostetc
        hostPath:
          path: /etc