添加 'Yaml文件/coredns.yaml.sed'
This commit is contained in:
		
							parent
							
								
									5a13d225ed
								
							
						
					
					
						commit
						91bb16006a
					
				
							
								
								
									
										201
									
								
								Yaml文件/coredns.yaml.sed
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										201
									
								
								Yaml文件/coredns.yaml.sed
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,201 @@ | ||||
| apiVersion: v1 | ||||
| kind: ServiceAccount | ||||
| metadata: | ||||
|   name: coredns | ||||
|   namespace: kube-system | ||||
| --- | ||||
| apiVersion: rbac.authorization.k8s.io/v1 | ||||
| kind: ClusterRole | ||||
| metadata: | ||||
|   labels: | ||||
|     kubernetes.io/bootstrapping: rbac-defaults | ||||
|   name: system:coredns | ||||
| rules: | ||||
|   - apiGroups: | ||||
|     - "" | ||||
|     resources: | ||||
|     - endpoints | ||||
|     - services | ||||
|     - pods | ||||
|     - namespaces | ||||
|     verbs: | ||||
|     - list | ||||
|     - watch | ||||
|   - apiGroups: | ||||
|     - discovery.k8s.io | ||||
|     resources: | ||||
|     - endpointslices | ||||
|     verbs: | ||||
|     - list | ||||
|     - watch | ||||
| --- | ||||
| apiVersion: rbac.authorization.k8s.io/v1 | ||||
| kind: ClusterRoleBinding | ||||
| metadata: | ||||
|   annotations: | ||||
|     rbac.authorization.kubernetes.io/autoupdate: "true" | ||||
|   labels: | ||||
|     kubernetes.io/bootstrapping: rbac-defaults | ||||
|   name: system:coredns | ||||
| roleRef: | ||||
|   apiGroup: rbac.authorization.k8s.io | ||||
|   kind: ClusterRole | ||||
|   name: system:coredns | ||||
| subjects: | ||||
| - kind: ServiceAccount | ||||
|   name: coredns | ||||
|   namespace: kube-system | ||||
| --- | ||||
| apiVersion: v1 | ||||
| kind: ConfigMap | ||||
| metadata: | ||||
|   name: coredns | ||||
|   namespace: kube-system | ||||
| data: | ||||
|   Corefile: | | ||||
|     .:53 { | ||||
|         errors | ||||
|         health { | ||||
|           lameduck 5s | ||||
|         } | ||||
|         ready | ||||
|         kubernetes CLUSTER_DOMAIN REVERSE_CIDRS { | ||||
|           fallthrough in-addr.arpa ip6.arpa | ||||
|         } | ||||
|         prometheus :9153 | ||||
|         forward . UPSTREAMNAMESERVER { | ||||
|           max_concurrent 1000 | ||||
|         } | ||||
|         cache 30 | ||||
|         loop | ||||
|         reload | ||||
|         loadbalance | ||||
|     }STUBDOMAINS | ||||
| --- | ||||
| apiVersion: apps/v1 | ||||
| kind: Deployment | ||||
| metadata: | ||||
|   name: coredns | ||||
|   namespace: kube-system | ||||
|   labels: | ||||
|     k8s-app: kube-dns | ||||
|     kubernetes.io/name: "CoreDNS" | ||||
|     app.kubernetes.io/name: coredns | ||||
| spec: | ||||
|   # replicas: not specified here: | ||||
|   # 1. Default is 1. | ||||
|   # 2. Will be tuned in real time if DNS horizontal auto-scaling is turned on. | ||||
|   strategy: | ||||
|     type: RollingUpdate | ||||
|     rollingUpdate: | ||||
|       maxUnavailable: 1 | ||||
|   selector: | ||||
|     matchLabels: | ||||
|       k8s-app: kube-dns | ||||
|       app.kubernetes.io/name: coredns | ||||
|   template: | ||||
|     metadata: | ||||
|       labels: | ||||
|         k8s-app: kube-dns | ||||
|         app.kubernetes.io/name: coredns | ||||
|     spec: | ||||
|       priorityClassName: system-cluster-critical | ||||
