github.phpd.cn/cilium/cilium@v1.6.12/test/provision/manifest/1.16/coredns_deployment.yaml (about) 1 # File source 2 # https://raw.githubusercontent.com/kubernetes/kubernetes/release-1.16/cluster/addons/dns/coredns/coredns.yaml.base 3 # __MACHINE_GENERATED_WARNING__ 4 5 apiVersion: v1 6 kind: ServiceAccount 7 metadata: 8 name: coredns 9 namespace: kube-system 10 labels: 11 kubernetes.io/cluster-service: "true" 12 addonmanager.kubernetes.io/mode: Reconcile 13 --- 14 apiVersion: rbac.authorization.k8s.io/v1 15 kind: ClusterRole 16 metadata: 17 labels: 18 kubernetes.io/bootstrapping: rbac-defaults 19 addonmanager.kubernetes.io/mode: Reconcile 20 name: system:coredns 21 rules: 22 - apiGroups: 23 - "" 24 resources: 25 - endpoints 26 - services 27 - pods 28 - namespaces 29 verbs: 30 - list 31 - watch 32 - apiGroups: 33 - "" 34 resources: 35 - nodes 36 verbs: 37 - get 38 --- 39 apiVersion: rbac.authorization.k8s.io/v1 40 kind: ClusterRoleBinding 41 metadata: 42 annotations: 43 rbac.authorization.kubernetes.io/autoupdate: "true" 44 labels: 45 kubernetes.io/bootstrapping: rbac-defaults 46 addonmanager.kubernetes.io/mode: EnsureExists 47 name: system:coredns 48 roleRef: 49 apiGroup: rbac.authorization.k8s.io 50 kind: ClusterRole 51 name: system:coredns 52 subjects: 53 - kind: ServiceAccount 54 name: coredns 55 namespace: kube-system 56 --- 57 apiVersion: v1 58 kind: ConfigMap 59 metadata: 60 name: coredns 61 namespace: kube-system 62 labels: 63 addonmanager.kubernetes.io/mode: EnsureExists 64 data: 65 Corefile: | 66 .:53 { 67 log 68 errors 69 health 70 ready 71 kubernetes cluster.local in-addr.arpa ip6.arpa { 72 pods insecure 73 ttl 0 74 upstream 75 fallthrough in-addr.arpa ip6.arpa 76 } 77 forward cilium.test 10.96.0.100:53 { 78 max_fails 0 79 } 80 prometheus :9153 81 loop 82 reload 83 loadbalance 84 } 85 --- 86 apiVersion: apps/v1 87 kind: Deployment 88 metadata: 89 name: coredns 90 namespace: kube-system 91 labels: 92 k8s-app: kube-dns 93 kubernetes.io/cluster-service: "true" 94 addonmanager.kubernetes.io/mode: Reconcile 95 kubernetes.io/name: "CoreDNS" 96 spec: 97 # replicas: not specified here: 98 # 1. In order to make Addon Manager do not reconcile this replicas parameter. 99 # 2. Default is 1. 100 # 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on. 101 strategy: 102 type: RollingUpdate 103 rollingUpdate: 104 maxUnavailable: 1 105 selector: 106 matchLabels: 107 k8s-app: kube-dns 108 template: 109 metadata: 110 labels: 111 k8s-app: kube-dns 112 annotations: 113 seccomp.security.alpha.kubernetes.io/pod: 'docker/default' 114 spec: 115 priorityClassName: system-cluster-critical 116 serviceAccountName: coredns 117 tolerations: 118 - key: "CriticalAddonsOnly" 119 operator: "Exists" 120 containers: 121 - name: coredns 122 image: k8s.gcr.io/coredns:1.6.2 123 imagePullPolicy: IfNotPresent 124 resources: 125 limits: 126 memory: 170Mi 127 requests: 128 cpu: 100m 129 memory: 70Mi 130 args: [ "-conf", "/etc/coredns/Corefile" ] 131 volumeMounts: 132 - name: config-volume 133 mountPath: /etc/coredns 134 readOnly: true 135 ports: 136 - containerPort: 53 137 name: dns 138 protocol: UDP 139 - containerPort: 53 140 name: dns-tcp 141 protocol: TCP 142 - containerPort: 9153 143 name: metrics 144 protocol: TCP 145 livenessProbe: 146 httpGet: 147 path: /health 148 port: 8080 149 scheme: HTTP 150 initialDelaySeconds: 60 151 timeoutSeconds: 5 152 successThreshold: 1 153 failureThreshold: 5 154 readinessProbe: 155 httpGet: 156 path: /ready 157 port: 8181 158 scheme: HTTP 159 securityContext: 160 allowPrivilegeEscalation: false 161 capabilities: 162 add: 163 - NET_BIND_SERVICE 164 drop: 165 - all 166 readOnlyRootFilesystem: true 167 dnsPolicy: Default 168 volumes: 169 - name: config-volume 170 configMap: 171 name: coredns 172 items: 173 - key: Corefile 174 path: Corefile 175 --- 176 apiVersion: v1 177 kind: Service 178 metadata: 179 name: kube-dns 180 namespace: kube-system 181 annotations: 182 prometheus.io/port: "9153" 183 prometheus.io/scrape: "true" 184 labels: 185 k8s-app: kube-dns 186 kubernetes.io/cluster-service: "true" 187 addonmanager.kubernetes.io/mode: Reconcile 188 kubernetes.io/name: "CoreDNS" 189 spec: 190 selector: 191 k8s-app: kube-dns 192 clusterIP: 10.96.0.10 193 ports: 194 - name: dns 195 port: 53 196 protocol: UDP 197 - name: dns-tcp 198 port: 53 199 protocol: TCP 200 - name: metrics 201 port: 9153 202 protocol: TCP