emma/flux
1
0
Fork 0
mirror of https://gitlab.com/shouptech/flux.git synced 2026-02-03 17:09:45 +00:00
Code Issues Releases Wiki Activity

Compare commits

base: emma:2815fd2863f43c46e12e85221314dcaf937a769f
Branches Tags
emma:master
emma:flux
emma:flux-write-check-7343b92184
..
compare: emma:d9c1ad8401c175c2a709308fb661a787e6f48f2e
Branches Tags
emma:master
emma:flux
emma:flux-write-check-7343b92184

No commits in common. "2815fd2863f43c46e12e85221314dcaf937a769f" and "d9c1ad8401c175c2a709308fb661a787e6f48f2e" have entirely different histories.
2815fd2863 ... d9c1ad8401

16 changed files with 537 additions and 0 deletions
Show stats Expand all files Collapse all files

53
workloads/bankofparents/deploy.yml Normal file
View file

@ -0,0 +1,53 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: bankofparents
spec:
replicas: 1
selector:
matchLabels:
app: bankofparents
template:
metadata:
labels:
app: bankofparents
spec:
containers:
- image: registry.gitlab.com/shouptech/bankofparents:202006300307
imagePullPolicy: IfNotPresent
name: bankofparents
env:
- name: GUNICORN_CMD_ARGS
value: "--access-logfile=-"
ports:
- containerPort: 8000
resources:
requests:
memory: "128Mi"
cpu: "10m"
limits:
memory: "1024Mi"
cpu: "1000m"
livenessProbe:
tcpSocket:
port: 8000
initialDelaySeconds: 10
periodSeconds: 30
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 1
volumeMounts:
- name: bankofparents-app
mountPath: /app
- name: bankofparents-instance
mountPath: /instance
volumes:
- name: bankofparents-app
hostPath:
path: /opt/bankofparents/app
type: Directory
- name: bankofparents-instance
hostPath:
path: /opt/bankofparents/instance
type: Directory

25
workloads/bankofparents/service.yml Normal file
View file

@ -0,0 +1,25 @@
kind: Service
apiVersion: v1
metadata:
name: bankofparents
spec:
selector:
app: bankofparents
ports:
- protocol: TCP
port: 8000
targetPort: 8000
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: bankofparents
spec:
rules:
- host: bank.shoup.io
http:
paths:
- backend:
serviceName: bankofparents
servicePort: 8000
path: /

15
workloads/ddclient/config.yml Normal file
View file

@ -0,0 +1,15 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: ddclient-conf
namespace: default
spec:
encryptedData:
ddclient.conf: AgADUaPiwlkEnRP5oX8ZSwgKkFplGyUXI+bJNcS9MeiAA12t8WjuIAncYmgnqqIJrBaOY5zla9Zs6MV5nh8S9DVuvex2RtcFPiK/9luycmDqCrCIA1bxSJAUb0LSXCCU1lauK2xF+09E9QSyZmoqUYLcFyuELkvoBMM8v69PR0tJr9wVpRah8yd70Ix0XPggXWJcDQKcQiEO4TYC3L0gMeypOEcfUNCQFx5ay9JhLjLZGkFnT2DzX9ij5Iw+lcNFnZH7xkCfyXmYmynF5micEP8TaL1K51BLeWtNKHk+fClXfVewtovrZ5QCsf8dO39U35pmFIatVDyJn0nAvV/AB6jT8Zj4U3SL4tFKYsHOWSRcUbKANRYirn4Mp4f2E6reZ2Bkpf/DmZPtICLY25a7v0caj3K/lNYiXL49NbgcABibbhHn6AZPSv2LMaL8p8p3CmhJZ8/FUDKLWpK7ezKS3bRd3/4xyTuITAcNqIOx2JqPGgG8Cm23nPzVA7YRO8FzL+Ovx/mwewIpJA+eG0uai9DFcc/3UHbgX4zpVQapskI5AjJ1OvKxwmkY9w1rZVeUBoBgvLFu3D/2Au/AjsO/yaoFaZbSUqwTNyHXVchvAzU7YmMWFlAeAH6f5n8HBKVUBaDG3PKohdFdQMapQZFpYdMpGzQGzID2N6xqNUgcWMtTIkudX5xndw6HZkFUqTCQLQy7qcMAGlqmVn8FmIzHlJWpLNdkXDwxYDDMB3xJlnHtogdTyaJc9+Pbvmo1tt6JbyMa+87LQ6bpJ3IV9ckbM/jYXKFdQe1vZQSum5EAHiHfN7TP8RO3LWc9FRwegBYlLC2CZBtVmoOj7C60SIBupDKe5F+d1v0KFgbnmG2RS6z1SDzduA==
template:
metadata:
creationTimestamp: null
name: ddclient-conf
namespace: default
status: {}

27
workloads/ddclient/deploy.yml Normal file
View file

@ -0,0 +1,27 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ddclient
spec:
replicas: 1
selector:
matchLabels:
app: ddclient
template:
metadata:
labels:
app: ddclient
spec:
containers:
- image: linuxserver/ddclient:3.9.0-ls25
imagePullPolicy: IfNotPresent
name: ddclient
volumeMounts:
- name: config
mountPath: /config
volumes:
- name: config
secret:
secretName: ddclient-conf
defaultMode: 511 # Octal: 0777, needed to allow ddclient permissions

20
workloads/echoserver/deployment.yml Normal file
View file

@ -0,0 +1,20 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: echoserver
spec:
replicas: 1
selector:
matchLabels:
app: echoserver
template:
metadata:
labels:
app: echoserver
spec:
containers:
- image: k8s.gcr.io/echoserver:1.4
imagePullPolicy: IfNotPresent
name: echoserver
ports:
- containerPort: 8080

25
workloads/echoserver/service.yml Normal file
View file

@ -0,0 +1,25 @@
kind: Service
apiVersion: v1
metadata:
name: echoserver
spec:
selector:
app: echoserver
ports:
- protocol: TCP
port: 8080
targetPort: 8080
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: echoserver
spec:
rules:
- host: echo.home.shoup.io
http:
paths:
- backend:
serviceName: echoserver
servicePort: 8080
path: /

88
workloads/grafana/grafana-deploy.yml Normal file
View file

@ -0,0 +1,88 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: grafana
namespace: grafana
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: grafana
template:
metadata:
labels:
app: grafana
spec:
containers:
- image: grafana/grafana:7.0.3
imagePullPolicy: IfNotPresent
name: grafana
env:
- name: GF_SERVER_ROOT_URL
value: https://grafana.shoup.io
- name: GF_SERVER_DOMAIN
value: grafana.shoup.io
- name: GF_DATABASE_TYPE
value: postgres
- name: GF_DATABASE_HOST
value: postgres:5432
- name: GF_DATABASE_NAME
valueFrom:
secretKeyRef:
name: postgres
key: POSTGRES_USER
- name: GF_DATABASE_USER
valueFrom:
secretKeyRef:
name: postgres
key: POSTGRES_USER
- name: GF_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: postgres
key: POSTGRES_PASSWORD
- name: GF_USERS_ALLOW_SIGN_UP
value: "false"
- name: GF_USERS_AUTO_ASSIGN_ORG
value: "true"
- name: GF_USERS_AUTO_ASSIGN_ORG_ROLE
value: Editor
- name: GF_AUTH_PROXY_ENABLED
value: "true"
- name: GF_AUTH_PROXY_HEADER_NAME
value: X-Forwarded-User
- name: GF_AUTH_PROXY_HEADER_PROPERTY
value: username
- name: GF_AUTH_PROXY_AUTO_SIGN_UP
value: "true"
- name: GF_AUTH_SIGNOUT_REDIRECT_URL
value: "https://grafana.shoup.io/oauth2/sign_out"
- name: GF_LOG_MODE
value: console
- name: GF_LOG_CONSOLE_FORMAT
value: json
resources:
requests:
memory: "128Mi"
cpu: "100m"
livenessProbe:
tcpSocket:
port: 3000
initialDelaySeconds: 600
periodSeconds: 30
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 2
ports:
- containerPort: 3000
volumeMounts:
- name: grafana-storage
mountPath: /var/lib/grafana
volumes:
- name: grafana-storage
hostPath:
path: /opt/grafana/pod
type: Directory

