coredns now uses kustomize
This commit is contained in:
parent
64dd45f370
commit
cd2b6c4857
|
@ -1,2 +1 @@
|
|||
helm repo add coredns https://coredns.github.io/helm
|
||||
helm upgrade -i -n coredns --create-namespace coredns coredns/coredns -f values.yaml
|
||||
kustomize build --enable-helm | kubectl apply -f -
|
||||
|
|
1
coredns/diff.sh
Normal file
1
coredns/diff.sh
Normal file
|
@ -0,0 +1 @@
|
|||
kustomize build --enable-helm | kubectl diff -f -
|
87
coredns/kustomization.yaml
Normal file
87
coredns/kustomization.yaml
Normal file
|
@ -0,0 +1,87 @@
|
|||
kind: Kustomization
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
helmCharts:
|
||||
- name: coredns
|
||||
repo: https://coredns.github.io/helm
|
||||
namespace: coredns
|
||||
version: 1.28.2
|
||||
releaseName: coredns
|
||||
includeCRDs: true
|
||||
valuesInline:
|
||||
isClusterService: false
|
||||
replicaCount: 3
|
||||
servers:
|
||||
- plugins:
|
||||
- name: errors
|
||||
- configBlock: lameduck 5s
|
||||
name: health
|
||||
- name: ready
|
||||
- configBlock: |-
|
||||
pods insecure
|
||||
fallthrough in-addr.arpa ip6.arpa
|
||||
ttl 30
|
||||
name: kubernetes
|
||||
parameters: cluster.local in-addr.arpa ip6.arpa
|
||||
- configBlock: to *
|
||||
name: transfer
|
||||
- configBlock: fallthrough
|
||||
name: k8s_external
|
||||
parameters: k
|
||||
- name: prometheus
|
||||
parameters: 0.0.0.0:9153
|
||||
- configBlock: answer "{{ .Name }} 60 IN A 172.16.17.115"
|
||||
name: template
|
||||
parameters: IN A harbor.strudelline.net
|
||||
- configBlock: answer "{{ .Name }} 60 IN A 172.16.17.33"
|
||||
name: template
|
||||
parameters: IN A frigate.strudelline.net
|
||||
- configBlock: answer "{{ .Name }} 60 IN A 172.16.17.80"
|
||||
name: template
|
||||
parameters: IN A werts.us
|
||||
- configBlock: answer "{{ .Name }} 60 IN A 172.16.17.80"
|
||||
name: template
|
||||
parameters: IN A minio.strudelline.net
|
||||
- configBlock: |
|
||||
match ^cascade[.]strudelline[.]net[.]$
|
||||
answer "{{ .Name }} 60 IN A 172.16.34.1"
|
||||
answer "{{ .Name }} 60 IN A 172.16.33.1"
|
||||
fallthrough
|
||||
name: template
|
||||
parameters: IN A cascade.strudelline.net
|
||||
- configBlock: |
|
||||
match ^(?P<name>[^.]*)[.]strudelline[.]net[.]$
|
||||
answer "{{ .Name }} 60 IN A 172.16.17.80"
|
||||
fallthrough
|
||||
name: template
|
||||
parameters: IN A strudelline.net
|
||||
- name: forward
|
||||
parameters: myrunningman.com 172.16.1.53:153
|
||||
- name: forward
|
||||
parameters: in-addr.arpa 172.16.33.1 172.16.34.1
|
||||
- name: forward
|
||||
parameters: cascade.strudelline.net 172.16.33.1 172.16.34.1
|
||||
- configBlock: |
|
||||
force_tcp
|
||||
name: forward
|
||||
parameters: . 172.16.1.53
|
||||
- name: loop
|
||||
- name: reload
|
||||
- name: nsid
|
||||
parameters: coredns-ext
|
||||
- name: cache
|
||||
parameters: 30
|
||||
- name: cancel
|
||||
- name: whoami
|
||||
- name: loadbalance
|
||||
- name: log
|
||||
- name: minimal
|
||||
port: 53
|
||||
zones:
|
||||
- zone: .
|
||||
service:
|
||||
annotations:
|
||||
metallb.universe.tf/allow-shared-ip: 172.16.1.9
|
||||
metallb.universe.tf/loadBalancerIPs: 172.16.1.9
|
||||
serviceType: LoadBalancer
|
||||
resources:
|
||||
- coredns-address-pool.yaml
|
|
@ -1,107 +0,0 @@
|
|||
replicaCount: 3
|
||||
|
||||
servers:
|
||||
- zones:
|
||||
- zone: .
