--- apiVersion: v1 kind: ConfigMap metadata: name: bind-secondary-config-local data: named.conf.local: | zone "codemowers.ee" { type slave; masters { 172.20.0.2 key readonly; }; }; zone "codemowers.eu" { type slave; masters { 172.20.0.2 key readonly; }; }; zone "codemowers.cloud" { type slave; masters { 172.20.0.2 key readonly; }; }; --- apiVersion: v1 kind: ConfigMap metadata: name: bind-secondary-config data: named.conf: | include "/etc/bind/named.conf.local"; include "/etc/bind/readonly.key"; options { recursion no; pid-file "/var/bind/named.pid"; allow-query { 0.0.0.0/0; }; allow-notify { 172.20.0.2; }; allow-transfer { none; }; check-names slave ignore; notify no; }; zone "k-space.ee" { type slave; masters { 172.20.0.2 key readonly; }; }; zone "k6.ee" { type slave; masters { 172.20.0.2 key readonly; }; }; zone "kspace.ee" { type slave; masters { 172.20.0.2 key readonly; }; }; --- apiVersion: apps/v1 kind: StatefulSet metadata: name: bind-secondary namespace: bind spec: replicas: 3 selector: matchLabels: app: bind-secondary template: metadata: labels: app: bind-secondary spec: volumes: - name: run emptyDir: {} containers: - name: bind-secondary image: internetsystemsconsortium/bind9:9.19 volumeMounts: - mountPath: /run/named name: run workingDir: /var/bind command: - named - -g - -c - /etc/bind/named.conf volumeMounts: - name: bind-secondary-config mountPath: /etc/bind readOnly: true - name: bind-data mountPath: /var/bind volumes: - name: bind-secondary-config projected: sources: - configMap: name: bind-secondary-config - configMap: name: bind-secondary-config-local optional: true - secret: name: bind-readonly-secret - name: bind-data emptyDir: {} affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: app operator: In values: - bind-secondary topologyKey: "kubernetes.io/hostname" --- apiVersion: v1 kind: Service metadata: name: bind-secondary namespace: bind spec: type: LoadBalancer externalTrafficPolicy: Local loadBalancerIP: 62.65.250.2 selector: app: bind-secondary ports: - protocol: TCP port: 53 name: dns-tcp targetPort: 53 - protocol: UDP port: 53 name: dns-udp targetPort: 53 --- apiVersion: v1 kind: Service metadata: name: bind-secondary-0 namespace: bind spec: type: LoadBalancer externalTrafficPolicy: Local loadBalancerIP: 172.20.53.1 selector: app: bind-secondary statefulset.kubernetes.io/pod-name: bind-secondary-0 ports: - protocol: TCP port: 53 name: dns-tcp targetPort: 53 - protocol: UDP port: 53 name: dns-udp targetPort: 53 --- apiVersion: v1 kind: Service metadata: name: bind-secondary-1 namespace: bind spec: type: LoadBalancer externalTrafficPolicy: Local loadBalancerIP: 172.20.53.2 selector: app: bind-secondary statefulset.kubernetes.io/pod-name: bind-secondary-1 ports: - protocol: TCP port: 53 name: dns-tcp targetPort: 53 - protocol: UDP port: 53 name: dns-udp targetPort: 53 --- apiVersion: v1 kind: Service metadata: name: bind-secondary-2 namespace: bind spec: type: LoadBalancer externalTrafficPolicy: Local loadBalancerIP: 172.20.53.3 selector: app: bind-secondary statefulset.kubernetes.io/pod-name: bind-secondary-2 ports: - protocol: TCP port: 53 name: dns-tcp targetPort: 53 - protocol: UDP port: 53 name: dns-udp targetPort: 53