feat: Integrate external-dns for kubeapi
This commit is contained in:
parent
f24a5c81c0
commit
72197a3030
@ -0,0 +1,16 @@
|
||||
{{- if index .Values "addons" "external-dns" "enabled" }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
annotations:
|
||||
external-dns.alpha.kubernetes.io/hostname: {{ regexSplit ":" .Values.api.endpoint -1 | first }}
|
||||
external-dns.alpha.kubernetes.io/ttl: "60"
|
||||
name: kubezero-api
|
||||
namespace: kube-system
|
||||
spec:
|
||||
type: ClusterIP
|
||||
clusterIP: None
|
||||
selector:
|
||||
component: kube-apiserver
|
||||
tier: control-plane
|
||||
{{- end }}
|
@ -35,6 +35,9 @@ addons:
|
||||
# -- /etc/cloudbender/clusterBackup.passphrase
|
||||
passwordFile: ""
|
||||
|
||||
external-dns:
|
||||
enabled: false
|
||||
|
||||
network:
|
||||
multus:
|
||||
enabled: false
|
||||
|
@ -2,7 +2,8 @@ apiVersion: v2
|
||||
name: kubezero-addons
|
||||
description: KubeZero umbrella chart for various optional cluster addons
|
||||
type: application
|
||||
version: 0.4.4
|
||||
version: 0.5.0
|
||||
appVersion: v1.22.8
|
||||
home: https://kubezero.com
|
||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||
keywords:
|
||||
@ -10,6 +11,7 @@ keywords:
|
||||
- fuse-device-plugin
|
||||
- k8s-ecr-login-renew
|
||||
- aws-node-termination-handler
|
||||
- external-dns
|
||||
maintainers:
|
||||
- name: Stefan Reimer
|
||||
email: stefan@zero-downtime.net
|
||||
@ -18,4 +20,8 @@ dependencies:
|
||||
version: 0.18.0
|
||||
# repository: https://aws.github.io/eks-charts
|
||||
condition: aws-node-termination-handler.enabled
|
||||
- name: external-dns
|
||||
version: 1.7.1
|
||||
repository: https://kubernetes-sigs.github.io/external-dns/
|
||||
condition: external-dns.enabled
|
||||
kubeVersion: ">= 1.20.0"
|
||||
|
@ -15,7 +15,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: kubezero-admin
|
||||
image: "{{ .Values.clusterBackup.image.name }}:{{ .Values.clusterBackup.image.tag }}"
|
||||
image: "{{ .Values.clusterBackup.image.name }}:{{ default .Chart.AppVersion .Values.clusterBackup.image.tag }}"
|
||||
imagePullPolicy: Always
|
||||
command: ["kubezero.sh"]
|
||||
args:
|
||||
|
@ -3,7 +3,7 @@ clusterBackup:
|
||||
|
||||
image:
|
||||
name: public.ecr.aws/zero-downtime/kubezero-admin
|
||||
tag: v1.21.9
|
||||
# tag: v1.22.8
|
||||
|
||||
repository: ""
|
||||
password: ""
|
||||
@ -72,3 +72,43 @@ fuseDevicePlugin:
|
||||
|
||||
k8sEcrLoginRenew:
|
||||
enabled: false
|
||||
|
||||
external-dns:
|
||||
enabled: false
|
||||
|
||||
interval: 3m
|
||||
triggerLoopOnEvent: true
|
||||
|
||||
tolerations:
|
||||
- key: node-role.kubernetes.io/master
|
||||
effect: NoSchedule
|
||||
nodeSelector:
|
||||
node-role.kubernetes.io/control-plane: ""
|
||||
|
||||
logLevel: debug
|
||||
sources:
|
||||
- service
|
||||
#- istio-gateway
|
||||
|
||||
provider: inmemory
|
||||
|
||||
extraVolumes:
|
||||
- name: aws-token
|
||||
projected:
|
||||
sources:
|
||||
- serviceAccountToken:
|
||||
path: token
|
||||
expirationSeconds: 86400
|
||||
audience: "sts.amazonaws.com"
|
||||
extraVolumeMounts:
|
||||
- name: aws-token
|
||||
mountPath: "/var/run/secrets/sts.amazonaws.com/serviceaccount/"
|
||||
readOnly: true
|
||||
env:
|
||||
# -- "arn:aws:iam::${AWS::AccountId}:role/${AWS::Region}.${ClusterName}.externalDNS"
|
||||
- name: AWS_ROLE_ARN
|
||||
value: ""
|
||||
- name: AWS_WEB_IDENTITY_TOKEN_FILE
|
||||
value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token"
|
||||
- name: AWS_STS_REGIONAL_ENDPOINTS
|
||||
value: "regional"
|
||||
|
Loading…
Reference in New Issue
Block a user