github.phpd.cn/cilium/cilium@v1.6.12/test/provision/manifest/coredns_deployment.yaml (about) 1 # File source 2 # https://github.com/kubernetes/kubernetes/blob/master/cmd/kubeadm/app/phases/addons/dns/manifests.go 3 --- 4 apiVersion: apps/v1 5 kind: Deployment 6 metadata: 7 annotations: 8 deployment.kubernetes.io/revision: "1" 9 generation: 1 10 labels: 11 k8s-app: kube-dns 12 name: coredns 13 namespace: kube-system 14 spec: 15 progressDeadlineSeconds: 600 16 replicas: 1 17 revisionHistoryLimit: 10 18 selector: 19 matchLabels: 20 k8s-app: kube-dns 21 strategy: 22 rollingUpdate: 23 maxSurge: 25% 24 maxUnavailable: 1 25 type: RollingUpdate 26 template: 27 metadata: 28 creationTimestamp: null 29 labels: 30 k8s-app: kube-dns 31 spec: 32 containers: 33 - args: 34 - -conf 35 - /etc/coredns/Corefile 36 image: docker.io/coredns/coredns:1.0.6 37 imagePullPolicy: IfNotPresent 38 livenessProbe: 39 failureThreshold: 5 40 httpGet: 41 path: /health 42 port: 8080 43 scheme: HTTP 44 initialDelaySeconds: 60 45 periodSeconds: 10 46 successThreshold: 1 47 timeoutSeconds: 5 48 name: coredns 49 ports: 50 - containerPort: 53 51 name: dns 52 protocol: UDP 53 - containerPort: 53 54 name: dns-tcp 55 protocol: TCP 56 resources: 57 limits: 58 memory: 170Mi 59 requests: 60 cpu: 100m 61 memory: 70Mi 62 terminationMessagePath: /dev/termination-log 63 terminationMessagePolicy: File 64 volumeMounts: 65 - mountPath: /etc/coredns 66 name: config-volume 67 dnsPolicy: Default 68 restartPolicy: Always 69 schedulerName: default-scheduler 70 securityContext: {} 71 serviceAccount: coredns 72 serviceAccountName: coredns 73 terminationGracePeriodSeconds: 30 74 tolerations: 75 - key: CriticalAddonsOnly 76 operator: Exists 77 - effect: NoSchedule 78 key: node-role.kubernetes.io/master 79 volumes: 80 - configMap: 81 defaultMode: 420 82 items: 83 - key: Corefile 84 path: Corefile 85 name: coredns 86 name: config-volume 87 --- 88 apiVersion: v1 89 data: 90 Corefile: | 91 .:53 { 92 log 93 errors 94 health 95 kubernetes cluster.local in-addr.arpa ip6.arpa { 96 pods insecure 97 upstream 98 fallthrough in-addr.arpa ip6.arpa 99 } 100 proxy cilium.test 10.96.0.100:53 101 prometheus :9153 102 proxy . /etc/resolv.conf 103 cache 3 104 } 105 kind: ConfigMap 106 metadata: 107 name: coredns 108 namespace: kube-system 109 --- 110 apiVersion: rbac.authorization.k8s.io/v1 111 kind: ClusterRole 112 metadata: 113 name: system:coredns 114 resourceVersion: "181" 115 rules: 116 - apiGroups: 117 - "" 118 resources: 119 - endpoints 120 - services 121 - pods 122 - namespaces 123 verbs: 124 - list 125 - watch 126 --- 127 apiVersion: rbac.authorization.k8s.io/v1 128 kind: ClusterRoleBinding 129 metadata: 130 creationTimestamp: 2018-07-05T13:39:24Z 131 name: system:coredns 132 resourceVersion: "183" 133 roleRef: 134 apiGroup: rbac.authorization.k8s.io 135 kind: ClusterRole 136 name: system:coredns 137 subjects: 138 - kind: ServiceAccount 139 name: coredns 140 namespace: kube-system 141 --- 142 apiVersion: v1 143 kind: ServiceAccount 144 metadata: 145 name: coredns 146 namespace: kube-system 147 resourceVersion: "208" 148 secrets: 149 - name: coredns-token-p8dq2 150 --- 151 apiVersion: v1 152 kind: Service 153 metadata: 154 name: kube-dns 155 namespace: kube-system 156 # Without this resourceVersion value, an update of the Service between versions will yield: 157 # Service "kube-dns" is invalid: metadata.resourceVersion: Invalid value: "": must be specified for an update 158 resourceVersion: "0" 159 labels: 160 k8s-app: kube-dns 161 kubernetes.io/cluster-service: "true" 162 kubernetes.io/name: "KubeDNS" 163 spec: 164 selector: 165 k8s-app: kube-dns 166 clusterIP: 10.96.0.10 167 ports: 168 - name: dns 169 port: 53 170 protocol: UDP 171 - name: dns-tcp 172 port: 53 173 protocol: TCP