71
workloads/grafana/grafana-proxy.yml Normal file
View file

@ -0,0 +1,71 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: grafanaproxy
namespace: grafana
spec:
replicas: 1
selector:
matchLabels:
app: grafanaproxy
template:
metadata:
labels:
app: grafanaproxy
spec:
containers:
- image: quay.io/oauth2-proxy/oauth2-proxy:v5.1.0
args: ["-email-domain=*", "-upstream=http://grafana:3000/"]
imagePullPolicy: IfNotPresent
name: grafanaproxy
env:
- name: OAUTH2_PROXY_SKIP_AUTH_REGEX
value: "/metrics(.*)"
- name: OAUTH2_PROXY_HTTP_ADDRESS
value: ":4180"
- name: OAUTH2_PROXY_COOKIE_SECRET
valueFrom:
secretKeyRef:
name: grafanaproxy
key: cookie_secret
- name: OAUTH2_PROXY_PROVIDER
value: nextcloud
- name: OAUTH2_PROXY_CLIENT_ID
valueFrom:
secretKeyRef:
name: grafanaproxy
key: client_id
- name: OAUTH2_PROXY_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: grafanaproxy
key: client_secret
- name: OAUTH2_PROXY_LOGIN_URL
value: https://cloud.shoup.io/index.php/apps/oauth2/authorize
- name: OAUTH2_PROXY_REDEEM_URL
value: https://cloud.shoup.io/index.php/apps/oauth2/api/v1/token
- name: OAUTH2_PROXY_VALIDATE_URL
value: https://cloud.shoup.io/ocs/v2.php/cloud/user?format=json
- name: OAUTH2_PROXY_COOKIE_DOMAIN
value: .shoup.io
- name: OAUTH2_PROXY_COOKIE_SECURE
value: "true"
- name: "OAUTH2_PROXY_COOKIE_NAME"
value: "_oauth2_proxy_grafana"
- name: "OAUTH2_PROXY_PASS_BASIC_AUTH"
value: "false"
- name: "OAUTH2_PROXY_PASS_USER_HEADERS"
value: "true"
- name: "OAUTH2_PROXY_SET_XAUTHREQUEST"
value: "true"
livenessProbe:
tcpSocket:
port: 4180
initialDelaySeconds: 600
periodSeconds: 30
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 2
ports:
- containerPort: 443

40
workloads/grafana/grafana-service.yml Normal file
View file

@ -0,0 +1,40 @@
kind: Service
apiVersion: v1
metadata:
name: grafana
namespace: grafana
spec:
selector:
app: grafana
ports:
- protocol: TCP
port: 3000
targetPort: 3000
---
kind: Service
apiVersion: v1
metadata:
name: grafanaproxy
namespace: grafana
spec:
selector:
app: grafanaproxy
ports:
- protocol: TCP
port: 4180
targetPort: 4180
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: grafana
namespace: grafana
spec:
rules:
- host: grafana.shoup.io
http:
paths:
- backend:
serviceName: grafanaproxy
servicePort: 4180
path: /

56
workloads/grafana/postgres-deploy.yml Normal file
View file

@ -0,0 +1,56 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgres
namespace: grafana
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: postgres
template:
metadata:
labels:
app: postgres
spec:
containers:
- image: postgres:12.2-alpine
imagePullPolicy: IfNotPresent
name: postgres
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: postgres
key: POSTGRES_USER
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: postgres
key: POSTGRES_PASSWORD
resources:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "512Mi"
livenessProbe:
tcpSocket:
port: 5432
initialDelaySeconds: 15
periodSeconds: 30
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 2
ports:
- containerPort: 5432
volumeMounts:
- name: postgres-data
mountPath: /var/lib/postgresql/data
volumes:
- name: postgres-data
hostPath:
path: /opt/grafana/postgres
type: Directory

