We have a k3s pod that is a daemonset with a rolling update. It has host network connection though a nodeport (443). However when we go to update, it conflicts because the old pod is still on 443 and the new pod needs it.
We have looked around and found we could possibly use a lifecycle prestop where it sleeps the first container, however that would result in downtime. What other ways are there to handle this?