---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: dsm-pvc
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 16Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: dsm
  labels:
    name: dsm
spec:
  replicas: 1
  selector:
    matchLabels:
      app: dsm
  template:
    metadata:
      labels:
        app: dsm
    spec:
      containers:
      - name: dsm
        image: vdsm/virtual-dsm
        env:
        - name: DISK_SIZE
          value: "16G"
        ports:
          - containerPort: 5000
            name: http
            protocol: TCP
        securityContext:
          capabilities:
            add:
            - NET_ADMIN
          privileged: true
        volumeMounts:
        - mountPath: /storage
          name: storage
        - mountPath: /dev/kvm
          name: dev-kvm
        - mountPath: /dev/net/tun
          name: dev-tun
      terminationGracePeriodSeconds: 120
      volumes:
      - name: storage
        persistentVolumeClaim:
          claimName: dsm-pvc
      - hostPath:
          path: /dev/kvm
        name: dev-kvm
      - hostPath:
          path: /dev/net/tun
          type: CharDevice
        name: dev-tun
---
apiVersion: v1
kind: Service
metadata:
  name: dsm
spec:
  internalTrafficPolicy: Cluster
  ports:
    - name: http
      port: 5000
      protocol: TCP
      targetPort: 5000
  selector:
    app: dsm
  type: ClusterIP