github.com/cilium/cilium@v1.16.2/test/provision/manifest/coredns_deployment.yaml (about) 1 # File source 2 # https://github.com/kubernetes/kubernetes/blob/master/cmd/kubeadm/app/phases/addons/dns/manifests.go 3 --- 4 apiVersion: apps/v1 5 kind: Deployment 6 metadata: 7 annotations: 8 deployment.kubernetes.io/revision: "1" 9 generation: 1 10 labels: 11 k8s-app: kube-dns 12 name: coredns 13 namespace: kube-system 14 spec: 15 progressDeadlineSeconds: 600 16 replicas: 1 17 revisionHistoryLimit: 10 18 selector: 19 matchLabels: 20 k8s-app: kube-dns 21 strategy: 22 rollingUpdate: 23 maxSurge: 25% 24 maxUnavailable: 1 25 type: RollingUpdate 26 template: 27 metadata: 28 creationTimestamp: null 29 labels: 30 k8s-app: kube-dns 31 spec: 32 containers: 33 - args: 34 - -conf 35 - /etc/coredns/Corefile 36 image: registry.k8s.io/coredns/coredns:v1.8.3 37 imagePullPolicy: IfNotPresent 38 livenessProbe: 39 failureThreshold: 5 40 httpGet: 41 path: /health 42 port: 8080 43 scheme: HTTP 44 initialDelaySeconds: 60 45 periodSeconds: 10 46 successThreshold: 1 47 timeoutSeconds: 5 48 name: coredns 49 ports: 50 - containerPort: 53 51 name: dns 52 protocol: UDP 53 - containerPort: 53 54 name: dns-tcp 55 protocol: TCP 56 resources: 57 limits: 58 memory: 170Mi 59 requests: 60 cpu: 100m 61 memory: 70Mi 62 terminationMessagePath: /dev/termination-log 63 terminationMessagePolicy: File 64 volumeMounts: 65 - mountPath: /etc/coredns 66 name: config-volume 67 dnsPolicy: Default 68 restartPolicy: Always 69 schedulerName: default-scheduler 70 securityContext: {} 71 serviceAccount: coredns 72 serviceAccountName: coredns 73 terminationGracePeriodSeconds: 30 74 tolerations: 75 - key: CriticalAddonsOnly 76 operator: Exists 77 - effect: NoSchedule 78 key: node-role.kubernetes.io/master 79 volumes: 80 - configMap: 81 defaultMode: 420 82 items: 83 - key: Corefile 84 path: Corefile 85 name: coredns 86 name: config-volume 87 --- 88 apiVersion: v1 89 data: 90 Corefile: | 91 .:53 { 92 log 93 errors 94 health 95 kubernetes cluster.local in-addr.arpa ip6.arpa { 96 pods insecure 97 ttl 5 98 upstream 99 fallthrough in-addr.arpa ip6.arpa 100 } 101 proxy cilium.test 10.96.0.100:53 102 prometheus :9153 103 proxy . /etc/resolv.conf 104 cache 3 105 } 106 kind: ConfigMap 107 metadata: 108 name: coredns 109 namespace: kube-system 110 --- 111 apiVersion: rbac.authorization.k8s.io/v1 112 kind: ClusterRole 113 metadata: 114 name: system:coredns 115 resourceVersion: "181" 116 rules: 117 - apiGroups: 118 - "" 119 resources: 120 - endpoints 121 - services 122 - pods 123 - namespaces 124 verbs: 125 - list 126 - watch 127 - apiGroups: 128 - discovery.k8s.io 129 resources: 130 - endpointslices 131 verbs: 132 - list 133 - watch 134 --- 135 apiVersion: rbac.authorization.k8s.io/v1 136 kind: ClusterRoleBinding 137 metadata: 138 creationTimestamp: 2018-07-05T13:39:24Z 139 name: system:coredns 140 resourceVersion: "183" 141 roleRef: 142 apiGroup: rbac.authorization.k8s.io 143 kind: ClusterRole 144 name: system:coredns 145 subjects: 146 - kind: ServiceAccount 147 name: coredns 148 namespace: kube-system 149 --- 150 apiVersion: v1 151 kind: ServiceAccount 152 metadata: 153 name: coredns 154 namespace: kube-system 155 resourceVersion: "208" 156 secrets: 157 - name: coredns-token-p8dq2 158 --- 159 apiVersion: v1 160 kind: Service 161 metadata: 162 name: kube-dns 163 namespace: kube-system 164 # Without this resourceVersion value, an update of the Service between versions will yield: 165 # Service "kube-dns" is invalid: metadata.resourceVersion: Invalid value: "": must be specified for an update 166 resourceVersion: "0" 167 labels: 168 k8s-app: kube-dns 169 kubernetes.io/cluster-service: "true" 170 kubernetes.io/name: "KubeDNS" 171 spec: 172 selector: 173 k8s-app: kube-dns 174 clusterIP: 10.96.0.10 175 ports: 176 - name: dns 177 port: 53 178 protocol: UDP 179 - name: dns-tcp 180 port: 53 181 protocol: TCP