{{- if .Values.awsNeuron.enabled }} apiVersion: apps/v1 kind: DaemonSet metadata: name: neuron-device-plugin namespace: kube-system spec: selector: matchLabels: name: neuron-device-plugin-ds updateStrategy: type: RollingUpdate template: metadata: labels: name: neuron-device-plugin-ds spec: serviceAccount: neuron-device-plugin tolerations: - key: aws.amazon.com/neuron operator: Exists effect: NoSchedule - key: kubezero-workergroup effect: NoSchedule operator: Exists # Mark this pod as a critical add-on; when enabled, the critical add-on # scheduler reserves resources for critical add-on pods so that they can # be rescheduled after a failure. # See https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/ priorityClassName: "system-node-critical" affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: "node.kubernetes.io/instance-type" operator: In values: - inf1.xlarge - inf1.2xlarge - inf1.6xlarge - inf1.24xlarge containers: - image: "{{ .Values.awsNeuron.image.name }}:{{ .Values.awsNeuron.image.tag }}" imagePullPolicy: IfNotPresent name: neuron-device-plugin env: - name: KUBECONFIG value: /etc/kubernetes/kubelet.conf - name: NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName securityContext: allowPrivilegeEscalation: false capabilities: drop: ["ALL"] volumeMounts: - name: device-plugin mountPath: /var/lib/kubelet/device-plugins - name: infa-map mountPath: /run volumes: - name: device-plugin hostPath: path: /var/lib/kubelet/device-plugins - name: infa-map hostPath: path: /run {{- end }}