From 960705ac985b0d0c7836774e1ddd340b98186573 Mon Sep 17 00:00:00 2001 From: Pavithra Ramesh Date: Mon, 24 Dec 2018 08:51:55 -0800 Subject: [PATCH 1/2] Add updateStrategy section for nodelocaldns --- cluster/addons/dns/nodelocaldns/nodelocaldns.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml b/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml index fdf0f421eac..cbdd8e92518 100644 --- a/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml +++ b/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml @@ -88,6 +88,9 @@ metadata: kubernetes.io/cluster-service: "true" addonmanager.kubernetes.io/mode: Reconcile spec: + updateStrategy: + rollingUpdate: + maxUnavailable: 10% selector: matchLabels: k8s-app: node-local-dns From 9611b112eb2bf3eed3a61c947b24406f5d7f19c8 Mon Sep 17 00:00:00 2001 From: Pavithra Ramesh Date: Thu, 24 Jan 2019 13:21:06 -0800 Subject: [PATCH 2/2] Add xtables.lock file to mounts nodelocaldns needs to use the same iptables lock file to avoid contention with other entities modifying iptables rules. --- cluster/addons/dns/nodelocaldns/nodelocaldns.yaml | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml b/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml index cbdd8e92518..8a43559ea6f 100644 --- a/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml +++ b/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml @@ -136,12 +136,19 @@ spec: initialDelaySeconds: 60 timeoutSeconds: 5 volumeMounts: + - mountPath: /run/xtables.lock + name: xtables-lock + readOnly: false - name: config-volume mountPath: /etc/coredns volumes: - - name: config-volume - configMap: - name: node-local-dns - items: + - name: xtables-lock + hostPath: + path: /run/xtables.lock + type: FileOrCreate + - name: config-volume + configMap: + name: node-local-dns + items: - key: Corefile path: Corefile