rke2-charts/packages/rke2-coredns/generated-changes/patch/values.yaml.patch

--- charts-original/values.yaml
+++ charts/values.yaml
@@ -3,9 +3,9 @@
 # Declare variables to be passed into your templates.
 
 image:
-  repository: coredns/coredns
+  repository: rancher/hardened-coredns
   # Overrides the image tag whose default is the chart appVersion.
-  tag: ""
+  tag: "v1.10.1-build20230607"
   pullPolicy: IfNotPresent
   ## Optionally specify an array of imagePullSecrets.
   ## Secrets must be manually created in the namespace.
@@ -54,7 +54,6 @@
 
 service:
 # clusterIP: ""
-# clusterIPs: []
 # loadBalancerIP: ""
 # externalIPs: []
 # externalTrafficPolicy: ""
@@ -65,10 +64,10 @@
   annotations: {}
 
 serviceAccount:
-  create: false
+  create: true
   # The name of the ServiceAccount to use
   # If not set and create is true, a name is generated using the fullname template
-  name: ""
+  name: "coredns"
   annotations: {}
 
 rbac:
@@ -84,7 +83,7 @@
 isClusterService: true
 
 # Optional priority class to be used for the coredns pods. Used for autoscaler if autoscaler.priorityClassName not set.
-priorityClassName: ""
+priorityClassName: "system-cluster-critical"
 
 # Configure the pod level securityContext.
 podSecurityContext: {}
@@ -172,17 +171,16 @@
   successThreshold: 1
 
 # expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#affinity-v1-core
-# for example:
-#   affinity:
-#     nodeAffinity:
-#      requiredDuringSchedulingIgnoredDuringExecution:
-#        nodeSelectorTerms:
-#        - matchExpressions:
-#          - key: foo.bar.com/role
-#            operator: In
-#            values:
-#            - master
-affinity: {}
+affinity:
+  podAntiAffinity:
+    requiredDuringSchedulingIgnoredDuringExecution:
+    - topologyKey: "kubernetes.io/hostname"
+      labelSelector:
+        matchExpressions:
+        - key: k8s-app
+          operator: In
+          values:
+          - kube-dns
 
 # expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#topologyspreadconstraint-v1-core
 # for example:
@@ -197,16 +195,17 @@
 
 # Node labels for pod assignment
 # Ref: https://kubernetes.io/docs/user-guide/node-selection/
-nodeSelector: {}
+nodeSelector:
+  kubernetes.io/os: linux
 
 # expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#toleration-v1-core
-# for example:
-#   tolerations:
-#   - key: foo.bar.com/role
-#     operator: Equal
-#     value: master
-#     effect: NoSchedule
-tolerations: []
+tolerations:
+- key: "node-role.kubernetes.io/control-plane"
+  operator: "Exists"
+  effect: "NoSchedule"
+- key: "node-role.kubernetes.io/etcd"
+  operator: "Exists"
+  effect: "NoExecute"
 
 # https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
 podDisruptionBudget: {}
@@ -281,7 +280,7 @@
 # See https://github.com/kubernetes-incubator/cluster-proportional-autoscaler
 autoscaler:
   # Enabled the cluster-proportional-autoscaler
-  enabled: false
+  enabled: true
 
   # Number of cores in the cluster per coredns replica
   coresPerReplica: 256
@@ -302,8 +301,8 @@
   #   - --nodelabels=topology.kubernetes.io/zone=us-east-1a
 
   image:
-    repository: registry.k8s.io/cpa/cluster-proportional-autoscaler
-    tag: "1.8.5"
+    repository: rancher/hardened-cluster-autoscaler
+    tag: "v1.8.6-build20230609"
     pullPolicy: IfNotPresent
     ## Optionally specify an array of imagePullSecrets.
     ## Secrets must be manually created in the namespace.
@@ -321,19 +320,26 @@
 
   # Node labels for pod assignment
   # Ref: https://kubernetes.io/docs/user-guide/node-selection/
-  nodeSelector: {}
+  nodeSelector:
+    kubernetes.io/os: linux
 
   # expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#toleration-v1-core
-  tolerations: []
+  tolerations:
+  - key: "node-role.kubernetes.io/control-plane"
+    operator: "Exists"
+    effect: "NoSchedule"
+  - key: "node-role.kubernetes.io/etcd"
+    operator: "Exists"
+    effect: "NoExecute"
 
   # resources for autoscaler pod
   resources:
     requests:
-      cpu: "20m"
-      memory: "10Mi"
+      cpu: "25m"
+      memory: "16Mi"
     limits:
-      cpu: "20m"
-      memory: "10Mi"
+      cpu: "100m"
+      memory: "64Mi"
 
   # Options for autoscaler configmap
   configmap:
@@ -345,8 +351,8 @@
   livenessProbe:
     enabled: true
     initialDelaySeconds: 10
-    periodSeconds: 5
-    timeoutSeconds: 5
+    periodSeconds: 30
+    timeoutSeconds: 10
     failureThreshold: 3
     successThreshold: 1
 
@@ -355,3 +361,21 @@
   name: ""
   ## Annotations for the coredns deployment
   annotations: {}
+
+k8sApp: "kube-dns"
+
+nodelocal:
+  enabled: false
+  ip_address: "169.254.20.10"
+  ipvs: false
+  image:
+    repository: rancher/hardened-dns-node-cache
+    tag: "1.22.20-build20230607"
+  initimage:
+    repository: rancher/hardened-dns-node-cache
+    tag: "1.22.20-build20230607"
+  nodeSelector:
+    kubernetes.io/os: linux
+
+global:
+  systemDefaultRegistry: ""