Skip to content

Instantly share code, notes, and snippets.

@kmova
Forked from jjo/node-custom-setup.yaml
Last active October 3, 2022 13:32
Show Gist options
  • Save kmova/40baaf2977fb38a7d2b4fb9011dc3d56 to your computer and use it in GitHub Desktop.
Save kmova/40baaf2977fb38a7d2b4fb9011dc3d56 to your computer and use it in GitHub Desktop.
Run commands at Kubernetes *nodes* via `privileged` DaemonSet + `nsenter` hack, very useful for setups requiring base packages pre-installed at nodes. Please take a moment to understand what it does, and *don't* use it for *production*. Grab the logs with: kubectl logs -n kube-system -l k8s-app=node-custom-setup -c init-node
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
namespace: kube-system
name: node-custom-setup
labels:
k8s-app: node-custom-setup
annotations:
command: &cmd apt-get update -qy && apt-get install -qy open-iscsi xfsprogs
spec:
selector:
matchLabels:
k8s-app: node-custom-setup
template:
metadata:
labels:
k8s-app: node-custom-setup
spec:
hostNetwork: true
initContainers:
- name: init-node
command:
- nsenter
- --mount=/proc/1/ns/mnt
- --
- sh
- -c
- *cmd
image: alpine:3.7
securityContext:
privileged: true
hostPID: true
containers:
- name: wait
image: k8s.gcr.io/pause:3.1
hostPID: true
hostNetwork: true
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
updateStrategy:
type: RollingUpdate
@brkfun
Copy link

brkfun commented Sep 8, 2021

duplicated lines 37 and 38
btw. great effort 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment