github.com/cilium/cilium@v1.16.2/test/provision/manifest/1.19/eks/coredns_deployment.yaml (about) 1 # File source 2 # https://raw.githubusercontent.com/kubernetes/kubernetes/release-1.19/cluster/addons/dns/coredns/coredns.yaml.base 3 # __MACHINE_GENERATED_WARNING__ 4 5 apiVersion: v1 6 kind: ServiceAccount 7 metadata: 8 name: coredns 9 namespace: kube-system 10 labels: 11 kubernetes.io/cluster-service: "true" 12 addonmanager.kubernetes.io/mode: Reconcile 13 --- 14 apiVersion: rbac.authorization.k8s.io/v1 15 kind: ClusterRole 16 metadata: 17 labels: 18 kubernetes.io/bootstrapping: rbac-defaults 19 addonmanager.kubernetes.io/mode: Reconcile 20 name: system:coredns 21 rules: 22 - apiGroups: 23 - "" 24 resources: 25 - endpoints 26 - services 27 - pods 28 - namespaces 29 verbs: 30 - list 31 - watch 32 - apiGroups: 33 - "" 34 resources: 35 - nodes 36 verbs: 37 - get 38 --- 39 apiVersion: rbac.authorization.k8s.io/v1 40 kind: ClusterRoleBinding 41 metadata: 42 annotations: 43 rbac.authorization.kubernetes.io/autoupdate: "true" 44 labels: 45 kubernetes.io/bootstrapping: rbac-defaults 46 addonmanager.kubernetes.io/mode: EnsureExists 47 name: system:coredns 48 roleRef: 49 apiGroup: rbac.authorization.k8s.io 50 kind: ClusterRole 51 name: system:coredns 52 subjects: 53 - kind: ServiceAccount 54 name: coredns 55 namespace: kube-system 56 --- 57 apiVersion: v1 58 kind: ConfigMap 59 metadata: 60 name: coredns 61 namespace: kube-system 62 labels: 63 addonmanager.kubernetes.io/mode: EnsureExists 64 data: 65 Corefile: | 66 cilium.test:53 { 67 forward . 10.100.0.100:53 { 68 max_fails 0 69 } 70 } 71 .:53 { 72 log 73 errors 74 health { 75 lameduck 5s 76 } 77 ready 78 kubernetes cluster.local in-addr.arpa ip6.arpa { 79 pods insecure 80 ttl 0 81 fallthrough in-addr.arpa ip6.arpa 82 } 83 forward . /etc/resolv.conf { 84 max_fails 0 85 } 86 prometheus :9153 87 loop 88 reload 89 loadbalance 90 } 91 --- 92 apiVersion: apps/v1 93 kind: Deployment 94 metadata: 95 name: coredns 96 namespace: kube-system 97 labels: 98 k8s-app: kube-dns 99 kubernetes.io/cluster-service: "true" 100 addonmanager.kubernetes.io/mode: Reconcile 101 kubernetes.io/name: "CoreDNS" 102 spec: 103 # replicas: not specified here: 104 # 1. In order to make Addon Manager do not reconcile this replicas parameter. 105 # 2. Default is 1. 106 # 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on. 107 strategy: 108 type: RollingUpdate 109 rollingUpdate: 110 maxUnavailable: 1 111 selector: 112 matchLabels: 113 k8s-app: kube-dns 114 template: 115 metadata: 116 labels: 117 k8s-app: kube-dns 118 annotations: 119 seccomp.security.alpha.kubernetes.io/pod: 'runtime/default' 120 spec: 121 priorityClassName: system-cluster-critical 122 serviceAccountName: coredns 123 affinity: 124 podAntiAffinity: 125 preferredDuringSchedulingIgnoredDuringExecution: 126 - weight: 100 127 podAffinityTerm: 128 labelSelector: 129 matchExpressions: 130 - key: k8s-app 131 operator: In 132 values: ["kube-dns"] 133 topologyKey: kubernetes.io/hostname 134 tolerations: 135 - key: "CriticalAddonsOnly" 136 operator: "Exists" 137 nodeSelector: 138 kubernetes.io/os: linux 139 containers: 140 - name: coredns 141 image: registry.k8s.io/coredns/coredns:v1.8.3 142 imagePullPolicy: IfNotPresent 143 resources: 144 limits: 145 memory: 170Mi 146 requests: 147 cpu: 100m 148 memory: 70Mi 149 args: [ "-conf", "/etc/coredns/Corefile" ] 150 volumeMounts: 151 - name: config-volume 152 mountPath: /etc/coredns 153 readOnly: true 154 ports: 155 - containerPort: 53 156 name: dns 157 protocol: UDP 158 - containerPort: 53 159 name: dns-tcp 160 protocol: TCP 161 - containerPort: 9153 162 name: metrics 163 protocol: TCP 164 livenessProbe: 165 httpGet: 166 path: /health 167 port: 8080 168 scheme: HTTP 169 initialDelaySeconds: 60 170 timeoutSeconds: 5 171 successThreshold: 1 172 failureThreshold: 5 173 readinessProbe: 174 httpGet: 175 path: /ready 176 port: 8181 177 scheme: HTTP 178 securityContext: 179 allowPrivilegeEscalation: false 180 capabilities: 181 add: 182 - NET_BIND_SERVICE 183 drop: 184 - all 185 readOnlyRootFilesystem: true 186 dnsPolicy: Default 187 volumes: 188 - name: config-volume 189 configMap: 190 name: coredns 191 items: 192 - key: Corefile 193 path: Corefile 194 --- 195 apiVersion: v1 196 kind: Service 197 metadata: 198 name: kube-dns 199 namespace: kube-system 200 annotations: 201 prometheus.io/port: "9153" 202 prometheus.io/scrape: "true" 203 labels: 204 k8s-app: kube-dns 205 kubernetes.io/cluster-service: "true" 206 addonmanager.kubernetes.io/mode: Reconcile 207 kubernetes.io/name: "CoreDNS" 208 spec: 209 selector: 210 k8s-app: kube-dns 211 clusterIP: 10.100.0.10 212 ports: 213 - name: dns 214 port: 53 215 protocol: UDP 216 - name: dns-tcp 217 port: 53 218 protocol: TCP 219 - name: metrics 220 port: 9153 221 protocol: TCP