github.com/cilium/cilium@v1.16.2/test/provision/manifest/1.18/coredns_deployment.yaml (about) 1 # File source 2 # https://raw.githubusercontent.com/kubernetes/kubernetes/release-1.18/cluster/addons/dns/coredns/coredns.yaml.base 3 # __MACHINE_GENERATED_WARNING__ 4 5 apiVersion: v1 6 kind: ServiceAccount 7 metadata: 8 name: coredns 9 namespace: kube-system 10 labels: 11 kubernetes.io/cluster-service: "true" 12 addonmanager.kubernetes.io/mode: Reconcile 13 --- 14 apiVersion: rbac.authorization.k8s.io/v1 15 kind: ClusterRole 16 metadata: 17 labels: 18 kubernetes.io/bootstrapping: rbac-defaults 19 addonmanager.kubernetes.io/mode: Reconcile 20 name: system:coredns 21 rules: 22 - apiGroups: 23 - "" 24 resources: 25 - endpoints 26 - services 27 - pods 28 - namespaces 29 verbs: 30 - list 31 - watch 32 - apiGroups: 33 - "" 34 resources: 35 - nodes 36 verbs: 37 - get 38 - apiGroups: 39 - discovery.k8s.io 40 resources: 41 - endpointslices 42 verbs: 43 - list 44 - watch 45 --- 46 apiVersion: rbac.authorization.k8s.io/v1 47 kind: ClusterRoleBinding 48 metadata: 49 annotations: 50 rbac.authorization.kubernetes.io/autoupdate: "true" 51 labels: 52 kubernetes.io/bootstrapping: rbac-defaults 53 addonmanager.kubernetes.io/mode: EnsureExists 54 name: system:coredns 55 roleRef: 56 apiGroup: rbac.authorization.k8s.io 57 kind: ClusterRole 58 name: system:coredns 59 subjects: 60 - kind: ServiceAccount 61 name: coredns 62 namespace: kube-system 63 --- 64 apiVersion: v1 65 kind: ConfigMap 66 metadata: 67 name: coredns 68 namespace: kube-system 69 labels: 70 addonmanager.kubernetes.io/mode: EnsureExists 71 data: 72 Corefile: | 73 cilium.test:53 { 74 forward . 10.96.0.100:53 { 75 max_fails 0 76 } 77 } 78 .:53 { 79 log 80 errors 81 health { 82 lameduck 5s 83 } 84 ready 85 kubernetes cluster.local in-addr.arpa ip6.arpa { 86 pods insecure 87 ttl 0 88 fallthrough in-addr.arpa ip6.arpa 89 } 90 forward . /etc/resolv.conf { 91 max_fails 0 92 } 93 prometheus :9153 94 loop 95 reload 96 loadbalance 97 } 98 --- 99 apiVersion: apps/v1 100 kind: Deployment 101 metadata: 102 name: coredns 103 namespace: kube-system 104 labels: 105 k8s-app: kube-dns 106 kubernetes.io/cluster-service: "true" 107 addonmanager.kubernetes.io/mode: Reconcile 108 kubernetes.io/name: "CoreDNS" 109 spec: 110 # replicas: not specified here: 111 # 1. In order to make Addon Manager do not reconcile this replicas parameter. 112 # 2. Default is 1. 113 # 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on. 114 strategy: 115 type: RollingUpdate 116 rollingUpdate: 117 maxUnavailable: 1 118 selector: 119 matchLabels: 120 k8s-app: kube-dns 121 template: 122 metadata: 123 labels: 124 k8s-app: kube-dns 125 annotations: 126 seccomp.security.alpha.kubernetes.io/pod: 'runtime/default' 127 spec: 128 priorityClassName: system-cluster-critical 129 serviceAccountName: coredns 130 tolerations: 131 - key: "CriticalAddonsOnly" 132 operator: "Exists" 133 containers: 134 - name: coredns 135 image: registry.k8s.io/coredns/coredns:v1.8.3 136 imagePullPolicy: IfNotPresent 137 resources: 138 limits: 139 memory: 170Mi 140 requests: 141 cpu: 100m 142 memory: 70Mi 143 args: [ "-conf", "/etc/coredns/Corefile" ] 144 volumeMounts: 145 - name: config-volume 146 mountPath: /etc/coredns 147 readOnly: true 148 ports: 149 - containerPort: 53 150 name: dns 151 protocol: UDP 152 - containerPort: 53 153 name: dns-tcp 154 protocol: TCP 155 - containerPort: 9153 156 name: metrics 157 protocol: TCP 158 livenessProbe: 159 httpGet: 160 path: /health 161 port: 8080 162 scheme: HTTP 163 initialDelaySeconds: 60 164 timeoutSeconds: 5 165 successThreshold: 1 166 failureThreshold: 5 167 readinessProbe: 168 httpGet: 169 path: /ready 170 port: 8181 171 scheme: HTTP 172 securityContext: 173 allowPrivilegeEscalation: false 174 capabilities: 175 add: 176 - NET_BIND_SERVICE 177 drop: 178 - all 179 readOnlyRootFilesystem: true 180 dnsPolicy: Default 181 volumes: 182 - name: config-volume 183 configMap: 184 name: coredns 185 items: 186 - key: Corefile 187 path: Corefile 188 --- 189 apiVersion: v1 190 kind: Service 191 metadata: 192 name: kube-dns 193 namespace: kube-system 194 annotations: 195 prometheus.io/port: "9153" 196 prometheus.io/scrape: "true" 197 labels: 198 k8s-app: kube-dns 199 kubernetes.io/cluster-service: "true" 200 addonmanager.kubernetes.io/mode: Reconcile 201 kubernetes.io/name: "CoreDNS" 202 spec: 203 selector: 204 k8s-app: kube-dns 205 clusterIP: 10.96.0.10 206 ports: 207 - name: dns 208 port: 53 209 protocol: UDP 210 - name: dns-tcp 211 port: 53 212 protocol: TCP 213 - name: metrics 214 port: 9153 215 protocol: TCP