resource "kubectl_manifest" "DaemonSet_kube-multus-ds" { yaml_body = <<-EOF apiVersion: apps/v1 kind: DaemonSet metadata: name: kube-multus-ds namespace: ${var.namespace} labels: ${jsonencode(local.common-labels)} ownerReferences: ${jsonencode(var.install_owner)} spec: selector: matchLabels: name: multus updateStrategy: type: RollingUpdate template: metadata: labels: tier: node app: multus name: multus spec: hostNetwork: true tolerations: - operator: Exists effect: NoSchedule - operator: Exists effect: NoExecute serviceAccountName: multus containers: - name: kube-multus image: ${var.images.operator.registry}/${var.images.operator.repository}:${var.images.operator.tag} imagePullPolicy: ${var.images.operator.pull_policy} command: - /entrypoint.sh args: - --multus-conf-file=auto - --cni-version=0.3.1 resources: requests: cpu: 100m memory: 50Mi limits: cpu: 100m memory: 50Mi securityContext: privileged: true volumeMounts: - name: cni mountPath: /host/etc/cni/net.d - name: cnibin mountPath: /host/opt/cni/bin - name: multus-cfg mountPath: /tmp/multus-conf initContainers: - name: install-multus-binary image: ${var.images.operator.registry}/${var.images.operator.repository}:${var.images.operator.tag} imagePullPolicy: ${var.images.operator.pull_policy} command: - cp - /usr/src/multus-cni/bin/multus - /host/opt/cni/bin/multus resources: requests: cpu: 10m memory: 15Mi securityContext: privileged: true volumeMounts: - name: cnibin mountPath: /host/opt/cni/bin mountPropagation: Bidirectional terminationGracePeriodSeconds: 10 volumes: - name: cni hostPath: path: ${var.cni.conf_dir} - name: cnibin hostPath: path: ${var.cni.bin_dir} - name: multus-cfg configMap: name: multus-cni-config items: - key: cni-conf.json path: 70-multus.conf EOF }