--- apiVersion: v1 kind: ConfigMap metadata: name: bind-secondary-config-local namespace: bind data: named.conf.local: | zone "codemowers.ee" { type slave; masters { 172.20.0.2 key readonly; }; }; zone "codemowers.eu" { type slave; masters { 172.20.0.2 key readonly; }; }; zone "codemowers.cloud" { type slave; masters { 172.20.0.2 key readonly; }; }; --- apiVersion: v1 kind: ConfigMap metadata: name: bind-secondary-config namespace: bind data: named.conf: | include "/etc/bind/named.conf.local"; include "/etc/bind/readonly.key"; options { recursion no; pid-file "/var/bind/named.pid"; allow-query { 0.0.0.0/0; }; allow-notify { 172.20.0.2; }; allow-transfer { none; }; check-names slave ignore; notify no; }; zone "k-space.ee" { type slave; masters { 172.20.0.2 key readonly; }; }; zone "k6.ee" { type slave; masters { 172.20.0.2 key readonly; }; }; zone "kspace.ee" { type slave; masters { 172.20.0.2 key readonly; }; }; --- apiVersion: apps/v1 kind: StatefulSet metadata: name: bind-secondary namespace: bind spec: revisionHistoryLimit: 0 replicas: 3 selector: matchLabels: app: bind-secondary template: metadata: labels: app: bind-secondary spec: containers: - name: bind-secondary image: internetsystemsconsortium/bind9:9.20 resources: limits: cpu: 100m memory: 100Mi requests: cpu: 1m memory: 35Mi workingDir: /var/bind command: - named - -g - -c - /etc/bind/named.conf volumeMounts: - name: bind-secondary-config mountPath: /etc/bind readOnly: true - name: bind-data mountPath: /var/bind volumes: - name: bind-secondary-config projected: sources: - configMap: name: bind-secondary-config - configMap: name: bind-secondary-config-local optional: true - secret: name: bind-readonly-secret - name: bind-data emptyDir: {} topologySpreadConstraints: - maxSkew: 1 topologyKey: topology.kubernetes.io/zone whenUnsatisfiable: DoNotSchedule labelSelector: matchLabels: app: bind-secondary --- apiVersion: v1 kind: Service metadata: name: bind-secondary namespace: bind spec: type: LoadBalancer externalTrafficPolicy: Local loadBalancerIP: 62.65.250.2 selector: app: bind-secondary ports: - protocol: TCP port: 53 name: dns-tcp targetPort: 53 - protocol: UDP port: 53 name: dns-udp targetPort: 53 --- apiVersion: v1 kind: Service metadata: name: bind-secondary-0 namespace: bind spec: type: LoadBalancer externalTrafficPolicy: Local loadBalancerIP: 172.21.53.1 selector: app: bind-secondary statefulset.kubernetes.io/pod-name: bind-secondary-0 ports: - protocol: TCP port: 53 name: dns-tcp targetPort: 53 - protocol: UDP port: 53 name: dns-udp targetPort: 53 --- apiVersion: v1 kind: Service metadata: name: bind-secondary-1 namespace: bind spec: type: LoadBalancer externalTrafficPolicy: Local loadBalancerIP: 172.21.53.2 selector: app: bind-secondary statefulset.kubernetes.io/pod-name: bind-secondary-1 ports: - protocol: TCP port: 53 name: dns-tcp targetPort: 53 - protocol: UDP port: 53 name: dns-udp targetPort: 53 --- apiVersion: v1 kind: Service metadata: name: bind-secondary-2 namespace: bind spec: type: LoadBalancer externalTrafficPolicy: Local loadBalancerIP: 172.21.53.3 selector: app: bind-secondary statefulset.kubernetes.io/pod-name: bind-secondary-2 ports: - protocol: TCP port: 53 name: dns-tcp targetPort: 53 - protocol: UDP port: 53 name: dns-udp targetPort: 53