Change CoreDNS from Deployment to DaemonSet
CoreDNS is critical to cluster operations, and is also a very lightweight service. This change makes the CoreDNS service deployable as a Deployment (current behavior), a DaemonSet, or both simultaneously. This allows DNS to be easily configured to run on all nodes (or all control plane nodes if desired) for high availability of the service and resiliency of the cluster. The "deplyoment and daemonset" behavior can be used to provide an uninterrupted migration path from a Deployment-based environment to a DaemonSet-based one. Change-Id: I58c3e62ac4892a4d9374d99eefe8055865cebf1e
This commit is contained in:
parent
1f5c57d1de
commit
ce6f253432
|
@ -16,35 +16,46 @@ limitations under the License.
|
||||||
|
|
||||||
{{- $envAll := . }}
|
{{- $envAll := . }}
|
||||||
{{- $labels := tuple $envAll "kubernetes" "coredns" | include "helm-toolkit.snippets.kubernetes_metadata_labels" -}}
|
{{- $labels := tuple $envAll "kubernetes" "coredns" | include "helm-toolkit.snippets.kubernetes_metadata_labels" -}}
|
||||||
|
{{- $kinds := list -}}
|
||||||
|
{{- if .Values.manifests.deployment -}}{{ $kinds = append $kinds "Deployment" -}}{{- end -}}
|
||||||
|
{{- if .Values.manifests.daemonset -}}{{ $kinds = append $kinds "DaemonSet" -}}{{- end -}}
|
||||||
|
|
||||||
|
{{- range $kinds -}}
|
||||||
|
{{- $kind := . -}}
|
||||||
---
|
---
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: Deployment
|
kind: {{ $kind }}
|
||||||
metadata:
|
metadata:
|
||||||
name: coredns
|
name: coredns
|
||||||
labels:
|
labels:
|
||||||
{{ $labels | indent 4 }}
|
{{ $labels | indent 4 }}
|
||||||
{{ .Values.service.name }}: enabled
|
{{ $envAll.Values.service.name }}: enabled
|
||||||
kubernetes.io/name: "CoreDNS"
|
kubernetes.io/name: "CoreDNS"
|
||||||
annotations:
|
annotations:
|
||||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
||||||
spec:
|
spec:
|
||||||
replicas: {{ .Values.pod.replicas.coredns }}
|
{{- if eq $kind "Deployment" }}
|
||||||
|
replicas: {{ $envAll.Values.pod.replicas.coredns }}
|
||||||
strategy:
|
strategy:
|
||||||
type: RollingUpdate
|
type: RollingUpdate
|
||||||
rollingUpdate:
|
rollingUpdate:
|
||||||
maxUnavailable: 1
|
maxUnavailable: 1
|
||||||
|
{{- end }}
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
{{ $labels | indent 6 }}
|
{{ $labels | indent 6 }}
|
||||||
{{ .Values.service.name }}: enabled
|
{{ $envAll.Values.service.name }}: enabled
|
||||||
|
{{- if eq $kind "DaemonSet" }}
|
||||||
|
{{ tuple $envAll "coredns" | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }}
|
||||||
|
{{- end }}
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
{{ $labels | indent 8 }}
|
{{ $labels | indent 8 }}
|
||||||
{{ .Values.service.name }}: enabled
|
{{ $envAll.Values.service.name }}: enabled
|
||||||
annotations:
|
annotations:
|
||||||
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
|
configmap-bin-hash: {{ tuple "configmap-bin.yaml" $envAll | include "helm-toolkit.utils.hash" }}
|
||||||
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
|
configmap-etc-hash: {{ tuple "configmap-etc.yaml" $envAll | include "helm-toolkit.utils.hash" }}
|
||||||
spec:
|
spec:
|
||||||
serviceAccountName: coredns
|
serviceAccountName: coredns
|
||||||
shareProcessNamespace: true
|
shareProcessNamespace: true
|
||||||
|
@ -52,7 +63,9 @@ spec:
|
||||||
- key: "CriticalAddonsOnly"
|
- key: "CriticalAddonsOnly"
|
||||||
operator: "Exists"
|
operator: "Exists"
|
||||||
nodeSelector:
|
nodeSelector:
|
||||||
{{ .Values.labels.coredns.node_selector_key }}: {{ .Values.labels.coredns.node_selector_value }}
|
{{ $envAll.Values.labels.coredns.node_selector_key }}: {{ $envAll.Values.labels.coredns.node_selector_value }}
|
||||||
|
terminationGracePeriodSeconds: {{ $envAll.Values.pod.lifecycle.termination_grace_period.coredns.timeout | default "30" }}
|
||||||
|
{{- if eq $kind "Deployment" }}
|
||||||
affinity:
|
affinity:
|
||||||
podAntiAffinity:
|
podAntiAffinity:
|
||||||
preferredDuringSchedulingIgnoredDuringExecution:
|
preferredDuringSchedulingIgnoredDuringExecution:
