cat <<EOF | kubectl apply -f -
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: netstatd
namespace: kube-system
spec:
selector:
matchLabels:
app: netstatd
template:
metadata:
labels:
app: netstatd
spec:
hostNetwork: true
hostPID: true
containers:
- name: netstatd
image: codemowers/netstatd
imagePullPolicy: Always
ports:
- containerPort: 5280
protocol: TCP
name: http
- containerPort: 6280
protocol: TCP
name: http-mux
- containerPort: 5253
protocol: TCP
name: dnstap
- containerPort: 6253
protocol: TCP
name: dnstap-mux
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: FANOUT_SERVICE
value: netstatd-headless
securityContext:
privileged: true
volumeMounts:
- name: proc
mountPath: /host/proc
readOnly: true
- name: containerd-sock
mountPath: /run/containerd/containerd.sock
volumes:
- name: proc
hostPath:
path: /proc
- name: containerd-sock
hostPath:
path: /run/containerd/containerd.sock
---
apiVersion: v1
kind: Service
metadata:
name: netstatd-headless
namespace: kube-system
labels:
app: netstatd
spec:
clusterIP: None
selector:
app: netstatd
ports:
- name: http
port: 5280
targetPort: 5280
protocol: TCP
- name: dnstap
port: 5253
targetPort: 5253
protocol: TCP
EOF
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: netstatd
namespace: kube-system
spec:
selector:
matchLabels:
app: netstatd
template:
metadata:
labels:
app: netstatd
spec:
hostNetwork: true
hostPID: true
containers:
- name: netstatd
image: codemowers/netstatd
imagePullPolicy: Always
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
securityContext:
privileged: true
volumeMounts:
- name: proc
mountPath: /host/proc
readOnly: true
- name: containerd-sock
mountPath: /run/containerd/containerd.sock
volumes:
- name: proc
hostPath:
path: /proc
- name: containerd-sock
hostPath:
path: /run/containerd/containerd.sock
---
apiVersion: v1
kind: Service
metadata:
name: netstatd-headless
namespace: kube-system
labels:
app: netstatd
spec:
clusterIP: None
selector:
app: netstatd
ports:
- name: http
port: 5280
targetPort: 5280
protocol: TCP
- name: dnstap
port: 5253
targetPort: 5253
protocol: TCP
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: netstatd-fanout
namespace: kube-system
spec:
replicas: 2
selector:
matchLabels:
app: netstatd-fanout
template:
metadata:
labels:
app: netstatd-fanout
spec:
containers:
- name: netstatd-fanout
image: codemowers/netstatd
imagePullPolicy: Always
args:
- "-fanout"
- "http://netstatd-headless.kube-system.svc.cluster.local:5280/netstat"
ports:
- name: http
containerPort: 6280
protocol: TCP
---
apiVersion: v1
kind: Service
metadata:
name: netstatd-fanout
namespace: kube-system
labels:
app: netstatd-fanout
spec:
type: ClusterIP
selector:
app: netstatd-fanout
ports:
- name: http
port: 6280
targetPort: 6280
protocol: TCP
version: "3.8"
services:
netstatd:
image: codemowers/netstatd
container_name: netstatd
network_mode: host
privileged: true
pid: host
volumes:
- /run/containerd/containerd.sock:/run/containerd/containerd.sock:ro
- /proc:/host/proc:ro
- /sys/kernel/debug:/sys/kernel/debug:rw
restart: unless-stopped
docker run -d \
--name netstatd \
--privileged \
--network host \
--pid host \
-v /run/containerd/containerd.sock:/run/containerd/containerd.sock:ro \
-v /proc:/host/proc:ro \
-v /sys/kernel/debug:/sys/kernel/debug:rw \
codemowers/netstatd