From f59d6fea42f5c07cc1ab8def8047344d66147106 Mon Sep 17 00:00:00 2001 From: CJ_Clippy Date: Fri, 26 Apr 2024 17:55:07 +0000 Subject: [PATCH] add external-dns --- apps/base/podinfo/ingress.yaml | 24 +++++++ apps/base/podinfo/kustomization.yaml | 1 + infrastructure/controllers/external-dns.yaml | 66 ++++++++++++++++++++ 3 files changed, 91 insertions(+) create mode 100644 apps/base/podinfo/ingress.yaml create mode 100644 infrastructure/controllers/external-dns.yaml diff --git a/apps/base/podinfo/ingress.yaml b/apps/base/podinfo/ingress.yaml new file mode 100644 index 0000000..f8b3c7a --- /dev/null +++ b/apps/base/podinfo/ingress.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: podinfo-ingress + namespace: default + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-staging" +spec: + ingressClassName: nginx + rules: + - host: podinfo.sbtp.xyz + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: podinfo + port: + name: http + tls: + - hosts: + - podinfo.sbtp.xyz + secretName: podinfo-tls \ No newline at end of file diff --git a/apps/base/podinfo/kustomization.yaml b/apps/base/podinfo/kustomization.yaml index 8155288..9558a88 100644 --- a/apps/base/podinfo/kustomization.yaml +++ b/apps/base/podinfo/kustomization.yaml @@ -5,3 +5,4 @@ resources: - namespace.yaml - repository.yaml - release.yaml + - ingress.yaml diff --git a/infrastructure/controllers/external-dns.yaml b/infrastructure/controllers/external-dns.yaml new file mode 100644 index 0000000..0536322 --- /dev/null +++ b/infrastructure/controllers/external-dns.yaml @@ -0,0 +1,66 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: external-dns +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: external-dns +rules: +- apiGroups: [""] + resources: ["services","endpoints","pods"] + verbs: ["get","watch","list"] +- apiGroups: ["extensions","networking.k8s.io"] + resources: ["ingresses"] + verbs: ["get","watch","list"] +- apiGroups: [""] + resources: ["nodes"] + verbs: ["list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: external-dns-viewer +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: external-dns +subjects: +- kind: ServiceAccount + name: external-dns + namespace: default +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: external-dns +spec: + strategy: + type: Recreate + selector: + matchLabels: + app: external-dns + template: + metadata: + labels: + app: external-dns + spec: + serviceAccountName: external-dns + containers: + - name: external-dns + resources: + limits: + memory: "1024Mi" + cpu: "100m" + image: registry.k8s.io/external-dns/external-dns:v0.14.1 + args: + - --source=ingress + - --domain-filter=sbtp.xyz + - --provider=vultr + env: + - name: VULTR_API_KEY + valueFrom: + secretKeyRef: + name: vultr + key: apiKey