---
# Source: coredns/charts/coredns/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: coredns
  namespace: kube-system
  labels:
    app.kubernetes.io/managed-by: "Helm"
    app.kubernetes.io/instance: "coredns"
    helm.sh/chart: "coredns-1.45.0"
    k8s-app: coredns
    kubernetes.io/cluster-service: "true"
    kubernetes.io/name: "CoreDNS"
    app.kubernetes.io/name: coredns
---
# Source: coredns/charts/coredns/templates/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: coredns
  namespace: kube-system
  labels:
    app.kubernetes.io/managed-by: "Helm"
    app.kubernetes.io/instance: "coredns"
    helm.sh/chart: "coredns-1.45.0"
    k8s-app: coredns
    kubernetes.io/cluster-service: "true"
    kubernetes.io/name: "CoreDNS"
    app.kubernetes.io/name: coredns
data:
  Corefile: |-
    dns://.:53 {
        errors
        health {
            lameduck 5s
        }
        ready
        kubernetes cluster.local in-addr.arpa ip6.arpa {
            pods insecure
            fallthrough in-addr.arpa ip6.arpa
            ttl 30
        }
        prometheus :9153
        forward . /etc/resolv.conf
        cache 30
        loop
        reload
        loadbalance
    }
    dns://alexlebens.net:53 {
        errors
        cache 30
        forward . 10.111.232.172
    }
    dns://ts.net:53 {
        errors
        cache 30
        forward . 10.97.20.219
    }
---
# Source: coredns/charts/coredns/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: coredns
  labels:
    app.kubernetes.io/managed-by: "Helm"
    app.kubernetes.io/instance: "coredns"
    helm.sh/chart: "coredns-1.45.0"
    k8s-app: coredns
    kubernetes.io/cluster-service: "true"
    kubernetes.io/name: "CoreDNS"
    app.kubernetes.io/name: coredns
rules:
- apiGroups:
  - ""
  resources:
  - endpoints
  - services
  - pods
  - namespaces
  verbs:
  - list
  - watch
- apiGroups:
  - discovery.k8s.io
  resources:
  - endpointslices
  verbs:
  - list
  - watch
---
# Source: coredns/charts/coredns/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: coredns
  labels:
    app.kubernetes.io/managed-by: "Helm"
    app.kubernetes.io/instance: "coredns"
    helm.sh/chart: "coredns-1.45.0"
    k8s-app: coredns
    kubernetes.io/cluster-service: "true"
    kubernetes.io/name: "CoreDNS"
    app.kubernetes.io/name: coredns
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: coredns
subjects:
- kind: ServiceAccount
  name: coredns
  namespace: kube-system
---
# Source: coredns/charts/coredns/templates/service-metrics.yaml
apiVersion: v1
kind: Service
metadata:
  name: coredns-metrics
  namespace: kube-system
  labels:
    app.kubernetes.io/managed-by: "Helm"
    app.kubernetes.io/instance: "coredns"
    helm.sh/chart: "coredns-1.45.0"
    k8s-app: coredns
    kubernetes.io/cluster-service: "true"
    kubernetes.io/name: "CoreDNS"
    app.kubernetes.io/name: coredns
    app.kubernetes.io/component: metrics
  annotations:
    prometheus.io/port: "9153"
    prometheus.io/scrape: "true"
spec:
  selector:
    app.kubernetes.io/instance: "coredns"
    k8s-app: coredns
    app.kubernetes.io/name: coredns
  ports:
  - name: metrics
    port: 9153
    targetPort: 9153
---
# Source: coredns/charts/coredns/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
  name: kube-dns
  namespace: kube-system
  labels:
    app.kubernetes.io/managed-by: "Helm"
    app.kubernetes.io/instance: "coredns"
    helm.sh/chart: "coredns-1.45.0"
    k8s-app: coredns
    kubernetes.io/cluster-service: "true"
    kubernetes.io/name: "CoreDNS"
    app.kubernetes.io/name: coredns
spec:
  selector:
    app.kubernetes.io/instance: "coredns"
    k8s-app: coredns
    app.kubernetes.io/name: coredns
  clusterIP: 10.96.0.10
  clusterIPs:
  
    - 10.96.0.10
  ports:
  - {"name":"udp-53","port":53,"protocol":"UDP","targetPort":53}
  - {"name":"tcp-53","port":53,"protocol":"TCP","targetPort":53}
  type: ClusterIP
---
# Source: coredns/charts/coredns/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: coredns
  namespace: kube-system
  labels:
    app.kubernetes.io/managed-by: "Helm"
    app.kubernetes.io/instance: "coredns"
    helm.sh/chart: "coredns-1.45.0"
    k8s-app: coredns
    kubernetes.io/cluster-service: "true"
    kubernetes.io/name: "CoreDNS"
    app.kubernetes.io/name: coredns
    app.kubernetes.io/version: "v1.13.1"
spec:
  replicas: 3
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 1
      maxSurge: 25%
  selector:
    matchLabels:
      app.kubernetes.io/instance: "coredns"
      k8s-app: coredns
      app.kubernetes.io/name: coredns
  template:
    metadata:
      labels:
        k8s-app: coredns
        app.kubernetes.io/name: coredns
        app.kubernetes.io/instance: "coredns"
      annotations:
        checksum/config: 6f07144a3d5dc8ad880e010546e8deee6bb3a150eb089529d925c21f2a78a7d0
        scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
    spec:
      terminationGracePeriodSeconds: 30
      serviceAccountName: coredns
      priorityClassName: "system-cluster-critical"
      dnsPolicy: Default
      tolerations:
        - effect: NoSchedule
          key: node-role.kubernetes.io/control-plane
          operator: Exists
        - effect: NoSchedule
          key: node.cloudprovider.kubernetes.io/uninitialized
          operator: Exists
      nodeSelector:
        kubernetes.io/os: linux
      containers:
      - name: "coredns"
        image: "registry.k8s.io/coredns/coredns:v1.13.1"
        imagePullPolicy: IfNotPresent
        args: [ "-conf", "/etc/coredns/Corefile" ]
        volumeMounts:
        - name: config-volume
          mountPath: /etc/coredns
        resources:
          limits:
            cpu: 100m
            memory: 128Mi
          requests:
            cpu: 50m
            memory: 128Mi
        ports:
        - {"containerPort":53,"name":"udp-53","protocol":"UDP"}
        - {"containerPort":53,"name":"tcp-53","protocol":"TCP"}
        - {"containerPort":9153,"name":"tcp-9153","protocol":"TCP"}
        
        livenessProbe:
          httpGet:
            path: /health
            port: 8080
            scheme: HTTP
          initialDelaySeconds: 60
          periodSeconds: 10
          timeoutSeconds: 5
          successThreshold: 1
          failureThreshold: 5
        readinessProbe:
          httpGet:
            path: /ready
            port: 8181
            scheme: HTTP
          initialDelaySeconds: 30
          periodSeconds: 5
          timeoutSeconds: 5
          successThreshold: 1
          failureThreshold: 1
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            add:
            - NET_BIND_SERVICE
            drop:
            - ALL
          readOnlyRootFilesystem: true
      volumes:
        - name: config-volume
          configMap:
            name: coredns
            items:
            - key: Corefile
              path: Corefile
---
# Source: coredns/charts/coredns/templates/servicemonitor.yaml
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
  name: coredns
  namespace: kube-system
  labels:
    app.kubernetes.io/managed-by: "Helm"
    app.kubernetes.io/instance: "coredns"
    helm.sh/chart: "coredns-1.45.0"
    k8s-app: coredns
    kubernetes.io/cluster-service: "true"
    kubernetes.io/name: "CoreDNS"
    app.kubernetes.io/name: coredns
spec:
  selector:
    matchLabels:
      app.kubernetes.io/instance: "coredns"
      k8s-app: coredns
      app.kubernetes.io/name: coredns
      app.kubernetes.io/component: metrics
  endpoints:
    - port: metrics