Skip to content

S
system-charts
Commit f627b92c by Prachi Damle Committed by Alena Prokharchyk
Options

Copy of Upstream Helm chart for external-dns

We will be keeping up with the upstream chart https://github.com/helm/charts/tree/master/stable/external-dns
parent 9b275d81
Showing with 624 additions and 0 deletions
charts/rancher-external-dns/v0.0.1/.helmignore 0 → 100644
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
charts/rancher-external-dns/v0.0.1/Chart.yaml 0 → 100644
apiVersion: v1
description: |
Configure external DNS servers (AWS Route53, Google CloudDNS and others)
for Kubernetes Ingresses and Services
name: rancher-external-dns
version: 0.0.1
appVersion: 0.5.10
home: https://github.com/kubernetes-incubator/external-dns
sources:
- https://github.com/kubernetes-incubator/external-dns
engine: gotpl
maintainers:
- name: rabadin
email: rabadin@cisco.com
charts/rancher-external-dns/v0.0.1/templates/NOTES.txt 0 → 100644
To verify that external-dns has started, run:
kubectl --namespace={{ .Release.Namespace }} get pods -l "app={{ template "external-dns.name" . }},release={{ .Release.Name }}"
charts/rancher-external-dns/v0.0.1/templates/_helpers.tpl 0 → 100644
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "external-dns.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "external-dns.fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if ne $name .Release.Name -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s" $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{/* Generate basic labels */}}
{{- define "external-dns.labels" }}
app: {{ template "external-dns.name" . }}
heritage: {{.Release.Service }}
release: {{.Release.Name }}
{{- if .Values.podLabels }}
{{ toYaml .Values.podLabels }}
{{- end }}
{{- end }}
{{- define "external-dns.aws-credentials" }}
[default]
aws_access_key_id = {{ .Values.aws.accessKey }}
aws_secret_access_key = {{ .Values.aws.secretKey }}
{{ end }}
{{- define "external-dns.aws-config" }}
[profile default]
{{- if .Values.aws.roleArn }}
role_arn = {{ .Values.aws.roleArn }}
{{- end }}
region = {{ .Values.aws.region }}
source_profile = default
{{ end }}
\ No newline at end of file
charts/rancher-external-dns/v0.0.1/templates/clusterrole.yaml 0 → 100644
{{- if .Values.rbac.create -}}
apiVersion: rbac.authorization.k8s.io/{{ .Values.rbac.apiVersion }}
kind: ClusterRole
metadata:
labels: {{ include "external-dns.labels" . | indent 4 }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
name: {{ template "external-dns.fullname" . }}
rules:
- apiGroups:
- ""
resources:
- services
- pods
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- ingresses
verbs:
- get
- list
- watch
- apiGroups:
- networking.istio.io
resources:
- gateways
verbs:
- get
- list
- watch
{{- end -}}
charts/rancher-external-dns/v0.0.1/templates/clusterrolebinding.yaml 0 → 100644
{{- if .Values.rbac.create -}}
apiVersion: rbac.authorization.k8s.io/{{ .Values.rbac.apiVersion }}
kind: ClusterRoleBinding
metadata:
labels: {{ include "external-dns.labels" . | indent 4 }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
name: {{ template "external-dns.fullname" . }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "external-dns.fullname" . }}
subjects:
- kind: ServiceAccount
name: {{ template "external-dns.fullname" . }}
namespace: {{ .Release.Namespace }}
{{- end -}}
charts/rancher-external-dns/v0.0.1/templates/configmap.yaml 0 → 100644
{{- if and (eq .Values.provider "designate") .Values.designate.customCA.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "external-dns.fullname" . }}
labels: {{ include "external-dns.labels" . | indent 4 }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
data:
{{ .Values.designate.customCA.filename }}: |
{{ .Values.designate.customCA.content | indent 4 }}
{{- end }}
charts/rancher-external-dns/v0.0.1/templates/deployment.yaml 0 → 100755
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels: {{ include "external-dns.labels" . | indent 4 }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
name: {{ template "external-dns.fullname" . }}
spec:
template:
metadata:
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8}}
{{- end }}
labels: {{ include "external-dns.labels" . | indent 8 }}
spec:
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
{{- range $sec := .Values.image.pullSecrets }}
- name: {{$sec | quote }}
{{- end }}
{{- end }}
{{- if .Values.priorityClassName }}
