#creates a static pod on each flatcar node and runs node-exporter apiVersion: apps/v1 kind: DaemonSet metadata: name: node-exporter namespace: vm spec: selector: matchLabels: app: node-exporter updateStrategy: type: RollingUpdate template: metadata: labels: app: node-exporter spec: hostNetwork: true hostPID: true dnsPolicy: ClusterFirstWithHostNet tolerations: - operator: Exists - key: node-role.kubernetes.io/control-plane operator: Exists effect: NoSchedule - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule containers: - name: node-exporter image: quay.io/prometheus/node-exporter:latest args: - --path.rootfs=/host - --web.listen-address=:9100 - --collector.filesystem.mount-points-exclude=^/(dev|proc|sys|var/lib/docker/.+|var/lib/containerd/.+|var/lib/kubelet/.+)($|/) - --collector.filesystem.fs-types-exclude=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$ ports: - name: metrics containerPort: 9100 hostPort: 9100 protocol: TCP securityContext: runAsNonRoot: true runAsUser: 65534 runAsGroup: 65534 allowPrivilegeEscalation: false readOnlyRootFilesystem: true resources: requests: cpu: 50m memory: 64Mi limits: memory: 256Mi volumeMounts: - name: root mountPath: /host mountPropagation: HostToContainer readOnly: true - name: sys mountPath: /host/sys readOnly: true - name: proc mountPath: /host/proc readOnly: true volumes: - name: root hostPath: path: / type: Directory - name: sys hostPath: path: /sys type: Directory - name: proc hostPath: path: /proc type: Directory