From 000c366e86407ad55a502d31e9134a616aad6d3f Mon Sep 17 00:00:00 2001
From: Paco Xu <paco.xu@daocloud.io>
Date: Tue, 6 Aug 2024 12:31:14 +0800
Subject: [PATCH 1/2] add net.ipv4.ip_unprivileged_port_start sysctl(4.11+)

Signed-off-by: Paco Xu <paco.xu@daocloud.io>
---
 kubernetes/coredns.yaml.sed | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/kubernetes/coredns.yaml.sed b/kubernetes/coredns.yaml.sed
index ade4725..da68597 100644
--- a/kubernetes/coredns.yaml.sed
+++ b/kubernetes/coredns.yaml.sed
@@ -163,6 +163,10 @@ spec:
             port: 8181
             scheme: HTTP
       dnsPolicy: Default
+      securityContext:
+        sysctls:
+        - name: net.ipv4.ip_unprivileged_port_start
+          value: "53"
       volumes:
         - name: config-volume
           configMap:

From d09d1912872790519cee5fdf91e5f7a38bd1fceb Mon Sep 17 00:00:00 2001
From: Paco Xu <paco.xu@daocloud.io>
Date: Tue, 6 Aug 2024 12:32:52 +0800
Subject: [PATCH 2/2] bump coredns to v1.11.3

Signed-off-by: Paco Xu <paco.xu@daocloud.io>
---
 kubernetes/coredns.yaml.sed | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kubernetes/coredns.yaml.sed b/kubernetes/coredns.yaml.sed
index da68597..ce6e9fd 100644
--- a/kubernetes/coredns.yaml.sed
+++ b/kubernetes/coredns.yaml.sed
@@ -117,7 +117,7 @@ spec:
              topologyKey: kubernetes.io/hostname
       containers:
       - name: coredns
-        image: coredns/coredns:1.9.4
+        image: coredns/coredns:1.11.3
         imagePullPolicy: IfNotPresent
         resources:
           limits: