feat(coredns): avoid getting removed by k0s

Signed-off-by: Nguyen Marc <nguyen_marc@live.fr>

core.example/coredns/base/configmap.yaml

@@ -2,9 +2,6 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   name: coredns
-  namespace: kube-system
-  labels:
-    k0s.k0sproject.io/stack: coredns
 data:
   Corefile: |
     .:53 {

core.example/coredns/base/deployment.yaml → core.example/coredns/base/daemonset.yaml

@@ -1,21 +1,11 @@
 apiVersion: apps/v1
-kind: Deployment
+kind: DaemonSet
 metadata:
   name: coredns
-  namespace: kube-system
   labels:
-    k0s.k0sproject.io/stack: coredns
     k8s-app: kube-dns
     kubernetes.io/name: CoreDNS
 spec:
-  strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 1
-      maxSurge: 25%
-  revisionHistoryLimit: 10
-  progressDeadlineSeconds: 600
-  replicas: 2
   selector:
     matchLabels:
       k8s-app: kube-dns
@@ -33,38 +23,28 @@ spec:
       serviceAccount: coredns
       securityContext: {}
       schedulerName: default-scheduler
+      nodeSelector:
+        kubernetes.io/os: linux
+        node-role.kubernetes.io/control-plane: 'true'
       tolerations:
         - key: CriticalAddonsOnly
           operator: Exists
-        - key: 'node-role.kubernetes.io/control-plane'
-          operator: 'Exists'
-          effect: 'NoSchedule'
+        - key: node-role.kubernetes.io/control-plane
+          operator: Exists
+          effect: NoSchedule
         - key: node-role.kubernetes.io/master
           operator: Exists
           effect: NoSchedule
-      nodeSelector:
-        kubernetes.io/os: linux
-      topologySpreadConstraints:
-        - maxSkew: 1
-          topologyKey: topology.kubernetes.io/zone
-          whenUnsatisfiable: ScheduleAnyway
-          labelSelector:
-            matchExpressions:
-              - key: k8s-app
-                operator: In
-                values:
-                  - kube-dns
       containers:
         - name: coredns
           image: docker.io/coredns/coredns:1.9.3
           imagePullPolicy: IfNotPresent
           resources:
             limits:
-              cpu: 250m
-              memory: 256Mi
+              memory: 170Mi
             requests:
-              cpu: 250m
-              memory: 256Mi
+              cpu: 100m
+              memory: 70Mi
           args: ['-conf', '/etc/coredns/Corefile']
           volumeMounts:
             - name: config-volume

core.example/coredns/base/kustomization.yaml

@@ -1,5 +1,5 @@
 resources:
-  - deployment.yaml
+  - daemonset.yaml
   - rbac.yaml
   - configmap.yaml
   - service.yaml

core.example/coredns/base/rbac.yaml

@@ -2,7 +2,6 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: coredns
-  namespace: kube-system
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole

core.example/coredns/base/service.yaml

@@ -2,7 +2,6 @@ apiVersion: v1
 kind: Service
 metadata:
   name: kube-dns
-  namespace: kube-system
   annotations:
     prometheus.io/port: '9153'
     prometheus.io/scrape: 'true'

core.example/coredns/overlays/prod/configmap.yaml

@@ -2,9 +2,6 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   name: coredns
-  namespace: kube-system
-  labels:
-    k0s.k0sproject.io/stack: coredns
 data:
   Corefile: |
     .:53 {
@@ -15,37 +12,13 @@ data:
       ready
       kubernetes cluster.local in-addr.arpa ip6.arpa {
         pods insecure
-        ttl 30
         fallthrough in-addr.arpa ip6.arpa
+        ttl 30
       }
       prometheus :9153
-      forward . tls://9.9.9.9
-      reload
-    }
-    example.com:53 {
-      log
-      errors
-      ready
-      hosts /etc/coredns/example.com.db
+      forward . 8.8.8.8
+      cache 30
+      loop
       reload
+      loadbalance
     }
-
-  example.com.db: |
-    192.168.0.1 gateway.example.com
-    192.168.0.2 mn1.example.com
-    192.168.0.3 xcatmn.example.com
-    192.168.0.5 cvmfs.example.com
-    192.168.0.6 nfs.example.com
-    192.168.0.7 mysql.example.com
-    192.168.0.8 ldap.example.com
-
-    192.168.0.10 slurm-cluster-example-controller-0.example.com
-    192.168.0.20 slurm-cluster-example-login-0.example.com
-    192.168.0.21 slurm-cluster-example-login-1.example.com
-    192.168.0.51 cn1.example.com
-
-    192.168.1.100 metallb-0.example.com
-    192.168.1.100 argocd.example.com
-    192.168.1.100 traefik.example.com
-    192.168.1.100 prometheus.example.com
-    192.168.1.100 grafana.example.com

core.example/coredns/overlays/prod/deployment.yaml → core.example/coredns/overlays/prod/daemonset.yaml

@@ -1,12 +1,7 @@
 apiVersion: apps/v1
-kind: Deployment
+kind: DaemonSet
 metadata:
   name: coredns
-  namespace: kube-system
-  labels:
-    k0s.k0sproject.io/stack: coredns
-    k8s-app: kube-dns
-    kubernetes.io/name: CoreDNS
 spec:
   template:
     spec:
@@ -17,6 +12,4 @@ spec:
             items:
               - key: Corefile
                 path: Corefile
-              - key: example.com.db
-                path: example.com.db
             defaultMode: 420

core.example/coredns/overlays/prod/ingress-route.yaml

@@ -2,7 +2,6 @@ apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRouteTCP
 metadata:
   name: dns-tcp
-  namespace: kube-system
   labels:
     app.kubernetes.io/name: dns-tcp
     app.kubernetes.io/component: ingress-route-tcp
@@ -22,7 +21,6 @@ apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRouteUDP
 metadata:
   name: dns-udp
-  namespace: kube-system
   labels:
     app.kubernetes.io/name: dns-udp
     app.kubernetes.io/component: ingress-route-udp

core.example/coredns/overlays/prod/kustomization.yaml

@@ -3,5 +3,5 @@ resources:
   - ../../base
   - ingress-route.yaml
 patchesStrategicMerge:
-  - deployment.yaml
+  - daemonset.yaml
   - configmap.yaml