github/intel-device-plugins-for-kubernetes
7
0
Fork 0
mirror of https://github.com/intel/intel-device-plugins-for-kubernetes.git synced 2025-06-03 03:59:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
11c9753aca
intel-device-plugins-for-ku.../deployments/dsa_plugin/base/intel-dsa-plugin.yaml
Manish Regmi c3259ee22f Add SELinux Labels for DSA and IAA 
Proper SELinux labels are required for the plugins to run in SELinux
enabled clusters like openshift. These labels are custom made for
plugins and are part of container-selinux package.

Signed-off-by: Manish Regmi <manish.regmi@intel.com>
2023-07-20 16:02:08 -04:00

58 lines
1.4 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: DaemonSet
metadata:
name: intel-dsa-plugin
labels:
app: intel-dsa-plugin
spec:
selector:
matchLabels:
app: intel-dsa-plugin
template:
metadata:
labels:
app: intel-dsa-plugin
spec:
automountServiceAccountToken: false
containers:
- name: intel-dsa-plugin
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
image: intel/intel-dsa-plugin:devel
imagePullPolicy: IfNotPresent
securityContext:
seLinuxOptions:
type: "container_device_plugin_t"
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
volumeMounts:
- name: devfs
mountPath: /dev/dsa
readOnly: true
- name: chardevs
mountPath: /dev/char
readOnly: true
- name: sysfs
mountPath: /sys/bus/dsa
readOnly: true
- name: kubeletsockets
mountPath: /var/lib/kubelet/device-plugins
volumes:
- name: devfs
hostPath:
path: /dev/dsa
- name: chardevs
hostPath:
path: /dev/char
- name: sysfs
hostPath:
path: /sys/bus/dsa
- name: kubeletsockets
hostPath:
path: /var/lib/kubelet/device-plugins
nodeSelector:
kubernetes.io/arch: amd64
Reference in New Issue View Git Blame Copy Permalink