Fix DNS server: Remove kubernetes plugin, use TCP health checks

2025-11-15 19:30:59 +05:30
parent 997ce28c60
commit 49fbed8380
1 changed files with 14 additions and 25 deletions
--- a/dns-server.yaml
+++ b/dns-server.yaml
@ -47,15 +47,14 @@ data:
        prometheus :9153
    }

-    # Internal Kubernetes DNS
-    cluster.local:53 {
-        errors
-        kubernetes cluster.local in-addr.arpa ip6.arpa {
-            pods insecure
-            fallthrough in-addr.arpa ip6.arpa
-        }
-        prometheus :9153
-    }
+    # Internal services (optional - for internal cluster DNS)
+    # Disabled kubernetes plugin to avoid RBAC issues
+    # cluster.local:53 {
+    #     errors
+    #     kubernetes cluster.local {
+    #         pods insecure
+    #     }
+    # }

    # Forward all other queries to upstream DNS
    .:53 {
@ -241,25 +240,15 @@ spec:
              name: metrics
              protocol: TCP
          livenessProbe:
-            httpGet:
-              path: /health
-              port: 8080
-              scheme: HTTP
-            initialDelaySeconds: 60
+            tcpSocket:
+              port: 53
+            initialDelaySeconds: 15
            periodSeconds: 10
-            timeoutSeconds: 5
-            successThreshold: 1
-            failureThreshold: 5
          readinessProbe:
-            httpGet:
-              path: /ready
-              port: 8181
-              scheme: HTTP
-            initialDelaySeconds: 10
+            tcpSocket:
+              port: 53
+            initialDelaySeconds: 5
            periodSeconds: 5
-            timeoutSeconds: 5
-            successThreshold: 1
-            failureThreshold: 3
          resources:
            requests:
              memory: "256Mi"