kube/bind/bind-secondary.yaml

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: bind-secondary-config
data:
  named.conf: |
    include "/etc/bind/readonly.key";
    options {
        recursion no;
        pid-file "/var/bind/named.pid";
        allow-query { 0.0.0.0/0; };
        allow-notify { 172.20.0.2; };
        allow-transfer { none; };
        check-names slave ignore;
    };
    zone "k-space.ee" { type slave; masters { 172.20.0.2 key readonly; }; };
    zone "k6.ee" { type slave; masters { 172.20.0.2 key readonly; }; };
    zone "kspace.ee" { type slave; masters { 172.20.0.2 key readonly; }; };
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: bind-secondary
  namespace: bind
spec:
  replicas: 3
  selector:
    matchLabels:
      app: bind-secondary
  template:
    metadata:
      labels:
        app: bind-secondary
    spec:
      volumes:
        - name: run
          emptyDir: {}
      containers:
        - name: bind-secondary
          image: internetsystemsconsortium/bind9:9.19
          volumeMounts:
            - mountPath: /run/named
              name: run
          workingDir: /var/bind
          command:
            - named
            - -g
            - -c
            - /etc/bind/named.conf
          volumeMounts:
            - name: bind-secondary-config
              mountPath: /etc/bind
              readOnly: true
            - name: bind-data
              mountPath: /var/bind
      volumes:
        - name: bind-secondary-config
          projected:
            sources:
              - configMap:
                  name: bind-secondary-config
              - secret:
                  name: bind-readonly-secret
        - name: bind-data
          emptyDir: {}
      affinity:
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            - labelSelector:
                matchExpressions:
                  - key: app
                    operator: In
                    values:
                      - bind-secondary
              topologyKey: "kubernetes.io/hostname"
---
apiVersion: v1
kind: Service
metadata:
  name: bind-secondary
  namespace: bind
spec:
  type: LoadBalancer
  externalTrafficPolicy: Local
  loadBalancerIP: 62.65.250.2
  selector:
    app: bind-secondary
  ports:
    - protocol: TCP
      port: 53
      name: dns-tcp
      targetPort: 53
    - protocol: UDP
      port: 53
      name: dns-udp
      targetPort: 53
---
apiVersion: v1
kind: Service
metadata:
  name: bind-secondary-0
  namespace: bind
spec:
  type: LoadBalancer
  externalTrafficPolicy: Local
  loadBalancerIP: 172.20.53.1
  selector:
    app: bind-secondary
    statefulset.kubernetes.io/pod-name: bind-secondary-0
  ports:
    - protocol: TCP
      port: 53
      name: dns-tcp
      targetPort: 53
    - protocol: UDP
      port: 53
      name: dns-udp
      targetPort: 53
---
apiVersion: v1
kind: Service
metadata:
  name: bind-secondary-1
  namespace: bind
spec:
  type: LoadBalancer
  externalTrafficPolicy: Local
  loadBalancerIP: 172.20.53.2
  selector:
    app: bind-secondary
    statefulset.kubernetes.io/pod-name: bind-secondary-1
  ports:
    - protocol: TCP
      port: 53
      name: dns-tcp
      targetPort: 53
    - protocol: UDP
      port: 53
      name: dns-udp
      targetPort: 53
---
apiVersion: v1
kind: Service
metadata:
  name: bind-secondary-2
  namespace: bind
spec:
  type: LoadBalancer
  externalTrafficPolicy: Local
  loadBalancerIP: 172.20.53.3
  selector:
    app: bind-secondary
    statefulset.kubernetes.io/pod-name: bind-secondary-2
  ports:
    - protocol: TCP
      port: 53
      name: dns-tcp
      targetPort: 53
    - protocol: UDP
      port: 53
      name: dns-udp
      targetPort: 53
