rke2-charts/packages/rke2-coredns/generated-changes/patch/values.yaml.patch

--- charts-original/values.yaml
+++ charts/values.yaml
@@ -3,8 +3,8 @@
 # Declare variables to be passed into your templates.
 
 image:
-  repository: coredns/coredns
-  tag: "1.8.4"
+  repository: rancher/hardened-coredns
+  tag: "v1.8.5-build20211006"
   pullPolicy: IfNotPresent
   ## Optionally specify an array of imagePullSecrets.
   ## Secrets must be manually created in the namespace.
@@ -75,10 +75,10 @@
   annotations: {}
 
 serviceAccount:
-  create: false
+  create: true
   # The name of the ServiceAccount to use
   # If not set and create is true, a name is generated using the fullname template
-  name: ""
+  name: "coredns"
   annotations: {}
 
 rbac:
@@ -94,7 +94,7 @@
 isClusterService: true
 
 # Optional priority class to be used for the coredns pods. Used for autoscaler if autoscaler.priorityClassName not set.
-priorityClassName: ""
+priorityClassName: "system-cluster-critical"
 
 # Default zone is what Kubernetes recommends:
 # https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/#coredns-configmap-options
@@ -176,7 +176,8 @@
 
 # Node labels for pod assignment
 # Ref: https://kubernetes.io/docs/user-guide/node-selection/
-nodeSelector: {}
+nodeSelector:
+  kubernetes.io/os: linux
 
 # expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#toleration-v1-core
 # for example:
@@ -185,7 +186,13 @@
 #     operator: Equal
 #     value: master
 #     effect: NoSchedule
-tolerations: []
+tolerations:
+- key: "node-role.kubernetes.io/control-plane"
+  operator: "Exists"
+  effect: "NoSchedule"
+- key: "node-role.kubernetes.io/etcd"
+  operator: "Exists"
+  effect: "NoExecute"
 
 # https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
 podDisruptionBudget: {}
@@ -233,7 +240,7 @@
 # See https://github.com/kubernetes-incubator/cluster-proportional-autoscaler
 autoscaler:
   # Enabled the cluster-proportional-autoscaler
-  enabled: false
+  enabled: true
 
   # Number of cores in the cluster per coredns replica
   coresPerReplica: 256
@@ -249,8 +256,8 @@
   preventSinglePointFailure: true
 
   image:
-    repository: k8s.gcr.io/cluster-proportional-autoscaler-amd64
-    tag: "1.8.1"
+    repository: rancher/hardened-cluster-autoscaler
+    tag: "v1.8.5-build20211006"
     pullPolicy: IfNotPresent
     ## Optionally specify an array of imagePullSecrets.
     ## Secrets must be manually created in the namespace.
@@ -267,19 +274,26 @@
 
   # Node labels for pod assignment
   # Ref: https://kubernetes.io/docs/user-guide/node-selection/
-  nodeSelector: {}
+  nodeSelector:
+    kubernetes.io/os: linux
 
   # expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#toleration-v1-core
-  tolerations: []
+  tolerations:
+  - key: "node-role.kubernetes.io/control-plane"
+    operator: "Exists"
+    effect: "NoSchedule"
+  - key: "node-role.kubernetes.io/etcd"
+    operator: "Exists"
+    effect: "NoExecute"
 
   # resources for autoscaler pod
   resources:
     requests:
       cpu: "20m"
-      memory: "10Mi"
+      memory: "20Mi"
     limits:
       cpu: "20m"
-      memory: "10Mi"
+      memory: "20Mi"
 
   # Options for autoscaler configmap
   configmap:
@@ -291,11 +305,28 @@
   livenessProbe:
     enabled: true
     initialDelaySeconds: 10
-    periodSeconds: 5
-    timeoutSeconds: 5
+    periodSeconds: 30
+    timeoutSeconds: 10
     failureThreshold: 3
     successThreshold: 1
-
 deployment:
   enabled: true
   name: ""
+
+k8sApp : "kube-dns"
+
+nodelocal:
+  enabled: false
+  ip_address: "169.254.20.10"
+  ipvs: false
+  image:
+    repository: rancher/hardened-dns-node-cache
+    tag: "1.21.1-build20211006"
+  initimage:
+    repository: rancher/hardened-dns-node-cache
+    tag: "1.21.1-build20211006"
+  nodeSelector:
+    kubernetes.io/os: linux
+
+global:
+  systemDefaultRegistry: ""