diff --git a/charts/coredns/Chart.yaml b/charts/coredns/Chart.yaml index cb0ff4a..fe6e7f8 100644 --- a/charts/coredns/Chart.yaml +++ b/charts/coredns/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: coredns -version: 1.19.8 +version: 1.19.9 appVersion: 1.9.4 home: https://coredns.io icon: https://coredns.io/images/CoreDNS_Colour_Horizontal.png diff --git a/charts/coredns/README.md b/charts/coredns/README.md index 63adf70..5905c16 100644 --- a/charts/coredns/README.md +++ b/charts/coredns/README.md @@ -13,13 +13,13 @@ $ helm --namespace=kube-system install coredns coredns/coredns This chart bootstraps a [CoreDNS](https://github.com/coredns/coredns) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. This chart will provide DNS Services and can be deployed in multiple configuration to support various scenarios listed below: - - CoreDNS as a cluster dns service and a drop-in replacement for Kube/SkyDNS. This is the default mode and CoreDNS is deployed as cluster-service in kube-system namespace. This mode is chosen by setting `isClusterService` to true. - - CoreDNS as an external dns service. In this mode CoreDNS is deployed as any kubernetes app in user specified namespace. The CoreDNS service can be exposed outside the cluster by using using either the NodePort or LoadBalancer type of service. This mode is chosen by setting `isClusterService` to false. - - CoreDNS as an external dns provider for kubernetes federation. This is a sub case of 'external dns service' which uses etcd plugin for CoreDNS backend. This deployment mode as a dependency on `etcd-operator` chart, which needs to be pre-installed. +- CoreDNS as a cluster dns service and a drop-in replacement for Kube/SkyDNS. This is the default mode and CoreDNS is deployed as cluster-service in kube-system namespace. This mode is chosen by setting `isClusterService` to true. +- CoreDNS as an external dns service. In this mode CoreDNS is deployed as any kubernetes app in user specified namespace. The CoreDNS service can be exposed outside the cluster by using using either the NodePort or LoadBalancer type of service. This mode is chosen by setting `isClusterService` to false. +- CoreDNS as an external dns provider for kubernetes federation. This is a sub case of 'external dns service' which uses etcd plugin for CoreDNS backend. This deployment mode as a dependency on `etcd-operator` chart, which needs to be pre-installed. ## Prerequisites -- Kubernetes 1.10 or later +- Kubernetes 1.10 or later ## Installing the Chart @@ -46,97 +46,97 @@ The command removes all the Kubernetes components associated with the chart and ## Configuration -| Parameter | Description | Default | -|:------------------------------------------------|:------------------------------------------------------------------------------------------------------------------------------------------|:------------------------------------------------------------| -| `image.repository` | The image repository to pull from | coredns/coredns | -| `image.tag` | The image tag to pull from | `1.9.4` | -| `image.pullPolicy` | Image pull policy | IfNotPresent | -| `image.pullSecrets` | Specify container image pull secrets | `[]` | -| `replicaCount` | Number of replicas | 1 | -| `resources.limits.cpu` | Container maximum CPU | `100m` | -| `resources.limits.memory` | Container maximum memory | `128Mi` | -| `resources.requests.cpu` | Container requested CPU | `100m` | -| `resources.requests.memory` | Container requested memory | `128Mi` | -| `serviceType` | Kubernetes Service type | `ClusterIP` | -| `prometheus.service.enabled` | Set this to `true` to create Service for Prometheus metrics | `false` | -| `prometheus.service.annotations` | Annotations to add to the metrics Service | `{prometheus.io/scrape: "true", prometheus.io/port: "9153"}`| -| `prometheus.monitor.enabled` | Set this to `true` to create ServiceMonitor for Prometheus operator | `false` | -| `prometheus.monitor.additionalLabels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | {} | -| `prometheus.monitor.namespace` | Selector to select which namespaces the Endpoints objects are discovered from. | `""` | -| `prometheus.monitor.interval` | Scrape interval for polling the metrics endpoint. (E.g. "30s") | `""` | -| `service.clusterIP` | IP address to assign to service | `""` | -| `service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `""` | -| `service.externalIPs` | External IP addresses | [] | -| `service.externalTrafficPolicy` | Enable client source IP preservation | [] | -| `service.annotations` | Annotations to add to service | {} | -| `serviceAccount.create` | If true, create & use serviceAccount | false | -| `serviceAccount.name` | If not set & create is true, use template fullname | | -| `rbac.create` | If true, create & use RBAC resources | true | -| `rbac.pspEnable` | Specifies whether a PodSecurityPolicy should be created. | `false` | -| `isClusterService` | Specifies whether chart should be deployed as cluster-service or normal k8s app. | true | -| `priorityClassName` | Name of Priority Class to assign pods | `""` | -| `servers` | Configuration for CoreDNS and plugins | See values.yml | -| `livenessProbe.enabled` | Enable/disable the Liveness probe | `true` | -| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `60` | -| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | -| `livenessProbe.timeoutSeconds` | When the probe times out | `5` | -| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` | -| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `readinessProbe.enabled` | Enable/disable the Readiness probe | `true` | -| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | -| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | -| `readinessProbe.timeoutSeconds` | When the probe times out | `5` | -| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` | -| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `affinity` | Affinity settings for pod assignment | {} | -| `nodeSelector` | Node labels for pod assignment | {} | -| `tolerations` | Tolerations for pod assignment | [] | -| `zoneFiles` | Configure custom Zone files | [] | -| `extraVolumes` | Optional array of volumes to create | [] | -| `extraVolumeMounts` | Optional array of volumes to mount inside the CoreDNS container | [] | -| `extraSecrets` | Optional array of secrets to mount inside the CoreDNS container | [] | -| `customLabels` | Optional labels for Deployment(s), Pod, Service, ServiceMonitor objects | {} | -| `customAnnotations` | Optional annotations for Deployment(s), Pod, Service, ServiceMonitor objects -| `rollingUpdate.maxUnavailable` | Maximum number of unavailable replicas during rolling update | `1` | -| `rollingUpdate.maxSurge` | Maximum number of pods created above desired number of pods | `25%` | -| `podDisruptionBudget` | Optional PodDisruptionBudget | {} | -| `podAnnotations` | Optional Pod only Annotations | {} | -| `terminationGracePeriodSeconds` | Optional duration in seconds the pod needs to terminate gracefully. | 30 | -| `preStopSleep` | Definition of Kubernetes preStop hook executed before Pod termination | {} | -| `hpa.enabled` | Enable Hpa autoscaler instead of proportional one | `false` | -| `hpa.minReplicas` | Hpa minimum number of CoreDNS replicas | `1` | -| `hpa.maxReplicas` | Hpa maximum number of CoreDNS replicas | `2` | -| `hpa.metrics` | Metrics definitions used by Hpa to scale up and down | {} | -| `autoscaler.enabled` | Optionally enabled a cluster-proportional-autoscaler for CoreDNS | `false` | -| `autoscaler.coresPerReplica` | Number of cores in the cluster per CoreDNS replica | `256` | -| `autoscaler.nodesPerReplica` | Number of nodes in the cluster per CoreDNS replica | `16` | -| `autoscaler.min` | Min size of replicaCount | 0 | -| `autoscaler.max` | Max size of replicaCount | 0 (aka no max) | -| `autoscaler.includeUnschedulableNodes` | Should the replicas scale based on the total number or only schedulable nodes | `false` | -| `autoscaler.preventSinglePointFailure` | If true does not allow single points of failure to form | `true` | -| `autoscaler.customFlags` | A list of custom flags to pass into cluster-proportional-autoscaler | (no