diff options
| author | Alberto Berti <alberto@metapensiero.it> | 2018-05-23 16:26:05 +0200 |
|---|---|---|
| committer | Johan Thomsen <jth@dbc.dk> | 2018-05-25 10:59:10 +0200 |
| commit | 55fa98dd76658309d0f9045f4a901637e5e7bf5d (patch) | |
| tree | c61f33e09c6dfaf7f08b365ce0135f37d6ec500f /nixos/modules/services | |
| parent | 3e3917bb9ef74fe1f63854337d28bd9f01d8461f (diff) | |
| download | nixlib-55fa98dd76658309d0f9045f4a901637e5e7bf5d.tar nixlib-55fa98dd76658309d0f9045f4a901637e5e7bf5d.tar.gz nixlib-55fa98dd76658309d0f9045f4a901637e5e7bf5d.tar.bz2 nixlib-55fa98dd76658309d0f9045f4a901637e5e7bf5d.tar.lz nixlib-55fa98dd76658309d0f9045f4a901637e5e7bf5d.tar.xz nixlib-55fa98dd76658309d0f9045f4a901637e5e7bf5d.tar.zst nixlib-55fa98dd76658309d0f9045f4a901637e5e7bf5d.zip | |
Kuberbetes DNS addon 1.14.4 -> 1.14.10
As shipped with k8s 1.10.3. Also: - updated the definition jsons as they are distributed in k8s. - updated the image uris as they are renamed in k8s - added imageDigest param as per 736848723e5aefa5d24396c58dc6de603399efde
Diffstat (limited to 'nixos/modules/services')
| -rw-r--r-- | nixos/modules/services/cluster/kubernetes/dns.nix | 123 |
1 files changed, 62 insertions, 61 deletions
diff --git a/nixos/modules/services/cluster/kubernetes/dns.nix b/nixos/modules/services/cluster/kubernetes/dns.nix index 939f58fc41b7..9751e5f7cf0a 100644 --- a/nixos/modules/services/cluster/kubernetes/dns.nix +++ b/nixos/modules/services/cluster/kubernetes/dns.nix @@ -3,27 +3,27 @@ with lib; let - version = "1.14.4"; + version = "1.14.10"; k8s-dns-kube-dns = pkgs.dockerTools.pullImage { - imageName = "gcr.io/google_containers/k8s-dns-kube-dns-amd64"; + imageName = "k8s.gcr.io/k8s-dns-kube-dns-amd64"; + imageDigest = "sha256:b99fc3eee2a9f052f7eb4cc00f15eb12fc405fa41019baa2d6b79847ae7284a8"; finalImageTag = version; - sha256 = "0q97xfqrigrfjl2a9cxl5in619py0zv44gch09jm8gqjkxl80imp"; - imageDigest = "sha256:40790881bbe9ef4ae4ff7fe8b892498eecb7fe6dcc22661402f271e03f7de344"; + sha256 = "0x583znk9smqn0fix7ld8sm5jgaxhqhx3fq97b1wkqm7iwhvl3pj"; }; k8s-dns-dnsmasq-nanny = pkgs.dockerTools.pullImage { - imageName = "gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64"; + imageName = "k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64"; + imageDigest = "sha256:bbb2a290a568125b3b996028958eb773f33b5b87a6b37bf38a28f8b62dddb3c8"; finalImageTag = version; - sha256 = "051w5ca4qb88mwva4hbnh9xzlsvv7k1mbk3wz50lmig2mqrqqx6c"; - imageDigest = "sha256:aeeb994acbc505eabc7415187cd9edb38cbb5364dc1c2fc748154576464b3dc2"; + sha256 = "1fihml7s2mfwgac51cbqpylkwbivc8nyhgi4vb820s83zvl8a6y1"; }; k8s-dns-sidecar = pkgs.dockerTools.pullImage { - imageName = "gcr.io/google_containers/k8s-dns-sidecar-amd64"; + imageName = "k8s.gcr.io/k8s-dns-sidecar-amd64"; + imageDigest = "sha256:4f1ab957f87b94a5ec1edc26fae50da2175461f00afecf68940c4aa079bd08a4"; finalImageTag = version; - sha256 = "1z0d129bcm8i2cqq36x5jhnrv9hirj8c6kjrmdav8vgf7py78vsm"; - imageDigest = "sha256:97074c951046e37d3cbb98b82ae85ed15704a290cce66a8314e7f846404edde9"; + sha256 = "08l1bv5jgrhvjzpqpbinrkgvv52snc4fzyd8ya9v18ns2klyz7m0"; }; cfg = config.services.kubernetes.addons.dns; @@ -59,7 +59,7 @@ in { services.kubernetes.addonManager.addons = { kubedns-deployment = { - apiVersion = "apps/v1beta1"; + apiVersion = "extensions/v1beta1"; kind = "Deployment"; metadata = { labels = { @@ -84,9 +84,38 @@ in { labels.k8s-app = "kube-dns"; }; spec = { + priorityClassName = "system-cluster-critical"; containers = [ { name = "kubedns"; + image = "k8s.gcr.io/k8s-dns-kube-dns-amd64:${version}"; + resources = { + limits.memory = "170Mi"; + requests = { + cpu = "100m"; + memory = "70Mi"; + }; + }; + livenessProbe = { + failureThreshold = 5; + httpGet = { + path = "/healthcheck/kubedns"; + port = 10054; + scheme = "HTTP"; + }; + initialDelaySeconds = 60; + successThreshold = 1; + timeoutSeconds = 5; + }; + readinessProbe = { + httpGet = { + path = "/readiness"; + port = 8081; + scheme = "HTTP"; + }; + initialDelaySeconds = 3; + timeoutSeconds = 5; + }; args = [ "--domain=${cfg.clusterDomain}" "--dns-port=10053" @@ -99,18 +128,6 @@ in { value = "10055"; } ]; - image = "gcr.io/google_containers/k8s-dns-kube-dns-amd64:${version}"; - livenessProbe = { - failureThreshold = 5; - httpGet = { - path = "/healthcheck/kubedns"; - port = 10054; - scheme = "HTTP"; - }; - initialDelaySeconds = 60; - successThreshold = 1; - timeoutSeconds = 5; - }; ports = [ { containerPort = 10053; @@ -128,22 +145,6 @@ in { protocol = "TCP"; } ]; - readinessProbe = { - httpGet = { - path = "/readiness"; - port = 8081; - scheme = "HTTP"; - }; - initialDelaySeconds = 3; - timeoutSeconds = 5; - }; - resources = { - limits.memory = "170Mi"; - requests = { - cpu = "100m"; - memory = "70Mi"; - }; - }; volumeMounts = [ { mountPath = "/kube-dns-config"; @@ -152,6 +153,19 @@ in { ]; } { + name = "dnsmasq"; + image = "k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64:${version}"; + livenessProbe = { + httpGet = { + path = "/healthcheck/dnsmasq"; + port = 10054; + scheme = "HTTP"; + }; + initialDelaySeconds = 60; + timeoutSeconds = 5; + successThreshold = 1; + failureThreshold = 5; + }; args = [ "-v=2" "-logtostderr" @@ -165,19 +179,6 @@ in { "--server=/in-addr.arpa/127.0.0.1#10053" "--server=/ip6.arpa/127.0.0.1#10053" ]; - image = "gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64:${version}"; - livenessProbe = { - failureThreshold = 5; - httpGet = { - path = "/healthcheck/dnsmasq"; - port = 10054; - scheme = "HTTP"; - }; - initialDelaySeconds = 60; - successThreshold = 1; - timeoutSeconds = 5; - }; - name = "dnsmasq"; ports = [ { containerPort = 53; @@ -205,24 +206,24 @@ in { } { name = "sidecar"; - image = "gcr.io/google_containers/k8s-dns-sidecar-amd64:${version}"; - args = [ - "--v=2" - "--logtostderr" - "--probe=kubedns,127.0.0.1:10053,kubernetes.default.svc.${cfg.clusterDomain},5,A" - "--probe=dnsmasq,127.0.0.1:53,kubernetes.default.svc.${cfg.clusterDomain},5,A" - ]; + image = "k8s.gcr.io/k8s-dns-sidecar-amd64:${version}"; livenessProbe = { - failureThreshold = 5; httpGet = { path = "/metrics"; port = 10054; scheme = "HTTP"; }; initialDelaySeconds = 60; - successThreshold = 1; timeoutSeconds = 5; + successThreshold = 1; + failureThreshold = 5; }; + args = [ + "--v=2" + "--logtostderr" + "--probe=kubedns,127.0.0.1:10053,kubernetes.default.svc.${cfg.clusterDomain},5,A" + "--probe=dnsmasq,127.0.0.1:53,kubernetes.default.svc.${cfg.clusterDomain},5,A" + ]; ports = [ { containerPort = 10054; |