pyrox.dev / nixpkgs
lol
fork atom

Kuberbetes DNS addon 1.14.4 -> 1.14.10

As shipped with k8s 1.10.3.

Also:
- updated the definition jsons as they are distributed in k8s.
- updated the image uris as they are renamed in k8s
- added imageDigest param as per 736848723e5aefa5d24396c58dc6de603399efde

Alberto Berti 55fa98dd 3e3917bb

options
unified split
Changed files
+62 -61
nixos
modules
services
cluster
kubernetes
dns.nix
+62 -61
nixos/modules/services/cluster/kubernetes/dns.nix 
···

       
3

       
 

       
with lib;


     

       
4

       
 

       



     

       
5

       
 

       
let


     

       
6

       
-

       
  version = "1.14.4";


     

       
7

       
 

       



     

       
8

       
 

       
  k8s-dns-kube-dns = pkgs.dockerTools.pullImage {


     

       
9

       
-

       
    imageName = "gcr.io/google_containers/k8s-dns-kube-dns-amd64";


     

       

       

       
     

       
10

       
 

       
    finalImageTag = version;


     

       
11

       
-

       
    sha256 = "0q97xfqrigrfjl2a9cxl5in619py0zv44gch09jm8gqjkxl80imp";


     

       
12

       
-

       
    imageDigest = "sha256:40790881bbe9ef4ae4ff7fe8b892498eecb7fe6dcc22661402f271e03f7de344";


     

       
13

       
 

       
  };


     

       
14

       
 

       



     

       
15

       
 

       
  k8s-dns-dnsmasq-nanny = pkgs.dockerTools.pullImage {


     

       
16

       
-

       
    imageName = "gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64";


     

       

       

       
     

       
17

       
 

       
    finalImageTag = version;


     

       
18

       
-

       
    sha256 = "051w5ca4qb88mwva4hbnh9xzlsvv7k1mbk3wz50lmig2mqrqqx6c";


     

       
19

       
-

       
    imageDigest = "sha256:aeeb994acbc505eabc7415187cd9edb38cbb5364dc1c2fc748154576464b3dc2";


     

       
20

       
 

       
  };


     

       
21

       
 

       



     

       
22

       
 

       
  k8s-dns-sidecar = pkgs.dockerTools.pullImage {


     

       
23

       
-

       
    imageName = "gcr.io/google_containers/k8s-dns-sidecar-amd64";


     

       

       

       
     

       
24

       
 

       
    finalImageTag = version;


     

       
25

       
-

       
    sha256 = "1z0d129bcm8i2cqq36x5jhnrv9hirj8c6kjrmdav8vgf7py78vsm";


     

       
26

       
-

       
    imageDigest = "sha256:97074c951046e37d3cbb98b82ae85ed15704a290cce66a8314e7f846404edde9";


     

       
27

       
 

       
  };


     

       
28

       
 

       



     

       
29

       
 

       
  cfg = config.services.kubernetes.addons.dns;


     
···

       
59

       
 

       



     

       
60

       
 

       
    services.kubernetes.addonManager.addons = {


     

       
61

       
 

       
      kubedns-deployment = {


     

       
62

       
-

       
        apiVersion = "apps/v1beta1";


     

       
63

       
 

       
        kind = "Deployment";


     

       
64

       
 

       
        metadata = {


     

       
65

       
 

       
          labels = {


     
···

       
84

       
 

       
              labels.k8s-app = "kube-dns";


     

       
85

       
 

       
            };


     

       
86

       
 

       
            spec = {


     

       

       

       
     

       
87

       
 

       
              containers = [


     

       
88

       
 

       
                {


     

       
89

       
 

       
                  name = "kubedns";


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
90

       
 

       
                  args = [


     

       
91

       
 

       
                    "--domain=${cfg.clusterDomain}"


     

       
92

       
 

       
                    "--dns-port=10053"


     
···

       
99

       
 

       
                      value = "10055";


     

       
100

       
 

       
                    }


     

       
101

       
 

       
                  ];


     

       
102

       
-

       
                  image = "gcr.io/google_containers/k8s-dns-kube-dns-amd64:${version}";


     

       
103

       
-

       
                  livenessProbe = {


     

       
104

       
-

       
                    failureThreshold = 5;


     

       
105

       
-

       
                    httpGet = {


     

       
106

       
-

       
                      path = "/healthcheck/kubedns";


     

       
107

       
-

       
                      port = 10054;


