mirror of
https://github.com/notherealmarco/coredns-deployment.git
synced 2025-03-14 14:16:16 +01:00
* Run CoreDNS in Docker only with CAP_NET_BIND_SERVICE, drop all other (root) privileges. Run filesystem of container and config in read-only mode. * Run CoreDNS in Kubernetes only with CAP_NET_BIND_SERVICE, drop all other (root) privileges. Run filesystem of container and config in read-only mode. |
||
---|---|---|
.. | ||
dns.yml | ||
README.md |
docker based deployment
Prerequisites
- Docker 1.12.x or later (Docker Swarm Mode)
Setup
First decide which nodes you are going to run coredns on and set appropriate
labels on your nodes. I use iface=extern
as labels on nodes with external
facing interfaces and iface=intern
for internal facing nodes.
$ docker node inspect node1 | jq '.[0].Spec.Labels'
{
"iface": "extern"
}
Deploy
Connect to a "manager" node:
(I use docker-machine
for this)
$ eval $(docker-machine env node1)
$ docker stack deploy -c dns.yml dns
Verify
Verify your setup works:
$ dig @<node1> google.com IN A +short