test/e2e-v2/cases/rover/process/istio/rover.yaml - skywalking - Git at Google

 # Licensed to the Apache Software Foundation (ASF) under one or more
 # contributor license agreements.  See the NOTICE file distributed with
 # this work for additional information regarding copyright ownership.
 # The ASF licenses this file to You under the Apache License, Version 2.0
 # (the "License"); you may not use this file except in compliance with
 # the License.  You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.

 apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: skywalking-rover
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: skywalking-rover
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: skywalking-rover
 subjects:
   - kind: ServiceAccount
     name: skywalking-rover
     namespace: default
 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: skywalking-rover
 rules:
   - apiGroups: [""]
     resources: ["pods", "nodes", "services"]
     verbs: ["get", "watch", "list"]
 ---

 apiVersion: apps/v1
 kind: DaemonSet
 metadata:
   name: skywalking-rover
 spec:
   selector:
     matchLabels:
       name: skywalking-rover
   template:
     metadata:
       labels:
         name: skywalking-rover
     spec:
       serviceAccountName: skywalking-rover
       serviceAccount: skywalking-rover
       containers:
         - name: skywalking-rover
           # SkyWalking Rover image path
           image: ghcr.io/apache/skywalking-rover/skywalking-rover:$SW_ROVER_COMMIT
           imagePullPolicy: Always
           securityContext:
             capabilities:
               add:
                 - SYS_PTRACE
                 - SYS_ADMIN
             privileged: true
           volumeMounts:
             - name: host
               mountPath: /host
               readOnly: true
           env:
             - name: ROVER_PROCESS_DISCOVERY_KUBERNETES_ACTIVE
               value: "true"
             - name: ROVER_PROCESS_DISCOVERY_KUBERNETES_NODE_NAME
               valueFrom:
                 fieldRef:
                   fieldPath: spec.nodeName
             - name: ROVER_BACKEND_ADDR
               # backend OAP address
               value: skywalking-oap.istio-system:11800
             - name: ROVER_PROCESS_DISCOVERY_KUBERNETES_ANALYZER_K8S_SERVICE_ACTIVE
               value: "false"
       hostPID: true
       hostNetwork: true
       dnsPolicy: ClusterFirstWithHostNet
       volumes:
         - name: host
           hostPath:
             path: /
             type: Directory
	# Licensed to the Apache Software Foundation (ASF) under one or more
	# contributor license agreements. See the NOTICE file distributed with
	# this work for additional information regarding copyright ownership.
	# The ASF licenses this file to You under the Apache License, Version 2.0
	# (the "License"); you may not use this file except in compliance with
	# the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.

	apiVersion: v1
	kind: ServiceAccount
	metadata:
	name: skywalking-rover
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: ClusterRoleBinding
	metadata:
	name: skywalking-rover
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: ClusterRole
	name: skywalking-rover
	subjects:
	- kind: ServiceAccount
	name: skywalking-rover
	namespace: default
	---
	kind: ClusterRole
	apiVersion: rbac.authorization.k8s.io/v1
	metadata:
	name: skywalking-rover
	rules:
	- apiGroups: [""]
	resources: ["pods", "nodes", "services"]
	verbs: ["get", "watch", "list"]
	---

	apiVersion: apps/v1
	kind: DaemonSet
	metadata:
	name: skywalking-rover
	spec:
	selector:
	matchLabels:
	name: skywalking-rover
	template:
	metadata:
	labels:
	name: skywalking-rover
	spec:
	serviceAccountName: skywalking-rover
	serviceAccount: skywalking-rover
	containers:
	- name: skywalking-rover
	# SkyWalking Rover image path
	image: ghcr.io/apache/skywalking-rover/skywalking-rover:$SW_ROVER_COMMIT
	imagePullPolicy: Always
	securityContext:
	capabilities:
	add:
	- SYS_PTRACE
	- SYS_ADMIN
	privileged: true
	volumeMounts:
	- name: host
	mountPath: /host
	readOnly: true
	env:
	- name: ROVER_PROCESS_DISCOVERY_KUBERNETES_ACTIVE
	value: "true"
	- name: ROVER_PROCESS_DISCOVERY_KUBERNETES_NODE_NAME
	valueFrom:
	fieldRef:
	fieldPath: spec.nodeName
	- name: ROVER_BACKEND_ADDR
	# backend OAP address
	value: skywalking-oap.istio-system:11800
	- name: ROVER_PROCESS_DISCOVERY_KUBERNETES_ANALYZER_K8S_SERVICE_ACTIVE
	value: "false"
	hostPID: true
	hostNetwork: true
	dnsPolicy: ClusterFirstWithHostNet
	volumes:
	- name: host
	hostPath:
	path: /
	type: Directory