-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvalues.yaml
158 lines (144 loc) · 3.22 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
#
# IMPORTANT NOTE
#
# This chart inherits from the common library chart. You can check the default values/options here:
# https://github.com/johanneskastl/helm-charts/tree/main/charts/common/values.yaml
#
# To use this chart to setup a resolver using bind9, enable the resolver mode
# Possible values:
# 'resolver': set up a resolver
# 'authoritative': set up an authoritative nameserver
#
chartMode: resolver
# When using this chart to set up a resolver, set the chartMode to 'resolver'
# and add forwarders and options as you see fit
resolver:
forwarders:
- '80.241.218.68'
- '159.69.114.157'
- '176.9.93.198'
dnssec_validation: true
ipv6_enabled: true
querylog: false
authoritative:
dnssec_validation: true
ipv6_enabled: true
querylog: false
#
# To enhance the basic configuration of this chart, you can create a secret
# containing one key called 'named.conf.local' containing your
# bind9 resolver or nameserver configuration
# ATTENTION: This must not contain an `options` block, only zone settings
# or similar are allowed
#
# Example:
# ```
# apiVersion: v1
# kind: Secret
# metadata:
# name: my-secret
# stringData:
# named.conf.local: |
# zone "my.corporate-domain.example.org" {
# type static-stub;
# server-addresses {
# 192.168.1.1;
# 192.168.1.2;
# };
# };
# ```
#
mount_configuration_from_secret:
enabled: false
secretName: my-secret
image:
# -- image repository
repository: internetsystemsconsortium/bind9
# as the tag is updated in-place in the upstream image, set the policy to Always
# https://hub.docker.com/r/internetsystemsconsortium/bind9/tags
# -- image pull policy
pullPolicy: Always
# -- image tag
tag:
command:
- "/usr/sbin/named"
- "-g"
- "-c"
- "/etc/named/named.conf"
- "-u"
- "bind"
serviceAccount:
create: true
automountServiceAccountToken: false
service:
main:
enabled: false
dns-tcp:
enabled: true
nameOverride: dns-tcp
type: ClusterIP
annotations: {}
labels: {}
ports:
dns-tcp:
port: 53
targetPort: 5053
enabled: true
protocol: TCP
dns-udp:
enabled: true
type: ClusterIP
annotations: {}
labels: {}
ports:
dns-udp:
port: 53
targetPort: 5053
enabled: true
protocol: UDP
podSecurityContext:
fsGroup: 106
probes:
liveness:
enabled: true
custom: true
spec:
tcpSocket:
port: 5053
readiness:
enabled: true
custom: true
spec:
tcpSocket:
port: 5053
startup:
enabled: true
custom: true
spec:
tcpSocket:
port: 5053
initialDelaySeconds: 10
global:
labels: {}
selectorLables: {}
ingress:
# -- Enable and configure ingress settings for the chart under this key.
# @default -- See values.yaml
main:
enabled: false
# -- Configure persistence settings for the chart under this key.
# @default -- See values.yaml
persistence:
config:
enabled: false
bind9namedconf:
enabled: true
name: bind9-named-conf
type: secret
mountPath: /etc/named/
readOnly: true
bind9userconfiguration:
enabled: false
type: secret
mountPath: /named_config/
readOnly: true