github.com/cilium/cilium@v1.16.2/test/provision/manifest/1.18/eks/coredns_deployment.yaml (about) 1 # File source 2 # https://raw.githubusercontent.com/kubernetes/kubernetes/release-1.18/cluster/addons/dns/coredns/coredns.yaml.base 3 # __MACHINE_GENERATED_WARNING__ 4 5 apiVersion: v1 6 kind: ServiceAccount 7 metadata: 8 name: coredns 9 namespace: kube-system 10 labels: 11 kubernetes.io/cluster-service: "true" 12 addonmanager.kubernetes.io/mode: Reconcile 13 --- 14 apiVersion: rbac.authorization.k8s.io/v1 15 kind: ClusterRole 16 metadata: 17 labels: 18 kubernetes.io/bootstrapping: rbac-defaults 19 addonmanager.kubernetes.io/mode: Reconcile 20 name: system:coredns 21 rules: 22 - apiGroups: 23 - "" 24 resources: 25 - endpoints 26 - services 27 - pods 28 - namespaces 29 verbs: 30 - list 31 - watch 32 - apiGroups: 33 - "" 34 resources: 35 - nodes 36 verbs: 37 - get 38 --- 39 apiVersion: rbac.authorization.k8s.io/v1 40 kind: ClusterRoleBinding 41 metadata: 42 annotations: 43 rbac.authorization.kubernetes.io/autoupdate: "true" 44 labels: 45 kubernetes.io/bootstrapping: rbac-defaults 46 addonmanager.kubernetes.io/mode: EnsureExists 47 name: system:coredns 48 roleRef: 49 apiGroup: rbac.authorization.k8s.io 50 kind: ClusterRole 51 name: system:coredns 52 subjects: 53 - kind: ServiceAccount 54 name: coredns 55 namespace: kube-system 56 --- 57 apiVersion: v1 58 kind: ConfigMap 59 metadata: 60 name: coredns 61 namespace: kube-system 62 labels: 63 addonmanager.kubernetes.io/mode: EnsureExists 64 data: 65 Corefile: | 66 cilium.test:53 { 67 forward . 10.100.0.100:53 { 68 max_fails 0 69 } 70 } 71 .:53 { 72 log 73 errors 74 health { 75 lameduck 5s 76 } 77 ready 78 kubernetes cluster.local in-addr.arpa ip6.arpa { 79 pods insecure 80 ttl 0 81 fallthrough in-addr.arpa ip6.arpa 82 } 83 forward . /etc/resolv.conf { 84 max_fails 0 85 } 86 prometheus :9153 87 loop 88 reload 89 loadbalance 90 } 91 --- 92 apiVersion: apps/v1 93 kind: Deployment 94 metadata: 95 name: coredns 96 namespace: kube-system 97 labels: 98 k8s-app: kube-dns 99 kubernetes.io/cluster-service: "true" 100 addonmanager.kubernetes.io/mode: Reconcile 101 kubernetes.io/name: "CoreDNS" 102 spec: 103 # replicas: not specified here: 104 # 1. In order to make Addon Manager do not reconcile this replicas parameter. 105 # 2. Default is 1. 106 # 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on. 107 strategy: 108 type: RollingUpdate 109 rollingUpdate: 110 maxUnavailable: 1 111 selector: 112 matchLabels: 113 k8s-app: kube-dns 114 template: 115 metadata: 116 labels: 117 k8s-app: kube-dns 118 annotations: 119 seccomp.security.alpha.kubernetes.io/pod: 'runtime/default' 120 spec: 121 priorityClassName: system-cluster-critical 122 serviceAccountName: coredns 123 tolerations: 124 - key: "CriticalAddonsOnly" 125 operator: "Exists" 126 containers: 127 - name: coredns 128 image: registry.k8s.io/coredns/coredns:v1.8.3 129 imagePullPolicy: IfNotPresent 130 resources: 131 limits: 132 memory: 170Mi 133 requests: 134 cpu: 100m 135 memory: 70Mi 136 args: [ "-conf", "/etc/coredns/Corefile" ] 137 volumeMounts: 138 - name: config-volume 139 mountPath: /etc/coredns 140 readOnly: true 141 ports: 142 - containerPort: 53 143 name: dns 144 protocol: UDP 145 - containerPort: 53 146 name: dns-tcp 147 protocol: TCP 148 - containerPort: 9153 149 name: metrics 150 protocol: TCP 151 livenessProbe: 152 httpGet: 153 path: /health 154 port: 8080 155 scheme: HTTP 156 initialDelaySeconds: 60 157 timeoutSeconds: 5 158 successThreshold: 1 159 failureThreshold: 5 160 readinessProbe: 161 httpGet: 162 path: /ready 163 port: 8181 164 scheme: HTTP 165 securityContext: 166 allowPrivilegeEscalation: false 167 capabilities: 168 add: 169 - NET_BIND_SERVICE 170 drop: 171 - all 172 readOnlyRootFilesystem: true 173 dnsPolicy: Default 174 volumes: 175 - name: config-volume 176 configMap: 177 name: coredns 178 items: 179 - key: Corefile 180 path: Corefile 181 --- 182 apiVersion: v1 183 kind: Service 184 metadata: 185 name: kube-dns 186 namespace: kube-system 187 annotations: 188 prometheus.io/port: "9153" 189 prometheus.io/scrape: "true" 190 labels: 191 k8s-app: kube-dns 192 kubernetes.io/cluster-service: "true" 193 addonmanager.kubernetes.io/mode: Reconcile 194 kubernetes.io/name: "CoreDNS" 195 spec: 196 selector: 197 k8s-app: kube-dns 198 clusterIP: 10.100.0.10 199 ports: 200 - name: dns 201 port: 53 202 protocol: UDP 203 - name: dns-tcp 204 port: 53 205 protocol: TCP 206 - name: metrics 207 port: 9153 208 protocol: TCP