apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
  name: privileged-ds
spec:
  selector:
    matchLabels:
      app: privileged
  template:
    metadata:
      labels:
        app: privileged
    spec:
      securityContext:
        runAsUser: 0
      volumes:
      - name: host-root
        hostPath:
          path: /
      containers:
      - name: privileged
        image: bash
        command: [ "sh", "-c", "sleep 24h" ]
        volumeMounts:
        - mountPath: /host-root
          name: host-root