diff --git a/roles/cluster-addon/templates/coredns.yaml.j2 b/roles/cluster-addon/templates/coredns.yaml.j2 index 9e57bb2..bc22cee 100644 --- a/roles/cluster-addon/templates/coredns.yaml.j2 +++ b/roles/cluster-addon/templates/coredns.yaml.j2 @@ -70,7 +70,7 @@ data: fallthrough in-addr.arpa ip6.arpa } prometheus :9153 - proxy . /etc/resolv.conf + forward . /etc/resolv.conf cache 30 loop reload @@ -103,13 +103,16 @@ spec: annotations: seccomp.security.alpha.kubernetes.io/pod: 'docker/default' spec: + priorityClassName: system-cluster-critical serviceAccountName: coredns tolerations: - key: "CriticalAddonsOnly" operator: "Exists" + nodeSelector: + beta.kubernetes.io/os: linux containers: - name: coredns - image: coredns/coredns:1.2.6 + image: coredns/coredns:1.4.0 imagePullPolicy: IfNotPresent resources: limits: @@ -141,6 +144,11 @@ spec: timeoutSeconds: 5 successThreshold: 1 failureThreshold: 5 + readinessProbe: + httpGet: + path: /health + port: 8080 + scheme: HTTP securityContext: allowPrivilegeEscalation: false capabilities: @@ -185,4 +193,3 @@ spec: - name: metrics port: 9153 protocol: TCP - targetPort: 9153