github.phpd.cn/cilium/cilium@v1.6.12/test/provision/manifest/1.13/coredns_deployment.yaml (about) 1 # File source 2 # https://raw.githubusercontent.com/kubernetes/kubernetes/release-1.13/cluster/addons/dns/coredns/coredns.yaml.base 3 --- 4 apiVersion: v1 5 kind: ServiceAccount 6 metadata: 7 name: coredns 8 namespace: kube-system 9 labels: 10 kubernetes.io/cluster-service: "true" 11 addonmanager.kubernetes.io/mode: Reconcile 12 --- 13 apiVersion: rbac.authorization.k8s.io/v1 14 kind: ClusterRole 15 metadata: 16 labels: 17 kubernetes.io/bootstrapping: rbac-defaults 18 addonmanager.kubernetes.io/mode: Reconcile 19 name: system:coredns 20 rules: 21 - apiGroups: 22 - "" 23 resources: 24 - endpoints 25 - services 26 - pods 27 - namespaces 28 verbs: 29 - list 30 - watch 31 - apiGroups: 32 - "" 33 resources: 34 - nodes 35 verbs: 36 - get 37 --- 38 apiVersion: rbac.authorization.k8s.io/v1 39 kind: ClusterRoleBinding 40 metadata: 41 annotations: 42 rbac.authorization.kubernetes.io/autoupdate: "true" 43 labels: 44 kubernetes.io/bootstrapping: rbac-defaults 45 addonmanager.kubernetes.io/mode: EnsureExists 46 name: system:coredns 47 roleRef: 48 apiGroup: rbac.authorization.k8s.io 49 kind: ClusterRole 50 name: system:coredns 51 subjects: 52 - kind: ServiceAccount 53 name: coredns 54 namespace: kube-system 55 --- 56 apiVersion: v1 57 kind: ConfigMap 58 metadata: 59 name: coredns 60 namespace: kube-system 61 labels: 62 addonmanager.kubernetes.io/mode: EnsureExists 63 data: 64 Corefile: | 65 .:53 { 66 log 67 errors 68 health 69 kubernetes cluster.local in-addr.arpa ip6.arpa { 70 pods insecure 71 upstream 72 fallthrough in-addr.arpa ip6.arpa 73 } 74 prometheus :9153 75 proxy cilium.test 10.96.0.100:53 76 proxy . /etc/resolv.conf 77 cache 30 78 loop 79 reload 80 loadbalance 81 } 82 --- 83 apiVersion: extensions/v1beta1 84 kind: Deployment 85 metadata: 86 name: coredns 87 namespace: kube-system 88 labels: 89 k8s-app: kube-dns 90 kubernetes.io/cluster-service: "true" 91 addonmanager.kubernetes.io/mode: Reconcile 92 kubernetes.io/name: "CoreDNS" 93 spec: 94 # replicas: not specified here: 95 # 1. In order to make Addon Manager do not reconcile this replicas parameter. 96 # 2. Default is 1. 97 # 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on. 98 strategy: 99 type: RollingUpdate 100 rollingUpdate: 101 maxUnavailable: 1 102 selector: 103 matchLabels: 104 k8s-app: kube-dns 105 template: 106 metadata: 107 labels: 108 k8s-app: kube-dns 109 annotations: 110 seccomp.security.alpha.kubernetes.io/pod: 'docker/default' 111 spec: 112 serviceAccountName: coredns 113 tolerations: 114 - key: "CriticalAddonsOnly" 115 operator: "Exists" 116 containers: 117 - name: coredns 118 image: k8s.gcr.io/coredns:1.2.6 119 imagePullPolicy: IfNotPresent 120 resources: 121 limits: 122 memory: 170Mi 123 requests: 124 cpu: 100m 125 memory: 70Mi 126 args: [ "-conf", "/etc/coredns/Corefile" ] 127 volumeMounts: 128 - name: config-volume 129 mountPath: /etc/coredns 130 readOnly: true 131 ports: 132 - containerPort: 53 133 name: dns 134 protocol: UDP 135 - containerPort: 53 136 name: dns-tcp 137 protocol: TCP 138 - containerPort: 9153 139 name: metrics 140 protocol: TCP 141 livenessProbe: 142 httpGet: 143 path: /health 144 port: 8080 145 scheme: HTTP 146 initialDelaySeconds: 60 147 timeoutSeconds: 5 148 successThreshold: 1 149 failureThreshold: 5 150 securityContext: 151 allowPrivilegeEscalation: false 152 capabilities: 153 add: 154 - NET_BIND_SERVICE 155 drop: 156 - all 157 readOnlyRootFilesystem: true 158 dnsPolicy: Default 159 volumes: 160 - name: config-volume 161 configMap: 162 name: coredns 163 items: 164 - key: Corefile 165 path: Corefile 166 --- 167 apiVersion: v1 168 kind: Service 169 metadata: 170 name: kube-dns 171 namespace: kube-system 172 annotations: 173 prometheus.io/port: "9153" 174 prometheus.io/scrape: "true" 175 labels: 176 k8s-app: kube-dns 177 kubernetes.io/cluster-service: "true" 178 addonmanager.kubernetes.io/mode: Reconcile 179 kubernetes.io/name: "CoreDNS" 180 spec: 181 selector: 182 k8s-app: kube-dns 183 clusterIP: 10.96.0.10 184 ports: 185 - name: dns 186 port: 53 187 protocol: UDP 188 - name: dns-tcp 189 port: 53 190 protocol: TCP