priorityClassName: "{{ .Values.priorityClassName }}"
{{- end }}
containers:
- name: {{ template "external-dns.name" . }}
image: "{{.Values.image.name}}:{{ .Values.image.tag }}"
imagePullPolicy: "{{ .Values.image.pullPolicy }}"
args:
{{- if .Values.logLevel }}
- --log-level={{ .Values.logLevel }}
{{- end }}
{{- if .Values.publishInternalServices }}
- --publish-internal-services
{{- end }}
{{- range .Values.domainFilters }}
- --domain-filter={{ . }}
{{- end }}
{{- range .Values.zoneIdFilters }}
- --zone-id-filter={{ . }}
{{- end }}
- --policy={{ .Values.policy }}
- --provider={{ .Values.provider }}
- --registry={{ .Values.registry }}
- --interval={{ .Values.interval }}
{{- if .Values.txtOwnerId }}
- --txt-owner-id={{ .Values.txtOwnerId }}
{{- end }}
{{- if .Values.txtPrefix }}
- --txt-prefix={{ .Values.txtPrefix }}
{{- end }}
{{- if .Values.annotationFilter }}
- --annotation-filter={{ .Values.annotationFilter }}
{{- end }}
{{- range .Values.sources }}
- --source={{ . }}
{{- end }}
{{ if .Values.dryRun }}
- --dry-run
{{- end }}
{{- range $key, $value := .Values.extraArgs }}
{{- if $value }}
- --{{ $key }}={{ $value }}
{{- else }}
- --{{ $key }}
{{- end }}
{{- end }}
{{- if eq .Values.provider "cloudflare" }}
{{- if .Values.cloudflare.proxied }}
- --cloudflare-proxied
{{- end }}
{{- end }}
{{- if .Values.aws.zoneType }}
- --aws-zone-type={{ .Values.aws.zoneType }}
{{- end }}
{{- if .Values.google.project }}
- --google-project={{ .Values.google.project }}
{{- end }}
{{- if eq .Values.provider "infoblox" }}
- --infoblox-grid-host={{ .Values.infoblox.gridHost }}
{{- if .Values.infoblox.domainFilter }}
- --domain-filter={{ .Values.infoblox.domainFilter }}
{{- end }}
{{- if .Values.infoblox.wapiPort }}
- --infoblox-wapi-port={{ .Values.infoblox.wapiPort }}
{{- end }}
{{- if .Values.infoblox.wapiVersion }}
- --infoblox-wapi-version={{ .Values.infoblox.wapiVersion }}
{{- end }}
{{- if .Values.infoblox.noSslVerify }}
- --no-infoblox-ssl-verify
{{- else }}
- --infoblox-ssl-verify
{{- end }}
{{- end }}
volumeMounts:
{{- if or .Values.google.serviceAccountSecret .Values.google.serviceAccountKey }}
- name: google-service-account
mountPath: /etc/secrets/service-account/
{{- end}}
{{- if eq .Values.provider "azure" }}
- name: azure-config-file
{{- if not .Values.azure.secretName }}
mountPath: /etc/kubernetes/azure.json
{{- else }}
mountPath: /etc/kubernetes/
{{- end }}
readOnly: true
{{- end }}
{{- if (and .Values.aws.secretKey .Values.aws.accessKey) }}
- name: aws-credentials
mountPath: {{ .Values.aws.credentialsPath }}
readOnly: true
{{- end }}
{{- if and (eq .Values.provider "designate") .Values.designate.customCA.enabled }}
- name: designate-custom-ca
mountPath: {{ .Values.designate.customCA.directory }}
readOnly: true
{{- end }}
env:
{{- if or .Values.google.serviceAccountSecret .Values.google.serviceAccountKey }}
- name: GOOGLE_APPLICATION_CREDENTIALS
value: /etc/secrets/service-account/credentials.json
{{- end }}
{{- if or (eq .Values.provider "aws") (eq .Values.provider "aws-sd") }}
{{- if .Values.aws.region }}
- name: AWS_DEFAULT_REGION
value: {{ .Values.aws.region }}
{{- end }}
{{- end }}
{{- if and .Values.cloudflare.apiKey .Values.cloudflare.email }}
- name: CF_API_KEY
valueFrom:
secretKeyRef:
name: {{ template "external-dns.fullname" . }}
key: cloudflare_api_key
- name: CF_API_EMAIL
value: "{{ .Values.cloudflare.email }}"
{{- end }}
{{- if .Values.infoblox.wapiConnectionPoolSize }}
- name: EXTERNAL_DNS_INFOBLOX_HTTP_POOL_CONNECTIONS
value: "{{ .Values.infoblox.wapiConnectionPoolSize }}"
{{- end }}
{{- if .Values.infoblox.wapiHttpTimeout }}
- name: EXTERNAL_DNS_INFOBLOX_HTTP_REQUEST_TIMEOUT
value: "{{ .Values.infoblox.wapiHttpTimeout }}"
{{- end }}
{{- if and .Values.infoblox.wapiUsername .Values.infoblox.wapiPassword }}
- name: EXTERNAL_DNS_INFOBLOX_WAPI_USERNAME
valueFrom:
secretKeyRef:
name: {{ template "external-dns.fullname" . }}
key: infoblox_wapi_username
- name: EXTERNAL_DNS_INFOBLOX_WAPI_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "external-dns.fullname" . }}
key: infoblox_wapi_password
{{- end }}
{{- if and (eq .Values.provider "designate") .Values.designate.customCA.enabled }}
- name: OPENSTACK_CA_FILE
value: {{ .Values.designate.customCA.directory }}/{{ .Values.designate.customCA.filename }}
{{- end }}
{{- $root := . -}}
{{- range .Values.extraEnv }}
- name: {{ .name }}
valueFrom:
{{- if .valueFrom }}
{{ toYaml .valueFrom | indent 14 }}
{{- else }}
secretKeyRef:
name: {{ template "external-dns.fullname" $root }}
key: {{ .name }}
{{- end }}
{{- end }}
livenessProbe:
httpGet:
path: /healthz
port: 7979
ports:
- containerPort: 7979
{{- if .Values.securityContext }}
securityContext:
{{ toYaml .Values.securityContext | indent 12 }}
{{- end }}
{{- if .Values.resources }}
resources:
{{ toYaml .Values.resources | indent 12 }}
{{- end }}
volumes:
{{- if .Values.google.serviceAccountSecret }}
- name: google-service-account
secret:
secretName: {{ .Values.google.serviceAccountSecret | quote }}
{{- else if .Values.google.serviceAccountKey }}
- name: google-service-account
secret:
secretName: {{ template "external-dns.fullname" . }}
{{- end}}
{{- if eq .Values.provider "azure" }}
- name: azure-config-file
{{- if (not .Values.azure.secretName)}}
hostPath:
path: /etc/kubernetes/azure.json
type: File
{{- else}}
secret:
secretName: {{.Values.azure.secretName}}
{{- end}}
{{- end }}
{{- if (and .Values.aws.secretKey .Values.aws.accessKey) }}
- name: aws-credentials
secret:
secretName: {{ template "external-dns.fullname" . }}
{{- end }}
{{- if and (eq .Values.provider "designate") .Values.designate.customCA.enabled }}
- name: designate-custom-ca
configMap:
name: {{ template "external-dns.fullname" . }}
items:
- key: {{ .Values.designate.customCA.filename }}
path: {{ .Values.designate.customCA.filename }}
{{- end }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
{{- end }}
{{- if .Values.tolerations }}
tolerations:
{{ toYaml .Values.tolerations | indent 8 }}
{{- end }}
{{- if .Values.affinity }}
affinity:
{{ toYaml .Values.affinity | indent 8 }}
{{- end }}
serviceAccountName: {{ if .Values.rbac.create }}{{ template "external-dns.fullname" . }}{{ else }}"{{ .Values.rbac.serviceAccountName }}"{{ end }}
charts/rancher-external-dns/v0.0.1/templates/secret.yaml 0 → 100644
{{- if or (and .Values.aws.secretKey .Values.aws.accessKey) .Values.cloudflare.apiKey (and .Values.infoblox.wapiUsername .Values.infoblox.wapiPassword) .Values.extraEnv .Values.google.serviceAccountKey -}}
apiVersion: v1
kind: Secret
metadata:
labels: {{ include "external-dns.labels" . | indent 4 }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
name: {{ template "external-dns.fullname" . }}
type: Opaque
data:
{{- if eq .Values.provider "aws" }}
credentials: {{ include "external-dns.aws-credentials" . | b64enc | quote }}
config: {{ include "external-dns.aws-config" . | b64enc | quote }}
{{- end}}
{{- if and (eq .Values.provider "google") .Values.google.serviceAccountKey }}
credentials.json: {{ .Values.google.serviceAccountKey | b64enc | quote }}
{{- end}}
{{- if .Values.cloudflare.apiKey }}
cloudflare_api_key: {{ .Values.cloudflare.apiKey | b64enc | quote }}
{{- end }}
{{- if and .Values.infoblox.wapiUsername .Values.infoblox.wapiPassword }}
infoblox_wapi_username: {{ .Values.infoblox.wapiUsername | b64enc | quote }}
infoblox_wapi_password: {{ .Values.infoblox.wapiPassword | b64enc | quote }}
{{- end }}
{{- range .Values.extraEnv }}
{{- if .value }}
{{ .name }}: {{ .value | b64enc | quote }}
{{- end }}
{{- end }}
{{- end }}
charts/rancher-external-dns/v0.0.1/templates/service.yaml 0 → 100644
apiVersion: v1
kind: Service
metadata:
{{- if .Values.service.annotations }}
annotations:
{{ toYaml .Values.service.annotations | indent 4 }}
{{- end }}
labels:
app: {{ template "external-dns.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "external-dns.fullname" . }}
spec:
{{- if .Values.service.clusterIP }}
clusterIP: "{{ .Values.service.clusterIP }}"
{{- end }}
{{- if .Values.service.externalIPs }}
externalIPs:
{{ toYaml .Values.service.externalIPs | indent 4 }}
{{- end }}
{{- if .Values.service.loadBalancerIP }}
loadBalancerIP: "{{ .Values.service.loadBalancerIP }}"
{{- end }}
{{- if .Values.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ toYaml .Values.service.loadBalancerSourceRanges | indent 4 }}
{{- end }}
ports:
- port: {{ .Values.service.servicePort }}
protocol: TCP
targetPort: 7979
name: http
selector:
app: {{ template "external-dns.name" . }}
release: {{ .Release.Name }}
type: "{{ .Values.service.type }}"
charts/rancher-external-dns/v0.0.1/templates/serviceaccount.yaml 0 → 100644
{{- if .Values.rbac.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
labels: {{ include "external-dns.labels" . | indent 4 }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
