diff --git a/charts/coredns/Chart.yaml b/charts/coredns/Chart.yaml index 3f4f216..6386ffb 100644 --- a/charts/coredns/Chart.yaml +++ b/charts/coredns/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: coredns -version: 1.42.2 +version: 1.42.3 appVersion: 1.12.0 home: https://coredns.io icon: https://coredns.io/images/CoreDNS_Colour_Horizontal.png @@ -19,5 +19,5 @@ maintainers: type: application annotations: artifacthub.io/changes: | - - kind: removed - description: Removed "istcp" true for default dns:// scheme in "coredns.containerPorts" definition. + - kind: added + description: Add support to run pods in usernamespaces diff --git a/charts/coredns/README.md b/charts/coredns/README.md index 1ba154d..c7c2c04 100644 --- a/charts/coredns/README.md +++ b/charts/coredns/README.md @@ -110,7 +110,7 @@ The command removes all the Kubernetes components associated with the chart and | Parameter | Description | Default | | :--------------------------------------------- | :---------------------------------------------------------------------------------------------------------------------------------------- | :----------------------------------------------------------- | | `image.repository` | The image repository to pull from | coredns/coredns | -| `image.tag` | The image tag to pull from (derived from Chart.yaml) | `` | +| `image.tag` | The image tag to pull from (derived from Chart.yaml) | `` | | `image.pullPolicy` | Image pull policy | IfNotPresent | | `image.pullSecrets` | Specify container image pull secrets | `[]` | | `replicaCount` | Number of replicas | 1 | @@ -143,6 +143,7 @@ The command removes all the Kubernetes components associated with the chart and | `isClusterService` | Specifies whether chart should be deployed as cluster-service or normal k8s app. | true | | `priorityClassName` | Name of Priority Class to assign pods | `""` | | `securityContext` | securityContext definition for pods | capabilities.add.NET_BIND_SERVICE | +| `hostUsers` | Specifies whether to use usernamespaces or not | true | | `servers` | Configuration for CoreDNS and plugins | See values.yml | | `livenessProbe.enabled` | Enable/disable the Liveness probe | `true` | | `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `60` | @@ -164,7 +165,7 @@ The command removes all the Kubernetes components associated with the chart and | `extraVolumes` | Optional array of volumes to create | [] | | `extraVolumeMounts` | Optional array of volumes to mount inside the CoreDNS container | [] | | `extraSecrets` | Optional array of secrets to mount inside the CoreDNS container | [] | -| `env` | Optional array of environment variables for CoreDNS container | [] | +| `env` | Optional array of environment variables for CoreDNS container | [] | | `customLabels` | Optional labels for Deployment(s), Pod, Service, ServiceMonitor objects | {} | | `customAnnotations` | Optional annotations for Deployment(s), Pod, Service, ServiceMonitor objects | | `rollingUpdate.maxUnavailable` | Maximum number of unavailable replicas during rolling update | `1` | diff --git a/charts/coredns/templates/deployment.yaml b/charts/coredns/templates/deployment.yaml index d939ea4..e17e539 100644 --- a/charts/coredns/templates/deployment.yaml +++ b/charts/coredns/templates/deployment.yaml @@ -72,6 +72,9 @@ spec: {{- if .Values.isClusterService }} dnsPolicy: Default {{- end }} + {{- if not .Values.hostUsers }} + hostUsers: false + {{- end }} {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | indent 8 }} diff --git a/charts/coredns/values.yaml b/charts/coredns/values.yaml index aca59f9..4e62fa7 100644 --- a/charts/coredns/values.yaml +++ b/charts/coredns/values.yaml @@ -102,6 +102,9 @@ securityContext: - ALL readOnlyRootFilesystem: true +# Uses users of the host system. If set to false uses usernamespaces. Requires Kubernetes >= 1.33 +hostUsers: true + # Default zone is what Kubernetes recommends: # https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/#coredns-configmap-options servers: