Add Google CloudDNS support to external-dns
- Add Google CloudDNS support to external-dns
Metadata should look like
kubernetes:
common:
addons:
externaldns:
enabled: True
provider: google
google_options:
key:
project:
Change-Id: Ic468089dc1fdd558194cc5141a8ed4b702c9de59
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
diff --git a/README.rst b/README.rst
index 5ad0948..01178fe 100644
--- a/README.rst
+++ b/README.rst
@@ -118,13 +118,12 @@
kubernetes:
common:
addons:
+ coredns:
+ enabled: True
externaldns:
- coredns:
- enabled: True
- externaldns:
- enabled: True
- domain: company.mydomain
- provider: coredns
+ enabled: True
+ domain: company.mydomain
+ provider: coredns
Enable external DNS addon with Designate provider
@@ -135,18 +134,17 @@
common:
addons:
externaldns:
- externaldns:
- enabled: True
- domain: company.mydomain
- provider: designate
- designate_os_options:
- OS_AUTH_URL: https://keystone_auth_endpoint:5000
- OS_PROJECT_DOMAIN_NAME: default
- OS_USER_DOMAIN_NAME: default
- OS_PROJECT_NAME: admin
- OS_USERNAME: admin
- OS_PASSWORD: password
- OS_REGION_NAME: RegionOne
+ enabled: True
+ domain: company.mydomain
+ provider: designate
+ designate_os_options:
+ OS_AUTH_URL: https://keystone_auth_endpoint:5000
+ OS_PROJECT_DOMAIN_NAME: default
+ OS_USER_DOMAIN_NAME: default
+ OS_PROJECT_NAME: admin
+ OS_USERNAME: admin
+ OS_PASSWORD: password
+ OS_REGION_NAME: RegionOne
Enable external DNS addon with AWS provider
@@ -157,13 +155,29 @@
common:
addons:
externaldns:
- externaldns:
- enabled: True
- domain: company.mydomain
- provider: aws
- aws_options:
- AWS_ACCESS_KEY_ID: XXXXXXXXXXXXXXXXXXXX
- AWS_SECRET_ACCESS_KEY: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ enabled: True
+ domain: company.mydomain
+ provider: aws
+ aws_options:
+ AWS_ACCESS_KEY_ID: XXXXXXXXXXXXXXXXXXXX
+ AWS_SECRET_ACCESS_KEY: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+
+Enable external DNS addon with Google CloudDNS provider
+
+.. code-block:: yaml
+
+ parameters:
+ kubernetes:
+ common:
+ addons:
+ externaldns:
+ enabled: True
+ domain: company.mydomain
+ provider: google
+ google_options:
+ key: ''
+ project: default-123
+key should be exported from google console and processed as `cat key.json | tr -d '\n'`
Enable OpenStack cloud provider
diff --git a/kubernetes/files/kube-addons/externaldns/externaldns-deploy.yml b/kubernetes/files/kube-addons/externaldns/externaldns-deploy.yml
index 0803d6e..4d3896d 100644
--- a/kubernetes/files/kube-addons/externaldns/externaldns-deploy.yml
+++ b/kubernetes/files/kube-addons/externaldns/externaldns-deploy.yml
@@ -29,6 +29,9 @@
- --source=ingress
- --domain-filter={{ common.addons.externaldns.domain }} # will make ExternalDNS see only the hosted zones matching provided domain, omit to process all available hosted zones
- --provider={{ common.addons.externaldns.provider }}
+ {%- if common.addons.externaldns.provider == "google" %}
+ - --google-project={{ common.addons.externaldns.google_options.project }}
+ {%- endif %}
#- --policy=upsert-only # would prevent ExternalDNS from deleting any records, omit to enable full synchronization
- --registry=txt
- --txt-owner-id=my-identifier
@@ -45,8 +48,25 @@
envFrom:
- secretRef:
name: aws-secret
+ {%- elif common.addons.externaldns.provider == "google" %}
+ volumeMounts:
+ - name: key
+ mountPath: "/etc/google"
+ readOnly: true
+ env:
+ - name: GOOGLE_APPLICATION_CREDENTIALS
+ value: "/etc/google/key"
{%- endif %}
livenessProbe:
httpGet:
port: 7979
path: /healthz
+ ports:
+ - containerPort: 7979
+ {%- if common.addons.externaldns.provider == "google" %}
+ volumes:
+ - name: key
+ secret:
+ secretName: google-secret
+ {%- endif %}
+>>>>>>> Add Google CloudDNS support to external-dns
diff --git a/kubernetes/files/kube-addons/externaldns/externaldns-google-secret.yaml b/kubernetes/files/kube-addons/externaldns/externaldns-google-secret.yaml
new file mode 100644
index 0000000..9ea5044
--- /dev/null
+++ b/kubernetes/files/kube-addons/externaldns/externaldns-google-secret.yaml
@@ -0,0 +1,14 @@
+{%- from "kubernetes/map.jinja" import common with context -%}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: google-secret
+ namespace: kube-system
+ labels:
+ addonmanager.kubernetes.io/mode: EnsureExists
+type: Opaque
+data:
+{%- for option, value in common.addons.externaldns.google_options.items() %}
+ {{ option }}: {{ salt['hashutil.base64_b64encode'](value) }}
+{%- endfor %}
diff --git a/kubernetes/master/kube-addons.sls b/kubernetes/master/kube-addons.sls
index 99156a2..4fe7a08 100644
--- a/kubernetes/master/kube-addons.sls
+++ b/kubernetes/master/kube-addons.sls
@@ -199,6 +199,16 @@
- makedirs: True
{% endif %}
+{%- if common.addons.get('externaldns', {}).get('provider') == 'google' %}
+/etc/kubernetes/addons/externaldns/externaldns-google-secret.yaml:
+ file.managed:
+ - source: salt://kubernetes/files/kube-addons/externaldns/externaldns-google-secret.yaml
+ - template: jinja
+ - group: root
+ - dir_mode: 755
+ - makedirs: True
+{% endif %}
+
{% endif %}
{%- if common.addons.get('dashboard', {'enabled': False}).enabled %}