github.com/fafucoder/cilium@v1.6.11/examples/kubernetes-ingress/deployments/coredns-controller.yaml (about)

     1  # Copyright 2016 The Kubernetes Authors.
     2  #
     3  # Licensed under the Apache License, Version 2.0 (the "License");
     4  # you may not use this file except in compliance with the License.
     5  # You may obtain a copy of the License at
     6  #
     7  #     http://www.apache.org/licenses/LICENSE-2.0
     8  #
     9  # Unless required by applicable law or agreed to in writing, software
    10  # distributed under the License is distributed on an "AS IS" BASIS,
    11  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  # See the License for the specific language governing permissions and
    13  # limitations under the License.
    14  
    15  # Should keep target in cluster/addons/dns-horizontal-autoscaler/dns-horizontal-autoscaler.yaml
    16  # in sync with this file.
    17  
    18  apiVersion: apps/v1
    19  kind: Deployment
    20  metadata:
    21    name: coredns
    22    namespace: kube-system
    23    labels:
    24      k8s-app: kube-dns
    25      kubernetes.io/cluster-service: "true"
    26      addonmanager.kubernetes.io/mode: Reconcile
    27      kubernetes.io/name: "CoreDNS"
    28  spec:
    29    # replicas: not specified here:
    30    # 1. In order to make Addon Manager do not reconcile this replicas parameter.
    31    # 2. Default is 1.
    32    # 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on.
    33    strategy:
    34      type: RollingUpdate
    35      rollingUpdate:
    36        maxUnavailable: 1
    37    selector:
    38      matchLabels:
    39        k8s-app: kube-dns
    40    template:
    41      metadata:
    42        labels:
    43          k8s-app: kube-dns
    44        annotations:
    45          seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
    46      spec:
    47        priorityClassName: system-cluster-critical
    48        serviceAccountName: coredns
    49        tolerations:
    50          - key: "CriticalAddonsOnly"
    51            operator: "Exists"
    52        nodeSelector:
    53          beta.kubernetes.io/os: linux
    54        containers:
    55        - name: coredns
    56          image: k8s.gcr.io/coredns:1.3.1
    57          imagePullPolicy: IfNotPresent
    58          resources:
    59            limits:
    60              memory: 170Mi
    61            requests:
    62              cpu: 100m
    63              memory: 70Mi
    64          args: [ "-conf", "/etc/coredns/Corefile" ]
    65          volumeMounts:
    66          - name: config-volume
    67            mountPath: /etc/coredns
    68            readOnly: true
    69          ports:
    70          - containerPort: 53
    71            name: dns
    72            protocol: UDP
    73          - containerPort: 53
    74            name: dns-tcp
    75            protocol: TCP
    76          - containerPort: 9153
    77            name: metrics
    78            protocol: TCP
    79          livenessProbe:
    80            httpGet:
    81              path: /health
    82              port: 8080
    83              scheme: HTTP
    84            initialDelaySeconds: 60
    85            timeoutSeconds: 5
    86            successThreshold: 1
    87            failureThreshold: 5
    88          readinessProbe:
    89            httpGet:
    90              path: /health
    91              port: 8080
    92              scheme: HTTP
    93          securityContext:
    94            allowPrivilegeEscalation: false
    95            capabilities:
    96              add:
    97              - NET_BIND_SERVICE
    98              drop:
    99              - all
   100            readOnlyRootFilesystem: true
   101        dnsPolicy: Default
   102        volumes:
   103          - name: config-volume
   104            configMap:
   105              name: coredns
   106              items:
   107              - key: Corefile
   108                path: Corefile