Prepare for Antelope branch (#1147)
This change contains a big bump of versions for many components
but some are not fully bumped to the latest which are:
Keycloak (in order to go to 23.X first, then B will go to 24.X)
RabbitMQ (In order to go to 3.11 first, then B will go to 3.12)
OVN (24.03 LTS packages don't exist yet)
Once we merge this, we should run some upgrade tests from the last
branch (in this case, stable/zed) to main before we branch
this out to stable/2023.1.
Closes: #1004
Reviewed-by: Mohammed Naser <mnaser@vexxhost.com>
Reviewed-by: Rico Lin <ricolin@ricolky.com>
diff --git a/charts/coredns/Chart.yaml b/charts/coredns/Chart.yaml
index 15a0837..6ace0d1 100644
--- a/charts/coredns/Chart.yaml
+++ b/charts/coredns/Chart.yaml
@@ -1,8 +1,11 @@
annotations:
artifacthub.io/changes: |
- - Initial helm chart changelog
+ - kind: changed
+ description: Ignore duplicate strings in the fullname helper template
+ - kind: removed
+ description: Removed deprecated "engine: gotpl" from the Chart.yaml
apiVersion: v2
-appVersion: 1.9.3
+appVersion: 1.11.1
description: CoreDNS is a DNS server that chains plugins and provides Kubernetes DNS
Services
home: https://coredns.io
@@ -14,8 +17,10 @@
maintainers:
- name: mrueg
- name: haad
+- name: hagaibarel
+- name: shubham-cmyk
name: coredns
sources:
- https://github.com/coredns/coredns
type: application
-version: 1.19.4
+version: 1.29.0
diff --git a/charts/coredns/README.md b/charts/coredns/README.md
index b8ce2ca..b98c4a2 100644
--- a/charts/coredns/README.md
+++ b/charts/coredns/README.md
@@ -13,13 +13,13 @@
This chart bootstraps a [CoreDNS](https://github.com/coredns/coredns) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. This chart will provide DNS Services and can be deployed in multiple configuration to support various scenarios listed below:
- - CoreDNS as a cluster dns service and a drop-in replacement for Kube/SkyDNS. This is the default mode and CoreDNS is deployed as cluster-service in kube-system namespace. This mode is chosen by setting `isClusterService` to true.
- - CoreDNS as an external dns service. In this mode CoreDNS is deployed as any kubernetes app in user specified namespace. The CoreDNS service can be exposed outside the cluster by using using either the NodePort or LoadBalancer type of service. This mode is chosen by setting `isClusterService` to false.
- - CoreDNS as an external dns provider for kubernetes federation. This is a sub case of 'external dns service' which uses etcd plugin for CoreDNS backend. This deployment mode as a dependency on `etcd-operator` chart, which needs to be pre-installed.
+- CoreDNS as a cluster dns service and a drop-in replacement for Kube/SkyDNS. This is the default mode and CoreDNS is deployed as cluster-service in kube-system namespace. This mode is chosen by setting `isClusterService` to true.
+- CoreDNS as an external dns service. In this mode CoreDNS is deployed as any kubernetes app in user specified namespace. The CoreDNS service can be exposed outside the cluster by using using either the NodePort or LoadBalancer type of service. This mode is chosen by setting `isClusterService` to false.
+- CoreDNS as an external dns provider for kubernetes federation. This is a sub case of 'external dns service' which uses etcd plugin for CoreDNS backend. This deployment mode as a dependency on `etcd-operator` chart, which needs to be pre-installed.
## Prerequisites
-- Kubernetes 1.10 or later
+- Kubernetes 1.10 or later
## Installing the Chart
@@ -46,97 +46,101 @@
## Configuration
-| Parameter | Description | Default |
-|:------------------------------------------------|:------------------------------------------------------------------------------------------------------------------------------------------|:------------------------------------------------------------|
-| `image.repository` | The image repository to pull from | coredns/coredns |
-| `image.tag` | The image tag to pull from | `1.9.3` |
-| `image.pullPolicy` | Image pull policy | IfNotPresent |
-| `image.pullSecrets` | Specify container image pull secrets | `[]` |
-| `replicaCount` | Number of replicas | 1 |
-| `resources.limits.cpu` | Container maximum CPU | `100m` |
-| `resources.limits.memory` | Container maximum memory | `128Mi` |
-| `resources.requests.cpu` | Container requested CPU | `100m` |
-| `resources.requests.memory` | Container requested memory | `128Mi` |
-| `serviceType` | Kubernetes Service type | `ClusterIP` |
-| `prometheus.service.enabled` | Set this to `true` to create Service for Prometheus metrics | `false` |
-| `prometheus.service.annotations` | Annotations to add to the metrics Service | `{prometheus.io/scrape: "true", prometheus.io/port: "9153"}`|
-| `prometheus.monitor.enabled` | Set this to `true` to create ServiceMonitor for Prometheus operator | `false` |
-| `prometheus.monitor.additionalLabels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | {} |
-| `prometheus.monitor.namespace` | Selector to select which namespaces the Endpoints objects are discovered from. | `""` |
-| `prometheus.monitor.interval` | Scrape interval for polling the metrics endpoint. (E.g. "30s") | `""` |
-| `service.clusterIP` | IP address to assign to service | `""` |
-| `service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `""` |
-| `service.externalIPs` | External IP addresses | [] |
-| `service.externalTrafficPolicy` | Enable client source IP preservation | [] |
-| `service.annotations` | Annotations to add to service | {} |
-| `serviceAccount.create` | If true, create & use serviceAccount | false |
-| `serviceAccount.name` | If not set & create is true, use template fullname | |
-| `rbac.create` | If true, create & use RBAC resources | true |
-| `rbac.pspEnable` | Specifies whether a PodSecurityPolicy should be created. | `false` |
-| `isClusterService` | Specifies whether chart should be deployed as cluster-service or normal k8s app. | true |
-| `priorityClassName` | Name of Priority Class to assign pods | `""` |
-| `servers` | Configuration for CoreDNS and plugins | See values.yml |
-| `livenessProbe.enabled` | Enable/disable the Liveness probe | `true` |
-| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `60` |
-| `livenessProbe.periodSeconds` | How often to perform the probe | `10` |
-| `livenessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` |
-| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` |
-| `readinessProbe.enabled` | Enable/disable the Readiness probe | `true` |
-| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
-| `readinessProbe.periodSeconds` | How often to perform the probe | `10` |
-| `readinessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` |
-| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` |
-| `affinity` | Affinity settings for pod assignment | {} |
-| `nodeSelector` | Node labels for pod assignment | {} |
-| `tolerations` | Tolerations for pod assignment | [] |
-| `zoneFiles` | Configure custom Zone files | [] |
-| `extraVolumes` | Optional array of volumes to create | [] |
-| `extraVolumeMounts` | Optional array of volumes to mount inside the CoreDNS container | [] |
-| `extraSecrets` | Optional array of secrets to mount inside the CoreDNS container | [] |
-| `customLabels` | Optional labels for Deployment(s), Pod, Service, ServiceMonitor objects | {} |
-| `customAnnotations` | Optional annotations for Deployment(s), Pod, Service, ServiceMonitor objects
-| `rollingUpdate.maxUnavailable` | Maximum number of unavailable replicas during rolling update | `1` |
-| `rollingUpdate.maxSurge` | Maximum number of pods created above desired number of pods | `25%` |
-| `podDisruptionBudget` | Optional PodDisruptionBudget | {} |
-| `podAnnotations` | Optional Pod only Annotations | {} |
-| `terminationGracePeriodSeconds` | Optional duration in seconds the pod needs to terminate gracefully. | 30 |
-| `preStopSleep` | Definition of Kubernetes preStop hook executed before Pod termination | {} |
-| `hpa.enabled` | Enable Hpa autoscaler instead of proportional one | `false` |
-| `hpa.minReplicas` | Hpa minimum number of CoreDNS replicas | `1` |
-| `hpa.maxReplicas` | Hpa maximum number of CoreDNS replicas | `2` |
-| `hpa.metrics` | Metrics definitions used by Hpa to scale up and down | {} |
-| `autoscaler.enabled` | Optionally enabled a cluster-proportional-autoscaler for CoreDNS | `false` |
-| `autoscaler.coresPerReplica` | Number of cores in the cluster per CoreDNS replica | `256` |
-| `autoscaler.nodesPerReplica` | Number of nodes in the cluster per CoreDNS replica | `16` |
-| `autoscaler.min` | Min size of replicaCount | 0 |
-| `autoscaler.max` | Max size of replicaCount | 0 (aka no max) |
-| `autoscaler.includeUnschedulableNodes` | Should the replicas scale based on the total number or only schedulable nodes | `false` |
-| `autoscaler.preventSinglePointFailure` | If true does not allow single points of failure to form | `true` |
-| `autoscaler.customFlags` | A list of custom flags to pass into cluster-proportional-autoscaler | (no args) |
-| `autoscaler.image.repository` | The image repository to pull autoscaler from | k8s.gcr.io/cpa/cluster-proportional-autoscaler |
-| `autoscaler.image.tag` | The image tag to pull autoscaler from | `1.8.5` |
-| `autoscaler.image.pullPolicy` | Image pull policy for the autoscaler | IfNotPresent |
-| `autoscaler.image.pullSecrets` | Specify container image pull secrets | `[]` |
-| `autoscaler.priorityClassName` | Optional priority class for the autoscaler pod. `priorityClassName` used if not set. | `""` |
-| `autoscaler.affinity` | Affinity settings for pod assignment for autoscaler | {} |
-| `autoscaler.nodeSelector` | Node labels for pod assignment for autoscaler | {} |
-| `autoscaler.tolerations` | Tolerations for pod assignment for autoscaler | [] |
-| `autoscaler.resources.limits.cpu` | Container maximum CPU for cluster-proportional-autoscaler | `20m` |
-| `autoscaler.resources.limits.memory` | Container maximum memory for cluster-proportional-autoscaler | `10Mi` |
-| `autoscaler.resources.requests.cpu` | Container requested CPU for cluster-proportional-autoscaler | `20m` |
-| `autoscaler.resources.requests.memory` | Container requested memory for cluster-proportional-autoscaler | `10Mi` |
-| `autoscaler.configmap.annotations` | Annotations to add to autoscaler config map. For example to stop CI renaming them | {} |
-| `autoscaler.livenessProbe.enabled` | Enable/disable the Liveness probe | `true` |
-| `autoscaler.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `10` |
-| `autoscaler.livenessProbe.periodSeconds` | How often to perform the probe | `5` |
-| `autoscaler.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
-| `autoscaler.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` |
-| `autoscaler.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` |
-| `deployment.enabled` | Optionally disable the main deployment and its respective resources. | `true` |
-| `deployment.name` | Name of the deployment if `deployment.enabled` is true. Otherwise the name of an existing deployment for the autoscaler or HPA to target. | `""` |
-| `deployment.annotations` | Annotations to add to the main deployment | `{}` |
+| Parameter | Description | Default |
+| :--------------------------------------------- | :---------------------------------------------------------------------------------------------------------------------------------------- | :----------------------------------------------------------- |
+| `image.repository` | The image repository to pull from | coredns/coredns |
+| `image.tag` | The image tag to pull from (derived from Chart.yaml) | `` |
+| `image.pullPolicy` | Image pull policy | IfNotPresent |
+| `image.pullSecrets` | Specify container image pull secrets | `[]` |
+| `replicaCount` | Number of replicas | 1 |
+| `resources.limits.cpu` | Container maximum CPU | `100m` |
+| `resources.limits.memory` | Container maximum memory | `128Mi` |
+| `resources.requests.cpu` | Container requested CPU | `100m` |
+| `resources.requests.memory` | Container requested memory | `128Mi` |
+| `serviceType` | Kubernetes Service type | `ClusterIP` |
+| `prometheus.service.enabled` | Set this to `true` to create Service for Prometheus metrics | `false` |
+| `prometheus.service.annotations` | Annotations to add to the metrics Service | `{prometheus.io/scrape: "true", prometheus.io/port: "9153"}` |
+| `prometheus.monitor.enabled` | Set this to `true` to create ServiceMonitor for Prometheus operator | `false` |
+| `prometheus.monitor.additionalLabels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | {} |
+| `prometheus.monitor.namespace` | Selector to select which namespaces the Endpoints objects are discovered from. | `""` |
+| `prometheus.monitor.interval` | Scrape interval for polling the metrics endpoint. (E.g. "30s") | `""` |
+| `service.clusterIP` | IP address to assign to service | `""` |
+| `service.clusterIPs` | IP addresses to assign to service | `[]` |
+| `service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `""` |
+| `service.externalIPs` | External IP addresses | [] |
+| `service.externalTrafficPolicy` | Enable client source IP preservation | [] |
+| `service.ipFamilyPolicy` | Service dual-stack policy | `""` |
+| `service.annotations` | Annotations to add to service | {} |
+| `serviceAccount.create` | If true, create & use serviceAccount | false |
+| `serviceAccount.name` | If not set & create is true, use template fullname | |
+| `rbac.create` | If true, create & use RBAC resources | true |
+| `rbac.pspEnable` | Specifies whether a PodSecurityPolicy should be created. | `false` |
+| `isClusterService` | Specifies whether chart should be deployed as cluster-service or normal k8s app. | true |
