apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: keepalived
  labels: &labels
    app.kubernetes.io/name: keepalived
spec:
  selector:
    matchLabels: *labels
  minReadySeconds: 10
  template:
    metadata:
      labels: *labels
    spec:
      initContainers:
      - name: init
        image: docker.io/library/busybox
        command:
        - sh
        - -c
        - |
          printf '$INTERFACE=%s\n' \
            $(ip route | awk '/^default via/{print $5}') \
            > /run/keepalived.interface
        volumeMounts:
        - mountPath: /run
          name: tmp
          subPath: run
      containers:
      - name: keepalived
        image: git.pyrocufflink.net/containerimages/keepalived:dev
        imagePullPolicy: Always
        command:
        - keepalived
        - -nGlD
        securityContext:
          privileged: true
          readOnlyRootFilesystem: true
        volumeMounts:
        - mountPath: /etc/keepalived
          name: config
          readOnly: true
        - mountPath: /run
          name: tmp
          subPath: run
      hostNetwork: true
      hostPID: true
      volumes:
      - name: config
        configMap:
          name: keepalived
      - name: tmp
        emptyDir:
          medium: Memory