github.phpd.cn/cilium/cilium@v1.6.12/test/provision/manifest/1.14/coredns_deployment.yaml (about) 1 # __MACHINE_GENERATED_WARNING__ 2 3 apiVersion: v1 4 kind: ServiceAccount 5 metadata: 6 name: coredns 7 namespace: kube-system 8 labels: 9 kubernetes.io/cluster-service: "true" 10 addonmanager.kubernetes.io/mode: Reconcile 11 --- 12 apiVersion: rbac.authorization.k8s.io/v1 13 kind: ClusterRole 14 metadata: 15 labels: 16 kubernetes.io/bootstrapping: rbac-defaults 17 addonmanager.kubernetes.io/mode: Reconcile 18 name: system:coredns 19 rules: 20 - apiGroups: 21 - "" 22 resources: 23 - endpoints 24 - services 25 - pods 26 - namespaces 27 verbs: 28 - list 29 - watch 30 - apiGroups: 31 - "" 32 resources: 33 - nodes 34 verbs: 35 - get 36 --- 37 apiVersion: rbac.authorization.k8s.io/v1 38 kind: ClusterRoleBinding 39 metadata: 40 annotations: 41 rbac.authorization.kubernetes.io/autoupdate: "true" 42 labels: 43 kubernetes.io/bootstrapping: rbac-defaults 44 addonmanager.kubernetes.io/mode: EnsureExists 45 name: system:coredns 46 roleRef: 47 apiGroup: rbac.authorization.k8s.io 48 kind: ClusterRole 49 name: system:coredns 50 subjects: 51 - kind: ServiceAccount 52 name: coredns 53 namespace: kube-system 54 --- 55 apiVersion: v1 56 kind: ConfigMap 57 metadata: 58 name: coredns 59 namespace: kube-system 60 labels: 61 addonmanager.kubernetes.io/mode: EnsureExists 62 data: 63 Corefile: | 64 .:53 { 65 log 66 errors 67 health 68 kubernetes cluster.local in-addr.arpa ip6.arpa { 69 pods insecure 70 ttl 0 71 upstream 72 fallthrough in-addr.arpa ip6.arpa 73 } 74 proxy cilium.test 10.96.0.100:53 { 75 fail_timeout 10s 76 max_fails 0 77 } 78 proxy . /etc/resolv.conf { 79 fail_timeout 10s 80 max_fails 0 81 } 82 prometheus :9153 83 loop 84 reload 85 loadbalance 86 } 87 --- 88 apiVersion: apps/v1 89 kind: Deployment 90 metadata: 91 name: coredns 92 namespace: kube-system 93 labels: 94 k8s-app: kube-dns 95 kubernetes.io/cluster-service: "true" 96 addonmanager.kubernetes.io/mode: Reconcile 97 kubernetes.io/name: "CoreDNS" 98 spec: 99 # replicas: not specified here: 100 # 1. In order to make Addon Manager do not reconcile this replicas parameter. 101 # 2. Default is 1. 102 # 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on. 103 strategy: 104 type: RollingUpdate 105 rollingUpdate: 106 maxUnavailable: 1 107 selector: 108 matchLabels: 109 k8s-app: kube-dns 110 template: 111 metadata: 112 labels: 113 k8s-app: kube-dns 114 annotations: 115 seccomp.security.alpha.kubernetes.io/pod: 'docker/default' 116 spec: 117 priorityClassName: system-cluster-critical 118 serviceAccountName: coredns 119 tolerations: 120 - key: "CriticalAddonsOnly" 121 operator: "Exists" 122 containers: 123 - name: coredns 124 image: k8s.gcr.io/coredns:1.3.1 125 imagePullPolicy: IfNotPresent 126 resources: 127 limits: 128 memory: 170Mi 129 requests: 130 cpu: 100m 131 memory: 70Mi 132 args: [ "-conf", "/etc/coredns/Corefile" ] 133 volumeMounts: 134 - name: config-volume 135 mountPath: /etc/coredns 136 readOnly: true 137 ports: 138 - containerPort: 53 139 name: dns 140 protocol: UDP 141 - containerPort: 53 142 name: dns-tcp 143 protocol: TCP 144 - containerPort: 9153 145 name: metrics 146 protocol: TCP 147 livenessProbe: 148 httpGet: 149 path: /health 150 port: 8080 151 scheme: HTTP 152 initialDelaySeconds: 60 153 timeoutSeconds: 5 154 successThreshold: 1 155 failureThreshold: 5 156 readinessProbe: 157 httpGet: 158 path: /health 159 port: 8080 160 scheme: HTTP 161 securityContext: 162 allowPrivilegeEscalation: false 163 capabilities: 164 add: 165 - NET_BIND_SERVICE 166 drop: 167 - all 168 readOnlyRootFilesystem: true 169 dnsPolicy: Default 170 volumes: 171 - name: config-volume 172 configMap: 173 name: coredns 174 items: 175 - key: Corefile 176 path: Corefile 177 --- 178 apiVersion: v1 179 kind: Service 180 metadata: 181 name: kube-dns 182 namespace: kube-system 183 annotations: 184 prometheus.io/port: "9153" 185 prometheus.io/scrape: "true" 186 labels: 187 k8s-app: kube-dns 188 kubernetes.io/cluster-service: "true" 189 addonmanager.kubernetes.io/mode: Reconcile 190 kubernetes.io/name: "CoreDNS" 191 spec: 192 selector: 193 k8s-app: kube-dns 194 clusterIP: 10.96.0.10 195 ports: 196 - name: dns 197 port: 53 198 protocol: UDP 199 - name: dns-tcp 200 port: 53 201 protocol: TCP 202 - name: metrics 203 port: 9153 204 protocol: TCP