apiVersion: v1
kind: Namespace
metadata:
  name: clovisor
  labels:
    name: clovisor
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: clovisor
  namespace: clovisor
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: serv-account-rbac-clovisor
subjects:
  - kind: ServiceAccount
    # Reference to upper's `metadata.name`
    name: default
    # Reference to upper's `metadata.namespace`
    namespace: clovisor
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
  name: clovisor
  namespace: clovisor
spec:
  selector:
    matchLabels:
      app: clovisor
  template:
    metadata:
      name: clovisor
      labels:
        app: clovisor
    spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      containers:
      - name: clovisor
        image: localhost:5000/clovisor
        securityContext:
          privileged: true
        env:
        - name: MY_NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName