The highest tagged major version is
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( Coredns = template.Must(template.New("coredns.yaml").Parse( dedent.Dedent(`--- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: kubernetes.io/bootstrapping: rbac-defaults addonmanager.kubernetes.io/mode: Reconcile name: system:coredns rules: - apiGroups: - "" resources: - endpoints - services - pods - namespaces verbs: - list - watch - apiGroups: - "" resources: - nodes verbs: - get - apiGroups: - discovery.k8s.io resources: - endpointslices verbs: - list - watch --- apiVersion: v1 kind: Service metadata: name: coredns namespace: kube-system labels: k8s-app: kube-dns kubernetes.io/cluster-service: "true" kubernetes.io/name: "CoreDNS" addonmanager.kubernetes.io/mode: Reconcile annotations: prometheus.io/port: "9153" prometheus.io/scrape: "true" createdby: 'kubekey' spec: selector: k8s-app: kube-dns clusterIP: {{ .ClusterIP }} ports: - name: dns port: 53 protocol: UDP - name: dns-tcp port: 53 protocol: TCP - name: metrics port: 9153 protocol: TCP --- apiVersion: apps/v1 kind: Deployment metadata: name: "coredns" namespace: kube-system labels: k8s-app: "kube-dns" addonmanager.kubernetes.io/mode: Reconcile kubernetes.io/name: "coredns" spec: strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 0 maxSurge: 10% selector: matchLabels: k8s-app: kube-dns template: metadata: labels: k8s-app: kube-dns annotations: createdby: 'kubekey' spec: securityContext: seccompProfile: type: RuntimeDefault priorityClassName: system-cluster-critical serviceAccountName: coredns nodeSelector: kubernetes.io/os: linux tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule - key: node-role.kubernetes.io/control-plane effect: NoSchedule affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 podAffinityTerm: labelSelector: matchLabels: k8s-app: kube-dns topologyKey: "kubernetes.io/hostname" nodeAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 preference: matchExpressions: - key: node-role.kubernetes.io/control-plane operator: In values: - "" containers: - name: coredns image: "{{ .CorednsImage }}" imagePullPolicy: IfNotPresent resources: # TODO: Set memory limits when we've profiled the container for large # clusters, then set request = limit to keep this container in # guaranteed class. Currently, this container falls into the # "burstable" category so the kubelet doesn't backoff from restarting it. limits: memory: 300Mi requests: cpu: 100m memory: 70Mi args: [ "-conf", "/etc/coredns/Corefile" ] volumeMounts: - name: config-volume mountPath: /etc/coredns ports: - containerPort: 53 name: dns protocol: UDP - containerPort: 53 name: dns-tcp protocol: TCP - containerPort: 9153 name: metrics protocol: TCP securityContext: allowPrivilegeEscalation: false capabilities: add: - NET_BIND_SERVICE drop: - all readOnlyRootFilesystem: true livenessProbe: httpGet: path: /health port: 8080 scheme: HTTP timeoutSeconds: 5 successThreshold: 1 failureThreshold: 10 readinessProbe: httpGet: path: /ready port: 8181 scheme: HTTP timeoutSeconds: 5 successThreshold: 1 failureThreshold: 10 dnsPolicy: Default volumes: - name: config-volume configMap: name: coredns items: - key: Corefile path: Corefile {{ if .DNSEtcHosts }} - key: hosts path: hosts {{ end }} `))) )
View Source
var ( CorednsConfigMap = template.Must(template.New("coredns-configmap.yaml").Funcs(utils.FuncMap).Parse( dedent.Dedent(`--- apiVersion: v1 kind: ConfigMap metadata: name: coredns namespace: kube-system labels: addonmanager.kubernetes.io/mode: EnsureExists data: Corefile: | {{- if .ExternalZones }} {{- range .ExternalZones }} {{ range .Zones }}{{ . | indent 4 }} {{ end }}{ log errors {{- if .Rewrite }} {{- range .Rewrite }} rewrite {{ . }} {{- end }} {{- end }} forward .{{ range .Nameservers }} {{ . }}{{ end}} loadbalance cache {{ .Cache }} reload {{- if $.DNSEtcHosts }} hosts /etc/coredns/hosts { fallthrough } {{- end }} } {{- end }} {{- end }} .:53 { {{- if .AdditionalConfigs }} {{ .AdditionalConfigs | indent 8 }} {{- end }} errors health { lameduck 5s } {{- if .RewriteBlock }} {{ .RewriteBlock | indent 8 }} {{- end }} ready kubernetes {{ .ClusterDomain }} in-addr.arpa ip6.arpa { pods insecure fallthrough in-addr.arpa ip6.arpa ttl 30 } prometheus :9153 forward . {{ if .UpstreamDNSServers }}{{ range .UpstreamDNSServers }}{{ . }} {{ end }}{{else}}/etc/resolv.conf{{ end }} { prefer_udp max_concurrent 1000 } cache 30 loop reload loadbalance {{- if .DNSEtcHosts }} hosts /etc/coredns/hosts { fallthrough } {{- end }} } {{- if .DNSEtcHosts }} hosts: | {{ .DNSEtcHosts | indent 4 }} {{- end }} `))) )
