From 2d028178dd24d2e12aa9cff815c646b1ac76d354 Mon Sep 17 00:00:00 2001 From: Tom Wieczorek Date: Mon, 16 Oct 2023 17:21:34 +0200 Subject: [PATCH] Some CoreDNS tweaks for single-worker-node clusters * No maxUnavailable:1 as this shows CoreDNS as available with 0 replicas. Use the Kubernetes defaults instead (maxUnavailable: 25%, but rounded down). * No anti-affinity for those clusters, so that CoreDNS can be upgraded on a single worker without downtime. * No PDB for those clusters, so that CoreDNS may be drained. Signed-off-by: Tom Wieczorek --- pkg/component/controller/coredns.go | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/pkg/component/controller/coredns.go b/pkg/component/controller/coredns.go index fbf6d38fb319..2e523ce5c332 100644 --- a/pkg/component/controller/coredns.go +++ b/pkg/component/controller/coredns.go @@ -123,8 +123,6 @@ spec: replicas: {{ .Replicas}} strategy: type: RollingUpdate - rollingUpdate: - maxUnavailable: 1 selector: matchLabels: k8s-app: kube-dns @@ -145,6 +143,10 @@ spec: effect: "NoSchedule" nodeSelector: kubernetes.io/os: linux + {{- /* Add an anti affinity only if more than one worker node is */ }} + {{- /* available. This allows for rolling updates of CoreDNS on */ }} + {{- /* single node clusters without CoreDNS becoming unavailable. */ }} + {{- if gt .Replicas 1 }} # Require running coredns replicas on different nodes affinity: podAntiAffinity: @@ -155,6 +157,7 @@ spec: - key: k8s-app operator: In values: ['kube-dns'] + {{- end }} containers: - name: coredns image: {{ .Image }} @@ -216,6 +219,9 @@ spec: items: - key: Corefile path: Corefile +{{- /* Add a PDB only if more than one worker node is available. */ }} +{{- /* This allows CoreDNS to be drained from single node clusters. */ }} +{{- if gt .Replicas 1 }} --- apiVersion: policy/v1 kind: PodDisruptionBudget @@ -230,6 +236,7 @@ spec: selector: matchLabels: k8s-app: kube-dns +{{- end }} --- apiVersion: v1 kind: Service