chrischdi/foo.yaml

## foo.yaml
apiVersion: v1
kind: Service
metadata:
  name: foo
  labels:
    app: foo
spec:
  ports:
  - port: 8080
    name: web
  clusterIP: None
  selector:
    app: foo
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: foo
spec:
  serviceName: foo
  selector:
    matchLabels:
      app: foo
  replicas: 1
  template:
    metadata:
      labels:
        app: foo
    spec:
      containers:
      - name: kuard
        image: gcr.io/kuar-demo/kuard-amd64:blue
        ports:
        - containerPort: 8080
          name: http
        readinessProbe:
          exec:
            command:
            - cat /foo

## test.log
$ export KUBECONFIG=$(mktemp)
$ kind version
kind v0.10.0 go1.15.7 linux/amd64
$ kind create cluster --name foo
Creating cluster "foo" ...
 ✓ Ensuring node image (kindest/node:v1.20.2) 🖼
 ✓ Preparing nodes 📦
 ✓ Writing configuration 📜
 ✓ Starting control-plane 🕹️
 ✓ Installing CNI 🔌
 ✓ Installing StorageClass 💾
Set kubectl context to "kind-foo"
You can now use your cluster with:

kubectl cluster-info --context kind-foo

Thanks for using kind! 😊
$ kubectl apply -f /tmp/foo.yaml
service/foo unchanged
statefulset.apps/test-foo created
$ kubectl get po
NAME    READY   STATUS    RESTARTS   AGE
foo-0   0/1     Running   0          8s
$ kubectl get svc
NAME         TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)    AGE
foo          ClusterIP   None         <none>        8080/TCP   2m44s
kubernetes   ClusterIP   10.96.0.1    <none>        443/TCP    5m5s
$ echo "  #  show that foo.default.svc.cluster.local does not resolve"
  #  show that foo.default.svc.cluster.local does not resolve
$ kubectl exec foo-0 -- nslookup foo.default.svc.cluster.local
nslookup: can't resolve '(null)': Name does not resolve

nslookup: can't resolve 'foo.default.svc.cluster.local': Name does not resolve
command terminated with exit code 1
$ kubectl get deploy -n kube-system coredns -o json | jq '.spec.template.spec.containers[].image' -r
k8s.gcr.io/coredns:1.7.0
$ echo "  #  patch clusterrole for endpoint slices and coredns to 1.8.3"
  #  patch clusterrole for endpoint slices and coredns to 1.8.3
$ kubectl patch clusterrole system:coredns --type json -p '[{"op":"add","path":"/rules/2","value":{"apiGroups":["discovery.k8s.io"],"resources":["endpointslices"],"verbs":["list","watch"]}}]'
clusterrole.rbac.authorization.k8s.io/system:coredns patched
$ kubectl patch -n kube-system deploy coredns --type='json' -p '[{"op": "replace", "path": "/spec/template/spec/containers/0/image", "value": "coredns/coredns:1.8.3"}]'
$ kubectl rollout status -n kube-system deployment coredns
Waiting for deployment "coredns" rollout to finish: 1 old replicas are pending termination...
Waiting for deployment "coredns" rollout to finish: 1 old replicas are pending termination...
Waiting for deployment "coredns" rollout to finish: 1 old replicas are pending termination...
Waiting for deployment "coredns" rollout to finish: 1 of 2 updated replicas are available...
deployment "coredns" successfully rolled out
$ echo "  #  show that foo.default.svc.cluster.local does resolve now"
  #  show that foo.default.svc.cluster.local does resolve now
$ kubectl exec foo-0 -- nslookup foo.default.svc.cluster.local

nslookup: can't resolve '(null)': Name does not resolve
Name:      foo.default.svc.cluster.local
Address 1: 10.244.0.6 foo-0.foo.default.svc.cluster.local
$ echo "  #  patch coredns to 1.8.0"
$ kubectl patch -n kube-system deploy coredns --type='json' -p '[{"op": "replace", "path": "/spec/template/spec/containers/0/image", "value": "coredns/coredns:1.8.0"}]'
$ kubectl rollout status -n kube-system deployment coredns
$ echo "  #  show that foo.default.svc.cluster.local does not resolve anymore"
  #  show that foo.default.svc.cluster.local does not resolve anymore
$ kubectl exec foo-0 -- nslookup foo.default.svc.cluster.local
nslookup: can't resolve '(null)': Name does not resolve

