github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-30 06:54:01 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #111694 from ialidzhikov/enh/unprivileged-node-local-dns

Browse Source 
Run node-local-dns in non-privileged mode
This commit is contained in:
Kubernetes Prow Robot 2022-08-23 17:17:41 -07:00 committed by GitHub
commit 6e46517905
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cluster/addons/dns/nodelocaldns/nodelocaldns.yaml
View File

@ -145,7 +145,9 @@ spec:
memory: 5Mi
args: [ "-localip", "__PILLAR__LOCAL__DNS__,__PILLAR__DNS__SERVER__", "-conf", "/etc/Corefile", "-upstreamsvc", "kube-dns-upstream" ]
securityContext:
privileged: true
capabilities:
add:
- NET_ADMIN
ports:
- containerPort: 53
name: dns