---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: spot-interrupt-handler
  namespace: default
rules:
- apiGroups:
  - ""
  resources:
  - "*"
  verbs:
  - "*"
- apiGroups:
  - rbac.authorization.k8s.io
  resources:
  - "*"
  verbs:
  - "*"
- apiGroups:
  - apiextensions.k8s.io
  resources:
  - customresourcedefinitions
  verbs:
  - get
  - list
  - watch
  - create
  - delete
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: spot-interrupt-handler
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: spot-interrupt-handler
  namespace: default
subjects:
- kind: ServiceAccount
  name: spot-interrupt-handler
  namespace: default
roleRef:
  kind: ClusterRole
  name: spot-interrupt-handler
  apiGroup: rbac.authorization.k8s.io
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: spot-interrupt-handler
  namespace: default
spec:
  selector:
    matchLabels:
      app: spot-interrupt-handler
  template:
    metadata:
      labels:
        app: spot-interrupt-handler
    spec:
      serviceAccountName: spot-interrupt-handler
      #hostNetwork: true
      containers:
      - name: spot-interrupt-handler
        image: 095974399802.dkr.ecr.us-west-2.amazonaws.com/spotsig:aarch64
        imagePullPolicy: Always
        env:
          - name: AWS_DEFAULT_REGION
            value: "us-west-2"
          - name: NOTICE_URL
            value: "http://169.254.169.254/latest/meta-data/spot/termination-time"
      nodeSelector:
        karpenter.sh/capacity-type: spot