apiVersion: v1 kind: Namespace metadata: name: authoritative-dns --- apiVersion: v1 kind: ConfigMap metadata: name: coredns-auth-corefile namespace: authoritative-dns data: Corefile: | svc.n0ball.tw:5353 { file /etc/coredns-zone/svc.n0ball.tw.zone log errors } --- apiVersion: v1 kind: ConfigMap metadata: name: coredns-auth-zone namespace: authoritative-dns data: svc.n0ball.tw.zone: | $ORIGIN svc.n0ball.tw. @ 3600 IN SOA ns1.n0ball.tw. admin.n0ball.tw. ( 2026031001 ; serial 3600 ; refresh 600 ; retry 86400 ; expire 60 ; minimum ) @ 3600 IN NS ns1.n0ball.tw. @ 3600 IN NS ns2.n0ball.tw. --- apiVersion: apps/v1 kind: Deployment metadata: name: coredns-auth namespace: authoritative-dns spec: replicas: 2 selector: matchLabels: app: coredns-auth template: metadata: labels: app: coredns-auth spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchLabels: app: coredns-auth topologyKey: kubernetes.io/hostname tolerations: - key: "node-role.kubernetes.io/control-plane" operator: "Exists" effect: "NoSchedule" containers: - name: coredns image: coredns/coredns:1.12.0 args: ["-conf", "/etc/coredns/Corefile"] ports: - containerPort: 5353 hostPort: 53 protocol: UDP - containerPort: 5353 hostPort: 53 protocol: TCP volumeMounts: - name: corefile mountPath: /etc/coredns - name: zone mountPath: /etc/coredns-zone resources: requests: cpu: 50m memory: 32Mi limits: memory: 64Mi volumes: - name: corefile configMap: name: coredns-auth-corefile - name: zone configMap: name: coredns-auth-zone