Tunnel CoreDNS

Tunnel CoreDNS sample config
tunnel/tunnel-coredns.yaml
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: tunnel-coredns
  namespace: edge-system
data:
  Corefile: |
    .:53 {
        errors
        health {
           lameduck 5s
        }
        hosts /etc/edge/hosts {
            reload 300ms
            fallthrough
        }
        ready
        prometheus :9153
        forward . /etc/resolv.conf
        cache 30
        reload 2s
        loadbalance
    }    
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: tunnel-nodes
  namespace: edge-system
data:
  hosts: ""
---
apiVersion: v1
kind: Service
metadata:
  name: tunnel-coredns
  namespace: edge-system
spec:
  ports:
    - name: dns
      port: 53
      protocol: UDP
      targetPort: 53
    - name: dns-tcp
      port: 53
      protocol: TCP
      targetPort: 53
    - name: metrics
      port: 9153
      protocol: TCP
      targetPort: 9153
  selector:
    k8s-app: tunnel-coredns
  type: ClusterIP
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: tunnel-coredns
  namespace: edge-system
spec:
  replicas: 1
  selector:
    matchLabels:
      k8s-app: tunnel-coredns
  template:
    metadata:
      labels:
        k8s-app: tunnel-coredns
    spec:
      containers:
        - args:
            - -conf
            - /etc/coredns/Corefile
          image: coredns/coredns:1.6.5
          imagePullPolicy: IfNotPresent
          livenessProbe:
            failureThreshold: 5
            httpGet:
              path: /health
              port: 8080
              scheme: HTTP
            initialDelaySeconds: 60
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 5
          name: tunnel-coredns
          ports:
            - containerPort: 53
              name: dns
              protocol: UDP
            - containerPort: 53
              name: dns-tcp
              protocol: TCP
            - containerPort: 9153
              name: metrics
              protocol: TCP
          readinessProbe:
            failureThreshold: 3
            httpGet:
              path: /ready
              port: 8181
              scheme: HTTP
          volumeMounts:
            - mountPath: /etc/coredns
              name: config-volume
              readOnly: true
            - mountPath: /etc/edge
              name: hosts
              readOnly: true
          resources:
            limits:
              cpu: 50m
              memory: 100Mi
            requests:
              cpu: 10m
              memory: 50Mi
      volumes:
        - configMap:
            defaultMode: 420
            items:
              - key: Corefile
                path: Corefile
            name: tunnel-coredns
          name: config-volume
        - configMap:
            defaultMode: 420
            name: tunnel-nodes
          name: hosts
      nodeSelector:
        node-role.kubernetes.io/master: ""
      tolerations:
        - key: "node-role.kubernetes.io/master"
          operator: "Exists"
          effect: "NoSchedule"
Feedback

Was this page helpful?
Glad to hear from you! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.
Last modified June 15, 2021 : Fixed error links and paths (fef537b)