16
workloads/grafana/postgres-secret.yml Normal file
View file

@ -0,0 +1,16 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: postgres
namespace: grafana
spec:
encryptedData:
POSTGRES_PASSWORD: AgAJaiGYVsZ/hn8hHW99/jm0dizfnGSLCp3B1DLb3g0sCkD7wdVf/eZh5htKxDymnOl0FR7ieaI4SQig7MFMj4azqRxV5R7TxIME+aNdytcNNM6iUY/vLDzq+f6/AaFWxJFPNHl/uQM4fq3kgk93P62mn+Zp3u7hIQ9rEeK5rU22LZmtWAePF/HZjIfpBwIZkiAiUEYyIdi9gTmH1a5+vosjWhXnRJ1ZPdEDkvj40FeCTqri5PrD5WzdszCv1CRvTliCr76VJRjy7+28uo2sssWkzRKg7GTseELqI91QQ2/Pf0Ghq38DqDYpvxbRTXs3uVyTqn3aUjOP9sb7vMolTUKiuc9P/T/6lD8gHMLgUJrV9bHZLDXkRetGKicU6cXNkEX+QPyTeBUe3QlA8IwCh6mi8CY1XT4gu58DPXyKIFsp9R2VvBeYw+2MBseS9qzwRvBuOEKDfFoZvcZjHtOIb59GY4tIR3tiUXIQUh9jhjsdZY1GdARRXNjF26MRRtrf06ShQ/QpaMBWq7OpcpilLwTywSx5S4xyYaMt2GmHCtpYOqeEDAUDA3Ko2gJNTvkFj23jl7JH4rg7jUPxu+wEHv66ta8+cl0PMvI0w4SvrraT2pdL5doirSN20moaQjTDa7AW+s0XsJxPA2W3vWGT9KWA4X/gawJA5T+cgL84auoVbtL2IaWXo/LJeKZ9587rkcVzLFgpDom5hqOMNlZv20stAzix4ph3ANA=
POSTGRES_USER: AgChL3vTqhcvLAgw9/1fBjKcZ/yTEREwAraNUBxfOT0/IeBkzA5RNCIzzdTabe0xselbQC0jv8nTPzenP1RermpA9ozDN3KANE8W7+T/ERDURsOpPP4fiRQ0Nq49g8l9hNEQVjYCRAI82qlpuGm3gCg0gvGe+l9zxNwJKkDlelDz/hsP3rylbK+3N45f5+NTd/4lBWBzfYwD+6Ub1MU7eFaKNb8JX64rKYX8WVyuAyNvrVyckZzfPa+uVYG/k2K5YLGrAe3W97DxaM56vRCR9fZ+pRXF+Ju9YbWyQ7I4cW4tQoIjimIwKqEoJv/MgREmLtMWnnhlonhR5C2tNDpmudMTQLvq2q4KeAxgEcBbYoguP7XmEH1GhiE5JlAbpxWiMvSrqI88i/5fFERxOGTGLotkA7IDS0KlOcSsYyeQQpqWVw+DgAkHgCdahrVs6NNqtiYiE+MAmYMnLXGelQ3muk6Di0ZFWm8gzN37wd0z5bPY6+M8LyizcUzuNw1teHE6rvm75ihK9lvPs3//Mb186KdSjtTLNHzszN+rSNR2FNZjpupxV5CttT+f/0Rl8PIO0kUQ7WJjO1fFyq+u4+RlOGs5YZpKKKZbKXbaomkxXjLB2QQh/ahhcTiDLTjUx0rVppB1dLZ6kJqW+TRCc3NtRmCX96gT8Xmdz7egB+953KW9+z0s8Z9VFOIxawJeB1Tabi1o43qnlCMh
template:
metadata:
creationTimestamp: null
name: postgres
namespace: grafana
status: {}

