From a9e266c5c7f7b900fa9fe78c395329b9810661f7 Mon Sep 17 00:00:00 2001 From: DeveloperDurp Date: Mon, 26 Sep 2022 20:50:36 +0000 Subject: [PATCH] Update argocd/external-dns/index.yaml, argocd/external-dns/Chart.yaml, argocd/external-dns/templates/deployment.yaml --- argocd/external-dns/Chart.yaml | 8 +- argocd/external-dns/index.yaml | 287 +++++++++--------- argocd/external-dns/templates/deployment.yaml | 68 +++++ 3 files changed, 215 insertions(+), 148 deletions(-) create mode 100644 argocd/external-dns/templates/deployment.yaml diff --git a/argocd/external-dns/Chart.yaml b/argocd/external-dns/Chart.yaml index f94f213..e5b306a 100644 --- a/argocd/external-dns/Chart.yaml +++ b/argocd/external-dns/Chart.yaml @@ -5,10 +5,10 @@ type: application version: 0.0.1 appVersion: 0.0.1 -dependencies: -- name: external-dns - repository: https://charts.bitnami.com/bitnami - version: 6.10.0 +#dependencies: +#- name: external-dns +# repository: https://charts.bitnami.com/bitnami +# version: 6.10.0 diff --git a/argocd/external-dns/index.yaml b/argocd/external-dns/index.yaml index a9cf251..25211eb 100644 --- a/argocd/external-dns/index.yaml +++ b/argocd/external-dns/index.yaml @@ -1,144 +1,143 @@ -external-dns: - - image: - repository: k8s.gcr.io/external-dns/external-dns - # Overrides the image tag whose default is v{{ .Chart.AppVersion }} - tag: "" - pullPolicy: Always - - imagePullSecrets: [] - - nameOverride: "" - fullnameOverride: "" - - commonLabels: {} - - serviceAccount: - # Specifies whether a service account should be created - create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - - rbac: - # Specifies whether RBAC resources should be created - create: true - additionalPermissions: [] - - # Annotations to add to the Deployment - deploymentAnnotations: {} - - podLabels: {} - - # Annotations to add to the Pod - podAnnotations: {} - - shareProcessNamespace: false - - podSecurityContext: - fsGroup: 65534 - - securityContext: - runAsNonRoot: true - runAsUser: 65534 - readOnlyRootFilesystem: true - capabilities: - drop: ["ALL"] - - # Defaults to `ClusterFirst`. - # Valid values are: `ClusterFirstWithHostNet`, `ClusterFirst`, `Default` or `None`. - dnsPolicy: - - priorityClassName: "" - - terminationGracePeriodSeconds: - - serviceMonitor: - enabled: false - additionalLabels: {} - interval: 1m - scrapeTimeout: 10s - - env: - - name: CF_API_KEY - valueFrom: - secretKeyRef: - name: cloudflare - key: CF_API_KEY - - name: CF_API_EMAIL - valueFrom: - secretKeyRef: - name: cloudflare - key: CF_API_EMAIL - - livenessProbe: - httpGet: - path: /healthz - port: http - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 2 - successThreshold: 1 - - readinessProbe: - httpGet: - path: /healthz - port: http - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 - - service: - port: 7979 - annotations: {} - - extraVolumes: [] - - extraVolumeMounts: [] - - resources: {} - - nodeSelector: {} - - tolerations: [] - - affinity: {} - - topologySpreadConstraints: [] - - logLevel: info - logFormat: text - - interval: 1m - triggerLoopOnEvent: false - - sources: - - service - - ingress - - policy: upsert-only - - registry: txt - txtOwnerId: "" - txtPrefix: "" - txtSuffix: "" - - domainFilters: [] - - provider: Cloudflare - - extraArgs: - - --source=ingress - - --domain-filter=durp.info - - --provider=cloudflare - - --cloudflare-proxied - - deploymentStrategy: - type: Recreate - - +#external-dns: +# image: +# repository: k8s.gcr.io/external-dns/external-dns +# # Overrides the image tag whose default is v{{ .Chart.AppVersion }} +# tag: "" +# pullPolicy: Always +# +# imagePullSecrets: [] +# +# nameOverride: "" +# fullnameOverride: "" +# +# commonLabels: {} +# +# serviceAccount: +# # Specifies whether a service account should