Ugrade coredns
Alistair Mackay
parent
063f9d4ed6
commit
0e87420d2c
|
|
@ -30,7 +30,7 @@ Kubernetes The Hard Way guides you through bootstrapping a highly available Kube
|
||||||
* [CNI Container Networking](https://github.com/containernetworking/cni) 0.8.6
|
* [CNI Container Networking](https://github.com/containernetworking/cni) 0.8.6
|
||||||
* [Weave Networking](https://www.weave.works/docs/net/latest/kubernetes/kube-addon/)
|
* [Weave Networking](https://www.weave.works/docs/net/latest/kubernetes/kube-addon/)
|
||||||
* [etcd](https://github.com/coreos/etcd) v3.5.3
|
* [etcd](https://github.com/coreos/etcd) v3.5.3
|
||||||
* [CoreDNS](https://github.com/coredns/coredns) v1.8.6
|
* [CoreDNS](https://github.com/coredns/coredns) v1.9.4
|
||||||
|
|
||||||
### Node configuration
|
### Node configuration
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -21,6 +21,13 @@ rules:
|
||||||
verbs:
|
verbs:
|
||||||
- list
|
- list
|
||||||
- watch
|
- watch
|
||||||
|
- apiGroups:
|
||||||
|
- discovery.k8s.io
|
||||||
|
resources:
|
||||||
|
- endpointslices
|
||||||
|
verbs:
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
---
|
---
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
kind: ClusterRoleBinding
|
kind: ClusterRoleBinding
|
||||||
|
|
@ -55,7 +62,6 @@ data:
|
||||||
kubernetes cluster.local in-addr.arpa ip6.arpa {
|
kubernetes cluster.local in-addr.arpa ip6.arpa {
|
||||||
pods insecure
|
pods insecure
|
||||||
fallthrough in-addr.arpa ip6.arpa
|
fallthrough in-addr.arpa ip6.arpa
|
||||||
ttl 30
|
|
||||||
}
|
}
|
||||||
prometheus :9153
|
prometheus :9153
|
||||||
forward . /etc/resolv.conf {
|
forward . /etc/resolv.conf {
|
||||||
|
|
@ -89,15 +95,25 @@ spec:
|
||||||
labels:
|
labels:
|
||||||
k8s-app: kube-dns
|
k8s-app: kube-dns
|
||||||
spec:
|
spec:
|
||||||
|
priorityClassName: system-cluster-critical
|
||||||
serviceAccountName: coredns
|
serviceAccountName: coredns
|
||||||
tolerations:
|
tolerations:
|
||||||
- key: node-role.kubernetes.io/master
|
|
||||||
effect: NoSchedule
|
|
||||||
- key: "CriticalAddonsOnly"
|
- key: "CriticalAddonsOnly"
|
||||||
operator: "Exists"
|
operator: "Exists"
|
||||||
|
nodeSelector:
|
||||||
|
kubernetes.io/os: linux
|
||||||
|
affinity:
|
||||||
|
podAntiAffinity:
|
||||||
|
requiredDuringSchedulingIgnoredDuringExecution:
|
||||||
|
- labelSelector:
|
||||||
|
matchExpressions:
|
||||||
|
- key: k8s-app
|
||||||
|
operator: In
|
||||||
|
values: ["kube-dns"]
|
||||||
|
topologyKey: kubernetes.io/hostname
|
||||||
containers:
|
containers:
|
||||||
- name: coredns
|
- name: coredns
|
||||||
image: coredns/coredns:1.8.6
|
image: coredns/coredns:1.9.4
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
resources:
|
resources:
|
||||||
limits:
|
limits:
|
||||||
|
|
@ -137,6 +153,11 @@ spec:
|
||||||
timeoutSeconds: 5
|
timeoutSeconds: 5
|
||||||
successThreshold: 1
|
successThreshold: 1
|
||||||
failureThreshold: 5
|
failureThreshold: 5
|
||||||
|
readinessProbe:
|
||||||
|
httpGet:
|
||||||
|
path: /ready
|
||||||
|
port: 8181
|
||||||
|
scheme: HTTP
|
||||||
dnsPolicy: Default
|
dnsPolicy: Default
|
||||||
volumes:
|
volumes:
|
||||||
- name: config-volume
|
- name: config-volume
|
||||||
|
|
@ -169,3 +190,6 @@ spec:
|
||||||
- name: dns-tcp
|
- name: dns-tcp
|
||||||
port: 53
|
port: 53
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
|
- name: metrics
|
||||||
|
port: 9153
|
||||||
|
protocol: TCP
|
||||||
Loading…
Reference in New Issue