--- apiVersion: v1 kind: ConfigMap metadata: name: tunnel-coredns namespace: edge-system data: Corefile: | .:53 { errors health { lameduck 5s } hosts /etc/edge/hosts { reload 300ms fallthrough } ready prometheus :9153 forward . /etc/resolv.conf cache 30 reload 2s loadbalance } --- apiVersion: v1 kind: ConfigMap metadata: name: tunnel-nodes namespace: edge-system data: hosts: "" --- apiVersion: v1 kind: Service metadata: name: tunnel-coredns namespace: edge-system spec: ports: - name: dns port: 53 protocol: UDP targetPort: 53 - name: dns-tcp port: 53 protocol: TCP targetPort: 53 - name: metrics port: 9153 protocol: TCP targetPort: 9153 selector: k8s-app: tunnel-coredns type: ClusterIP --- apiVersion: apps/v1 kind: Deployment metadata: name: tunnel-coredns namespace: edge-system spec: replicas: 1 selector: matchLabels: k8s-app: tunnel-coredns template: metadata: labels: k8s-app: tunnel-coredns spec: containers: - args: - -conf - /etc/coredns/Corefile image: coredns/coredns:1.6.5 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 5 httpGet: path: /health port: 8080 scheme: HTTP initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 name: tunnel-coredns ports: - containerPort: 53 name: dns protocol: UDP - containerPort: 53 name: dns-tcp protocol: TCP - containerPort: 9153 name: metrics protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: /ready port: 8181 scheme: HTTP volumeMounts: - mountPath: /etc/coredns name: config-volume readOnly: true - mountPath: /etc/edge name: hosts readOnly: true resources: limits: cpu: 50m memory: 100Mi requests: cpu: 10m memory: 50Mi volumes: - configMap: defaultMode: 420 items: - key: Corefile path: Corefile name: tunnel-coredns name: config-volume - configMap: defaultMode: 420 name: tunnel-nodes name: hosts nodeSelector: node-role.kubernetes.io/master: "" tolerations: - key: "node-role.kubernetes.io/master" operator: "Exists" effect: "NoSchedule"