+| `priorityClassName` | Name of Priority Class to assign pods | `""` |
+| `securityContext` | securityContext definition for pods | capabilities.add.NET_BIND_SERVICE |
+| `servers` | Configuration for CoreDNS and plugins | See values.yml |
+| `livenessProbe.enabled` | Enable/disable the Liveness probe | `true` |
+| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `60` |
+| `livenessProbe.periodSeconds` | How often to perform the probe | `10` |
+| `livenessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` |
+| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` |
+| `readinessProbe.enabled` | Enable/disable the Readiness probe | `true` |
+| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
+| `readinessProbe.periodSeconds` | How often to perform the probe | `10` |
+| `readinessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` |
+| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` |
+| `affinity` | Affinity settings for pod assignment | {} |
+| `nodeSelector` | Node labels for pod assignment | {} |
+| `tolerations` | Tolerations for pod assignment | [] |
+| `zoneFiles` | Configure custom Zone files | [] |
+| `extraContainers` | Optional array of sidecar containers | [] |
+| `extraVolumes` | Optional array of volumes to create | [] |
+| `extraVolumeMounts` | Optional array of volumes to mount inside the CoreDNS container | [] |
+| `extraSecrets` | Optional array of secrets to mount inside the CoreDNS container | [] |
+| `customLabels` | Optional labels for Deployment(s), Pod, Service, ServiceMonitor objects | {} |
+| `customAnnotations` | Optional annotations for Deployment(s), Pod, Service, ServiceMonitor objects |
+| `rollingUpdate.maxUnavailable` | Maximum number of unavailable replicas during rolling update | `1` |
+| `rollingUpdate.maxSurge` | Maximum number of pods created above desired number of pods | `25%` |
+| `podDisruptionBudget` | Optional PodDisruptionBudget | {} |
+| `podAnnotations` | Optional Pod only Annotations | {} |
+| `terminationGracePeriodSeconds` | Optional duration in seconds the pod needs to terminate gracefully. | 30 |
+| `hpa.enabled` | Enable Hpa autoscaler instead of proportional one | `false` |
+| `hpa.minReplicas` | Hpa minimum number of CoreDNS replicas | `1` |
+| `hpa.maxReplicas` | Hpa maximum number of CoreDNS replicas | `2` |
+| `hpa.metrics` | Metrics definitions used by Hpa to scale up and down | {} |
+| `autoscaler.enabled` | Optionally enabled a cluster-proportional-autoscaler for CoreDNS | `false` |
+| `autoscaler.coresPerReplica` | Number of cores in the cluster per CoreDNS replica | `256` |
+| `autoscaler.nodesPerReplica` | Number of nodes in the cluster per CoreDNS replica | `16` |
+| `autoscaler.min` | Min size of replicaCount | 0 |
+| `autoscaler.max` | Max size of replicaCount | 0 (aka no max) |
+| `autoscaler.includeUnschedulableNodes` | Should the replicas scale based on the total number or only schedulable nodes | `false` |
+| `autoscaler.preventSinglePointFailure` | If true does not allow single points of failure to form | `true` |
+| `autoscaler.customFlags` | A list of custom flags to pass into cluster-proportional-autoscaler | (no args) |
+| `autoscaler.image.repository` | The image repository to pull autoscaler from | registry.k8s.io/cpa/cluster-proportional-autoscaler |
+| `autoscaler.image.tag` | The image tag to pull autoscaler from | `1.8.5` |
+| `autoscaler.image.pullPolicy` | Image pull policy for the autoscaler | IfNotPresent |
+| `autoscaler.image.pullSecrets` | Specify container image pull secrets | `[]` |
+| `autoscaler.priorityClassName` | Optional priority class for the autoscaler pod. `priorityClassName` used if not set. | `""` |
+| `autoscaler.affinity` | Affinity settings for pod assignment for autoscaler | {} |
+| `autoscaler.nodeSelector` | Node labels for pod assignment for autoscaler | {} |
+| `autoscaler.tolerations` | Tolerations for pod assignment for autoscaler | [] |
+| `autoscaler.resources.limits.cpu` | Container maximum CPU for cluster-proportional-autoscaler | `20m` |
+| `autoscaler.resources.limits.memory` | Container maximum memory for cluster-proportional-autoscaler | `10Mi` |
+| `autoscaler.resources.requests.cpu` | Container requested CPU for cluster-proportional-autoscaler | `20m` |
+| `autoscaler.resources.requests.memory` | Container requested memory for cluster-proportional-autoscaler | `10Mi` |
+| `autoscaler.configmap.annotations` | Annotations to add to autoscaler config map. For example to stop CI renaming them | {} |
+| `autoscaler.livenessProbe.enabled` | Enable/disable the Liveness probe | `true` |
+| `autoscaler.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `10` |
+| `autoscaler.livenessProbe.periodSeconds` | How often to perform the probe | `5` |
+| `autoscaler.livenessProbe.timeoutSeconds` | When the probe times out | `5` |
+| `autoscaler.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` |
+| `autoscaler.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` |
+| `autoscaler.extraContainers` | Optional array of sidecar containers | [] |
+| `deployment.enabled` | Optionally disable the main deployment and its respective resources. | `true` |
+| `deployment.name` | Name of the deployment if `deployment.enabled` is true. Otherwise the name of an existing deployment for the autoscaler or HPA to target. | `""` |
+| `deployment.annotations` | Annotations to add to the main deployment | `{}` |
See `values.yaml` for configuration notes. Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
@@ -154,8 +158,7 @@
$ helm install coredns coredns/coredns -f values.yaml
```
-> **Tip**: You can use the default [values.yaml](values.yaml)
-
+> **Tip**: You can use the default [values.yaml](/charts/coredns/values.yaml)
## Caveats
@@ -186,3 +189,60 @@
By setting `hpa.enabled = true` a [Horizontal Pod Autoscaler](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/)
is enabled for Coredns deployment. This can scale number of replicas based on meitrics
like CpuUtilization, MemoryUtilization or Custom ones.
+
+## Adopting existing CoreDNS resources
+
+If you do not want to delete the existing CoreDNS resources in your cluster, you can adopt the resources into a release as of Helm 3.2.0.
+
+You will also need to annotate and label your existing resources to allow Helm to assume control of them. See: https://github.com/helm/helm/pull/7649
+
+```
+annotations:
+ meta.helm.sh/release-name: your-release-name
+ meta.helm.sh/release-namespace: your-release-namespace
+label:
+ app.kubernetes.io/managed-by: Helm
+```
+
+Once you have annotated and labeled all the resources this chart specifies, you may need to locally template the chart and compare against existing manifest to ensure there are no changes/diffs.s If
+you have been careful this should not diff and leave all the resources unmodified and now under management of helm.
+
+Some values to investigate to help adopt your existing manifests to the Helm release are:
+
+- k8sAppLabelOverride
+- service.name
+- customLabels
+
+In some cases, you will need to orphan delete your existing deployment since selector labels are immutable.
+
+```
+kubectl delete deployment coredns --cascade=orphan
+```
+
+This will delete the deployment and leave the replicaset to ensure no downtime in the cluster. You will need to manually delete the replicaset AFTER Helm has released a new deployment.
+
+Here is an example script to modify the annotations and labels of existing resources:
+
+WARNING: Substitute YOUR_HELM_RELEASE_NAME_HERE with the name of your helm release.
+
+```
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+for kind in config service serviceAccount; do
+ echo "setting annotations and labels on $kind/coredns"
+ kubectl -n kube-system annotate --overwrite $kind coredns meta.helm.sh/release-name=YOUR_HELM_RELEASE_NAME_HERE
+ kubectl -n kube-system annotate --overwrite $kind coredns meta.helm.sh/release-namespace=kube-system
+ kubectl -n kube-system label --overwrite $kind coredns app.kubernetes.io/managed-by=Helm
+done
+```
+
+NOTE: Sometimes, previous deployments of kube-dns that have been migrated to CoreDNS still use kube-dns for the service name as well.
+
+```
+echo "setting annotations and labels on service/kube-dns"
+kubectl -n kube-system annotate --overwrite service kube-dns meta.helm.sh/release-name=YOUR_HELM_RELEASE_NAME_HERE
+kubectl -n kube-system annotate --overwrite service kube-dns meta.helm.sh/release-namespace=kube-system
+kubectl -n kube-system label --overwrite service kube-dns app.kubernetes.io/managed-by=Helm
+```
diff --git a/charts/coredns/templates/_helpers.tpl b/charts/coredns/templates/_helpers.tpl
index ade1523..6dc6833 100644
--- a/charts/coredns/templates/_helpers.tpl
+++ b/charts/coredns/templates/_helpers.tpl
@@ -15,9 +15,50 @@
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "coredns.labels" -}}
+app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
+app.kubernetes.io/instance: {{ .Release.Name | quote }}
+helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+{{- if .Values.isClusterService }}
+k8s-app: {{ template "coredns.k8sapplabel" . }}
+kubernetes.io/cluster-service: "true"
+kubernetes.io/name: "CoreDNS"
+{{- end }}
+app.kubernetes.io/name: {{ template "coredns.name" . }}
+{{- end -}}
+
+{{/*
+Common labels with autoscaler
+*/}}
+{{- define "coredns.labels.autoscaler" -}}
+app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
+app.kubernetes.io/instance: {{ .Release.Name | quote }}
+helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+{{- if .Values.isClusterService }}
+k8s-app: {{ template "coredns.k8sapplabel" . }}-autoscaler
+kubernetes.io/cluster-service: "true"
+kubernetes.io/name: "CoreDNS"
+{{- end }}
+app.kubernetes.io/name: {{ template "coredns.name" . }}-autoscaler
+{{- end -}}
+
+{{/*
+Allow k8s-app label to be overridden
+*/}}
+{{- define "coredns.k8sapplabel" -}}
+{{- default .Chart.Name .Values.k8sAppLabelOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
{{/*
Generate the list of ports automatically from the server definitions
@@ -135,17 +176,40 @@
{{- $innerdict := set $innerdict "istcp" true -}}
{{- end -}}
+ {{- if .hostPort -}}
+ {{- $innerdict := set $innerdict "hostPort" .hostPort -}}
+ {{- end -}}
+
{{/* Write the dict back into the outer dict */}}
{{- $ports := set $ports $port $innerdict -}}
+
+ {{/* Fetch port from the configuration if the prometheus section exists */}}
+ {{- range .plugins -}}
+ {{- if eq .name "prometheus" -}}
+ {{- $prometheus_addr := toString .parameters -}}
+ {{- $prometheus_addr_list := regexSplit ":" $prometheus_addr -1 -}}
+ {{- $prometheus_port := index $prometheus_addr_list 1 -}}
+ {{- $ports := set $ports $prometheus_port (dict "istcp" true "isudp" false) -}}
+ {{- end -}}
+ {{- end -}}
{{- end -}}
{{/* Write out the ports according to the info collected above */}}
{{- range $port, $innerdict := $ports -}}
+ {{- $portList := list -}}
{{- if index $innerdict "isudp" -}}
- {{- printf "- {containerPort: %v, protocol: UDP, name: udp-%s}\n" $port $port -}}
+ {{- $portList = append $portList (dict "containerPort" ($port | int) "protocol" "UDP" "name" (printf "udp-%s" $port)) -}}
{{- end -}}
{{- if index $innerdict "istcp" -}}
- {{- printf "- {containerPort: %v, protocol: TCP, name: tcp-%s}\n" $port $port -}}
+ {{- $portList = append $portList (dict "containerPort" ($port | int) "protocol" "TCP" "name" (printf "tcp-%s" $port)) -}}
+ {{- end -}}
+
+ {{- range $portDict := $portList -}}
+ {{- if index $innerdict "hostPort" -}}
+ {{- $portDict := set $portDict "hostPort" (get $innerdict "hostPort" | int) -}}
+ {{- end -}}
+
+ {{- printf "- %s\n" (toJson $portDict) -}}
{{- end -}}
{{- end -}}
{{- end -}}
diff --git a/charts/coredns/templates/clusterrole-autoscaler.yaml b/charts/coredns/templates/clusterrole-autoscaler.yaml
index 1d738fa..9bf57d2 100644
--- a/charts/coredns/templates/clusterrole-autoscaler.yaml
+++ b/charts/coredns/templates/clusterrole-autoscaler.yaml
@@ -4,16 +4,7 @@
kind: ClusterRole
metadata:
name: {{ template "coredns.fullname" . }}-autoscaler
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- {{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name }}-autoscaler
- kubernetes.io/cluster-service: "true"
- kubernetes.io/name: "CoreDNS"
- {{- end }}
- app.kubernetes.io/name: {{ template "coredns.name" . }}-autoscaler
+ labels: {{- include "coredns.labels.autoscaler" . | nindent 4 }}
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 4 }}
{{- end }}
diff --git a/charts/coredns/templates/clusterrole.yaml b/charts/coredns/templates/clusterrole.yaml
index 8544681..c33762c 100644
--- a/charts/coredns/templates/clusterrole.yaml
+++ b/charts/coredns/templates/clusterrole.yaml
@@ -3,16 +3,7 @@
kind: ClusterRole
metadata:
name: {{ template "coredns.fullname" . }}
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- {{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name | quote }}
- kubernetes.io/cluster-service: "true"
- kubernetes.io/name: "CoreDNS"
- {{- end }}