nslookup: can't resolve 'foo.default.svc.cluster.local': Name does not resolve
command terminated with exit code 1
	apiVersion: v1
	kind: Service
	metadata:
	name: foo
	labels:
	app: foo
	spec:
	ports:
	- port: 8080
	name: web
	clusterIP: None
	selector:
	app: foo
	---
	apiVersion: apps/v1
	kind: StatefulSet
	metadata:
	name: foo
	spec:
	serviceName: foo
	selector:
	matchLabels:
	app: foo
	replicas: 1
	template:
	metadata:
	labels:
	app: foo
	spec:
	containers:
	- name: kuard
	image: gcr.io/kuar-demo/kuard-amd64:blue
	ports:
	- containerPort: 8080
	name: http
	readinessProbe:
	exec:
	command:
	- cat /foo
	$ export KUBECONFIG=$(mktemp)
	$ kind version
	kind v0.10.0 go1.15.7 linux/amd64
	$ kind create cluster --name foo
	Creating cluster "foo" ...
	✓ Ensuring node image (kindest/node:v1.20.2) 🖼
	✓ Preparing nodes 📦
	✓ Writing configuration 📜
	✓ Starting control-plane 🕹️
	✓ Installing CNI 🔌
	✓ Installing StorageClass 💾
	Set kubectl context to "kind-foo"
	You can now use your cluster with:

	kubectl cluster-info --context kind-foo

	Thanks for using kind! 😊
	$ kubectl apply -f /tmp/foo.yaml
	service/foo unchanged
	statefulset.apps/test-foo created
	$ kubectl get po
	NAME READY STATUS RESTARTS AGE
	foo-0 0/1 Running 0 8s
	$ kubectl get svc
	NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
	foo ClusterIP None <none> 8080/TCP 2m44s
	kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 5m5s
	$ echo " # show that foo.default.svc.cluster.local does not resolve"
	# show that foo.default.svc.cluster.local does not resolve
	$ kubectl exec foo-0 -- nslookup foo.default.svc.cluster.local
	nslookup: can't resolve '(null)': Name does not resolve

	nslookup: can't resolve 'foo.default.svc.cluster.local': Name does not resolve
	command terminated with exit code 1
	$ kubectl get deploy -n kube-system coredns -o json \| jq '.spec.template.spec.containers[].image' -r
	k8s.gcr.io/coredns:1.7.0
	$ echo " # patch clusterrole for endpoint slices and coredns to 1.8.3"
	# patch clusterrole for endpoint slices and coredns to 1.8.3
	$ kubectl patch clusterrole system:coredns --type json -p '[{"op":"add","path":"/rules/2","value":{"apiGroups":["discovery.k8s.io"],"resources":["endpointslices"],"verbs":["list","watch"]}}]'
	clusterrole.rbac.authorization.k8s.io/system:coredns patched
	$ kubectl patch -n kube-system deploy coredns --type='json' -p '[{"op": "replace", "path": "/spec/template/spec/containers/0/image", "value": "coredns/coredns:1.8.3"}]'
	$ kubectl rollout status -n kube-system deployment coredns
	Waiting for deployment "coredns" rollout to finish: 1 old replicas are pending termination...
	Waiting for deployment "coredns" rollout to finish: 1 old replicas are pending termination...
	Waiting for deployment "coredns" rollout to finish: 1 old replicas are pending termination...
	Waiting for deployment "coredns" rollout to finish: 1 of 2 updated replicas are available...
	deployment "coredns" successfully rolled out
	$ echo " # show that foo.default.svc.cluster.local does resolve now"
	# show that foo.default.svc.cluster.local does resolve now
	$ kubectl exec foo-0 -- nslookup foo.default.svc.cluster.local

	nslookup: can't resolve '(null)': Name does not resolve
	Name: foo.default.svc.cluster.local
	Address 1: 10.244.0.6 foo-0.foo.default.svc.cluster.local
	$ echo " # patch coredns to 1.8.0"
	$ kubectl patch -n kube-system deploy coredns --type='json' -p '[{"op": "replace", "path": "/spec/template/spec/containers/0/image", "value": "coredns/coredns:1.8.0"}]'
	$ kubectl rollout status -n kube-system deployment coredns
	$ echo " # show that foo.default.svc.cluster.local does not resolve anymore"
	# show that foo.default.svc.cluster.local does not resolve anymore
	$ kubectl exec foo-0 -- nslookup foo.default.svc.cluster.local
	nslookup: can't resolve '(null)': Name does not resolve

	nslookup: can't resolve 'foo.default.svc.cluster.local': Name does not resolve
	command terminated with exit code 1