From 189bc4df5432ba380d074bc6345233882d1b5148 Mon Sep 17 00:00:00 2001 From: Sheogorath <sheogorath@shivering-isles.com> Date: Sat, 24 Feb 2024 20:59:34 +0100 Subject: [PATCH] feat(external-dns): Initial deployment of external-dns --- .../base/external-dns/kustomization.yaml | 11 ++++ infrastructure/base/external-dns/release.yaml | 42 +++++++++++++ .../base/external-dns/repository.yaml | 8 +++ .../k8s01/external-dns/kustomization.yaml | 6 ++ .../k8s01/external-dns/release-override.yaml | 60 +++++++++++++++++++ infrastructure/k8s01/kustomization.yaml | 18 ------ .../k8s01/legacy/kustomization.yaml | 18 ++++++ 7 files changed, 145 insertions(+), 18 deletions(-) create mode 100644 infrastructure/base/external-dns/kustomization.yaml create mode 100644 infrastructure/base/external-dns/release.yaml create mode 100644 infrastructure/base/external-dns/repository.yaml create mode 100644 infrastructure/k8s01/external-dns/kustomization.yaml create mode 100644 infrastructure/k8s01/external-dns/release-override.yaml delete mode 100644 infrastructure/k8s01/kustomization.yaml create mode 100644 infrastructure/k8s01/legacy/kustomization.yaml diff --git a/infrastructure/base/external-dns/kustomization.yaml b/infrastructure/base/external-dns/kustomization.yaml new file mode 100644 index 000000000..d683674f9 --- /dev/null +++ b/infrastructure/base/external-dns/kustomization.yaml @@ -0,0 +1,11 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: longhorn-system +resources: + - namespace.yaml + - repository.yaml + - release.yaml + - ../../../shared/networkpolicies/allow-from-monitoring.yaml + +commonLabels: + app.kubernetes.io/name: external-dns \ No newline at end of file diff --git a/infrastructure/base/external-dns/release.yaml b/infrastructure/base/external-dns/release.yaml new file mode 100644 index 000000000..401c17ea8 --- /dev/null +++ b/infrastructure/base/external-dns/release.yaml @@ -0,0 +1,42 @@ +apiVersion: helm.toolkit.fluxcd.io/v2beta2 +kind: HelmRelease +metadata: + name: external-dns + namespace: external-dns-system +spec: + releaseName: external-dns + chart: + spec: + chart: external-dns + sourceRef: + kind: HelmRepository + name: external-dns + namespace: external-dns-system + version: 1.14.3 + interval: 5m + install: + crds: CreateReplace + remediation: + retries: -1 + upgrade: + crds: CreateReplace + remediation: + retries: -1 + valuesFrom: + - kind: ConfigMap + name: external-dns-base-values + valuesKey: values.yaml + - kind: Secret + name: external-dns-override-values + valuesKey: values-overrides.yaml + optional: true +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: external-dns-base-values + namespace: external-dns-system +data: + values.yaml: | + serviceMonitor: + enabled: true \ No newline at end of file diff --git a/infrastructure/base/external-dns/repository.yaml b/infrastructure/base/external-dns/repository.yaml new file mode 100644 index 000000000..e53afbdaf --- /dev/null +++ b/infrastructure/base/external-dns/repository.yaml @@ -0,0 +1,8 @@ +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: HelmRepository +metadata: + name: external-dns + namespace: external-dns-system +spec: + interval: 30m + url: https://kubernetes-sigs.github.io/external-dns/ diff --git a/infrastructure/k8s01/external-dns/kustomization.yaml b/infrastructure/k8s01/external-dns/kustomization.yaml new file mode 100644 index 000000000..e1553e87d --- /dev/null +++ b/infrastructure/k8s01/external-dns/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: external-dns-system +resources: + - ../base/external-dns + - release-override.yaml diff --git a/infrastructure/k8s01/external-dns/release-override.yaml b/infrastructure/k8s01/external-dns/release-override.yaml new file mode 100644 index 000000000..4e5c136dc --- /dev/null +++ b/infrastructure/k8s01/external-dns/release-override.yaml @@ -0,0 +1,60 @@ +apiVersion: v1 +kind: Secret +metadata: + name: external-dns-override-values +type: Opaque +stringData: + values-overrides.yaml: ENC[AES256_GCM,data:7BF9ewzgVsVUPYu3zm4R/yYFtTp4C4emW83A6bgettkjBCZC5BXJUt0crtoRdDWemYEQe9YFwD1ZoRYauxvBpVGbxKN1Le64f0aQJ9HC9Ixbti6OrKoVj+G5gAc6W5O5wA7RM8oVBB39IspP1x/dmGiYZhyRp0vjFYi1BHFcAPKpziQLiDMNAB6gaDqsjPfYs30o+bvp1QEB73WL1qGJv677tpnMByzzDTrSpxBjdBJ/itB8We9t24DumP6FuTGzaxubLrPnfTSRCEzlAelc4vg7bPsx6zrBN5EK8EkpsQy5pBmw+VJzB0/yX7zz5UITX5oIm4M7jm4ctEoZqK8l/dnLf4tULlh9RCopwuyN687OtjW6Jf4Q3pxEhAD5yNISEXO9VYfnkjcjC7H3arlbMfA0mChNkX7Yx+eJyDF0xD5frak0AWwUPzbj1flF9B1wsHrnMLISmHI+pT1u3MrxHwYwkX6c6Tx0XWbnRNhcHTUhmIbouKahov/IEFhKvi8T7Gq3aYQUM2kBByALNEhEtrN0pS2bx5GYs+Kpm2o2RLHIm+t2p2gO+qPrFFz7acDz+0U1k/kyXQmLla3fhpPN,iv:7B00QurZOF7OR+Hcae3a2E4OA7774e5glFfWm6K26fU=,tag:bWU1mafLJf0518gY9/p0NQ==,type:str] + CF_API_TOKEN: ENC[AES256_GCM,data:L5L8pF+UQ7i/P+pTOsVz3i+8Hs3Ga6JZLJwP2HP558aLLEhaVRR1zw==,iv:RziOIfk3agqZnCLuyrTGEbgsQl13aN7LyTP4q5nFTTU=,tag:TG+mKCXI/eXmo+0qHu35pg==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2024-02-24T18:41:34Z" + mac: ENC[AES256_GCM,data:xCvnislLGHosYivUWi19/kngB1CwGx8t+HU+LF62rVn4CG3ZNu30HsX8BEPbPxzsxhmN08Lk7bQllYUyQgqmkpxmKgshThend7l8MRHXa2hobbPzHcwoPdy1lGhrJ0zRTHbsurzGnn0SbyPYeE+dMY+nG6ETqU9UPpmCxfefWxA=,iv:WtAr+0sEdeykVtlvcvGlq6ZNyKVnn6qixJygzita6o0=,tag:8b/F05/STdPuNmGI4cu7lw==,type:str] + pgp: + - created_at: "2024-02-24T18:41:33Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA7kpg2bgzVHcAQ//XpWE/4SDKiQcSkIM7v1wMY4nD+/2QrCBRwODwEifHdC0 + t7O6VStvBFrCcARhu05N6woxSGvU64htXkZu8nBuoBsbVdDhIV7Uc7lklqFPHneu + KYzu2kZY0D0spvArh8UlWPyoLK+9Oc6Ti/DC8D56IqKobXkDYhUdSyW2vvdouZ3/ + bEkH/imy+HYiFbj2Q8I9iWyfHLdYMO66lfsfpZDo45e8Op3gnLfCt31pWrcs18/X + VosNYqafb3Gczf2L+jmtkdAXfxZ1BDQYlggpz6/7aLt1INlnqDSwtrn1sHVJGIJ+ + 1sFpH7VjxCgxVirVm1q7iavogzqbljvIz7ljo5TW0Auu+H5caD56w5ONMAn3h9ja + FlIZYuhNGLnLS6Of9S4LUL2eeoy16XgKQdVr1dRBwjpXZe62iby+NOWwHd5C37w+ + pPv5wGHdI2RnawFAU/M/7FI7FNSkQcwecvsyS1RatFFDv8Xf6+wjhpuGfYzyWG+8 + mv35QjxMGX5LKKYW+KbgrqLgMjVaRmpuROetfHYxacBFwJsOKe/PHJPkmIiUyMsl + pC+/Khhj2qZNtukKmJ59JkzPtio64MD8qus5Vaich+Lz4aTbYy304O8rbQU84nO+ + YWbu+WwdVVGutH6dfonUxpdAsHIFw6fCuUApVLGFq98yN7cXCB3TvEN/288YSjLS + UQHKUBjY2lXcJx21sL+sydMeqxTQXvE0/82zT5TbK096Fy+P5LJI1b3E8CSrHO7U + 84IiAgQcsWsUCIs/5EdSHEd0eJe6d9LdmHX8i4QsjhJ9Iw== + =vD+z + -----END PGP MESSAGE----- + fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601 + - created_at: "2024-02-24T18:41:33Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA4oYbIHZIrAPAQ/+Jt7EbSh51o6s2uxvLbWmjsqEB8gzc1puMlKrg0MFMnU+ + nLb2J/SfnLGMBlrCmKDCGYQVdwSG1ctEJ9OR5/MEIUmQIrn9ThT3syo0vUlaLR7w + V9+jb0RiYhHiMC47qOAlSX62IMZfUJFr8UyU24S0hBTcLGHyzFycnIycTQlFo2S8 + gKMvMrwNWuCIVz9FQz5oXTE2Y/y767Kvx3BeTmm98in0iE2wxRfz9xe6VnAnuoEM + mHe7xT0Dd+cYtV5XD9UCk0vzm6xzKH+nx1Pnzb95Z6a06UVg4+7ScfWRGAuQRev4 + xbenzZ12gnDeHT3w8eYLtovTuGXi9kzn8WDd3QxDO/VcsuhvWwkpHNZ4KIZs/Zsl + sIgRBGhIxJPOSwYitHtvyZuAUS7AEcjk0MjuiJSWwNcPFRvEzKKLbGPE/WQkQk/V + su8tk2GpgzHc8J3xihMmfmsgp1OrMaiAAyt+GVYjynN5Mt1U3V1gZ3m8UEA/QEtz + zV/f7fq0v2fEjLRo36zF8WERC2I4BPB0wNQf364kzJQG/B4fQNbBb+CIabqRs04y + MeuOnRpEYhQGl+Z/+L4fJ/8YC4m1ecn+K/O57ngm9+M9WGMbwSP8OaeZn+FMyXYQ + D8QNOIVopvRx3y7wFcqYZ5enjbCQPRXzUDSbkpsI8N0u0Kg6OKkrc0iFzcnUozzU + aAEJAhAQQTFN1kDmkC7sBwZYVTlW2O7HFSXSuVH+nZf3LCQx/9eHAdNMm4ToZhWv + rklBaHRofE1XFgMU8+UA5Njyk/BeWx5U7HEhPoNMwe4Se22johXr3WegDEUf8lI8 + jo/xuJdjmL/m + =AaBK + -----END PGP MESSAGE----- + fp: B137EE1549DFAF960DD1E2B15147025FB9F09E07 + encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?|.*(H|h)osts?|tang|externalURL|.*-secret|.*Secrets?|.*-domain|password|subjects|node|apiURL|.*(S|s)erverNames?|.*SecretKey|externalName)$ + version: 3.7.3 diff --git a/infrastructure/k8s01/kustomization.yaml b/infrastructure/k8s01/kustomization.yaml deleted file mode 100644 index efca821c8..000000000 --- a/infrastructure/k8s01/kustomization.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - ../base/kube-system - - ../base/node-features - - ../base/drivers - - ../base/system-upgrades - - ../base/firewall - - ../base/metallb - - ../base/cert-manager - - ../base/nginx-system - - ../base/longhorn - - ../base/monitoring - - ../base/flux-system - - ../base/postgres - - ../base/redis - - ../base/dashboard - - ../base/vpa diff --git a/infrastructure/k8s01/legacy/kustomization.yaml b/infrastructure/k8s01/legacy/kustomization.yaml new file mode 100644 index 000000000..21a9e13a5 --- /dev/null +++ b/infrastructure/k8s01/legacy/kustomization.yaml @@ -0,0 +1,18 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ../../base/kube-system + - ../../base/node-features + - ../../base/drivers + - ../../base/system-upgrades + - ../../base/firewall + - ../../base/metallb + - ../../base/cert-manager + - ../../base/nginx-system + - ../../base/longhorn + - ../../base/monitoring + - ../../base/flux-system + - ../../base/postgres + - ../../base/redis + - ../../base/dashboard + - ../../base/vpa -- GitLab