下载deployment模版

下载地址：

参考资料：

# Copyright 2016 The Kubernetes Authors.## Licensed under the Apache License, Version 2.0 (the "License");# you may not use this file except in compliance with the License.# You may obtain a copy of the License at##     http://www.apache.org/licenses/LICENSE-2.0## Unless required by applicable law or agreed to in writing, software# distributed under the License is distributed on an "AS IS" BASIS,# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.# See the License for the specific language governing permissions and# limitations under the License.# Should keep target in cluster/addons/dns-horizontal-autoscaler/dns-horizontal-autoscaler.yaml# in sync with this file.# Warning: This is a file generated from the base underscore template file: kube-dns.yaml.baseapiVersion: v1kind: Servicemetadata:  name: kube-dns  namespace: kube-system  labels:    k8s-app: kube-dns    kubernetes.io/cluster-service: "true"    addonmanager.kubernetes.io/mode: Reconcile    kubernetes.io/name: "KubeDNS"spec:  selector:    k8s-app: kube-dns  clusterIP: $DNS_SERVER_IP  ports:  - name: dns    port: 53    protocol: UDP  - name: dns-tcp    port: 53    protocol: TCP---apiVersion: v1kind: ServiceAccountmetadata:  name: kube-dns  namespace: kube-system  labels:    kubernetes.io/cluster-service: "true"    addonmanager.kubernetes.io/mode: Reconcile---apiVersion: v1kind: ConfigMapmetadata:  name: kube-dns  namespace: kube-system  labels:    addonmanager.kubernetes.io/mode: EnsureExists---apiVersion: extensions/v1beta1kind: Deploymentmetadata:  name: kube-dns  namespace: kube-system  labels:    k8s-app: kube-dns    kubernetes.io/cluster-service: "true"    addonmanager.kubernetes.io/mode: Reconcilespec:  # replicas: not specified here:  # 1. In order to make Addon Manager do not reconcile this replicas parameter.  # 2. Default is 1.  # 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on.  strategy:    rollingUpdate:      maxSurge: 10%      maxUnavailable: 0  selector:    matchLabels:      k8s-app: kube-dns  template:    metadata:      labels:        k8s-app: kube-dns      annotations:        scheduler.alpha.kubernetes.io/critical-pod: ''    spec:      tolerations:      - key: "CriticalAddonsOnly"        operator: "Exists"      volumes:      - name: kube-dns-config        configMap:          name: kube-dns          optional: true      containers:      - name: kubedns        image: gcr.io/google_containers/k8s-dns-kube-dns-amd64:1.14.1        resources:          # TODO: Set memory limits when we've profiled the container for large          # clusters, then set request = limit to keep this container in          # guaranteed class. Currently, this container falls into the          # "burstable" category so the kubelet doesn't backoff from restarting it.          limits:            memory: 170Mi          requests:            cpu: 100m            memory: 70Mi        livenessProbe:          httpGet:            path: /healthcheck/kubedns            port: 10054            scheme: HTTP          initialDelaySeconds: 60          timeoutSeconds: 5          successThreshold: 1          failureThreshold: 5        readinessProbe:          httpGet:            path: /readiness            port: 8081            scheme: HTTP          # we poll on pod startup for the Kubernetes master service and          # only setup the /readiness HTTP server once that's available.          initialDelaySeconds: 3          timeoutSeconds: 5        args:        - --domain=$DNS_DOMAIN.        - --dns-port=10053        - --config-dir=/kube-dns-config        - --v=2        env:        - name: PROMETHEUS_PORT          value: "10055"        ports:        - containerPort: 10053          name: dns-local          protocol: UDP        - containerPort: 10053          name: dns-tcp-local          protocol: TCP        - containerPort: 10055          name: metrics          protocol: TCP        volumeMounts:        - name: kube-dns-config          mountPath: /kube-dns-config      - name: dnsmasq        image: gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.1        livenessProbe:          httpGet:            path: /healthcheck/dnsmasq            port: 10054            scheme: HTTP          initialDelaySeconds: 60          timeoutSeconds: 5          successThreshold: 1          failureThreshold: 5        args:        - -v=2        - -logtostderr        - -configDir=/etc/k8s/dns/dnsmasq-nanny        - -restartDnsmasq=true        - --        - -k        - --cache-size=1000        - --no-negcache        - --log-facility=-        - --server=/$DNS_DOMAIN/127.0.0.1#10053        - --server=/in-addr.arpa/127.0.0.1#10053        - --server=/ip6.arpa/127.0.0.1#10053        ports:        - containerPort: 53          name: dns          protocol: UDP        - containerPort: 53          name: dns-tcp          protocol: TCP        # see: https://github.com/kubernetes/kubernetes/issues/29055 for details        resources:          requests:            cpu: 150m            memory: 20Mi        volumeMounts:        - name: kube-dns-config          mountPath: /etc/k8s/dns/dnsmasq-nanny      - name: sidecar        image: gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.1        livenessProbe:          httpGet:            path: /metrics            port: 10054            scheme: HTTP          initialDelaySeconds: 60          timeoutSeconds: 5          successThreshold: 1          failureThreshold: 5        args:        - --v=2        - --logtostderr        - --probe=kubedns,127.0.0.1:10053,kubernetes.default.svc.$DNS_DOMAIN,5,A        - --probe=dnsmasq,127.0.0.1:53,kubernetes.default.svc.$DNS_DOMAIN,5,A        ports:        - containerPort: 10054          name: metrics          protocol: TCP        resources:          requests:            memory: 20Mi            cpu: 10m      dnsPolicy: Default  # Don't use cluster DNS.      serviceAccountName: kube-dns

将$DNS_DOMAIN替换为cluster.local

将$DNS_SERVER_IP替换为DNS在集群中的server ip

sed -i 's/$DNS_DOMAIN/cluster.local/gi'  dns.ymlsed -i 's/$DNS_SERVER_IP/10.254.0.2/gi' dns.yml

在K8S集群上创建svc、deploy、sa、cm

$ kubectl create -f dns.yml