Tunnel CoreDNS

Tunnel CoreDNS 配置示例

tunnel/tunnel-coredns.yaml 

  1. ---
  2. apiVersion: v1
  3. kind: ConfigMap
  4. metadata:
  5.   name: tunnel-coredns
  6.   namespace: edge-system
  7. data:
  8.   Corefile: |
  9.     .:53 {
  10.         errors
  11.         health {
  12.            lameduck 5s
  13.         }
  14.         hosts /etc/edge/hosts {
  15.             reload 300ms
  16.             fallthrough
  17.         }
  18.         ready
  19.         prometheus :9153
  20.         forward . /etc/resolv.conf
  21.         cache 30
  22.         reload 2s
  23.         loadbalance
  24.     }    
  25. ---
  26. apiVersion: v1
  27. kind: ConfigMap
  28. metadata:
  29.   name: tunnel-nodes
  30.   namespace: edge-system
  31. data:
  32.   hosts: ""
  33. ---
  34. apiVersion: v1
  35. kind: Service
  36. metadata:
  37.   name: tunnel-coredns
  38.   namespace: edge-system
  39. spec:
  40.   ports:
  41.     - name: dns
  42.       port: 53
  43.       protocol: UDP
  44.       targetPort: 53
  45.     - name: dns-tcp
  46.       port: 53
  47.       protocol: TCP
  48.       targetPort: 53
  49.     - name: metrics
  50.       port: 9153
  51.       protocol: TCP
  52.       targetPort: 9153
  53.   selector:
  54.     k8s-app: tunnel-coredns
  55.   type: ClusterIP
  56. ---
  57. apiVersion: apps/v1
  58. kind: Deployment
  59. metadata:
  60.   name: tunnel-coredns
  61.   namespace: edge-system
  62. spec:
  63.   replicas: 1
  64.   selector:
  65.     matchLabels:
  66.       k8s-app: tunnel-coredns
  67.   template:
  68.     metadata:
  69.       labels:
  70.         k8s-app: tunnel-coredns
  71.     spec:
  72.       containers:
  73.         - args:
  74.             - -conf
  75.             - /etc/coredns/Corefile
  76.           image: coredns/coredns:1.6.5
  77.           imagePullPolicy: IfNotPresent
  78.           livenessProbe:
  79.             failureThreshold: 5
  80.             httpGet:
  81.               path: /health
  82.               port: 8080
  83.               scheme: HTTP
  84.             initialDelaySeconds: 60
  85.             periodSeconds: 10
  86.             successThreshold: 1
  87.             timeoutSeconds: 5
  88.           name: tunnel-coredns
  89.           ports:
  90.             - containerPort: 53
  91.               name: dns
  92.               protocol: UDP
  93.             - containerPort: 53
  94.               name: dns-tcp
  95.               protocol: TCP
  96.             - containerPort: 9153
  97.               name: metrics
  98.               protocol: TCP
  99.           readinessProbe:
  100.             failureThreshold: 3
  101.             httpGet:
  102.               path: /ready
  103.               port: 8181
  104.               scheme: HTTP
  105.           volumeMounts:
  106.             - mountPath: /etc/coredns
  107.               name: config-volume
  108.               readOnly: true
  109.             - mountPath: /etc/edge
  110.               name: hosts
  111.               readOnly: true
  112.           resources:
  113.             limits:
  114.               cpu: 50m
  115.               memory: 100Mi
  116.             requests:
  117.               cpu: 10m
  118.               memory: 50Mi
  119.       volumes:
  120.         - configMap:
  121.             defaultMode: 420
  122.             items:
  123.               - key: Corefile
  124.                 path: Corefile
  125.             name: tunnel-coredns
  126.           name: config-volume
  127.         - configMap:
  128.             defaultMode: 420
  129.             name: tunnel-nodes
  130.           name: hosts
  131.       nodeSelector:
  132.         node-role.kubernetes.io/master: ""
  133.       tolerations:
  134.         - key: "node-role.kubernetes.io/master"
  135.           operator: "Exists"
  136.           effect: "NoSchedule"

最后修改 June 15, 2021 : Fixed error links and paths (fef537b)