12
workloads/grafana/postgres-service.yml Normal file
View file

@ -0,0 +1,12 @@
kind: Service
apiVersion: v1
metadata:
name: postgres
namespace: grafana
spec:
selector:
app: postgres
ports:
- protocol: TCP
port: 5432
targetPort: 5432

19
workloads/grafana/proxy-secret.yml Normal file
View file

@ -0,0 +1,19 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: grafanaproxy
namespace: grafana
spec:
encryptedData:
client_id: AgBgtwQkFDlVT6z0BYyZ7n+5USVqmuh5eLB4HzZM90UWaFKmqvmHwOZ210oBgatc5uOSaEDbU18GYzpd30gstTZqglr7/tBLV4JfEJ6shRRu1B0nTDTxgjYAjNxF+N4aga7BOeo2tFTfkhJif/eP7kGCFLh3K+ywnI45qvyoeSDOQVFul39bqbwiPBU93qBvek9ohr7fsuBXUZPFM2OQyIWEp9KscRtEHe7mo+Ef9Wa+I542KTA72ScMQ3HPJzQTxQ6S6aha5MQ8aAu2FKCiE0V+E+kZ0esdmCMxn63egmXPE4Haf9gCJyJ4uHYTk9gxqUqQfD9leHcHu6tEnmw4ADl0M6Bj1CVS6LSfPgDPPkaLHZDFfHH7iCvrrXFeRXc5WUB4bNWbKmxd8+Y0V/ste8uzMcVlqsHhlgQnMQlHgMrMFnWMFZrFoke2R+FZ9WrO6eXvooTySG20ppO6NnLPjaPnmomLlWbqypBue4aAIK3KA5l8BDjss+E98z2McmkBiZzub7vRvjodVf3EfeFOlNCVZMztkJugKiIUFQ1XRLyUZYusisEeBfITrexZpu/oEKxzXN/++fIKyqP94VrkSebGUiMCcmEffJjnKlmt6U9z2hce3xNIwWiStBDhnfcOOSxT+6hrqrt1p5glcHwWSVaWF1Z5ITzlmwolY530IEdFEgC/zCJzb4p8dqK3prGTq/fMXjJDQaO0LcGsldv61hOveBNpDxnI5gaN94lKKtbuZPYnY31rNcivxBeCVMJEf0fgikBFu6AeTvZdV+pdpBPM
client_secret: AgA3/RPUpvv/qICl1qyA0g/0hqr7ggxImwvmcOLXPYIENWii+Iw+0/aYLSBOzkealY5GM9F0JwvwyvJ66ZQ2DccGhpeF8luFT+QMok1shobw7S3Aka79GNJdtCuYmNZ9+9ui0OMrl/48YQEL9xn4JJ/tvSdi9h/MCE2t5DoJBchrZbJ+2TYH6O4JcFM3JUdJWP9Do9QvLHDtcRhLGUdDIoCytZZo2o61isOeSrI/nyiDqppQKKUMLfMg8Li0RbuTYrzNgp/tTbyA91OyzUTyj4AZfFg7k0P5fDMr+c3mSZQYUGXEKRJ4qse+EVOmzgdVsClu2g86Tx14ZwviGsYSg0dd5E2ZvdzfoQZ3FuHF5nSIaNFRVtOGxxEvKc8y8S3B4CBqMzr0LcJAVeApiDzkMWXxQNdJMsuptICJXHhgw/dqSU+4+pplHKC0OhAuPlM6/hh16fQdcK7MV1VyAaWmaX99Ub2CO8aOnbSM/MyzX0D4sqmK8TBXfdobME2f87a5nWEFnOMnyckPMCRhyh/DKnkjhKfCBjV9mgBODVQaoBEYIlLVMjiatnEXbhHzi6i8Kx2dLYKuWE6bDHrRP55v9E33yAgfaa5fP7sFTra+euanpQcZYdWlDIM+s81g1Isfno/mJ0DZ6e50IvPMWDTLtFSKBBYy8L/m6xXwhdu1qbjKZVGIQV32UEjy7M+vimUBCxTIgN2s3jzub399ttnMzv+UnQjvte5Aw/2daHw1HaHa7B+JTtCOJpUiNyHtFB1l+F6kjDkntoip0cDfPCtxNJX7
cookie_secret: AgDOOwNi5tZI4EpMP4trTUlCiEdJpFGNUeD2IE3xuKmpdu8WAQOUYu4HCL0HV667x4ZHBcXPf0cohibgYT6ZyqUmpGC9SiCMpnDrf3R0NyKOjLtOkfJ+jBscNlr/KSNIhx351O/y09guGebRqagrWGdfRUWNWTY9OY6zzU+OYVqRKeW4mSh3ut3BWqb+PppHSyMXJ+hGJ8var+VwIMOAOA8FfpaiKtRK+K/wipEJe0uz70dzel7Be2+cBYuVmNTxI9IQyaVNw1NED3OwJDbMdJAHa6uaf626wHdENySgakUc1GNHgPtXEfM+1Xe+BvEtTqCooxy/EvsYemXILw+jOi8exOX1WGtM3C22/HRbSp44MOBrkyh9n2gmXP5LPj5LewmYUe2bPl1V2lj5JcylH7VWAli+JXvGRLooLmimKYmqF1nycJDz3Mq99jKLMstv5yQitGh/ih+FQu2NwC9JJNLyZNb1O7tWh5hjOt0Itl6yzVP8Vn1+naPaqX/xheLAFTCcL7wU5R/QUzk1EzpFCEEs9ivggiMciV/HDJNfozg1yJdLxTU0Pp94EkNECwUEDMKY6bVivY5BWEp28IA8AmshKMr6sAeGgwIKsGWBolRVqcLZucavu5Y1r/NR16NQIVF2vwMTlaCdKk3AAacNeaRxJFqjdpV926c5fMfWw8YhQpyFnoUBHX62+uAPoAFbTyp1WAC5ZyqhMZRhObp6+Uj/SbrDomHQEkP6vehqBiOJMZVeqURJzHOdwSVKYuNcnvbOgysombDOvLMu+1AGfYDl
template:
metadata:
creationTimestamp: null
name: grafanaproxy
namespace: grafana
type: Opaque
status: {}

18
workloads/nip-io/config.yml Normal file
View file

@ -0,0 +1,18 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: nip-io
data:
backend.conf: |
[main]
domain=lcl.home.shoup.io
ttl=432000
ipaddress=127.0.0.1
[soa]
id=1
hostmaster=hostmaster@lcl.home.shoup.io
ns=ns1.lcl.home.shoup.io
[nameservers]
ns1.lcl.home.shoup.io=127.0.0.1
ns2.lcl.home.shoup.io=127.0.0.1
[blacklist]

33
workloads/nip-io/deployment.yml Normal file
View file

@ -0,0 +1,33 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: nip-io
spec:
replicas: 1
selector:
matchLabels:
app: nip-io
template:
metadata:
labels:
app: nip-io
spec:
containers:
- image: shouptech/nip.io:2
imagePullPolicy: IfNotPresent
name: nip-io
volumeMounts:
- name: config
mountPath: /usr/local/bin/backend.conf
subPath: backend.conf
ports:
- containerPort: 53
name: dns-tcp
protocol: TCP
- containerPort: 53
name: dns-udp
protocol: UDP
volumes:
- name: config
configMap:
name: nip-io

19
workloads/nip-io/service.yml Normal file
View file

@ -0,0 +1,19 @@
kind: Service
apiVersion: v1
metadata:
name: nip-io
spec:
type: NodePort
selector:
app: nip-io
ports:
- name: dns-tcp
protocol: TCP
port: 53
nodePort: 31053
targetPort: dns-tcp
- name: dns-udp
protocol: UDP
port: 53
nodePort: 31053
targetPort: dns-udp