---
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: collectd
  labels:
    app.kubernetes.io/name: collectd
    app.kubernetes.io/component: collectd
spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: collectd
      app.kubernetes.io/component: collectd
  template:
    metadata:
      labels:
        app.kubernetes.io/name: collectd
        app.kubernetes.io/component: collectd
    spec:
      containers:
      - name: collectd
        image: git.pyrocufflink.net/containerimages/collectd
        ports:
        - containerPort: 9103
          name: http
        readinessProbe: &probe
          httpGet:
            port: http
            path: /metrics
          periodSeconds: 60
        startupProbe:
          <<: *probe
          periodSeconds: 1
          successThreshold: 1
          failureThreshold: 30
          timeoutSeconds: 1
        securityContext:
          capabilities:
            add:
            - DAC_READ_SEARCH
            drop:
            - ALL
          seLinuxOptions:
            type: spc_t
          readOnlyRootFilesystem: true
        volumeMounts:
        - mountPath: /etc/collectd.d
          name: config
          readOnly: true
        - mountPath: /host
          name: host
        - mountPath: /run
          name: host
          subPath: run
        - mountPath: /tmp
          name: tmp
      hostNetwork: true
      hostPID: true
      hostIPC: true
      tolerations:
      - effect: NoExecute
        operator: Exists
      - effect: NoSchedule
        operator: Exists
      volumes:
      - name: config
        configMap:
          name: collectd
      - name: host
        hostPath:
          path: /
      - name: tmp
        emptyDir:
          medium: Memory