Skip to content

Commit

Permalink
feat: multi-clusters support
Browse files Browse the repository at this point in the history
Signed-off-by: wangyizhi1 <[email protected]>
  • Loading branch information
wangyizhi1 committed Oct 12, 2023
1 parent 45923b6 commit 82227f2
Show file tree
Hide file tree
Showing 23 changed files with 1,141 additions and 59 deletions.
27 changes: 0 additions & 27 deletions .github/workflows/cifuzz.yml

This file was deleted.

14 changes: 0 additions & 14 deletions .github/workflows/depsreview.yml

This file was deleted.

29 changes: 29 additions & 0 deletions .github/workflows/push-images.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
# This workflow will build a golang project
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go

name: Go

on:
push:
tags:
- "v*.*.*"

jobs:
push-images:
runs-on: ubuntu-latest
permissions: write-all
steps:
- name: Checkout code
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set up qemu
uses: docker/setup-qemu-action@v2
- name: Login registry
run: |
echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
- name: Push images
env:
ON_PLUGINS: true
run: |
make upload-images
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,5 @@ Corefile
build/
release/
vendor/

.idea
16 changes: 15 additions & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,27 @@ BUILDOPTS:=-v
GOPATH?=$(HOME)/go
MAKEPWD:=$(dir $(realpath $(firstword $(MAKEFILE_LIST))))
CGO_ENABLED?=0
GOOS?=linux
GOARCH?=amd64
VERSION?=latest
REGISTRY?="ghcr.io/kosmos-io"

.PHONY: all
all: coredns

.PHONY: coredns
coredns: $(CHECKS)
CGO_ENABLED=$(CGO_ENABLED) $(SYSTEM) go build $(BUILDOPTS) -ldflags="-s -w -X github.com/coredns/coredns/coremain.GitCommit=$(GITCOMMIT)" -o $(BINARY)
CGO_ENABLED=$(CGO_ENABLED) GOOS=${GOOS} GOARCH=${GOARCH} go build $(BUILDOPTS) -ldflags="-s -w -X github.com/coredns/coredns/coremain.GitCommit=$(GITCOMMIT)" -o $(BINARY)

.PHONY: images
images: coredns
set -e;\
docker buildx build --output=type=docker --platform ${GOOS}/${GOARCH} --tag ${REGISTRY}/coredns:${VERSION} .

.PHONY: push-images
upload-images: images
@echo "push images to $(REGISTRY)"
docker push ${REGISTRY}/coredns:${VERSION}

.PHONY: check
check: core/plugin/zplugin.go core/dnsserver/zdirectives.go
Expand Down
15 changes: 15 additions & 0 deletions deploy/yamls/coredns-clusterrole.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kosmos-coredns
rules:
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
- nonResourceURLs:
- '*'
verbs:
- get
12 changes: 12 additions & 0 deletions deploy/yamls/coredns-clusterrolebinding.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kosmos-coredns
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kosmos-coredns
subjects:
- kind: ServiceAccount
name: coredns
namespace: kosmos-system
29 changes: 29 additions & 0 deletions deploy/yamls/coredns-cm.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
apiVersion: v1
data:
Corefile: |
.:53 {
errors
health {
lameduck 5s
}
ready
rewrite stop {
name regex (.*).kosmos.local {1}.cluster.local
answer name (.*).cluster.local {1}.kosmos.local
}
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
ttl 30
}
hosts /etc/add-hosts/customer-hosts . {
fallthrough cluster.local in-addr.arpa ip6.arpa
}
prometheus :9153
cache 30
reload
loadbalance
}
kind: ConfigMap
metadata:
name: coredns
namespace: kosmos-system
9 changes: 9 additions & 0 deletions deploy/yamls/coredns-customer-hosts-cm.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
apiVersion: v1
data:
customer-hosts: |
#customer-hosts
#10.10.10.10 myhost
kind: ConfigMap
metadata:
name: coredns-customer-hosts
namespace: kosmos-system
130 changes: 130 additions & 0 deletions deploy/yamls/coredns-deploy.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,130 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
kosmos.io/app: coredns
name: coredns
namespace: kosmos-system
spec:
progressDeadlineSeconds: 600
replicas: 2
revisionHistoryLimit: 10
selector:
matchLabels:
kosmos.io/app: coredns
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
kosmos.io/app: coredns
spec:
containers:
- args:
- -conf
- /etc/coredns/Corefile
image: ghcr.io/kosmos-io/coredns:latest
imagePullPolicy: Always
livenessProbe:
failureThreshold: 5
httpGet:
path: /health
port: 8080
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
name: coredns
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
- containerPort: 9153
name: metrics
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: 8181
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources:
limits:
cpu: 2000m
memory: 2560Mi
requests:
cpu: 1000m
memory: 1280Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
add:
- NET_BIND_SERVICE
drop:
- all
readOnlyRootFilesystem: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/coredns
name: config-volume
readOnly: true
- mountPath: /etc/add-hosts
name: customer-hosts
readOnly: true
dnsPolicy: Default
priorityClassName: system-cluster-critical
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: coredns
serviceAccountName: coredns
terminationGracePeriodSeconds: 30
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
kosmos.io/app: coredns
topologyKey: kubernetes.io/hostname
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
- effect: NoSchedule
key: node.kubernetes.io/unschedulable
operator: Exists
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- configMap:
defaultMode: 420
items:
- key: Corefile
path: Corefile
name: coredns
name: config-volume
- configMap:
defaultMode: 420
items:
- key: customer-hosts
path: customer-hosts
name: coredns-customer-hosts
name: customer-hosts
5 changes: 5 additions & 0 deletions deploy/yamls/coredns-sa.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: coredns
namespace: kosmos-system
28 changes: 28 additions & 0 deletions deploy/yamls/coredns-svc.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
apiVersion: v1
kind: Service
metadata:
labels:
kosmos.io/app: coredns
name: coredns
namespace: kosmos-system
spec:
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
ports:
- name: dns
port: 53
protocol: UDP
targetPort: 53
- name: dns-tcp
port: 53
protocol: TCP
targetPort: 53
- name: metrics
port: 9153
protocol: TCP
targetPort: 9153
selector:
kosmos.io/app: coredns
sessionAffinity: None
type: ClusterIP
Loading

0 comments on commit 82227f2

Please sign in to comment.