     

       
108

       
-

       
                      scheme = "HTTP";


     

       
109

       
-

       
                    };


     

       
110

       
-

       
                    initialDelaySeconds = 60;


     

       
111

       
-

       
                    successThreshold = 1;


     

       
112

       
-

       
                    timeoutSeconds = 5;


     

       
113

       
-

       
                  };


     

       
114

       
 

       
                  ports = [


     

       
115

       
 

       
                    {


     

       
116

       
 

       
                      containerPort = 10053;


     
···

       
128

       
 

       
                      protocol = "TCP";


     

       
129

       
 

       
                    }


     

       
130

       
 

       
                  ];


     

       
131

       
-

       
                  readinessProbe = {


     

       
132

       
-

       
                    httpGet = {


     

       
133

       
-

       
                      path = "/readiness";


     

       
134

       
-

       
                      port = 8081;


     

       
135

       
-

       
                      scheme = "HTTP";


     

       
136

       
-

       
                    };


     

       
137

       
-

       
                    initialDelaySeconds = 3;


     

       
138

       
-

       
                    timeoutSeconds = 5;


     

       
139

       
-

       
                  };


     

       
140

       
-

       
                  resources = {


     

       
141

       
-

       
                    limits.memory = "170Mi";


     

       
142

       
-

       
                    requests = {


     

       
143

       
-

       
                      cpu = "100m";


     

       
144

       
-

       
                      memory = "70Mi";


     

       
145

       
-

       
                    };


     

       
146

       
-

       
                  };


     

       
147

       
 

       
                  volumeMounts = [


     

       
148

       
 

       
                    {


     

       
149

       
 

       
                      mountPath = "/kube-dns-config";


     
···

       
152

       
 

       
                  ];


     

       
153

       
 

       
                }


     

       
154

       
 

       
                {


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
155

       
 

       
                  args = [


     

       
156

       
 

       
                    "-v=2"


     

       
157

       
 

       
                    "-logtostderr"


     
···

       
165

       
 

       
                    "--server=/in-addr.arpa/127.0.0.1#10053"


     

       
166

       
 

       
                    "--server=/ip6.arpa/127.0.0.1#10053"


     

       
167

       
 

       
                  ];


     

       
168

       
-

       
                  image = "gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64:${version}";


     

       
169

       
-

       
                  livenessProbe = {


     

       
170

       
-

       
                    failureThreshold = 5;


     

       
171

       
-

       
                    httpGet = {


     

       
172

       
-

       
                      path = "/healthcheck/dnsmasq";


     

       
173

       
-

       
                      port = 10054;


     

       
174

       
-

       
                      scheme = "HTTP";


     

       
175

       
-

       
                    };


     

       
176

       
-

       
                    initialDelaySeconds = 60;


     

       
177

       
-

       
                    successThreshold = 1;


     

       
178

       
-

       
                    timeoutSeconds = 5;


     

       
179

       
-

       
                  };


     

       
180

       
-

       
                  name = "dnsmasq";


     

       
181

       
 

       
                  ports = [


     

       
182

       
 

       
                    {


     

       
183

       
 

       
                      containerPort = 53;


     
···

       
205

       
 

       
                }


     

       
206

       
 

       
                {


     

       
207

       
 

       
                  name = "sidecar";


     

       
208

       
-

       
                  image = "gcr.io/google_containers/k8s-dns-sidecar-amd64:${version}";


     

       
209

       
-

       
                  args = [


     

       
210

       
-

       
                    "--v=2"


     

       
211

       
-

       
                    "--logtostderr"


     

       
212

       
-

       
                    "--probe=kubedns,127.0.0.1:10053,kubernetes.default.svc.${cfg.clusterDomain},5,A"


     

       
213

       
-

       
                    "--probe=dnsmasq,127.0.0.1:53,kubernetes.default.svc.${cfg.clusterDomain},5,A"


     

       
214

       
-

       
                  ];


     

       
215

       
 

       
                  livenessProbe = {


     

       
216

       
-

       
                    failureThreshold = 5;


     

       
217

       
 

       
                    httpGet = {


     

       
218

       
 

       
                      path = "/metrics";


     

       
219

       
 

       
                      port = 10054;


     

       
220

       
 

       
                      scheme = "HTTP";


     

       
221

       
 

       
                    };


     

       
222

       
 

       
                    initialDelaySeconds = 60;


     

       

       

       
     

       
223

       
 

       
                    successThreshold = 1;