|       serviceAccountName: coredns | ||||
|       tolerations: | ||||
|         - key: "CriticalAddonsOnly" | ||||
|           operator: "Exists" | ||||
|       nodeSelector: | ||||
|         kubernetes.io/os: linux | ||||
|       affinity: | ||||
|          podAntiAffinity: | ||||
|            requiredDuringSchedulingIgnoredDuringExecution: | ||||
|            - labelSelector: | ||||
|                matchExpressions: | ||||
|                - key: k8s-app | ||||
|                  operator: In | ||||
|                  values: ["kube-dns"] | ||||
|              topologyKey: kubernetes.io/hostname | ||||
|       containers: | ||||
|       - name: coredns | ||||
|         image: coredns/coredns:1.9.4 | ||||
|         imagePullPolicy: IfNotPresent | ||||
|         resources: | ||||
|           limits: | ||||
|             memory: 170Mi | ||||
|           requests: | ||||
|             cpu: 100m | ||||
|             memory: 70Mi | ||||
|         args: [ "-conf", "/etc/coredns/Corefile" ] | ||||
|         volumeMounts: | ||||
|         - name: config-volume | ||||
|           mountPath: /etc/coredns | ||||
|           readOnly: true | ||||
|         ports: | ||||
|         - containerPort: 53 | ||||
|           name: dns | ||||
|           protocol: UDP | ||||
|         - containerPort: 53 | ||||
|           name: dns-tcp | ||||
|           protocol: TCP | ||||
|         - containerPort: 9153 | ||||
|           name: metrics | ||||
|           protocol: TCP | ||||
|         securityContext: | ||||
|           allowPrivilegeEscalation: false | ||||
|           capabilities: | ||||
|             add: | ||||
|             - NET_BIND_SERVICE | ||||
|             drop: | ||||
|             - all | ||||
|           readOnlyRootFilesystem: true | ||||
|         livenessProbe: | ||||
|           httpGet: | ||||
|             path: /health | ||||
|             port: 8080 | ||||
|             scheme: HTTP | ||||
|           initialDelaySeconds: 60 | ||||
|           timeoutSeconds: 5 | ||||
|           successThreshold: 1 | ||||
|           failureThreshold: 5 | ||||
|         readinessProbe: | ||||
|           httpGet: | ||||
|             path: /ready | ||||
|             port: 8181 | ||||
|             scheme: HTTP | ||||
|       dnsPolicy: Default | ||||
|       volumes: | ||||
|         - name: config-volume | ||||
|           configMap: | ||||
|             name: coredns | ||||
|             items: | ||||
|             - key: Corefile | ||||
|               path: Corefile | ||||
| --- | ||||
| apiVersion: v1 | ||||
| kind: Service | ||||
| metadata: | ||||
|   name: kube-dns | ||||
|   namespace: kube-system | ||||
|   annotations: | ||||
|     prometheus.io/port: "9153" | ||||
|     prometheus.io/scrape: "true" | ||||
|   labels: | ||||
|     k8s-app: kube-dns | ||||
|     kubernetes.io/cluster-service: "true" | ||||
|     kubernetes.io/name: "CoreDNS" | ||||
|     app.kubernetes.io/name: coredns | ||||
| spec: | ||||
|   selector: | ||||
|     k8s-app: kube-dns | ||||
|     app.kubernetes.io/name: coredns | ||||
|   clusterIP: CLUSTER_DNS_IP | ||||
|   ports: | ||||
|   - name: dns | ||||
|     port: 53 | ||||
|     protocol: UDP | ||||
|   - name: dns-tcp | ||||
|     port: 53 | ||||
|     protocol: TCP | ||||
|   - name: metrics | ||||
|     port: 9153 | ||||
|     protocol: TCP | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user
	 diandian
						diandian