github.com/cilium/cilium@v1.16.2/test/provision/manifest/1.16/eks/coredns_deployment.yaml (about) 1 # File source 2 # https://raw.githubusercontent.com/kubernetes/kubernetes/release-1.16/cluster/addons/dns/coredns/coredns.yaml.base 3 # __MACHINE_GENERATED_WARNING__ 4 5 apiVersion: v1 6 kind: ServiceAccount 7 metadata: 8 name: coredns 9 namespace: kube-system 10 labels: 11 kubernetes.io/cluster-service: "true" 12 addonmanager.kubernetes.io/mode: Reconcile 13 --- 14 apiVersion: rbac.authorization.k8s.io/v1 15 kind: ClusterRole 16 metadata: 17 labels: 18 kubernetes.io/bootstrapping: rbac-defaults 19 addonmanager.kubernetes.io/mode: Reconcile 20 name: system:coredns 21 rules: 22 - apiGroups: 23 - "" 24 resources: 25 - endpoints 26 - services 27 - pods 28 - namespaces 29 verbs: 30 - list 31 - watch 32 - apiGroups: 33 - "" 34 resources: 35 - nodes 36 verbs: 37 - get 38 --- 39 apiVersion: rbac.authorization.k8s.io/v1 40 kind: ClusterRoleBinding 41 metadata: 42 annotations: 43 rbac.authorization.kubernetes.io/autoupdate: "true" 44 labels: 45 kubernetes.io/bootstrapping: rbac-defaults 46 addonmanager.kubernetes.io/mode: EnsureExists 47 name: system:coredns 48 roleRef: 49 apiGroup: rbac.authorization.k8s.io 50 kind: ClusterRole 51 name: system:coredns 52 subjects: 53 - kind: ServiceAccount 54 name: coredns 55 namespace: kube-system 56 --- 57 apiVersion: v1 58 kind: ConfigMap 59 metadata: 60 name: coredns 61 namespace: kube-system 62 labels: 63 addonmanager.kubernetes.io/mode: EnsureExists 64 data: 65 Corefile: | 66 .:53 { 67 log 68 errors 69 health 70 ready 71 kubernetes cluster.local in-addr.arpa ip6.arpa { 72 pods insecure 73 ttl 0 74 fallthrough in-addr.arpa ip6.arpa 75 } 76 forward cilium.test 10.100.0.100:53 { 77 max_fails 0 78 } 79 prometheus :9153 80 loop 81 reload 82 loadbalance 83 } 84 --- 85 apiVersion: apps/v1 86 kind: Deployment 87 metadata: 88 name: coredns 89 namespace: kube-system 90 labels: 91 k8s-app: kube-dns 92 kubernetes.io/cluster-service: "true" 93 addonmanager.kubernetes.io/mode: Reconcile 94 kubernetes.io/name: "CoreDNS" 95 spec: 96 # replicas: not specified here: 97 # 1. In order to make Addon Manager do not reconcile this replicas parameter. 98 # 2. Default is 1. 99 # 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on. 100 strategy: 101 type: RollingUpdate 102 rollingUpdate: 103 maxUnavailable: 1 104 selector: 105 matchLabels: 106 k8s-app: kube-dns 107 template: 108 metadata: 109 labels: 110 k8s-app: kube-dns 111 annotations: 112 seccomp.security.alpha.kubernetes.io/pod: 'docker/default' 113 spec: 114 priorityClassName: system-cluster-critical 115 serviceAccountName: coredns 116 tolerations: 117 - key: "CriticalAddonsOnly" 118 operator: "Exists" 119 containers: 120 - name: coredns 121 image: registry.k8s.io/coredns/coredns:v1.8.3 122 imagePullPolicy: IfNotPresent 123 resources: 124 limits: 125 memory: 170Mi 126 requests: 127 cpu: 100m 128 memory: 70Mi 129 args: [ "-conf", "/etc/coredns/Corefile" ] 130 volumeMounts: 131 - name: config-volume 132 mountPath: /etc/coredns 133 readOnly: true 134 ports: 135 - containerPort: 53 136 name: dns 137 protocol: UDP 138 - containerPort: 53 139 name: dns-tcp 140 protocol: TCP 141 - containerPort: 9153 142 name: metrics 143 protocol: TCP 144 livenessProbe: 145 httpGet: 146 path: /health 147 port: 8080 148 scheme: HTTP 149 initialDelaySeconds: 60 150 timeoutSeconds: 5 151 successThreshold: 1 152 failureThreshold: 5 153 readinessProbe: 154 httpGet: 155 path: /ready 156 port: 8181 157 scheme: HTTP 158 securityContext: 159 allowPrivilegeEscalation: false 160 capabilities: 161 add: 162 - NET_BIND_SERVICE 163 drop: 164 - all 165 readOnlyRootFilesystem: true 166 dnsPolicy: Default 167 volumes: 168 - name: config-volume 169 configMap: 170 name: coredns 171 items: 172 - key: Corefile 173 path: Corefile 174 --- 175 apiVersion: v1 176 kind: Service 177 metadata: 178 name: kube-dns 179 namespace: kube-system 180 annotations: 181 prometheus.io/port: "9153" 182 prometheus.io/scrape: "true" 183 labels: 184 k8s-app: kube-dns 185 kubernetes.io/cluster-service: "true" 186 addonmanager.kubernetes.io/mode: Reconcile 187 kubernetes.io/name: "CoreDNS" 188 spec: 189 selector: 190 k8s-app: kube-dns 191 clusterIP: 10.100.0.10 192 ports: 193 - name: dns 194 port: 53 195 protocol: UDP 196 - name: dns-tcp 197 port: 53 198 protocol: TCP 199 - name: metrics 200 port: 9153 201 protocol: TCP