     

       
224

       
-

       
                    timeoutSeconds = 5;


     

       
225

       
 

       
                  };


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
226

       
 

       
                  ports = [


     

       
227

       
 

       
                    {


     

       
228

       
 

       
                      containerPort = 10054;


     
···

       
3

       
 

       
with lib;


     

       
4

       
 

       



     

       
5

       
 

       
let


     

       
6

       
+

       
  version = "1.14.10";


     

       
7

       
 

       



     

       
8

       
 

       
  k8s-dns-kube-dns = pkgs.dockerTools.pullImage {


     

       
9

       
+

       
    imageName = "k8s.gcr.io/k8s-dns-kube-dns-amd64";


     

       
10

       
+

       
    imageDigest = "sha256:b99fc3eee2a9f052f7eb4cc00f15eb12fc405fa41019baa2d6b79847ae7284a8";


     

       
11

       
 

       
    finalImageTag = version;


     

       
12

       
+

       
    sha256 = "0x583znk9smqn0fix7ld8sm5jgaxhqhx3fq97b1wkqm7iwhvl3pj";


     

       

       

       
     

       
13

       
 

       
  };


     

       
14

       
 

       



     

       
15

       
 

       
  k8s-dns-dnsmasq-nanny = pkgs.dockerTools.pullImage {


     

       
16

       
+

       
    imageName = "k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64";


     

       
17

       
+

       
    imageDigest = "sha256:bbb2a290a568125b3b996028958eb773f33b5b87a6b37bf38a28f8b62dddb3c8";


     

       
18

       
 

       
    finalImageTag = version;


     

       
19

       
+

       
    sha256 = "1fihml7s2mfwgac51cbqpylkwbivc8nyhgi4vb820s83zvl8a6y1";


     

       

       

       
     

       
20

       
 

       
  };


     

       
21

       
 

       



     

       
22

       
 

       
  k8s-dns-sidecar = pkgs.dockerTools.pullImage {


     

       
23

       
+

       
    imageName = "k8s.gcr.io/k8s-dns-sidecar-amd64";


     

       
24

       
+

       
    imageDigest = "sha256:4f1ab957f87b94a5ec1edc26fae50da2175461f00afecf68940c4aa079bd08a4";


     

       
25

       
 

       
    finalImageTag = version;


     

       
26

       
+

       
    sha256 = "08l1bv5jgrhvjzpqpbinrkgvv52snc4fzyd8ya9v18ns2klyz7m0";


     

       

       

       
     

       
27

       
 

       
  };


     

       
28

       
 

       



     

       
29

       
 

       
  cfg = config.services.kubernetes.addons.dns;


     
···

       
59

       
 

       



     

       
60

       
 

       
    services.kubernetes.addonManager.addons = {


     

       
61

       
 

       
      kubedns-deployment = {


     

       
62

       
+

       
        apiVersion = "extensions/v1beta1";


     

       
63

       
 

       
        kind = "Deployment";


     

       
64

       
 

       
        metadata = {


     

       
65

       
 

       
          labels = {


     
···

       
84

       
 

       
              labels.k8s-app = "kube-dns";


     

       
85

       
 

       
            };


     

       
86

       
 

       
            spec = {


     

       
87

       
+

       
              priorityClassName = "system-cluster-critical";


     

       
88

       
 

       
              containers = [


     

       
89

       
 

       
                {


     

       
90

       
 

       
                  name = "kubedns";


     

       
91

       
+

       
                  image = "k8s.gcr.io/k8s-dns-kube-dns-amd64:${version}";


     

       
92

       
+

       
                  resources = {


     

       
93

       
+

       
                    limits.memory = "170Mi";


     

       
94

       
+

       
                    requests = {


     

       
95

       
+

       
                      cpu = "100m";


     

       
96

       
+

       
                      memory = "70Mi";


     

       
97

       
+

       
                    };


     

       
98

       
+

       
                  };


     

       
99

       
+

       
                  livenessProbe = {


     

       
100

       
+

       
                    failureThreshold = 5;


     

       
101

       
+

       
                    httpGet = {


     

       
102

       
+

       
                      path = "/healthcheck/kubedns";


     

       
103

       
+

       
                      port = 10054;


     

       
104

       
+

       
                      scheme = "HTTP";


     

       
105

       
+

       
                    };


     

       
106

       
+

       
                    initialDelaySeconds = 60;


     

       
107

       
+

       
                    successThreshold = 1;