|
||||||
|
@ -60,15 +73,16 @@ spec:
|
||||||
podAffinityTerm:
|
podAffinityTerm:
|
||||||
labelSelector:
|
labelSelector:
|
||||||
matchExpressions:
|
matchExpressions:
|
||||||
- key: {{ .Values.service.name }}
|
- key: {{ $envAll.Values.service.name }}
|
||||||
operator: In
|
operator: In
|
||||||
values:
|
values:
|
||||||
- enabled
|
- enabled
|
||||||
topologyKey: kubernetes.io/hostname
|
topologyKey: kubernetes.io/hostname
|
||||||
|
{{- end }}
|
||||||
containers:
|
containers:
|
||||||
- name: coredns
|
- name: coredns
|
||||||
image: {{ .Values.images.tags.coredns | quote }}
|
image: {{ $envAll.Values.images.tags.coredns | quote }}
|
||||||
imagePullPolicy: {{ .Values.images.pull_policy | quote }}
|
imagePullPolicy: {{ $envAll.Values.images.pull_policy | quote }}
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.coredns | include "helm-toolkit.snippets.kubernetes_resources" | indent 8 }}
|
{{ tuple $envAll $envAll.Values.pod.resources.coredns | include "helm-toolkit.snippets.kubernetes_resources" | indent 8 }}
|
||||||
args: [ "-conf", "/etc/coredns/Corefile" ]
|
args: [ "-conf", "/etc/coredns/Corefile" ]
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
|
@ -102,11 +116,12 @@ spec:
|
||||||
volumes:
|
volumes:
|
||||||
- name: config-volume
|
- name: config-volume
|
||||||
configMap:
|
configMap:
|
||||||
name: {{ .Values.service.name }}-etc
|
name: {{ $envAll.Values.service.name }}-etc
|
||||||
items:
|
items:
|
||||||
- key: Corefile
|
- key: Corefile
|
||||||
path: Corefile
|
path: Corefile
|
||||||
- name: scripts
|
- name: scripts
|
||||||
configMap:
|
configMap:
|
||||||
name: {{ .Values.service.name }}-bin
|
name: {{ $envAll.Values.service.name }}-bin
|
||||||
defaultMode: 0555
|
defaultMode: 0555
|
||||||
|
{{ end }}
|
||||||
|
|
|
@ -36,6 +36,18 @@ service:
|
||||||
ip: 10.96.0.10
|
ip: 10.96.0.10
|
||||||
|
|
||||||
pod:
|
pod:
|
||||||
|
lifecycle:
|
||||||
|
upgrades:
|
||||||
|
# This is only meaningful when deploying as a DaemonSet
|
||||||
|
daemonsets:
|
||||||
|
pod_replacement_strategy: RollingUpdate
|
||||||
|
coredns:
|
||||||
|
enabled: true
|
||||||
|
min_ready_seconds: 0
|
||||||
|
max_unavailable: 30%
|
||||||
|
termination_grace_period:
|
||||||
|
coredns:
|
||||||
|
timeout: 30
|
||||||
resources:
|
resources:
|
||||||
enabled: false
|
enabled: false
|
||||||
coredns:
|
coredns:
|
||||||
|
@ -52,6 +64,7 @@ pod:
|
||||||
limits:
|
limits:
|
||||||
memory: "1024Mi"
|
memory: "1024Mi"
|
||||||
cpu: "2000m"
|
cpu: "2000m"
|
||||||
|
# This is only meaningful when deploying as a Deployment
|
||||||
replicas:
|
replicas:
|
||||||
coredns: 3
|
coredns: 3
|
||||||
|
|
||||||
|
@ -63,4 +76,7 @@ monitoring:
|
||||||
port: 9253
|
port: 9253
|
||||||
|
|
||||||
manifests:
|
manifests:
|
||||||
|
# This chart can deploy CoreDNS as a Deployment, as a DaemonSet, or both
|
||||||
|
daemonset: false
|
||||||
|
deployment: true
|
||||||
pod_test: true
|
pod_test: true
|
||||||
|
|
|
@ -571,12 +571,9 @@ data:
|
||||||
conf:
|
conf:
|
||||||
test:
|
test:
|
||||||
names_to_resolve:
|
names_to_resolve:
|
||||||
- att.com
|
|
||||||
- calico-etcd.kube-system.svc.cluster.local
|
- calico-etcd.kube-system.svc.cluster.local
|
||||||
- google.com
|
|
||||||
- kubernetes-etcd.kube-system.svc.cluster.local
|
- kubernetes-etcd.kube-system.svc.cluster.local
|
||||||
- kubernetes.default.svc.cluster.local
|
- kubernetes.default.svc.cluster.local
|
||||||
|
|
||||||
images:
|
images:
|
||||||
tags:
|
tags:
|
||||||
coredns: coredns/coredns:1.1.3
|
coredns: coredns/coredns:1.1.3
|
||||||
|
|
|
@ -582,9 +582,7 @@ data:
|
||||||
conf:
|
conf:
|
||||||
test:
|
test:
|
||||||
names_to_resolve:
|
names_to_resolve:
|
||||||
- att.com
|
|
||||||
- calico-etcd.kube-system.svc.cluster.local
|
- calico-etcd.kube-system.svc.cluster.local
|
||||||
- google.com
|
|
||||||
- kubernetes-etcd.kube-system.svc.cluster.local
|
- kubernetes-etcd.kube-system.svc.cluster.local
|
||||||
- kubernetes.default.svc.cluster.local
|
- kubernetes.default.svc.cluster.local
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue