--- apiVersion: apps/v1 kind: DaemonSet metadata: labels: app: metallb component: speaker name: speaker namespace: metallb-system spec: selector: matchLabels: app: metallb component: speaker template: metadata: annotations: prometheus.io/port: "7472" prometheus.io/scrape: "true" labels: app: metallb component: speaker spec: containers: - args: - --port=7472 - --log-level=info env: - name: METALLB_NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName - name: METALLB_POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: METALLB_HOST valueFrom: fieldRef: fieldPath: status.hostIP - name: METALLB_ML_BIND_ADDR valueFrom: fieldRef: fieldPath: status.podIP - name: METALLB_ML_LABELS value: app=metallb,component=speaker - name: METALLB_ML_SECRET_KEY_PATH value: /etc/ml_secret_key image: quay.io/metallb/speaker:v0.14.8 livenessProbe: failureThreshold: 3 httpGet: path: /metrics port: monitoring initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 name: speaker ports: - containerPort: 7472 name: monitoring - containerPort: 7946 name: memberlist-tcp - containerPort: 7946 name: memberlist-udp protocol: UDP readinessProbe: failureThreshold: 3 httpGet: path: /metrics port: monitoring initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 securityContext: allowPrivilegeEscalation: false capabilities: add: - NET_RAW drop: - ALL readOnlyRootFilesystem: true volumeMounts: - mountPath: /etc/ml_secret_key name: memberlist readOnly: true - mountPath: /etc/metallb name: metallb-excludel2 readOnly: true hostNetwork: true nodeSelector: kubernetes.io/os: linux serviceAccountName: speaker terminationGracePeriodSeconds: 2 tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master operator: Exists - effect: NoSchedule key: node-role.kubernetes.io/control-plane operator: Exists volumes: - name: memberlist secret: defaultMode: 420 secretName: memberlist - configMap: defaultMode: 256 name: metallb-excludel2 name: metallb-excludel2