github.com/cilium/cilium@v1.16.2/test/provision/manifest/1.16/coredns_deployment.yaml (about) 1 # File source 2 # https://raw.githubusercontent.com/kubernetes/kubernetes/release-1.16/cluster/addons/dns/coredns/coredns.yaml.base 3 # __MACHINE_GENERATED_WARNING__ 4 5 apiVersion: v1 6 kind: ServiceAccount 7 metadata: 8 name: coredns 9 namespace: kube-system 10 labels: 11 kubernetes.io/cluster-service: "true" 12 addonmanager.kubernetes.io/mode: Reconcile 13 --- 14 apiVersion: rbac.authorization.k8s.io/v1 15 kind: ClusterRole 16 metadata: 17 labels: 18 kubernetes.io/bootstrapping: rbac-defaults 19 addonmanager.kubernetes.io/mode: Reconcile 20 name: system:coredns 21 rules: 22 - apiGroups: 23 - "" 24 resources: 25 - endpoints 26 - services 27 - pods 28 - namespaces 29 verbs: 30 - list 31 - watch 32 - apiGroups: 33 - "" 34 resources: 35 - nodes 36 verbs: 37 - get 38 - apiGroups: 39 - discovery.k8s.io 40 resources: 41 - endpointslices 42 verbs: 43 - list 44 - watch 45 --- 46 apiVersion: rbac.authorization.k8s.io/v1 47 kind: ClusterRoleBinding 48 metadata: 49 annotations: 50 rbac.authorization.kubernetes.io/autoupdate: "true" 51 labels: 52 kubernetes.io/bootstrapping: rbac-defaults 53 addonmanager.kubernetes.io/mode: EnsureExists 54 name: system:coredns 55 roleRef: 56 apiGroup: rbac.authorization.k8s.io 57 kind: ClusterRole 58 name: system:coredns 59 subjects: 60 - kind: ServiceAccount 61 name: coredns 62 namespace: kube-system 63 --- 64 apiVersion: v1 65 kind: ConfigMap 66 metadata: 67 name: coredns 68 namespace: kube-system 69 labels: 70 addonmanager.kubernetes.io/mode: EnsureExists 71 data: 72 Corefile: | 73 cilium.test:53 { 74 forward . 10.96.0.100:53 { 75 max_fails 0 76 } 77 } 78 .:53 { 79 log 80 errors 81 health 82 ready 83 kubernetes cluster.local in-addr.arpa ip6.arpa { 84 pods insecure 85 ttl 0 86 fallthrough in-addr.arpa ip6.arpa 87 } 88 forward . /etc/resolv.conf { 89 max_fails 0 90 } 91 prometheus :9153 92 loop 93 reload 94 loadbalance 95 } 96 --- 97 apiVersion: apps/v1 98 kind: Deployment 99 metadata: 100 name: coredns 101 namespace: kube-system 102 labels: 103 k8s-app: kube-dns 104 kubernetes.io/cluster-service: "true" 105 addonmanager.kubernetes.io/mode: Reconcile 106 kubernetes.io/name: "CoreDNS" 107 spec: 108 # replicas: not specified here: 109 # 1. In order to make Addon Manager do not reconcile this replicas parameter. 110 # 2. Default is 1. 111 # 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on. 112 strategy: 113 type: RollingUpdate 114 rollingUpdate: 115 maxUnavailable: 1 116 selector: 117 matchLabels: 118 k8s-app: kube-dns 119 template: 120 metadata: 121 labels: 122 k8s-app: kube-dns 123 annotations: 124 seccomp.security.alpha.kubernetes.io/pod: 'docker/default' 125 spec: 126 priorityClassName: system-cluster-critical 127 serviceAccountName: coredns 128 tolerations: 129 - key: "CriticalAddonsOnly" 130 operator: "Exists" 131 containers: 132 - name: coredns 133 image: registry.k8s.io/coredns/coredns:v1.8.3 134 imagePullPolicy: IfNotPresent 135 resources: 136 limits: 137 memory: 170Mi 138 requests: 139 cpu: 100m 140 memory: 70Mi 141 args: [ "-conf", "/etc/coredns/Corefile" ] 142 volumeMounts: 143 - name: config-volume 144 mountPath: /etc/coredns 145 readOnly: true 146 ports: 147 - containerPort: 53 148 name: dns 149 protocol: UDP 150 - containerPort: 53 151 name: dns-tcp 152 protocol: TCP 153 - containerPort: 9153 154 name: metrics 155 protocol: TCP 156 livenessProbe: 157 httpGet: 158 path: /health 159 port: 8080 160 scheme: HTTP 161 initialDelaySeconds: 60 162 timeoutSeconds: 5 163 successThreshold: 1 164 failureThreshold: 5 165 readinessProbe: 166 httpGet: 167 path: /ready 168 port: 8181 169 scheme: HTTP 170 securityContext: 171 allowPrivilegeEscalation: false 172 capabilities: 173 add: 174 - NET_BIND_SERVICE 175 drop: 176 - all 177 readOnlyRootFilesystem: true 178 dnsPolicy: Default 179 volumes: 180 - name: config-volume 181 configMap: 182 name: coredns 183 items: 184 - key: Corefile 185 path: Corefile 186 --- 187 apiVersion: v1 188 kind: Service 189 metadata: 190 name: kube-dns 191 namespace: kube-system 192 annotations: 193 prometheus.io/port: "9153" 194 prometheus.io/scrape: "true" 195 labels: 196 k8s-app: kube-dns 197 kubernetes.io/cluster-service: "true" 198 addonmanager.kubernetes.io/mode: Reconcile 199 kubernetes.io/name: "CoreDNS" 200 spec: 201 selector: 202 k8s-app: kube-dns 203 clusterIP: 10.96.0.10 204 ports: 205 - name: dns 206 port: 53 207 protocol: UDP 208 - name: dns-tcp 209 port: 53 210 protocol: TCP 211 - name: metrics 212 port: 9153 213 protocol: TCP