apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: promtail
  namespace: monitoring
spec:
  selector:
    matchLabels:
      name: promtail
  template:
    metadata:
      labels:
        name: promtail
      annotations:
        prometheus.io/port: "9080"
    spec:
      serviceAccount: promtail
      tolerations:
      - key: "rtlsdr"
        value: "true"
        effect: "NoSchedule"
      containers:
      - name: promtail
        image: grafana/promtail
        args:
        - -config.file=/etc/promtail/promtail.yaml
        env: 
        - name: 'HOSTNAME' # needed when using kubernetes_sd_configs
          valueFrom:
            fieldRef:
              fieldPath: 'spec.nodeName'
        resources:
          requests:
            cpu: 20m
            memory: 65Mi
        volumeMounts:
        - name: logs
          mountPath: /var/log
        - name: promtail-config
          mountPath: /etc/promtail
        - mountPath: /var/log/pods
          name: varlogpods
          readOnly: true
      volumes:
      - name: logs
        hostPath:
          path: /var/log
      - name: varlogpods
        hostPath:
          path: /var/log/pods
      - name: promtail-config
        configMap:
          name: promtail-config

--- # Clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: promtail
rules:
  - apiGroups: [""]
    resources:
    - nodes
    - services
    - pods
    verbs:
    - get
    - watch
    - list

--- # ServiceAccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: promtail
  namespace: monitoring
--- # Rolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: promtail
  namespace: monitoring
subjects:
    - kind: ServiceAccount
      name: promtail
      namespace: monitoring
roleRef:
    kind: ClusterRole
    name: promtail
    apiGroup: rbac.authorization.k8s.io