- app.kubernetes.io/name: {{ template "coredns.name" . }}
+ labels: {{- include "coredns.labels" . | nindent 4 }}
rules:
- apiGroups:
- ""
diff --git a/charts/coredns/templates/clusterrolebinding-autoscaler.yaml b/charts/coredns/templates/clusterrolebinding-autoscaler.yaml
index 82a91d0..ef32306 100644
--- a/charts/coredns/templates/clusterrolebinding-autoscaler.yaml
+++ b/charts/coredns/templates/clusterrolebinding-autoscaler.yaml
@@ -4,16 +4,7 @@
kind: ClusterRoleBinding
metadata:
name: {{ template "coredns.fullname" . }}-autoscaler
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- {{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name }}-autoscaler
- kubernetes.io/cluster-service: "true"
- kubernetes.io/name: "CoreDNS"
- {{- end }}
- app.kubernetes.io/name: {{ template "coredns.name" . }}-autoscaler
+ labels: {{- include "coredns.labels.autoscaler" . | nindent 4 }}
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 4 }}
{{- end }}
diff --git a/charts/coredns/templates/clusterrolebinding.yaml b/charts/coredns/templates/clusterrolebinding.yaml
index 1d3cb53..36fa21c 100644
--- a/charts/coredns/templates/clusterrolebinding.yaml
+++ b/charts/coredns/templates/clusterrolebinding.yaml
@@ -3,16 +3,7 @@
kind: ClusterRoleBinding
metadata:
name: {{ template "coredns.fullname" . }}
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- {{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name | quote }}
- kubernetes.io/cluster-service: "true"
- kubernetes.io/name: "CoreDNS"
- {{- end }}
- app.kubernetes.io/name: {{ template "coredns.name" . }}
+ labels: {{- include "coredns.labels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
diff --git a/charts/coredns/templates/configmap-autoscaler.yaml b/charts/coredns/templates/configmap-autoscaler.yaml
index c690e7a..b10eb59 100644
--- a/charts/coredns/templates/configmap-autoscaler.yaml
+++ b/charts/coredns/templates/configmap-autoscaler.yaml
@@ -5,16 +5,7 @@
metadata:
name: {{ template "coredns.fullname" . }}-autoscaler
namespace: {{ .Release.Namespace }}
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- {{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name }}-autoscaler
- kubernetes.io/cluster-service: "true"
- kubernetes.io/name: "CoreDNS"
- {{- end }}
- app.kubernetes.io/name: {{ template "coredns.name" . }}-autoscaler
+ labels: {{- include "coredns.labels.autoscaler" . | nindent 4 }}
{{- if .Values.customLabels }}
{{- toYaml .Values.customLabels | nindent 4 }}
{{- end }}
diff --git a/charts/coredns/templates/configmap.yaml b/charts/coredns/templates/configmap.yaml
index a1d8668..67654c6 100644
--- a/charts/coredns/templates/configmap.yaml
+++ b/charts/coredns/templates/configmap.yaml
@@ -4,16 +4,8 @@
kind: ConfigMap
metadata:
name: {{ template "coredns.fullname" . }}
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- {{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name | quote }}
- kubernetes.io/cluster-service: "true"
- kubernetes.io/name: "CoreDNS"
- {{- end }}
- app.kubernetes.io/name: {{ template "coredns.name" . }}
+ namespace: {{ .Release.Namespace }}
+ labels: {{- include "coredns.labels" . | nindent 4 }}
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 4 }}
{{- end }}
diff --git a/charts/coredns/templates/deployment-autoscaler.yaml b/charts/coredns/templates/deployment-autoscaler.yaml
index 31bcc96..7de5c06 100644
--- a/charts/coredns/templates/deployment-autoscaler.yaml
+++ b/charts/coredns/templates/deployment-autoscaler.yaml
@@ -5,16 +5,7 @@
metadata:
name: {{ template "coredns.fullname" . }}-autoscaler
namespace: {{ .Release.Namespace }}
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- {{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name }}-autoscaler
- kubernetes.io/cluster-service: "true"
- kubernetes.io/name: "CoreDNS"
- {{- end }}
- app.kubernetes.io/name: {{ template "coredns.name" . }}-autoscaler
+ labels: {{- include "coredns.labels.autoscaler" . | nindent 4 }}
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 4 }}
{{- end }}
@@ -27,14 +18,16 @@
matchLabels:
app.kubernetes.io/instance: {{ .Release.Name | quote }}
{{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name }}-autoscaler
+ k8s-app: {{ template "coredns.k8sapplabel" . }}-autoscaler
{{- end }}
app.kubernetes.io/name: {{ template "coredns.name" . }}-autoscaler
template:
metadata:
labels:
{{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name }}-autoscaler
+ {{- if not (hasKey .Values.customLabels "k8s-app")}}
+ k8s-app: {{ template "coredns.k8sapplabel" . }}-autoscaler
+ {{- end }}
{{- end }}
app.kubernetes.io/name: {{ template "coredns.name" . }}-autoscaler
app.kubernetes.io/instance: {{ .Release.Name | quote }}
@@ -44,9 +37,11 @@
annotations:
checksum/configmap: {{ include (print $.Template.BasePath "/configmap-autoscaler.yaml") . | sha256sum }}
{{- if .Values.isClusterService }}
- scheduler.alpha.kubernetes.io/critical-pod: ''
scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
{{- end }}
+ {{- with .Values.autoscaler.podAnnotations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
spec:
serviceAccountName: {{ template "coredns.fullname" . }}-autoscaler
{{- $priorityClassName := default .Values.priorityClassName .Values.autoscaler.priorityClassName }}
@@ -65,6 +60,10 @@
nodeSelector:
{{ toYaml .Values.autoscaler.nodeSelector | indent 8 }}
{{- end }}
+ {{- if not (empty .Values.autoscaler.image.pullSecrets) }}
+ imagePullSecrets:
+{{ toYaml .Values.autoscaler.image.pullSecrets | indent 8 }}
+ {{- end }}
containers:
- name: autoscaler
image: "{{ .Values.autoscaler.image.repository }}:{{ .Values.autoscaler.image.tag }}"
@@ -93,4 +92,7 @@
{{- if .Values.autoscaler.customFlags }}
{{ toYaml .Values.autoscaler.customFlags | indent 10 }}
{{- end }}
+{{- if .Values.autoscaler.extraContainers }}
+{{ toYaml .Values.autoscaler.extraContainers | indent 6 }}
+{{- end }}
{{- end }}
diff --git a/charts/coredns/templates/deployment.yaml b/charts/coredns/templates/deployment.yaml
index 5d05c22..1b3f86f 100644
--- a/charts/coredns/templates/deployment.yaml
+++ b/charts/coredns/templates/deployment.yaml
@@ -4,16 +4,8 @@
kind: Deployment
metadata:
name: {{ default (include "coredns.fullname" .) .Values.deployment.name }}
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- {{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name | quote }}
- kubernetes.io/cluster-service: "true"
- kubernetes.io/name: "CoreDNS"
- {{- end }}
- app.kubernetes.io/name: {{ template "coredns.name" . }}
+ namespace: {{ .Release.Namespace }}
+ labels: {{- include "coredns.labels" . | nindent 4 }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 4 }}
@@ -28,7 +20,7 @@
{{- end }}
{{- end }}
spec:
- {{- if not .Values.autoscaler.enabled }}
+ {{- if and (not .Values.autoscaler.enabled) (not .Values.hpa.enabled) }}
replicas: {{ .Values.replicaCount }}
{{- end }}
strategy:
@@ -40,14 +32,14 @@
matchLabels:
app.kubernetes.io/instance: {{ .Release.Name | quote }}
{{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name | quote }}
+ k8s-app: {{ template "coredns.k8sapplabel" . }}
{{- end }}
app.kubernetes.io/name: {{ template "coredns.name" . }}
template:
metadata:
labels:
{{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name | quote }}
+ k8s-app: {{ template "coredns.k8sapplabel" . }}
{{- end }}
app.kubernetes.io/name: {{ template "coredns.name" . }}
app.kubernetes.io/instance: {{ .Release.Name | quote }}
@@ -57,13 +49,15 @@
annotations:
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
{{- if .Values.isClusterService }}
- scheduler.alpha.kubernetes.io/critical-pod: ''
scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
{{- end }}
{{- if .Values.podAnnotations }}
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
+ {{- if .Values.podSecurityContext }}
+ securityContext: {{ toYaml .Values.podSecurityContext | nindent 8 }}
+ {{- end }}
{{- if .Values.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
{{- end }}
@@ -78,6 +72,10 @@
affinity:
{{ toYaml .Values.affinity | indent 8 }}
{{- end }}
+ {{- if .Values.topologySpreadConstraints }}
+ topologySpreadConstraints:
+{{ tpl (toYaml .Values.topologySpreadConstraints) $ | indent 8 }}
+ {{- end }}
{{- if .Values.tolerations }}
tolerations:
{{ toYaml .Values.tolerations | indent 8 }}
@@ -86,9 +84,13 @@
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
{{- end }}
+ {{- if not (empty .Values.image.pullSecrets) }}
+ imagePullSecrets:
+{{ toYaml .Values.image.pullSecrets | indent 8 }}
+ {{- end }}
containers:
- name: "coredns"
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
args: [ "-conf", "/etc/coredns/Corefile" ]
volumeMounts:
@@ -130,16 +132,13 @@
successThreshold: {{ .Values.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
{{- end }}
- {{- if .Values.preStopSleep }}
- lifecycle:
- preStop:
- exec:
- command: ["/usr/bin/sleep", "{{ .Values.preStopSleep }}"]
- {{- end }}
{{- if .Values.securityContext }}
securityContext:
{{- toYaml .Values.securityContext | nindent 10 }}
{{- end }}
+{{- if .Values.extraContainers }}
+{{ toYaml .Values.extraContainers | indent 6 }}
+{{- end }}
volumes:
- name: config-volume
configMap:
@@ -155,7 +154,7 @@
- name: {{ .name }}
secret:
secretName: {{ .name }}
- defaultMode: 400
+ defaultMode: {{ default 400 .defaultMode }}
{{- end }}
{{- if .Values.extraVolumes }}
{{ toYaml .Values.extraVolumes | indent 8 }}
diff --git a/charts/coredns/templates/hpa.yaml b/charts/coredns/templates/hpa.yaml
index 79fc4cc..7fcc993 100644
--- a/charts/coredns/templates/hpa.yaml
+++ b/charts/coredns/templates/hpa.yaml
@@ -1,19 +1,15 @@
{{- if and (.Values.hpa.enabled) (not .Values.autoscaler.enabled) }}
---
+{{- if .Capabilities.APIVersions.Has "autoscaling/v2" }}
+apiVersion: autoscaling/v2
+{{- else }}
apiVersion: autoscaling/v2beta2
+{{- end }}
kind: HorizontalPodAutoscaler
metadata:
name: {{ template "coredns.fullname" . }}
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- {{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name | quote }}
- kubernetes.io/cluster-service: "true"
- kubernetes.io/name: "CoreDNS"
- {{- end }}
- app.kubernetes.io/name: {{ template "coredns.name" . }}
+ namespace: {{ .Release.Namespace }}
+ labels: {{- include "coredns.labels" . | nindent 4 }}
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 4 }}
{{- end }}
diff --git a/charts/coredns/templates/poddisruptionbudget.yaml b/charts/coredns/templates/poddisruptionbudget.yaml
index 9d0c96f..9cc62c1 100644
--- a/charts/coredns/templates/poddisruptionbudget.yaml
+++ b/charts/coredns/templates/poddisruptionbudget.yaml
@@ -3,16 +3,8 @@
kind: PodDisruptionBudget
metadata:
name: {{ template "coredns.fullname" . }}
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- {{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name | quote }}
- kubernetes.io/cluster-service: "true"
- kubernetes.io/name: "CoreDNS"
- {{- end }}
- app.kubernetes.io/name: {{ template "coredns.name" . }}
+ namespace: {{ .Release.Namespace }}
+ labels: {{- include "coredns.labels" . | nindent 4 }}
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 4 }}
{{- end }}
@@ -25,7 +17,7 @@
matchLabels:
app.kubernetes.io/instance: {{ .Release.Name | quote }}
{{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name | quote }}
+ k8s-app: {{ template "coredns.k8sapplabel" . }}
{{- end }}
app.kubernetes.io/name: {{ template "coredns.name" . }}
{{ toYaml .Values.podDisruptionBudget | indent 2 }}
diff --git a/charts/coredns/templates/podsecuritypolicy.yaml b/charts/coredns/templates/podsecuritypolicy.yaml
index 8a5d727..6e02e00 100644
--- a/charts/coredns/templates/podsecuritypolicy.yaml
+++ b/charts/coredns/templates/podsecuritypolicy.yaml
@@ -7,25 +7,15 @@
kind: PodSecurityPolicy
metadata:
name: {{ template "coredns.fullname" . }}
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- {{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name | quote }}
- kubernetes.io/cluster-service: "true"
- kubernetes.io/name: "CoreDNS"
- {{- else }}
- app.kubernetes.io/name: {{ template "coredns.name" . }}
- {{- end }}
+ labels: {{- include "coredns.labels" . | nindent 4 }}
spec:
privileged: false
# Required to prevent escalations to root.
allowPrivilegeEscalation: false
# Add back CAP_NET_BIND_SERVICE so that coredns can run on port 53
allowedCapabilities:
- - CAP_NET_BIND_SERVICE
- # Allow core volume types.
