Commit 1b7e6455 authored by chatagiri's avatar chatagiri
Browse files

Update unbound.yaml

parent b482b69c
---
apiVersion: v1
kind: Namespace
metadata:
name: unbound
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: unbound
name: unbound
namespace: unbound
spec:
replicas: 2
selector:
matchLabels:
app: unbound
template:
metadata:
labels:
app: unbound
spec:
containers:
- image: mvance/unbound
name: unbound
ports:
- name: udp
containerPort: 53
volumeMounts:
- name: unbound-conf
mountPath: /opt/unbound/etc/unbound/unbound.conf
subPath: unbound.conf
volumes:
- name: unbound-conf
configMap:
name: unbound-conf
items:
- key: unbound.conf
path: unbound.conf
mode: 0644
---
apiVersion: v1
kind: Service
metadata:
name: unbound
namespace: unbound
labels:
app: unbound
spec:
ports:
- name: dns
port: 53
protocol: UDP
selector:
app: unbound
type: LoadBalancer
---
apiVersion: v1
kind: ConfigMap
metadata:
name: unbound-conf
namespace: unbound
data:
unbound.conf: |
server:
interface: 0.0.0.0
access-control: 192.168.1.0/24 allow
// pod network
access-control: 10.244.1.0/24 allow
access-control: 10.244.2.0/24 allow
access-control: 10.244.3.0/24 allow
do-not-query-localhost: no
cache-max-ttl: 10
stub-zone:
name: example.jp
stub-addr: 192.168.1.100@53
// example.jp 以外のドメインについてはgoogleに聞く
forward-zone:
name: "."
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment