github.phpd.cn/cilium/cilium@v1.6.12/test/provision/manifest/1.12/coredns_deployment.yaml (about) 1 # File source 2 # https://raw.githubusercontent.com/kubernetes/kubernetes/release-1.12/cluster/addons/dns/coredns/coredns.yaml.base 3 --- 4 apiVersion: v1 5 kind: ServiceAccount 6 metadata: 7 name: coredns 8 namespace: kube-system 9 labels: 10 kubernetes.io/cluster-service: "true" 11 addonmanager.kubernetes.io/mode: Reconcile 12 --- 13 apiVersion: rbac.authorization.k8s.io/v1 14 kind: ClusterRole 15 metadata: 16 labels: 17 kubernetes.io/bootstrapping: rbac-defaults 18 addonmanager.kubernetes.io/mode: Reconcile 19 name: system:coredns 20 rules: 21 - apiGroups: 22 - "" 23 resources: 24 - endpoints 25 - services 26 - pods 27 - namespaces 28 verbs: 29 - list 30 - watch 31 --- 32 apiVersion: rbac.authorization.k8s.io/v1 33 kind: ClusterRoleBinding 34 metadata: 35 annotations: 36 rbac.authorization.kubernetes.io/autoupdate: "true" 37 labels: 38 kubernetes.io/bootstrapping: rbac-defaults 39 addonmanager.kubernetes.io/mode: EnsureExists 40 name: system:coredns 41 roleRef: 42 apiGroup: rbac.authorization.k8s.io 43 kind: ClusterRole 44 name: system:coredns 45 subjects: 46 - kind: ServiceAccount 47 name: coredns 48 namespace: kube-system 49 --- 50 apiVersion: v1 51 kind: ConfigMap 52 metadata: 53 name: coredns 54 namespace: kube-system 55 labels: 56 addonmanager.kubernetes.io/mode: EnsureExists 57 data: 58 Corefile: | 59 .:53 { 60 log 61 errors 62 health 63 kubernetes cluster.local in-addr.arpa ip6.arpa { 64 pods insecure 65 upstream 66 fallthrough in-addr.arpa ip6.arpa 67 } 68 proxy cilium.test 10.96.0.100:53 69 prometheus :9153 70 proxy . /etc/resolv.conf 71 cache 30 72 loop 73 reload 74 loadbalance 75 } 76 --- 77 apiVersion: extensions/v1beta1 78 kind: Deployment 79 metadata: 80 name: coredns 81 namespace: kube-system 82 labels: 83 k8s-app: kube-dns 84 kubernetes.io/cluster-service: "true" 85 addonmanager.kubernetes.io/mode: Reconcile 86 kubernetes.io/name: "CoreDNS" 87 spec: 88 # replicas: not specified here: 89 # 1. In order to make Addon Manager do not reconcile this replicas parameter. 90 # 2. Default is 1. 91 # 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on. 92 strategy: 93 type: RollingUpdate 94 rollingUpdate: 95 maxUnavailable: 1 96 selector: 97 matchLabels: 98 k8s-app: kube-dns 99 template: 100 metadata: 101 labels: 102 k8s-app: kube-dns 103 annotations: 104 seccomp.security.alpha.kubernetes.io/pod: 'docker/default' 105 spec: 106 serviceAccountName: coredns 107 tolerations: 108 - key: node-role.kubernetes.io/master 109 effect: NoSchedule 110 - key: "CriticalAddonsOnly" 111 operator: "Exists" 112 containers: 113 - name: coredns 114 image: k8s.gcr.io/coredns:1.2.2 115 imagePullPolicy: IfNotPresent 116 resources: 117 limits: 118 memory: 170Mi 119 requests: 120 cpu: 100m 121 memory: 70Mi 122 args: [ "-conf", "/etc/coredns/Corefile" ] 123 volumeMounts: 124 - name: config-volume 125 mountPath: /etc/coredns 126 readOnly: true 127 ports: 128 - containerPort: 53 129 name: dns 130 protocol: UDP 131 - containerPort: 53 132 name: dns-tcp 133 protocol: TCP 134 - containerPort: 9153 135 name: metrics 136 protocol: TCP 137 livenessProbe: 138 httpGet: 139 path: /health 140 port: 8080 141 scheme: HTTP 142 initialDelaySeconds: 60 143 timeoutSeconds: 5 144 successThreshold: 1 145 failureThreshold: 5 146 securityContext: 147 allowPrivilegeEscalation: false 148 capabilities: 149 add: 150 - NET_BIND_SERVICE 151 drop: 152 - all 153 readOnlyRootFilesystem: true 154 dnsPolicy: Default 155 volumes: 156 - name: config-volume 157 configMap: 158 name: coredns 159 items: 160 - key: Corefile 161 path: Corefile 162 --- 163 apiVersion: v1 164 kind: Service 165 metadata: 166 name: kube-dns 167 namespace: kube-system 168 annotations: 169 prometheus.io/port: "9153" 170 prometheus.io/scrape: "true" 171 labels: 172 k8s-app: kube-dns 173 kubernetes.io/cluster-service: "true" 174 addonmanager.kubernetes.io/mode: Reconcile 175 kubernetes.io/name: "CoreDNS" 176 spec: 177 selector: 178 k8s-app: kube-dns 179 clusterIP: 10.96.0.10 180 ports: 181 - name: dns 182 port: 53 183 protocol: UDP 184 - name: dns-tcp 185 port: 53 186 protocol: TCP