|
||||
port: 53
|
||||
# If serviceType is nodePort you can specify nodePort here
|
||||
# nodePort: 30053
|
||||
# hostPort: 53
|
||||
plugins:
|
||||
- name: errors
|
||||
# Serves a /health endpoint on :8080, required for livenessProbe
|
||||
- name: health
|
||||
configBlock: |-
|
||||
lameduck 5s
|
||||
# Serves a /ready endpoint on :8181, required for readinessProbe
|
||||
- name: ready
|
||||
# Required to query kubernetes API for data
|
||||
- name: kubernetes
|
||||
parameters: cluster.local in-addr.arpa ip6.arpa
|
||||
configBlock: |-
|
||||
pods insecure
|
||||
fallthrough in-addr.arpa ip6.arpa
|
||||
ttl 30
|
||||
- name: transfer
|
||||
configBlock: |-
|
||||
to *
|
||||
- name: k8s_external
|
||||
parameters: k
|
||||
configBlock: |-
|
||||
fallthrough
|
||||
# Serves a /metrics endpoint on :9153, required for serviceMonitor
|
||||
- name: prometheus
|
||||
parameters: 0.0.0.0:9153
|
||||
#- name: k8s_gateway
|
||||
# parameters: cluster.gateway
|
||||
# configBlock: |-
|
||||
# resources Ingress
|
||||
# ttl 10
|
||||
|
||||
# individual hosts (full domains but still just hosts)
|
||||
- {"parameters": "IN A harbor.strudelline.net", "configBlock": "answer \"{{ .Name }} 60 IN A 172.16.17.115\"", "name": "template"}
|
||||
- {"parameters": "IN A frigate.strudelline.net", "configBlock": "answer \"{{ .Name }} 60 IN A 172.16.17.33\"", "name": "template"}
|
||||
#- {"parameters": "IN A email.strudelline.net", "configBlock": "answer \"{{ .Name }} 60 IN CNAME mailgun.org.\"", "name": "template"}
|
||||
#- {"parameters": "IN A pbx.strudelline.net", "configBlock": "answer \"{{ .Name }} 60 IN A 172.16.56.1\"", "name": "template"}
|
||||
# werts.us
|
||||
- name: template
|
||||
parameters: IN A werts.us
|
||||
configBlock: answer "{{ .Name }} 60 IN A 172.16.17.80"
|
||||
# minio.strudelline.net
|
||||
- name: template
|
||||
parameters: IN A minio.strudelline.net
|
||||
configBlock: answer "{{ .Name }} 60 IN A 172.16.17.80"
|
||||
# cascade.strudelline.net
|
||||
- name: template
|
||||
parameters: IN A cascade.strudelline.net
|
||||
configBlock: |
|
||||
match ^cascade[.]strudelline[.]net[.]$
|
||||
answer "{{ .Name }} 60 IN A 172.16.34.1"
|
||||
answer "{{ .Name }} 60 IN A 172.16.33.1"
|
||||
fallthrough
|
||||
# *.strudelline.net
|
||||
- name: template
|
||||
parameters: IN A strudelline.net
|
||||
configBlock: |
|
||||
match ^(?P<name>[^.]*)[.]strudelline[.]net[.]$
|
||||
answer "{{ .Name }} 60 IN A 172.16.17.80"
|
||||
fallthrough
|
||||
# BYPASS FAMILY FILTER FOR SOME SITES
|
||||
- name: forward
|
||||
parameters: myrunningman.com 172.16.1.53:153
|
||||
# *.cascade.strudelline.net
|
||||
- name: forward
|
||||
parameters: in-addr.arpa 172.16.33.1 172.16.34.1
|
||||
- name: forward
|
||||
parameters: cascade.strudelline.net 172.16.33.1 172.16.34.1
|
||||
- name: forward
|
||||
parameters: . 172.16.1.53
|
||||
configBlock: |
|
||||
force_tcp
|
||||
- name: loop
|
||||
- name: reload
|
||||
- name: nsid
|
||||
parameters: "coredns-ext"
|
||||
- name: cache
|
||||
parameters: 30
|
||||
- name: cancel
|
||||
- name: whoami
|
||||
- name: loadbalance
|
||||
- name: log
|
||||
- name: minimal
|
||||
|
||||
serviceType: LoadBalancer
|
||||
service:
|
||||
annotations:
|
||||
metallb.universe.tf/allow-shared-ip: 172.16.1.9
|
||||
metallb.universe.tf/loadBalancerIPs: 172.16.1.9
|
||||
|
||||
isClusterService: false
|
||||
|
||||
#podAnnotations:
|
||||
# k8s.v1.cni.cncf.io/networks: |
|
||||
# [{
|
||||
# "namespace": "cascade",
|
||||
# "name": "br0-static",
|
||||
# "ips": ["172.16.1.9/12"]
|
||||
# }]
|
Loading…
Reference in New Issue
Block a user