apiVersion: v1 kind: Namespace metadata: name: {{ deepflow_agent_k8s_namespace }} --- apiVersion: v1 kind: ConfigMap metadata: name: deepflow-agent namespace: {{ deepflow_agent_k8s_namespace }} data: DEEPFLOW_GRPC_ENDPOINT: {{ deepflow_agent_grpc_endpoint | quote }} DEEPFLOW_AGENT_ENDPOINT_ARG: {{ deepflow_agent_endpoint_arg | quote }} --- apiVersion: apps/v1 kind: DaemonSet metadata: name: deepflow-agent namespace: {{ deepflow_agent_k8s_namespace }} spec: selector: matchLabels: app: deepflow-agent template: metadata: labels: app: deepflow-agent spec: hostNetwork: {{ deepflow_agent_host_network | ternary(true, false) }} containers: - name: deepflow-agent image: {{ deepflow_agent_image }} imagePullPolicy: IfNotPresent envFrom: - configMapRef: name: deepflow-agent args: - {{ deepflow_agent_endpoint_arg | quote }} - {{ deepflow_agent_grpc_endpoint | quote }} {% if deepflow_agent_disable_pcap | bool %} - "--disable-pcap" {% endif %} {% if deepflow_agent_disable_vector | bool %} - "--disable-vector" {% endif %} {% if deepflow_agent_disable_plugins | bool %} - "--disable-plugins" {% endif %} {% for arg in deepflow_agent_extra_args | default([]) %} - {{ arg | quote }} {% endfor %} securityContext: privileged: true capabilities: add: {% for cap in deepflow_agent_cap_add | default([]) %} - {{ cap }} {% endfor %} volumeMounts: {% for mount in deepflow_agent_volume_mounts | default([]) %} - name: mount{{ loop.index }} mountPath: {{ mount.split(':')[1] }} readOnly: {{ (mount.split(':') | length > 2 and mount.split(':')[2] == 'ro') | ternary(true, false) }} {% endfor %} volumes: {% for mount in deepflow_agent_volume_mounts | default([]) %} - name: mount{{ loop.index }} hostPath: path: {{ mount.split(':')[0] }} {% endfor %}