     

       
108

       
+

       
                    timeoutSeconds = 5;


     

       
109

       
+

       
                  };


     

       
110

       
+

       
                  readinessProbe = {


     

       
111

       
+

       
                    httpGet = {


     

       
112

       
+

       
                      path = "/readiness";


     

       
113

       
+

       
                      port = 8081;


     

       
114

       
+

       
                      scheme = "HTTP";


     

       
115

       
+

       
                    };


     

       
116

       
+

       
                    initialDelaySeconds = 3;


     

       
117

       
+

       
                    timeoutSeconds = 5;


     

       
118

       
+

       
                  };


     

       
119

       
 

       
                  args = [


     

       
120

       
 

       
                    "--domain=${cfg.clusterDomain}"


     

       
121

       
 

       
                    "--dns-port=10053"


     
···

       
128

       
 

       
                      value = "10055";


     

       
129

       
 

       
                    }


     

       
130

       
 

       
                  ];


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
131

       
 

       
                  ports = [


     

       
132

       
 

       
                    {


     

       
133

       
 

       
                      containerPort = 10053;


     
···

       
145

       
 

       
                      protocol = "TCP";


     

       
146

       
 

       
                    }


     

       
147

       
 

       
                  ];


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
148

       
 

       
                  volumeMounts = [


     

       
149

       
 

       
                    {


     

       
150

       
 

       
                      mountPath = "/kube-dns-config";


     
···

       
153

       
 

       
                  ];


     

       
154

       
 

       
                }


     

       
155

       
 

       
                {


     

       
156

       
+

       
                  name = "dnsmasq";


     

       
157

       
+

       
                  image = "k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64:${version}";


     

       
158

       
+

       
                  livenessProbe = {


     

       
159

       
+

       
                    httpGet = {


     

       
160

       
+

       
                      path = "/healthcheck/dnsmasq";


     

       
161

       
+

       
                      port = 10054;


     

       
162

       
+

       
                      scheme = "HTTP";


     

       
163

       
+

       
                    };


     

       
164

       
+

       
                    initialDelaySeconds = 60;


     

       
165

       
+

       
                    timeoutSeconds = 5;


     

       
166

       
+

       
                    successThreshold = 1;


     

       
167

       
+

       
                    failureThreshold = 5;


     

       
168

       
+

       
                  };


     

       
169

       
 

       
                  args = [


     

       
170

       
 

       
                    "-v=2"


     

       
171

       
 

       
                    "-logtostderr"


     
···

       
179

       
 

       
                    "--server=/in-addr.arpa/127.0.0.1#10053"


     

       
180

       
 

       
                    "--server=/ip6.arpa/127.0.0.1#10053"


     

       
181

       
 

       
                  ];


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
182

       
 

       
                  ports = [


     

       
183

       
 

       
                    {


     

       
184

       
 

       
                      containerPort = 53;


     
···

       
206

       
 

       
                }


     

       
207

       
 

       
                {


     

       
208

       
 

       
                  name = "sidecar";


     

       
209

       
+

       
                  image = "k8s.gcr.io/k8s-dns-sidecar-amd64:${version}";


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
210

       
 

       
                  livenessProbe = {


     

       

       

       
     

       
211

       
 

       
                    httpGet = {


     

       
212

       
 

       
                      path = "/metrics";


     

       
213

       
 

       
                      port = 10054;


     

       
214

       
 

       
                      scheme = "HTTP";


     

       
215

       
 

       
                    };


     

       
216

       
 

       
                    initialDelaySeconds = 60;


     

       
217

       
+

       
                    timeoutSeconds = 5;


     

       
218

       
 

       
                    successThreshold = 1;


     

       
219

       
+

       
                    failureThreshold = 5;


     

       
220

       
 

       
                  };


     

       
221

       
+

       
                  args = [


     

       
222

       
+

       
                    "--v=2"


     

       
223

       
+

       
                    "--logtostderr"


     

       
224

       
+

       
                    "--probe=kubedns,127.0.0.1:10053,kubernetes.default.svc.${cfg.clusterDomain},5,A"


     

       
225

       
+

       
                    "--probe=dnsmasq,127.0.0.1:53,kubernetes.default.svc.${cfg.clusterDomain},5,A"


     

       
226

       
+

       
                  ];


     

       
227

       
 

       
                  ports = [


     

       
228

       
 

       
                    {


     

       
229

       
 

       
                      containerPort = 10054;