You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
89 lines
2.4 KiB
89 lines
2.4 KiB
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
labels:
|
|
k8s-app: external-dns
|
|
k8s-addon: external-dns.alpha.kubernetes.io
|
|
name: external-dns
|
|
namespace: kube-system
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: external-dns
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources: ["services"]
|
|
verbs: ["get","watch","list"]
|
|
- apiGroups: [""]
|
|
resources: ["endpoints"]
|
|
verbs: ["get","watch","list"]
|
|
- apiGroups: [""]
|
|
resources: ["pods"]
|
|
verbs: ["get","watch","list"]
|
|
- apiGroups: ["networking.k8s.io"]
|
|
resources: ["ingresses"]
|
|
verbs: ["get","watch","list"]
|
|
- apiGroups: ["extensions"]
|
|
resources: ["ingresses"]
|
|
verbs: ["get","watch","list"]
|
|
- apiGroups: [""]
|
|
resources: ["nodes"]
|
|
verbs: ["get","watch","list"]
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: external-dns
|
|
labels:
|
|
k8s-app: external-dns
|
|
k8s-addon: external-dns.alpha.kubernetes.io
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: external-dns
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: external-dns
|
|
namespace: kube-system
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: external-dns
|
|
namespace: kube-system
|
|
labels:
|
|
app: external-dns
|
|
k8s-addon: external-dns.alpha.kubernetes.io
|
|
spec:
|
|
strategy:
|
|
type: Recreate
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: external-dns
|
|
k8s-addon: external-dns.alpha.kubernetes.io
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: external-dns
|
|
k8s-addon: external-dns.alpha.kubernetes.io
|
|
spec:
|
|
serviceAccountName: external-dns
|
|
containers:
|
|
- name: external-dns
|
|
image: k8s.gcr.io/external-dns/external-dns:v0.12.2
|
|
args:
|
|
- --source=service
|
|
- --source=ingress
|
|
- --provider=aws
|
|
- --registry=txt
|
|
- --txt-owner-id=${CLUSTER_NAME}
|
|
- --interval=5m # Default value (1m) causes "Rate Exceed" on Route 53 due to too many API call
|
|
#- --domain-filter={{ dns_zone }}. # will make ExternalDNS see only the hosted zones matching provided domain, omit to process all available hosted zones
|
|
#- --policy=upsert-only # would prevent ExternalDNS from deleting any records, omit to enable full synchronization
|
|
nodeSelector:
|
|
node-role.kubernetes.io/control-plane: ""
|
|
tolerations:
|
|
- key: "node-role.kubernetes.io/master"
|
|
effect: NoSchedule |