Update whole Bind setup 2023-08-19 18:31:30 +00:00			`---`
			`apiVersion: v1`
			`kind: ConfigMap`
			`metadata:`
			`name: bind-secondary-config`
			`data:`
			`named.conf: \|`
			`include "/etc/bind/readonly.key";`
			`options {`
			`recursion no;`
			`pid-file "/var/bind/named.pid";`
			`allow-query { 0.0.0.0/0; };`
			`allow-notify { 172.20.0.2; };`
			`allow-transfer { none; };`
			`check-names slave ignore;`
			`};`
			`zone "k-space.ee" { type slave; masters { 172.20.0.2 key readonly; }; };`
			`zone "k6.ee" { type slave; masters { 172.20.0.2 key readonly; }; };`
			`zone "kspace.ee" { type slave; masters { 172.20.0.2 key readonly; }; };`
			`---`
			`apiVersion: apps/v1`
			`kind: StatefulSet`
			`metadata:`
			`name: bind-secondary`
			`namespace: bind`
			`spec:`
			`replicas: 3`
			`selector:`
			`matchLabels:`
			`app: bind-secondary`
			`template:`
			`metadata:`
			`labels:`
			`app: bind-secondary`
			`spec:`
			`volumes:`
			`- name: run`
			`emptyDir: {}`
			`containers:`
			`- name: bind-secondary`
			`image: internetsystemsconsortium/bind9:9.19`
			`volumeMounts:`
			`- mountPath: /run/named`
			`name: run`
			`workingDir: /var/bind`
			`command:`
			`- named`
			`- -g`
			`- -c`
			`- /etc/bind/named.conf`
			`volumeMounts:`
			`- name: bind-secondary-config`
			`mountPath: /etc/bind`
			`readOnly: true`
			`- name: bind-data`
			`mountPath: /var/bind`
			`volumes:`
			`- name: bind-secondary-config`
			`projected:`
			`sources:`
			`- configMap:`
			`name: bind-secondary-config`
			`- secret:`
			`name: bind-readonly-secret`
			`- name: bind-data`
			`emptyDir: {}`
			`affinity:`
			`podAntiAffinity:`
			`requiredDuringSchedulingIgnoredDuringExecution:`
			`- labelSelector:`
			`matchExpressions:`
			`- key: app`
			`operator: In`
			`values:`
			`- bind-secondary`
			`topologyKey: "kubernetes.io/hostname"`
			`---`
			`apiVersion: v1`
			`kind: Service`
			`metadata:`
			`name: bind-secondary`
			`namespace: bind`
			`spec:`
			`type: LoadBalancer`
			`externalTrafficPolicy: Local`
			`loadBalancerIP: 62.65.250.2`
			`selector:`
			`app: bind-secondary`
			`ports:`
			`- protocol: TCP`
			`port: 53`
			`name: dns-tcp`
			`targetPort: 53`
			`- protocol: UDP`
			`port: 53`
			`name: dns-udp`
			`targetPort: 53`
			`---`
			`apiVersion: v1`
			`kind: Service`
			`metadata:`
			`name: bind-secondary-0`
			`namespace: bind`
			`spec:`
			`type: LoadBalancer`
			`externalTrafficPolicy: Local`
			`loadBalancerIP: 172.20.53.1`
			`selector:`
			`app: bind-secondary`
			`statefulset.kubernetes.io/pod-name: bind-secondary-0`
			`ports:`
			`- protocol: TCP`
			`port: 53`
			`name: dns-tcp`
			`targetPort: 53`
			`- protocol: UDP`
			`port: 53`
			`name: dns-udp`
			`targetPort: 53`
			`---`
			`apiVersion: v1`
			`kind: Service`
			`metadata:`
			`name: bind-secondary-1`
			`namespace: bind`
			`spec:`
			`type: LoadBalancer`
			`externalTrafficPolicy: Local`
			`loadBalancerIP: 172.20.53.2`
			`selector:`
			`app: bind-secondary`
			`statefulset.kubernetes.io/pod-name: bind-secondary-1`
			`ports:`
			`- protocol: TCP`
			`port: 53`
			`name: dns-tcp`
			`targetPort: 53`
			`- protocol: UDP`
			`port: 53`
			`name: dns-udp`
			`targetPort: 53`
			`---`
			`apiVersion: v1`
			`kind: Service`
			`metadata:`
			`name: bind-secondary-2`
			`namespace: bind`
			`spec:`
			`type: LoadBalancer`
			`externalTrafficPolicy: Local`
			`loadBalancerIP: 172.20.53.3`
			`selector:`
			`app: bind-secondary`
			`statefulset.kubernetes.io/pod-name: bind-secondary-2`
			`ports:`
			`- protocol: TCP`
			`port: 53`
			`name: dns-tcp`
			`targetPort: 53`
			`- protocol: UDP`
			`port: 53`
			`name: dns-udp`
			`targetPort: 53`