Fix DNS server: Remove kubernetes plugin, use TCP health checks

dns-server.yaml

@@ -47,15 +47,14 @@ data:
         prometheus :9153
     }
 
-    # Internal Kubernetes DNS
+    # Internal services (optional - for internal cluster DNS)
-    cluster.local:53 {
+    # Disabled kubernetes plugin to avoid RBAC issues
-        errors
+    # cluster.local:53 {
-        kubernetes cluster.local in-addr.arpa ip6.arpa {
+    #     errors
-            pods insecure
+    #     kubernetes cluster.local {
-            fallthrough in-addr.arpa ip6.arpa
+    #         pods insecure
-        }
+    #     }
-        prometheus :9153
+    # }
-    }
 
     # Forward all other queries to upstream DNS
     .:53 {
@@ -241,25 +240,15 @@ spec:
               name: metrics
               protocol: TCP
           livenessProbe:
-            httpGet:
+            tcpSocket:
-              path: /health
+              port: 53
-              port: 8080
+            initialDelaySeconds: 15
-              scheme: HTTP
-            initialDelaySeconds: 60
             periodSeconds: 10
-            timeoutSeconds: 5
-            successThreshold: 1
-            failureThreshold: 5
           readinessProbe:
-            httpGet:
+            tcpSocket:
-              path: /ready
+              port: 53
-              port: 8181
+            initialDelaySeconds: 5
-              scheme: HTTP
-            initialDelaySeconds: 10
             periodSeconds: 5
-            timeoutSeconds: 5
-            successThreshold: 1
-            failureThreshold: 3
           resources:
             requests:
               memory: "256Mi"