be created +# create: true +# # Annotations to add to the service account +# annotations: {} +# # The name of the service account to use. +# # If not set and create is true, a name is generated using the fullname template +# name: "" +# +# rbac: +# # Specifies whether RBAC resources should be created +# create: true +# additionalPermissions: [] +# +# # Annotations to add to the Deployment +# deploymentAnnotations: {} +# +# podLabels: {} +# +# # Annotations to add to the Pod +# podAnnotations: {} +# +# shareProcessNamespace: false +# +# podSecurityContext: +# fsGroup: 65534 +# +# securityContext: +# runAsNonRoot: true +# runAsUser: 65534 +# readOnlyRootFilesystem: true +# capabilities: +# drop: ["ALL"] +# +# # Defaults to `ClusterFirst`. +# # Valid values are: `ClusterFirstWithHostNet`, `ClusterFirst`, `Default` or `None`. +# dnsPolicy: +# +# priorityClassName: "" +# +# terminationGracePeriodSeconds: +# +# serviceMonitor: +# enabled: false +# additionalLabels: {} +# interval: 1m +# scrapeTimeout: 10s +# +# env: +# - name: CF_API_KEY +# valueFrom: +# secretKeyRef: +# name: cloudflare +# key: CF_API_KEY +# - name: CF_API_EMAIL +# valueFrom: +# secretKeyRef: +# name: cloudflare +# key: CF_API_EMAIL +# +# livenessProbe: +# httpGet: +# path: /healthz +# port: http +# initialDelaySeconds: 10 +# periodSeconds: 10 +# timeoutSeconds: 5 +# failureThreshold: 2 +# successThreshold: 1 +# +# readinessProbe: +# httpGet: +# path: /healthz +# port: http +# initialDelaySeconds: 5 +# periodSeconds: 10 +# timeoutSeconds: 5 +# failureThreshold: 6 +# successThreshold: 1 +# +# service: +# port: 7979 +# annotations: {} +# +# extraVolumes: [] +# +# extraVolumeMounts: [] +# +# resources: {} +# +# nodeSelector: {} +# +# tolerations: [] +# +# affinity: {} +# +# topologySpreadConstraints: [] +# +# logLevel: info +# logFormat: text +# +# interval: 1m +# triggerLoopOnEvent: false +# +# sources: +# - service +# - ingress +# +# policy: upsert-only +# +# registry: txt +# txtOwnerId: "" +# txtPrefix: "" +# txtSuffix: "" +# +# domainFilters: [] +# +# provider: Cloudflare +# +# extraArgs: +# - --source=ingress +# - --domain-filter=durp.info +# - --provider=cloudflare +# - --cloudflare-proxied +# +# deploymentStrategy: +# type: Recreate +# +# diff --git a/argocd/external-dns/templates/deployment.yaml b/argocd/external-dns/templates/deployment.yaml new file mode 100644 index 0000000..086476a --- /dev/null +++ b/argocd/external-dns/templates/deployment.yaml @@ -0,0 +1,68 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: external-dns +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: external-dns +rules: +- apiGroups: [""] + resources: ["services","endpoints","pods"] + verbs: ["get","watch","list"] +- apiGroups: ["extensions","networking.k8s.io"] + resources: ["ingresses"] + verbs: ["get","watch","list"] +- apiGroups: [""] + resources: ["nodes"] + verbs: ["list", "watch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: external-dns-viewer +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: external-dns +subjects: +- kind: ServiceAccount + name: external-dns + namespace: default +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: external-dns +spec: + strategy: + type: Recreate + selector: + matchLabels: + app: external-dns + template: + metadata: + labels: + app: external-dns + spec: + serviceAccountName: external-dns + containers: + - name: external-dns + image: k8s.gcr.io/external-dns/external-dns:0.12.2-debian-11-r14 + args: + - --source=ingress + - --domain-filter=durp.info + - --provider=cloudflare + - --cloudflare-proxied + env: + - name: CF_API_KEY + valueFrom: + secretKeyRef: + name: cloudflare + key: CF_API_KEY + - name: CF_API_EMAIL + valueFrom: + secretKeyRef: + name: cloudflare + key: CF_API_EMAIL