92 lines
2.1 KiB
YAML
92 lines
2.1 KiB
YAML
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: authoritative-dns
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: coredns-auth-corefile
|
|
namespace: authoritative-dns
|
|
data:
|
|
Corefile: |
|
|
svc.n0ball.tw:5353 {
|
|
file /etc/coredns-zone/svc.n0ball.tw.zone
|
|
log
|
|
errors
|
|
}
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: coredns-auth-zone
|
|
namespace: authoritative-dns
|
|
data:
|
|
svc.n0ball.tw.zone: |
|
|
$ORIGIN svc.n0ball.tw.
|
|
@ 3600 IN SOA ns1.n0ball.tw. admin.n0ball.tw. (
|
|
2026031001 ; serial
|
|
3600 ; refresh
|
|
600 ; retry
|
|
86400 ; expire
|
|
60 ; minimum
|
|
)
|
|
@ 3600 IN NS ns1.n0ball.tw.
|
|
@ 3600 IN NS ns2.n0ball.tw.
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: coredns-auth
|
|
namespace: authoritative-dns
|
|
spec:
|
|
replicas: 2
|
|
selector:
|
|
matchLabels:
|
|
app: coredns-auth
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: coredns-auth
|
|
spec:
|
|
affinity:
|
|
podAntiAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
- labelSelector:
|
|
matchLabels:
|
|
app: coredns-auth
|
|
topologyKey: kubernetes.io/hostname
|
|
tolerations:
|
|
- key: "node-role.kubernetes.io/control-plane"
|
|
operator: "Exists"
|
|
effect: "NoSchedule"
|
|
containers:
|
|
- name: coredns
|
|
image: coredns/coredns:1.12.0
|
|
args: ["-conf", "/etc/coredns/Corefile"]
|
|
ports:
|
|
- containerPort: 5353
|
|
hostPort: 53
|
|
protocol: UDP
|
|
- containerPort: 5353
|
|
hostPort: 53
|
|
protocol: TCP
|
|
volumeMounts:
|
|
- name: corefile
|
|
mountPath: /etc/coredns
|
|
- name: zone
|
|
mountPath: /etc/coredns-zone
|
|
resources:
|
|
requests:
|
|
cpu: 50m
|
|
memory: 32Mi
|
|
limits:
|
|
memory: 64Mi
|
|
volumes:
|
|
- name: corefile
|
|
configMap:
|
|
name: coredns-auth-corefile
|
|
- name: zone
|
|
configMap:
|
|
name: coredns-auth-zone
|