apiVersion: v1 kind: ServiceAccount metadata: name: node-problem-detector namespace: kube-system labels: kubernetes.io/cluster-service: "true" addonmanager.kubernetes.io/mode: Reconcile --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: npd-binding labels: kubernetes.io/cluster-service: "true" addonmanager.kubernetes.io/mode: Reconcile roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: system:node-problem-detector subjects: - kind: ServiceAccount name: node-problem-detector namespace: kube-system --- apiVersion: apps/v1 kind: DaemonSet metadata: name: npd-v0.6.2 namespace: kube-system labels: k8s-app: node-problem-detector version: v0.6.2 kubernetes.io/cluster-service: "true" addonmanager.kubernetes.io/mode: Reconcile spec: selector: matchLabels: k8s-app: node-problem-detector version: v0.6.2 template: metadata: labels: k8s-app: node-problem-detector version: v0.6.2 kubernetes.io/cluster-service: "true" spec: containers: - name: node-problem-detector image: k8s.gcr.io/node-problem-detector:v0.6.2 command: - "/bin/sh" - "-c" # Pass both config to support both journald and syslog. - "exec /node-problem-detector --logtostderr --system-log-monitors=/config/kernel-monitor.json,/config/kernel-monitor-filelog.json,/config/docker-monitor.json,/config/docker-monitor-filelog.json >>/var/log/node-problem-detector.log 2>&1" securityContext: privileged: true resources: limits: cpu: "200m" memory: "100Mi" requests: cpu: "20m" memory: "20Mi" env: - name: NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName volumeMounts: - name: log mountPath: /var/log - name: localtime mountPath: /etc/localtime readOnly: true volumes: - name: log hostPath: path: /var/log/ - name: localtime hostPath: path: /etc/localtime type: "FileOrCreate" serviceAccountName: node-problem-detector tolerations: - operator: "Exists" effect: "NoExecute" - key: "CriticalAddonsOnly" operator: "Exists"