From caaa816019311589b254a9935ceef2ee0a149b99 Mon Sep 17 00:00:00 2001
From: Paco Xu <paco.xu@daocloud.io>
Date: Tue, 6 Aug 2024 14:02:48 +0800
Subject: [PATCH] add sysctl net.ipv4.ip_unprivileged_port_start 53

Signed-off-by: Paco Xu <paco.xu@daocloud.io>
---
 charts/coredns/values.yaml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/charts/coredns/values.yaml b/charts/coredns/values.yaml
index 2c472c6..85fc5af 100644
--- a/charts/coredns/values.yaml
+++ b/charts/coredns/values.yaml
@@ -87,8 +87,10 @@ isClusterService: true
 priorityClassName: ""
 
 # Configure the pod level securityContext.
-podSecurityContext: {}
-
+podSecurityContext:
+  sysctls:
+  - name: net.ipv4.ip_unprivileged_port_start
+    value: "53"
 # Configure SecurityContext for Pod.
 # Ensure that required linux capability to bind port number below 1024 is assigned (`CAP_NET_BIND_SERVICE`).
 securityContext: