Minikube DNS addon

coredns.yaml

---
# From: helm/stable/coredns
apiVersion: v1
kind: Service
metadata:
  name: coredns
spec:
  type: LoadBalancer
  selector:
    app: localdns
    component: coredns
  ports:
  - name: dns
    port: 53
    protocol: UDP
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: coredns
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: coredns
rules:
- apiGroups: [""]
  resources: [endpoints, services, pods, namespaces]
  verbs: [list, watch]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: coredns
roleRef:
  kind: ClusterRole
  name: coredns
  apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
  name: coredns
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: coredns
spec:
  replicas: 1
  selector:
    matchLabels:
      app: localdns
      component: coredns
  template:
    metadata:
      name: coredns
      labels:
        app: localdns
        component: coredns
        program: coredns
    spec:
      serviceAccountName: coredns
      containers:
      - name: coredns
        image: coredns/coredns:1.3.0
        imagePullPolicy: IfNotPresent
        args: [ "-conf", "/etc/coredns/Corefile" ]
        ports:
        - containerPort: 53
          name: dns
          protocol: UDP
        - containerPort: 53
          name: dns-tcp
          protocol: TCP
        - containerPort: 9153
          name: metrics
          protocol: TCP
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            add:
            - NET_BIND_SERVICE
            drop:
            - all
          readOnlyRootFilesystem: true
        resources:
          limits:
            cpu: 100m
            memory: 128Mi
          requests:
            cpu: 100m
            memory: 128Mi
        volumeMounts:
        - name: config
          mountPath: /etc/coredns/Corefile
          subPath: Corefile
          readOnly: true
      volumes:
        - name: config
          configMap:
            name: coredns

Corefile

.:53 {
    cache 30
    log
    errors
    prometheus
    etcd k8s {
        stubzones
        endpoint http://etcd:2379
    }
}

etcd.yaml

---
apiVersion: v1
kind: Service
metadata:
  name: etcd
spec:
  selector:
    app: localdns
    component: etcd
  ports:
  - name: client
    port: 2379
  - name: server
    port: 2380
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: etcd
spec:
  selector:
    matchLabels:
      app: localdns
      component: etcd
  template:
    metadata:
      name: etcd
      labels:
        app: localdns
        component: etcd
        program: etcd
    spec:
      containers:
      - name: etcd
        image: quay.io/coreos/etcd:v3.3
        command: [/usr/local/bin/etcd]
        args:
        - --name
        - etcd
        - --initial-advertise-peer-urls
        - http://etcd:2380
        - --listen-peer-urls
        - http://0.0.0.0:2380
        - --listen-client-urls
        - http://0.0.0.0:2379
        - --advertise-client-urls
        - http://etcd.localdns:2379
        - --initial-cluster
        - etcd=http://etcd:2380
        - --initial-cluster-state
        - new
        ports:
        - containerPort: 2379
          name: client
        - containerPort: 2380
          name: server

external-dns.yaml

---
# From: https://github.com/kubernetes-incubator/external-dns/blob/master/docs/tutorials/coredns.md
apiVersion: v1
kind: ServiceAccount
metadata:
  name: external-dns
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
  name: external-dns
rules:
- apiGroups: [""]
  resources: ["services"]
  verbs: ["get","watch","list"]
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["get","watch","list"]
- apiGroups: ["extensions"]
  resources: ["ingresses"]
  verbs: ["get","watch","list"]
- apiGroups: [""]
  resources: ["nodes"]
  verbs: ["list"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: external-dns
roleRef:
  kind: ClusterRole
  name: external-dns
  apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
  name: external-dns
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: external-dns
spec:
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: localdns
      component: external-dns
  template:
    metadata:
      labels:
        app: localdns
        component: external-dns
        program: external-dns
    spec:
      serviceAccountName: external-dns
      containers:
      - name: external-dns
        image: registry.opensource.zalan.do/teapot/external-dns:latest
        args:
        - --source=ingress
        - --provider=coredns
        env:
        - name: ETCD_URLS
          value: http://etcd:2379

kustomization.yaml

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: localdns
commonLabels:
  app: localdns
resources:
- coredns.yaml
- etcd.yaml
- external-dns.yaml
- namespace.yaml
configMapGenerator:
- name: coredns
  files:
  - Corefile

namespace.yaml

---
apiVersion: v1
kind: Namespace
metadata:
  name: localdns