+ - NET_BIND_SERVICE
+ # Allow core volume types.
volumes:
- 'configMap'
- 'emptyDir'
diff --git a/charts/coredns/templates/service-metrics.yaml b/charts/coredns/templates/service-metrics.yaml
index bd1eaae..1fc7b2d 100644
--- a/charts/coredns/templates/service-metrics.yaml
+++ b/charts/coredns/templates/service-metrics.yaml
@@ -3,16 +3,8 @@
kind: Service
metadata:
name: {{ template "coredns.fullname" . }}-metrics
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- {{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name | quote }}
- kubernetes.io/cluster-service: "true"
- kubernetes.io/name: "CoreDNS"
- {{- end }}
- app.kubernetes.io/name: {{ template "coredns.name" . }}
+ namespace: {{ .Release.Namespace }}
+ labels: {{- include "coredns.labels" . | nindent 4 }}
app.kubernetes.io/component: metrics
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 4 }}
@@ -33,7 +25,7 @@
selector:
app.kubernetes.io/instance: {{ .Release.Name | quote }}
{{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name | quote }}
+ k8s-app: {{ template "coredns.k8sapplabel" . }}
{{- end }}
app.kubernetes.io/name: {{ template "coredns.name" . }}
ports:
diff --git a/charts/coredns/templates/service.yaml b/charts/coredns/templates/service.yaml
index 94d6055..e9c5b96 100644
--- a/charts/coredns/templates/service.yaml
+++ b/charts/coredns/templates/service.yaml
@@ -4,16 +4,8 @@
kind: Service
metadata:
name: {{ default (include "coredns.fullname" .) .Values.service.name }}
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- {{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name | quote }}
- kubernetes.io/cluster-service: "true"
- kubernetes.io/name: "CoreDNS"
- {{- end }}
- app.kubernetes.io/name: {{ template "coredns.name" . }}
+ namespace: {{ .Release.Namespace }}
+ labels: {{- include "coredns.labels" . | nindent 4 }}
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 4 }}
{{- end }}
@@ -30,15 +22,19 @@
selector:
app.kubernetes.io/instance: {{ .Release.Name | quote }}
{{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name | quote }}
+ k8s-app: {{ template "coredns.k8sapplabel" . }}
{{- end }}
app.kubernetes.io/name: {{ template "coredns.name" . }}
{{- if .Values.service.clusterIP }}
clusterIP: {{ .Values.service.clusterIP }}
{{- end }}
+ {{- if .Values.service.clusterIPs }}
+ clusterIPs:
+ {{ toYaml .Values.service.clusterIPs | nindent 4 }}
+ {{- end }}
{{- if .Values.service.externalIPs }}
externalIPs:
- {{ toYaml .Values.service.externalIPs | indent 4 }}
+ {{- toYaml .Values.service.externalIPs | nindent 4 }}
{{- end }}
{{- if .Values.service.externalTrafficPolicy }}
externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }}
@@ -49,4 +45,7 @@
ports:
{{ include "coredns.servicePorts" . | indent 2 -}}
type: {{ default "ClusterIP" .Values.serviceType }}
+ {{- if .Values.service.ipFamilyPolicy }}
+ ipFamilyPolicy: {{ .Values.service.ipFamilyPolicy }}
+ {{- end }}
{{- end }}
diff --git a/charts/coredns/templates/serviceaccount-autoscaler.yaml b/charts/coredns/templates/serviceaccount-autoscaler.yaml
index b0479e9..8b0e9c7 100644
--- a/charts/coredns/templates/serviceaccount-autoscaler.yaml
+++ b/charts/coredns/templates/serviceaccount-autoscaler.yaml
@@ -5,16 +5,7 @@
metadata:
name: {{ template "coredns.fullname" . }}-autoscaler
namespace: {{ .Release.Namespace }}
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- {{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name }}-autoscaler
- kubernetes.io/cluster-service: "true"
- kubernetes.io/name: "CoreDNS"
- {{- end }}
- app.kubernetes.io/name: {{ template "coredns.name" . }}-autoscaler
+ labels: {{- include "coredns.labels.autoscaler" . | nindent 4 }}
{{- if .Values.customLabels }}
{{ toYaml .Values.customLabels | indent 4 }}
{{- end }}
diff --git a/charts/coredns/templates/serviceaccount.yaml b/charts/coredns/templates/serviceaccount.yaml
index abc9646..e4ee52c 100644
--- a/charts/coredns/templates/serviceaccount.yaml
+++ b/charts/coredns/templates/serviceaccount.yaml
@@ -3,16 +3,8 @@
kind: ServiceAccount
metadata:
name: {{ template "coredns.serviceAccountName" . }}
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- {{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name | quote }}
- kubernetes.io/cluster-service: "true"
- kubernetes.io/name: "CoreDNS"
- {{- end }}
- app.kubernetes.io/name: {{ template "coredns.name" . }}
+ namespace: {{ .Release.Namespace }}
+ labels: {{- include "coredns.labels" . | nindent 4 }}
{{- if or .Values.serviceAccount.annotations .Values.customAnnotations }}
annotations:
{{- if .Values.customAnnotations }}
diff --git a/charts/coredns/templates/servicemonitor.yaml b/charts/coredns/templates/servicemonitor.yaml
index 9e6f143..b5fc642 100644
--- a/charts/coredns/templates/servicemonitor.yaml
+++ b/charts/coredns/templates/servicemonitor.yaml
@@ -6,16 +6,7 @@
{{- if .Values.prometheus.monitor.namespace }}
namespace: {{ .Values.prometheus.monitor.namespace }}
{{- end }}
- labels:
- app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
- app.kubernetes.io/instance: {{ .Release.Name | quote }}
- helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- {{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name | quote }}
- kubernetes.io/cluster-service: "true"
- kubernetes.io/name: "CoreDNS"
- {{- end }}
- app.kubernetes.io/name: {{ template "coredns.name" . }}
+ labels: {{- include "coredns.labels" . | nindent 4 }}
{{- if .Values.prometheus.monitor.additionalLabels }}
{{ toYaml .Values.prometheus.monitor.additionalLabels | indent 4 }}
{{- end }}
@@ -24,11 +15,16 @@
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
+ {{- if ne .Values.prometheus.monitor.namespace .Release.Namespace }}
+ namespaceSelector:
+ matchNames:
+ - {{ .Release.Namespace }}
+ {{- end }}
selector:
matchLabels:
app.kubernetes.io/instance: {{ .Release.Name | quote }}
{{- if .Values.isClusterService }}
- k8s-app: {{ .Chart.Name | quote }}
+ k8s-app: {{ template "coredns.k8sapplabel" . }}
{{- end }}
app.kubernetes.io/name: {{ template "coredns.name" . }}
app.kubernetes.io/component: metrics
diff --git a/charts/coredns/values.yaml b/charts/coredns/values.yaml
index 37cbb0c..5dc978a 100644
--- a/charts/coredns/values.yaml
+++ b/charts/coredns/values.yaml
@@ -4,14 +4,16 @@
image:
repository: coredns/coredns
- tag: "1.9.3"
+ # Overrides the image tag whose default is the chart appVersion.