args) | -| `autoscaler.image.repository` | The image repository to pull autoscaler from | k8s.gcr.io/cpa/cluster-proportional-autoscaler | -| `autoscaler.image.tag` | The image tag to pull autoscaler from | `1.8.5` | -| `autoscaler.image.pullPolicy` | Image pull policy for the autoscaler | IfNotPresent | -| `autoscaler.image.pullSecrets` | Specify container image pull secrets | `[]` | -| `autoscaler.priorityClassName` | Optional priority class for the autoscaler pod. `priorityClassName` used if not set. | `""` | -| `autoscaler.affinity` | Affinity settings for pod assignment for autoscaler | {} | -| `autoscaler.nodeSelector` | Node labels for pod assignment for autoscaler | {} | -| `autoscaler.tolerations` | Tolerations for pod assignment for autoscaler | [] | -| `autoscaler.resources.limits.cpu` | Container maximum CPU for cluster-proportional-autoscaler | `20m` | -| `autoscaler.resources.limits.memory` | Container maximum memory for cluster-proportional-autoscaler | `10Mi` | -| `autoscaler.resources.requests.cpu` | Container requested CPU for cluster-proportional-autoscaler | `20m` | -| `autoscaler.resources.requests.memory` | Container requested memory for cluster-proportional-autoscaler | `10Mi` | -| `autoscaler.configmap.annotations` | Annotations to add to autoscaler config map. For example to stop CI renaming them | {} | -| `autoscaler.livenessProbe.enabled` | Enable/disable the Liveness probe | `true` | -| `autoscaler.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `10` | -| `autoscaler.livenessProbe.periodSeconds` | How often to perform the probe | `5` | -| `autoscaler.livenessProbe.timeoutSeconds` | When the probe times out | `5` | -| `autoscaler.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` | -| `autoscaler.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `deployment.enabled` | Optionally disable the main deployment and its respective resources. | `true` | -| `deployment.name` | Name of the deployment if `deployment.enabled` is true. Otherwise the name of an existing deployment for the autoscaler or HPA to target. | `""` | -| `deployment.annotations` | Annotations to add to the main deployment | `{}` | +| Parameter | Description | Default | +| :--------------------------------------------- | :---------------------------------------------------------------------------------------------------------------------------------------- | :----------------------------------------------------------- | +| `image.repository` | The image repository to pull from | coredns/coredns | +| `image.tag` | The image tag to pull from | `1.9.4` | +| `image.pullPolicy` | Image pull policy | IfNotPresent | +| `image.pullSecrets` | Specify container image pull secrets | `[]` | +| `replicaCount` | Number of replicas | 1 | +| `resources.limits.cpu` | Container maximum CPU | `100m` | +| `resources.limits.memory` | Container maximum memory | `128Mi` | +| `resources.requests.cpu` | Container requested CPU | `100m` | +| `resources.requests.memory` | Container requested memory | `128Mi` | +| `serviceType` | Kubernetes Service type | `ClusterIP` | +| `prometheus.service.enabled` | Set this to `true` to create Service for Prometheus metrics | `false` | +| `prometheus.service.annotations` | Annotations to add to the metrics Service | `{prometheus.io/scrape: "true", prometheus.io/port: "9153"}` | +| `prometheus.monitor.enabled` | Set this to `true` to create ServiceMonitor for Prometheus operator | `false` | +| `prometheus.monitor.additionalLabels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | {} | +| `prometheus.monitor.namespace` | Selector to select which namespaces the Endpoints objects are discovered from. | `""` | +| `prometheus.monitor.interval` | Scrape interval for polling the metrics endpoint. (E.g. "30s") | `""` | +| `service.clusterIP` | IP address to assign to service | `""` | +| `service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `""` | +| `service.externalIPs` | External IP addresses | [] | +| `service.externalTrafficPolicy` | Enable client source IP preservation | [] | +| `service.annotations` | Annotations to add to service | {} | +| `serviceAccount.create` | If true, create & use serviceAccount | false | +| `serviceAccount.name` | If not set & create is true, use template fullname | | +| `rbac.create` | If true, create & use RBAC resources | true | +| `rbac.pspEnable` | Specifies whether a PodSecurityPolicy should be created. | `false` | +| `isClusterService` | Specifies whether chart should be deployed as cluster-service or normal k8s app. | true | +| `priorityClassName` | Name of Priority Class to assign pods | `""` | +| `servers` | Configuration for CoreDNS and plugins | See values.yml | +| `livenessProbe.enabled` | Enable/disable the Liveness probe | `true` | +| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `60` | +| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | +| `livenessProbe.timeoutSeconds` | When the probe times out | `5` | +| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` | +| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | +| `readinessProbe.enabled` | Enable/disable the Readiness probe | `true` | +| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | +| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | +| `readinessProbe.timeoutSeconds` | When the probe times out | `5` | +| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` | +| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | +| `affinity` | Affinity settings for pod assignment | {} | +| `nodeSelector` | Node labels for pod assignment | {} | +| `tolerations` | Tolerations for pod assignment | [] | +| `zoneFiles` | Configure custom Zone files | [] | +| `extraVolumes` | Optional array of volumes to create | [] | +| `extraVolumeMounts` | Optional array of volumes to mount inside the CoreDNS container | [] | +| `extraSecrets` | Optional array of secrets to mount inside the CoreDNS container | [] | +| `customLabels` | Optional labels for Deployment(s), Pod, Service, ServiceMonitor objects | {} | +| `customAnnotations` | Optional annotations for Deployment(s), Pod, Service, ServiceMonitor objects | +| `rollingUpdate.maxUnavailable` | Maximum number of unavailable replicas during rolling update | `1` | +| `rollingUpdate.maxSurge` | Maximum number of pods created above desired number of pods | `25%` | +| `podDisruptionBudget` | Optional PodDisruptionBudget | {} | +| `podAnnotations` | Optional Pod only Annotations | {} | +| `terminationGracePeriodSeconds` | Optional duration in seconds the pod needs to terminate gracefully. | 30 | +| `preStopSleep` | Definition of Kubernetes preStop hook executed before Pod termination | {} | +| `hpa.enabled` | Enable Hpa autoscaler instead of proportional one | `false` | +| `hpa.minReplicas` | Hpa minimum number of CoreDNS replicas | `1` | +| `hpa.maxReplicas` | Hpa maximum number of CoreDNS replicas | `2` | +| `hpa.metrics` | Metrics definitions used by Hpa to scale up and down | {} | +| `autoscaler.enabled` | Optionally enabled a cluster-proportional-autoscaler for CoreDNS | `false` | +| `autoscaler.coresPerReplica` | Number of cores in the cluster per CoreDNS replica | `256` | +| `autoscaler.nodesPerReplica` | Number of nodes in the cluster per CoreDNS replica | `16` | +| `autoscaler.min` | Min size of replicaCount | 0 | +| `autoscaler.max` | Max size of replicaCount | 0 (aka no max) | +| `autoscaler.includeUnschedulableNodes` | Should the replicas scale based on the total number or only schedulable nodes | `false` | +| `autoscaler.preventSinglePointFailure` | If true does not allow single points of failure to form | `true` | +| `autoscaler.customFlags` | A list of custom flags to pass into cluster-proportional-autoscaler | (no args) | +| `autoscaler.image.repository` | The image repository to pull autoscaler from | registry.k8s.io/cpa/cluster-proportional-autoscaler | +| `autoscaler.image.tag` | The image tag to pull autoscaler from | `1.8.5` | +| `autoscaler.image.pullPolicy` | Image pull policy for the autoscaler | IfNotPresent | +| `autoscaler.image.pullSecrets` | Specify container image pull secrets | `[]` | +| `autoscaler.priorityClassName` | Optional priority class for the autoscaler pod. `priorityClassName` used if not set. | `""` | +| `autoscaler.affinity` | Affinity settings for pod assignment for autoscaler | {} | +| `autoscaler.nodeSelector` | Node labels for pod assignment for autoscaler | {} | +| `autoscaler.tolerations` | Tolerations for pod assignment for autoscaler | [] | +| `autoscaler.resources.limits.cpu` | Container maximum CPU for cluster-proportional-autoscaler | `20m` | +| `autoscaler.resources.limits.memory` | Container maximum memory for cluster-proportional-autoscaler | `10Mi` | +| `autoscaler.resources.requests.cpu` | Container requested CPU for cluster-proportional-autoscaler | `20m` | +| `autoscaler.resources.requests.memory` | Container requested memory for cluster-proportional-autoscaler | `10Mi` | +| `autoscaler.configmap.annotations` | Annotations to add to autoscaler config map. For example to stop CI renaming them | {} | +| `autoscaler.livenessProbe.enabled` | Enable/disable the Liveness probe | `true` | +| `autoscaler.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `10` | +| `autoscaler.livenessProbe.periodSeconds` | How often to perform the probe | `5` | +| `autoscaler.livenessProbe.timeoutSeconds` | When the probe times out | `5` | +| `autoscaler.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` | +| `autoscaler.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | +| `deployment.enabled` | Optionally disable the main deployment and its respective resources. | `true` | +| `deployment.name` | Name of the deployment if `deployment.enabled` is true. Otherwise the name of an existing deployment for the autoscaler or HPA to target. | `""` | +| `deployment.annotations` | Annotations to add to the main deployment | `{}` | See `values.yaml` for configuration notes. Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, @@ -156,7 +156,6 @@ $ helm install coredns coredns/coredns -f values.yaml > **Tip**: You can use the default [values.yaml](values.yaml) - ## Caveats The chart will automatically determine which protocols to listen on based on @@ -189,7 +188,7 @@ like CpuUtilization, MemoryUtilization or Custom ones. ## Adopting existing CoreDNS resources -If you do not want to delete the existing CoreDNS resources in your cluster, you can adopt the resources into a release as of Helm 3.2.0. +If you do not want to delete the existing CoreDNS resources in your cluster, you can adopt the resources into a release as of Helm 3.2.0. You will also need to annotate and label your existing resources to allow Helm to assume control of them. See: https://github.com/helm/helm/pull/7649 @@ -205,6 +204,7 @@ Once you have annotated and labeled all the resources this chart specifies, you you have been careful this should not diff and leave all the resources unmodified and now under management of helm. Some values to investigate to help adopt your existing manifests to the Helm release are: + - k8sAppLabelOverride - service.name - customLabels @@ -220,6 +220,7 @@ This will delete the deployment and leave the replicaset to ensure no downtime i Here is an example script to modify the annotations and labels of existing resources: WARNING: Substitute YOUR_HELM_RELEASE_NAME_HERE with the name of your helm release. + ``` #!/usr/bin/env bash @@ -240,6 +241,4 @@ echo "setting annotations and labels on service/kube-dns" kubectl -n kube-system annotate --overwrite service kube-dns meta.helm.sh/release-name=YOUR_HELM_RELEASE_NAME_HERE kubectl -n kube-system annotate --overwrite service kube-dns meta.helm.sh/release-namespace=kube-system kubectl -n kube-system label --overwrite service kube-dns app.kubernetes.io/managed-by=Helm -``` - - +``` diff --git a/charts/coredns/values.yaml b/charts/coredns/values.yaml index e7d21c2..7767426 100644 --- a/charts/coredns/values.yaml +++ b/charts/coredns/values.yaml @@ -282,7 +282,7 @@ autoscaler: # - --nodelabels=topology.kubernetes.io/zone=us-east-1a image: - repository: k8s.gcr.io/cpa/cluster-proportional-autoscaler + repository: registry.k8s.io/cpa/cluster-proportional-autoscaler tag: "1.8.5" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets.