-
Notifications
You must be signed in to change notification settings - Fork 0
/
ds.yaml
45 lines (45 loc) · 1.35 KB
/
ds.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
# Run binfmt setup on any new node
# https://kubernetes.io/docs/concepts/workloads/controllers/daemonset
# https://github.com/docker/buildx/issues/342#issuecomment-680715762
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: binfmt
namespace: qemu-binfmt
labels:
app: binfmt-setup
spec:
selector:
matchLabels:
name: binfmt
# https://kubernetes.io/docs/concepts/workloads/pods/#pod-templates
template:
metadata:
labels:
name: binfmt
spec:
tolerations:
# Have the daemonset runnable on master nodes
# NOTE: Remove it if your masters can't run pods
- key: node-role.kubernetes.io/master
effect: NoSchedule
initContainers:
- name: binfmt
image: tonistiigi/binfmt
# command: []
args: ["--install", "all"]
# Run the container with the privileged flag
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#securitycontext-v1-core
securityContext:
privileged: true
containers:
- name: pause
image: gcr.io/google_containers/pause
resources:
limits:
cpu: 50m
memory: 50Mi
requests:
cpu: 50m
memory: 50Mi