+ tag: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
+ pullSecrets: []
# pullSecrets:
- # - myRegistryKeySecretName
+ # - name: myRegistryKeySecretName
replicaCount: 1
@@ -23,29 +25,10 @@
cpu: 100m
memory: 128Mi
-## Create HorizontalPodAutoscaler object.
-##
-# autoscaling:
-# minReplicas: 1
-# maxReplicas: 10
-# metrics:
-# - type: Resource
-# resource:
-# name: cpu
-# targetAverageUtilization: 60
-# - type: Resource
-# resource:
-# name: memory
-# targetAverageUtilization: 60
-
rollingUpdate:
maxUnavailable: 1
maxSurge: 25%
-# Under heavy load it takes more that standard time to remove Pod endpoint from a cluster.
-# This will delay termination of our pod by `preStopSleep`. To make sure kube-proxy has
-# enough time to catch up.
-# preStopSleep: 5
terminationGracePeriodSeconds: 30
podAnnotations: {}
@@ -67,9 +50,11 @@
service:
# clusterIP: ""
+# clusterIPs: []
# loadBalancerIP: ""
# externalIPs: []
# externalTrafficPolicy: ""
+# ipFamilyPolicy: ""
# The name of the Service
# If not set, a name is generated using the fullname template
name: ""
@@ -97,6 +82,16 @@
# Optional priority class to be used for the coredns pods. Used for autoscaler if autoscaler.priorityClassName not set.
priorityClassName: ""
+# Configure the pod level securityContext.
+podSecurityContext: {}
+
+# Configure SecurityContext for Pod.
+# Ensure that required linux capability to bind port number below 1024 is assigned (`CAP_NET_BIND_SERVICE`).
+securityContext:
+ capabilities:
+ add:
+ - NET_BIND_SERVICE
+
# Default zone is what Kubernetes recommends:
# https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/#coredns-configmap-options
servers:
@@ -105,6 +100,7 @@
port: 53
# If serviceType is nodePort you can specify nodePort here
# nodePort: 30053
+ # hostPort: 53
plugins:
- name: errors
# Serves a /health endpoint on :8080, required for livenessProbe
@@ -184,6 +180,26 @@
# - master
affinity: {}
+# expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#topologyspreadconstraint-v1-core
+# and supports Helm templating.
+# For example:
+# topologySpreadConstraints:
+# - labelSelector:
+# matchLabels:
+# app.kubernetes.io/name: '{{ template "coredns.name" . }}'
+# app.kubernetes.io/instance: '{{ .Release.Name }}'
+# topologyKey: topology.kubernetes.io/zone
+# maxSkew: 1
+# whenUnsatisfiable: ScheduleAnyway
+# - labelSelector:
+# matchLabels:
+# app.kubernetes.io/name: '{{ template "coredns.name" . }}'
+# app.kubernetes.io/instance: '{{ .Release.Name }}'
+# topologyKey: kubernetes.io/hostname
+# maxSkew: 1
+# whenUnsatisfiable: ScheduleAnyway
+topologySpreadConstraints: []
+
# Node labels for pod assignment
# Ref: https://kubernetes.io/docs/user-guide/node-selection/
nodeSelector: {}
@@ -211,6 +227,11 @@
# example.com. IN A 192.168.99.102
# *.example.com. IN A 192.168.99.102
+# optional array of sidecar containers
+extraContainers: []
+# - name: some-container-name
+# image: some-image:latest
+# imagePullPolicy: Always
# optional array of extra volumes to create
extraVolumes: []
# - name: some-volume-name
@@ -225,8 +246,14 @@
extraSecrets: []
# - name: etcd-client-certs
# mountPath: /etc/coredns/tls/etcd
+# defaultMode: 420
# - name: some-fancy-secret
# mountPath: /etc/wherever
+# defaultMode: 440
+
+# To support legacy deployments using CoreDNS with the "k8s-app: kube-dns" label selectors.
+# See https://github.com/coredns/helm/blob/master/charts/coredns/README.md#adopting-existing-coredns-resources
+# k8sAppLabelOverride: "kube-dns"
# Custom labels to apply to Deployment, Pod, Configmap, Service, ServiceMonitor. Including autoscaler if enabled.
customLabels: {}
@@ -235,12 +262,32 @@
customAnnotations: {}
## Alternative configuration for HPA deployment if wanted
-#
+## Create HorizontalPodAutoscaler object.
+##
+# hpa:
+# enabled: false
+# minReplicas: 1
+# maxReplicas: 10
+# metrics:
+# metrics:
+# - type: Resource
+# resource:
+# name: memory
+# target:
+# type: Utilization
+# averageUtilization: 60
+# - type: Resource
+# resource:
+# name: cpu
+# target:
+# type: Utilization
+# averageUtilization: 60
+
hpa:
enabled: false
minReplicas: 1
maxReplicas: 2
- metrics: {}
+ metrics: []
## Configue a cluster-proportional-autoscaler for coredns
# See https://github.com/kubernetes-incubator/cluster-proportional-autoscaler
@@ -261,21 +308,25 @@
# If true does not allow single points of failure to form
preventSinglePointFailure: true
+ # Annotations for the coredns proportional autoscaler pods
+ podAnnotations: {}
+
## Optionally specify some extra flags to pass to cluster-proprtional-autoscaler.
## Useful for e.g. the nodelabels flag.
# customFlags:
# - --nodelabels=topology.kubernetes.io/zone=us-east-1a
image:
- repository: k8s.gcr.io/cpa/cluster-proportional-autoscaler
+ repository: registry.k8s.io/cpa/cluster-proportional-autoscaler
tag: "1.8.5"
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
+ pullSecrets: []
# pullSecrets:
- # - myRegistryKeySecretName
+ # - name: myRegistryKeySecretName
# Optional priority class to be used for the autoscaler pods. priorityClassName used if not set.
priorityClassName: ""
@@ -314,6 +365,12 @@
failureThreshold: 3
successThreshold: 1
+ # optional array of sidecar containers
+ extraContainers: []
+ # - name: some-container-name
+ # image: some-image:latest
+ # imagePullPolicy: Always
+
deployment:
enabled: true
name: ""