View Source
var NodeLocalDNSConfigMap = template.Must(template.New("nodelocaldns-configmap.yaml").Funcs(utils.FuncMap).Parse( dedent.Dedent(`--- apiVersion: v1 kind: ConfigMap metadata: name: nodelocaldns namespace: kube-system labels: addonmanager.kubernetes.io/mode: EnsureExists data: Corefile: | {{- if .ExternalZones }} {{- range .ExternalZones }} {{ range .Zones }}{{ . | indent 4 }} {{ end}} { errors cache {{ .Cache }} reload {{- if .Rewrite }} {{- range .Rewrite }} rewrite {{ . }} {{- end }} {{- end }} loop bind 169.254.25.10 forward . {{ range .Nameservers }} {{ . }}{{ end }} prometheus :9253 log {{- if $.DNSEtcHosts }} hosts /etc/coredns/hosts { fallthrough } {{- end }} } {{- end }} {{- end }} {{ .DNSDomain }}:53 { errors cache { success 9984 30 denial 9984 5 } reload loop bind 169.254.25.10 forward . {{ .ForwardTarget }} { force_tcp } prometheus :9253 health 169.254.25.10:9254 } in-addr.arpa:53 { errors cache 30 reload loop bind 169.254.25.10 forward . {{ .ForwardTarget }} { force_tcp } prometheus :9253 } ip6.arpa:53 { errors cache 30 reload loop bind 169.254.25.10 forward . {{ .ForwardTarget }} { force_tcp } prometheus :9253 } .:53 { errors cache 30 reload loop bind 169.254.25.10 forward . /etc/resolv.conf prometheus :9253 {{- if .DNSEtcHosts }} hosts /etc/coredns/hosts { fallthrough } {{- end }} } {{- if .DNSEtcHosts }} hosts: | {{ .DNSEtcHosts | indent 4}} {{- end }} `)))
View Source
var NodeLocalDNSService = template.Must(template.New("nodelocaldns.yaml").Parse( dedent.Dedent(`--- apiVersion: v1 kind: ServiceAccount metadata: name: nodelocaldns namespace: kube-system labels: addonmanager.kubernetes.io/mode: Reconcile --- apiVersion: apps/v1 kind: DaemonSet metadata: name: nodelocaldns namespace: kube-system labels: k8s-app: kube-dns addonmanager.kubernetes.io/mode: Reconcile spec: selector: matchLabels: k8s-app: nodelocaldns template: metadata: labels: k8s-app: nodelocaldns annotations: prometheus.io/scrape: 'true' prometheus.io/port: '9253' spec: nodeSelector: kubernetes.io/os: linux priorityClassName: system-cluster-critical serviceAccountName: nodelocaldns hostNetwork: true dnsPolicy: Default # Don't use cluster DNS. tolerations: - effect: NoSchedule operator: "Exists" - effect: NoExecute operator: "Exists" - key: "CriticalAddonsOnly" operator: "Exists" containers: - name: node-cache image: {{ .NodelocaldnsImage }} resources: limits: memory: 200Mi requests: cpu: 100m memory: 70Mi args: [ "-localip", "169.254.25.10", "-conf", "/etc/coredns/Corefile", "-upstreamsvc", "coredns" ] securityContext: privileged: true ports: - containerPort: 53 name: dns protocol: UDP - containerPort: 53 name: dns-tcp protocol: TCP - containerPort: 9253 name: metrics protocol: TCP livenessProbe: httpGet: host: 169.254.25.10 path: /health port: 9254 scheme: HTTP timeoutSeconds: 5 successThreshold: 1 failureThreshold: 10 readinessProbe: httpGet: host: 169.254.25.10 path: /health port: 9254 scheme: HTTP timeoutSeconds: 5 successThreshold: 1 failureThreshold: 10 volumeMounts: - name: config-volume mountPath: /etc/coredns - name: xtables-lock mountPath: /run/xtables.lock volumes: - name: config-volume configMap: name: nodelocaldns items: - key: Corefile path: Corefile {{- if .DNSEtcHosts }} - key: hosts path: hosts {{ end }} - name: xtables-lock hostPath: path: /run/xtables.lock type: FileOrCreate # Minimize downtime during a rolling upgrade or deletion; tell Kubernetes to do a "force # deletion": https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods. terminationGracePeriodSeconds: 0 updateStrategy: rollingUpdate: maxUnavailable: 20% type: RollingUpdate `)))
Functions ¶
This section is empty.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.