--- apiVersion: v1 kind: ServiceAccount metadata: name: excoredns namespace: kube-system --- # Source: coredns/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: name: excoredns namespace: kube-system data: Corefile: |- .:53 { errors log ready k8s_gateway example.com forward . /etc/resolv.conf cache 30 loop reload loadbalance } --- # Source: coredns/templates/clusterrole.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: excoredns rules: - apiGroups: - "" resources: - services - namespaces verbs: - list - watch - apiGroups: - extensions - networking.k8s.io resources: - ingresses verbs: - list - watch - apiGroups: - gateway.networking.k8s.io resources: - "*" verbs: - watch - list --- # Source: coredns/templates/clusterrolebinding.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: excoredns roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: excoredns subjects: - kind: ServiceAccount name: excoredns namespace: kube-system --- apiVersion: v1 kind: Service metadata: name: external-dns namespace: kube-system spec: selector: k8s-app: "excoredns" ports: - { port: 53, protocol: UDP, name: udp-53 } type: LoadBalancer --- apiVersion: apps/v1 kind: Deployment metadata: name: excoredns namespace: kube-system spec: replicas: 1 selector: matchLabels: k8s-app: "excoredns" template: metadata: labels: k8s-app: "excoredns" spec: serviceAccountName: excoredns dnsPolicy: ClusterFirst containers: - name: "coredns" image: "quay.io/oriedge/k8s_gateway" imagePullPolicy: IfNotPresent args: ["-conf", "/etc/coredns/Corefile"] volumeMounts: - name: config-volume mountPath: /etc/coredns resources: limits: cpu: 100m memory: 128Mi requests: cpu: 100m memory: 128Mi ports: - { containerPort: 53, protocol: UDP, name: udp-53 } - { containerPort: 53, protocol: TCP, name: tcp-53 } volumes: - name: config-volume configMap: name: excoredns items: - key: Corefile path: Corefile