k8s.io/kubernetes@v1.31.0-alpha.0.0.20240520171757-56147500dadc/cluster/addons/dns/coredns/coredns.yaml.in (about) 1 # Warning: This is a file generated from the base underscore template file: coredns.yaml.base 2 3 apiVersion: v1 4 kind: ServiceAccount 5 metadata: 6 name: coredns 7 namespace: kube-system 8 labels: 9 kubernetes.io/cluster-service: "true" 10 addonmanager.kubernetes.io/mode: Reconcile 11 --- 12 apiVersion: rbac.authorization.k8s.io/v1 13 kind: ClusterRole 14 metadata: 15 labels: 16 kubernetes.io/bootstrapping: rbac-defaults 17 addonmanager.kubernetes.io/mode: Reconcile 18 name: system:coredns 19 rules: 20 - apiGroups: 21 - "" 22 resources: 23 - endpoints 24 - services 25 - pods 26 - namespaces 27 verbs: 28 - list 29 - watch 30 - apiGroups: 31 - discovery.k8s.io 32 resources: 33 - endpointslices 34 verbs: 35 - list 36 - watch 37 --- 38 apiVersion: rbac.authorization.k8s.io/v1 39 kind: ClusterRoleBinding 40 metadata: 41 annotations: 42 rbac.authorization.kubernetes.io/autoupdate: "true" 43 labels: 44 kubernetes.io/bootstrapping: rbac-defaults 45 addonmanager.kubernetes.io/mode: EnsureExists 46 name: system:coredns 47 roleRef: 48 apiGroup: rbac.authorization.k8s.io 49 kind: ClusterRole 50 name: system:coredns 51 subjects: 52 - kind: ServiceAccount 53 name: coredns 54 namespace: kube-system 55 --- 56 apiVersion: v1 57 kind: ConfigMap 58 metadata: 59 name: coredns 60 namespace: kube-system 61 labels: 62 addonmanager.kubernetes.io/mode: EnsureExists 63 data: 64 Corefile: | 65 .:53 { 66 errors 67 health { 68 lameduck 5s 69 } 70 ready 71 kubernetes dns_domain in-addr.arpa ip6.arpa { 72 pods insecure 73 fallthrough in-addr.arpa ip6.arpa 74 ttl 30 75 } 76 prometheus :9153 77 forward . /etc/resolv.conf { 78 max_concurrent 1000 79 } 80 cache 30 81 loop 82 reload 83 loadbalance 84 } 85 --- 86 apiVersion: apps/v1 87 kind: Deployment 88 metadata: 89 name: coredns 90 namespace: kube-system 91 labels: 92 k8s-app: kube-dns 93 kubernetes.io/cluster-service: "true" 94 addonmanager.kubernetes.io/mode: Reconcile 95 kubernetes.io/name: "CoreDNS" 96 spec: 97 # replicas: not specified here: 98 # 1. In order to make Addon Manager do not reconcile this replicas parameter. 99 # 2. Default is 1. 100 # 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on. 101 strategy: 102 type: RollingUpdate 103 rollingUpdate: 104 maxUnavailable: 1 105 selector: 106 matchLabels: 107 k8s-app: kube-dns 108 template: 109 metadata: 110 labels: 111 k8s-app: kube-dns 112 spec: 113 securityContext: 114 seccompProfile: 115 type: RuntimeDefault 116 priorityClassName: system-cluster-critical 117 serviceAccountName: coredns 118 affinity: 119 podAntiAffinity: 120 preferredDuringSchedulingIgnoredDuringExecution: 121 - weight: 100 122 podAffinityTerm: 123 labelSelector: 124 matchExpressions: 125 - key: k8s-app 126 operator: In 127 values: ["kube-dns"] 128 topologyKey: kubernetes.io/hostname 129 tolerations: 130 - key: "CriticalAddonsOnly" 131 operator: "Exists" 132 nodeSelector: 133 kubernetes.io/os: linux 134 containers: 135 - name: coredns 136 image: registry.k8s.io/coredns/coredns:v1.11.1 137 imagePullPolicy: IfNotPresent 138 resources: 139 limits: 140 memory: 'dns_memory_limit' 141 requests: 142 cpu: 100m 143 memory: 70Mi 144 args: [ "-conf", "/etc/coredns/Corefile" ] 145 volumeMounts: 146 - name: config-volume 147 mountPath: /etc/coredns 148 readOnly: true 149 ports: 150 - containerPort: 53 151 name: dns 152 protocol: UDP 153 - containerPort: 53 154 name: dns-tcp 155 protocol: TCP 156 - containerPort: 9153 157 name: metrics 158 protocol: TCP 159 livenessProbe: 160 httpGet: 161 path: /health 162 port: 8080 163 scheme: HTTP 164 initialDelaySeconds: 60 165 timeoutSeconds: 5 166 successThreshold: 1 167 failureThreshold: 5 168 readinessProbe: 169 httpGet: 170 path: /ready 171 port: 8181 172 scheme: HTTP 173 securityContext: 174 allowPrivilegeEscalation: false 175 capabilities: 176 add: 177 - NET_BIND_SERVICE 178 drop: 179 - ALL 180 readOnlyRootFilesystem: true 181 dnsPolicy: Default 182 volumes: 183 - name: config-volume 184 configMap: 185 name: coredns 186 items: 187 - key: Corefile 188 path: Corefile 189 --- 190 apiVersion: v1 191 kind: Service 192 metadata: 193 name: kube-dns 194 namespace: kube-system 195 annotations: 196 prometheus.io/port: "9153" 197 prometheus.io/scrape: "true" 198 labels: 199 k8s-app: kube-dns 200 kubernetes.io/cluster-service: "true" 201 addonmanager.kubernetes.io/mode: Reconcile 202 kubernetes.io/name: "CoreDNS" 203 spec: 204 selector: 205 k8s-app: kube-dns 206 clusterIP: 'dns_server' 207 ports: 208 - name: dns 209 port: 53 210 protocol: UDP 211 - name: dns-tcp 212 port: 53 213 protocol: TCP 214 - name: metrics 215 port: 9153 216 protocol: TCP