diff --git a/jsonnet/kube-prometheus/node-exporter/node-exporter.libsonnet b/jsonnet/kube-prometheus/node-exporter/node-exporter.libsonnet
index 2d012110172b070f2a2a21540aad1abb3fe1e7fd..a3e8d7a78e99cb493f76514977999e03c8e670a2 100644
--- a/jsonnet/kube-prometheus/node-exporter/node-exporter.libsonnet
+++ b/jsonnet/kube-prometheus/node-exporter/node-exporter.libsonnet
@@ -90,7 +90,7 @@ local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
'--secure-listen-address=:9100',
'--upstream=http://127.0.0.1:9101/',
]) +
- container.withPorts(containerPort.newNamed('https', 9100)) +
+ container.withPorts(containerPort.new(9100) + containerPort.withHostPort(9100) + containerPort.withName('https')) +
container.mixin.resources.withRequests({ cpu: '10m', memory: '20Mi' }) +
container.mixin.resources.withLimits({ cpu: '20m', memory: '40Mi' });
@@ -108,7 +108,9 @@ local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
daemonset.mixin.spec.template.spec.withVolumes([procVolume, sysVolume]) +
daemonset.mixin.spec.template.spec.securityContext.withRunAsNonRoot(true) +
daemonset.mixin.spec.template.spec.securityContext.withRunAsUser(65534) +
- daemonset.mixin.spec.template.spec.withServiceAccountName('node-exporter'),
+ daemonset.mixin.spec.template.spec.withServiceAccountName('node-exporter') +
+ daemonset.mixin.spec.template.spec.withHostPid(true) +
+ daemonset.mixin.spec.template.spec.withHostNetwork(true),
serviceAccount:
local serviceAccount = k.core.v1.serviceAccount;
diff --git a/manifests/node-exporter-daemonset.yaml b/manifests/node-exporter-daemonset.yaml
index 8488735c35c42272591b444534d0a47d7fb0e82e..92182e05d897f8d16bc5aeb36d781313165e0c4b 100644
--- a/manifests/node-exporter-daemonset.yaml
+++ b/manifests/node-exporter-daemonset.yaml
@@ -42,6 +42,7 @@ spec:
name: kube-rbac-proxy
ports:
- containerPort: 9100
+ hostPort: 9100
name: https
resources:
limits:
@@ -50,6 +51,8 @@ spec:
requests:
cpu: 10m
memory: 20Mi
+ hostNetwork: true
+ hostPID: true
nodeSelector:
beta.kubernetes.io/os: linux
securityContext: