dowerx/cluster-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
cluster-configs/k8s/coredns/coredns.yml
BENEDEK László 7555e214a5 split dns
2025-05-03 21:18:22 +02:00

212 lines
4.2 KiB
YAML
Raw Permalink Blame History

apiVersion: v1
kind: Namespace
metadata:
name: dns
---
kind: ConfigMap
apiVersion: v1
metadata:
name: config
namespace: dns
data:
private-Corefile: |-
.:53 {
log . "private: {remote}:{port} - {>id} {>opcode} {>name} {>type} {>proto}"
debug
file /config/db.cluster
}
public.cluster. {
forward . 192.168.123.240
}
public-Corefile: |-
.:54 {
log . "public: {remote}:{port} - {>id} {>opcode} {>name} {>type} {>proto}"
debug
file /config/db.public.cluster
}
db.cluster: |-
$TTL 1m
$ORIGIN cluster.
@ IN SOA ns1.cluster. admin.cluster. (
2025050302 ; serial
1m ; period
1m ; retry
1m ; exp
1m ; ttl
)
control.cluster. IN A 192.168.123.1
ns1.cluster. IN A 192.168.123.241
ns2.cluster. IN A 192.168.123.240
public.cluster. IN NS ns2.cluster.
private.cluster. IN A 192.168.123.241
whoami.private.cluster. IN CNAME private.cluster.
db.public.cluster: |-
$TTL 1m
$ORIGIN public.cluster.
@ IN SOA ns2.cluster. admin.cluster. (
2025050302 ; serial
1m ; period
1m ; retry
1m ; exp
1m ; ttl
)
ns2.cluster. IN A 192.168.123.240
public.cluster. IN A 192.168.123.240
whoami.public.cluster. IN CNAME public.cluster.
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: coredns
namespace: dns
spec:
replicas: 1
selector:
matchLabels:
app: coredns
template:
metadata:
labels:
app: coredns
spec:
containers:
- name: coredns-private
image: coredns/coredns
ports:
- containerPort: 53
protocol: UDP
- containerPort: 53
protocol: TCP
args:
- -conf=/config/private-Corefile
volumeMounts:
- mountPath: /config
name: config
readOnly: true
resources:
limits:
cpu: "1000m"
memory: "500Mi"
requests:
cpu: "10m"
memory: "10Mi"
- name: coredns-public
image: coredns/coredns
ports:
- containerPort: 54
protocol: UDP
- containerPort: 54
protocol: TCP
args:
- -conf=/config/public-Corefile
volumeMounts:
- mountPath: /config
name: config
readOnly: true
resources:
limits:
cpu: "1000m"
memory: "500Mi"
requests:
cpu: "10m"
memory: "10Mi"
volumes:
- name: config
configMap:
name: config
---
kind: Service
apiVersion: v1
metadata:
name: dns
namespace: dns
spec:
ports:
- port: 53
targetPort: 53
protocol: UDP
name: dns-udp-private
- port: 53
targetPort: 53
protocol: TCP
name: dns-tcp-private
- port: 54
targetPort: 54
protocol: UDP
name: dns-udp-public
- port: 54
targetPort: 54
protocol: TCP
name: dns-tcp-public
selector:
app: coredns
---
apiVersion: traefik.io/v1alpha1
kind: IngressRouteUDP
metadata:
name: dns-udp-private
namespace: dns
spec:
entryPoints:
- dns-udp-private
routes:
- services:
- name: dns
port: 53
---
apiVersion: traefik.io/v1alpha1
kind: IngressRouteTCP
metadata:
name: dns-tcp-private
namespace: dns
spec:
entryPoints:
- dns-tcp-private
routes:
- match: HostSNI('*')
services:
- name: dns
port: 53
---
apiVersion: traefik.io/v1alpha1
kind: IngressRouteUDP
metadata:
name: dns-udp-public
namespace: dns
spec:
entryPoints:
- dns-udp-public
routes:
- services:
- name: dns
port: 54
---
apiVersion: traefik.io/v1alpha1
kind: IngressRouteTCP
metadata:
name: dns-tcp-public
namespace: dns
spec:
entryPoints:
- dns-tcp-public
routes:
- match: HostSNI('*')
services:
- name: dns
port: 54
Reference in New Issue View Git Blame Copy Permalink