kind: ConfigMap metadata: name: coredns namespace: kube-system apiVersion: v1 data: Corefile: | .:53 { errors health { lameduck 5s } ready kubernetes cluster.local in-addr.arpa ip6.arpa { pods insecure fallthrough in-addr.arpa ip6.arpa ttl 30 } file /etc/coredns/lan.db lan prometheus :9153 forward . /etc/resolv.conf { max_concurrent 1000 } cache 30 loop reload loadbalance } lan.db: | ;lan. zone file $ORIGIN lan. @ 600 IN SOA sns.dns.icann.org. noc.dns.icann.org. 2022032201 7200 600 1209600 600 3600 IN NS 172.23.255.252 ns IN A 172.23.255.252 salt IN A 192.168.10.2 mqtt IN A 172.16.23.1 www-proxy IN A 172.23.255.1 git IN A 172.23.255.2 postgresql IN A 172.23.255.4 mariadb IN A 172.23.255.5 redis IN A 172.23.255.6 pihole IN A 172.23.255.253 adm IN CNAME adm01.wks. prometheus IN CNAME www-proxy alertmanager IN CNAME www-proxy stats IN CNAME www-proxy cr-ui IN CNAME www-proxy apt IN CNAME www-proxy apt-cache IN CNAME www-proxy nodered IN CNAME www-proxy foto IN CNAME www-proxy musik IN CNAME www-proxy hassio IN CNAME www-proxy hassio-conf IN CNAME www-proxy git-ui IN CNAME www-proxy grav IN CNAME www-proxy tekton IN CNAME www-proxy nc IN CNAME www-proxy dolibarr IN CNAME www-proxy auth IN CNAME www-proxy public.auth IN CNAME www-proxy secure.auth IN CNAME www-proxy docker-registry IN CNAME adm cr IN CNAME adm dr-mirror IN CNAME adm log IN CNAME adm --- apiVersion: v1 kind: Service metadata: name: dns-ext namespace: kube-system spec: ports: - name: dns-udp protocol: UDP port: 53 targetPort: 53 selector: k8s-app: kube-dns type: LoadBalancer loadBalancerIP: 172.23.255.252 --- apiVersion: apps/v1 kind: Deployment metadata: name: coredns labels: k8s-app: kube-dns spec: progressDeadlineSeconds: 600 replicas: 2 revisionHistoryLimit: 10 selector: matchLabels: k8s-app: kube-dns strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 1 type: RollingUpdate template: metadata: labels: k8s-app: kube-dns spec: containers: - args: - -conf - /etc/coredns/Corefile image: registry.k8s.io/coredns/coredns:v1.9.3 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 5 httpGet: path: /health port: 8080 scheme: HTTP initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 name: coredns ports: - containerPort: 53 name: dns protocol: UDP - containerPort: 53 name: dns-tcp protocol: TCP - containerPort: 9153 name: metrics protocol: TCP livenessProbe: httpGet: path: /health port: 8080 scheme: HTTP initialDelaySeconds: 60 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 5 readinessProbe: failureThreshold: 3 httpGet: path: /ready port: 8181 scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 resources: limits: memory: 170Mi requests: cpu: 100m memory: 70Mi securityContext: allowPrivilegeEscalation: false capabilities: add: - NET_BIND_SERVICE drop: - all readOnlyRootFilesystem: true allowPrivilegeEscalation: false terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /etc/coredns name: config-volume readOnly: true dnsPolicy: Default nodeSelector: kubernetes.io/os: linux priorityClassName: system-cluster-critical restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: coredns serviceAccountName: coredns terminationGracePeriodSeconds: 30 tolerations: - key: CriticalAddonsOnly operator: Exists - effect: NoSchedule key: node-role.kubernetes.io/master - effect: NoSchedule key: node-role.kubernetes.io/control-plane volumes: - configMap: defaultMode: 420 items: - key: Corefile path: Corefile - key: lan.db path: lan.db name: coredns name: config-volume