Tunnel CoreDNS

Tunnel CoreDNS sample config
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: tunnel-coredns
  namespace: edge-system
data:
  Corefile: |
    .:53 {
        errors
        health {
           lameduck 5s
        }
        hosts /etc/edge/hosts {
            reload 300ms
            fallthrough
        }
        ready
        prometheus :9153
        forward . /etc/resolv.conf
        cache 30
        reload 2s
        loadbalance
    }    
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: tunnel-nodes
  namespace: edge-system
data:
  hosts: ""
---
apiVersion: v1
kind: Service
metadata:
  name: tunnel-coredns
  namespace: edge-system
spec:
  ports:
    - name: dns
      port: 53
      protocol: UDP
      targetPort: 53
    - name: dns-tcp
      port: 53
      protocol: TCP
      targetPort: 53
    - name: metrics
      port: 9153
      protocol: TCP
      targetPort: 9153
  selector:
    k8s-app: tunnel-coredns
  type: ClusterIP
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: tunnel-coredns
  namespace: edge-system
spec:
  replicas: 1
  selector:
    matchLabels:
      k8s-app: tunnel-coredns
  template:
    metadata:
      labels:
        k8s-app: tunnel-coredns
    spec:
      containers:
        - args:
            - -conf
            - /etc/coredns/Corefile
          image: coredns/coredns:1.6.5
          imagePullPolicy: IfNotPresent
          livenessProbe:
            failureThreshold: 5
            httpGet:
              path: /health
              port: 8080
              scheme: HTTP
            initialDelaySeconds: 60
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 5
          name: tunnel-coredns
          ports:
            - containerPort: 53
              name: dns
              protocol: UDP
            - containerPort: 53
              name: dns-tcp
              protocol: TCP
            - containerPort: 9153
              name: metrics
              protocol: TCP
          readinessProbe:
            failureThreshold: 3
            httpGet:
              path: /ready
              port: 8181
              scheme: HTTP
          volumeMounts:
            - mountPath: /etc/coredns
              name: config-volume
              readOnly: true
            - mountPath: /etc/edge
              name: hosts
              readOnly: true
          resources:
            limits:
              cpu: 50m
              memory: 100Mi
            requests:
              cpu: 10m
              memory: 50Mi
      volumes:
        - configMap:
            defaultMode: 420
            items:
              - key: Corefile
                path: Corefile
            name: tunnel-coredns
          name: config-volume
        - configMap:
            defaultMode: 420
            name: tunnel-nodes
          name: hosts
      nodeSelector:
        node-role.kubernetes.io/master: ""
      tolerations:
        - key: "node-role.kubernetes.io/master"
          operator: "Exists"
          effect: "NoSchedule"

Last modified June 15, 2021 : Fixed error links and paths (fef537b)