github.com/jlmeeker/kismatic@v1.10.1-0.20180612190640-57f9005a1f1a/ansible/roles/coredns/templates/coredns.yaml (about) 1 apiVersion: v1 2 kind: ServiceAccount 3 metadata: 4 name: coredns 5 namespace: kube-system 6 --- 7 apiVersion: rbac.authorization.k8s.io/v1 8 kind: ClusterRole 9 metadata: 10 labels: 11 kubernetes.io/bootstrapping: rbac-defaults 12 name: system:coredns 13 rules: 14 - apiGroups: 15 - "" 16 resources: 17 - endpoints 18 - services 19 - pods 20 - namespaces 21 verbs: 22 - list 23 - watch 24 --- 25 apiVersion: rbac.authorization.k8s.io/v1 26 kind: ClusterRoleBinding 27 metadata: 28 annotations: 29 rbac.authorization.kubernetes.io/autoupdate: "true" 30 labels: 31 kubernetes.io/bootstrapping: rbac-defaults 32 name: system:coredns 33 roleRef: 34 apiGroup: rbac.authorization.k8s.io 35 kind: ClusterRole 36 name: system:coredns 37 subjects: 38 - kind: ServiceAccount 39 name: coredns 40 namespace: kube-system 41 --- 42 apiVersion: v1 43 kind: ConfigMap 44 metadata: 45 name: coredns 46 namespace: kube-system 47 data: 48 Corefile: | 49 .:53 { 50 errors 51 log 52 health 53 kubernetes cluster.local {{ kubernetes_services_cidr }} {{ kubernetes_pods_cidr }} { 54 pods insecure 55 upstream /etc/resolv.conf 56 } 57 prometheus :9153 58 proxy . /etc/resolv.conf 59 cache 30 60 } 61 --- 62 apiVersion: apps/v1 63 kind: Deployment 64 metadata: 65 name: coredns 66 namespace: kube-system 67 labels: 68 k8s-app: coredns 69 kubernetes.io/cluster-service: "true" 70 kubernetes.io/name: "CoreDNS" 71 spec: 72 replicas: {{ dns.options.replicas|int }} 73 strategy: 74 rollingUpdate: 75 maxSurge: 1 76 maxUnavailable: 1 77 selector: 78 matchLabels: 79 k8s-app: coredns 80 template: 81 metadata: 82 annotations: 83 prometheus.io/port: "9153" 84 prometheus.io/scrape: "true" 85 labels: 86 k8s-app: coredns 87 spec: 88 serviceAccountName: coredns 89 tolerations: 90 - key: "CriticalAddonsOnly" 91 operator: "Exists" 92 affinity: 93 podAntiAffinity: 94 preferredDuringSchedulingIgnoredDuringExecution: 95 - weight: 100 96 podAffinityTerm: 97 labelSelector: 98 matchExpressions: 99 - key: k8s-app 100 operator: In 101 values: 102 - coredns 103 topologyKey: kubernetes.io/hostname 104 containers: 105 - name: coredns 106 image: "{{ images.coredns }}" 107 imagePullPolicy: IfNotPresent 108 args: [ "-conf", "/etc/coredns/Corefile" ] 109 resources: 110 limits: 111 memory: 170Mi 112 requests: 113 cpu: 100m 114 memory: 70Mi 115 volumeMounts: 116 - name: config-volume 117 mountPath: /etc/coredns 118 ports: 119 - containerPort: 53 120 name: dns 121 protocol: UDP 122 - containerPort: 53 123 name: dns-tcp 124 protocol: TCP 125 - containerPort: 9153 126 name: metrics 127 protocol: TCP 128 livenessProbe: 129 httpGet: 130 path: /health 131 port: 8080 132 scheme: HTTP 133 initialDelaySeconds: 60 134 timeoutSeconds: 5 135 successThreshold: 1 136 failureThreshold: 5 137 dnsPolicy: Default 138 volumes: 139 - name: config-volume 140 configMap: 141 name: coredns 142 items: 143 - key: Corefile 144 path: Corefile 145 --- 146 apiVersion: v1 147 kind: Service 148 metadata: 149 name: kube-dns 150 namespace: kube-system 151 labels: 152 k8s-app: coredns 153 kubernetes.io/cluster-service: "true" 154 kubernetes.io/name: "CoreDNS" 155 spec: 156 selector: 157 k8s-app: coredns 158 clusterIP: {{ kubernetes_dns_service_ip }} 159 ports: 160 - name: dns 161 port: 53 162 protocol: UDP 163 - name: dns-tcp 164 port: 53 165 protocol: TCP