name: {{ template "external-dns.fullname" . }}
{{- end }}
charts/rancher-external-dns/v0.0.1/values.yaml 0 → 100644
## Details about the image to be pulled.
image:
name: registry.opensource.zalan.do/teapot/external-dns
tag: v0.5.9
pullSecrets: []
pullPolicy: IfNotPresent
## This controls which types of resource external-dns should 'watch' for new
## DNS entries.
sources:
- service
- ingress
# Allow external-dns to publish DNS records for ClusterIP services (optional)
publishInternalServices: false
## The DNS provider where the DNS records will be created (options: aws, google, inmemory, azure )
provider: aws
# AWS Access keys to inject as environment variables
aws:
secretKey: ""
accessKey: ""
# pre external-dns 0.5.9 home dir should be `/root/.aws`
credentialsPath: "/.aws"
roleArn: ""
region: "us-east-1"
# Filter for zones of this type (optional, options: public, private)
zoneType: ""
azure:
# If you don't specify a secret to load azure.json from, you will get the host's /etc/kubernetes/azure.json
secretName: ""
# Cloudflare keys to inject as environment variables
cloudflare:
apiKey: ""
email: ""
proxied: true
# Configuration for OpenStack Designate provider
designate:
# A custom CA (optional)
customCA:
# Turn custom CA on or off
enabled: false
# The content of the custom CA file
content: ""
# Location to mount custom CA
directory: "/config/designate"
# Filename of the custom CA
filename: "designate-ca.pem"
# When using the Google provider, specify the Google project (required when provider=google)
google:
project: ""
serviceAccountSecret: ""
serviceAccountKey: ""
# Infoblox keys to inject
infoblox:
# Required keys:
wapiUsername: ""
wapiPassword: ""
gridHost: ""
# Optional keys:
domainFilter: ""
noSslVerify: false
wapiPort: ""
wapiVersion: ""
wapiConnectionPoolSize: ""
wapiHttpTimeout: ""
## Limit possible target zones by domain suffixes (optional)
domainFilters: []
## Limit possible target zones by zone id (optional)
zoneIdFilters: []
# Filter sources managed by external-dns via annotation using label selector semantics (default: all sources)
annotationFilter: ""
## Adjust the interval for DNS updates
interval: "1m"
# Registry to use for ownership (txt or noop)
registry: "txt"
# When using the TXT registry, a name that identifies this instance of ExternalDNS
txtOwnerId: ""
# When enabled, prints DNS record changes rather than actually performing them
dryRun: false
## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## List of node taints to tolerate (requires Kubernetes >= 1.6)
tolerations: []
## Modify how DNS records are sychronized between sources and providers (options: sync, upsert-only )
policy: upsert-only
## Annotations to be added to pods
##
podAnnotations: {}
podLabels: {}
# Verbosity of the logs (options: panic, debug, info, warn, error, fatal)
logLevel: info
extraArgs: {}
# Extra environment variables which will be saved in a release-specific secret
# or retrieved via valueFrom.
# extraEnv:
# - name: SECRET_TO_SAVE
# value: secret_value
# - name: AWS_ACCESS_KEY_ID
# valueFrom:
# secretKeyRef:
# name: existing-secret
# key: access-key-id
extraEnv: []
## CPU and Memory limit and request for external-dns
resources: {}
# limits:
# memory: 50Mi
# requests:
# memory: 50Mi
# cpu: 10m
rbac:
## If true, create & use RBAC resources
##
create: false
# Beginning with Kubernetes 1.8, the api is stable and v1 can be used.
apiVersion: v1beta1
## Ignored if rbac.create is true
##
serviceAccountName: default
securityContext: {}
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 65534 # 65534 is nobody - revise aws.credentialsPath when changing uid
# capabilities:
# drop: ["ALL"]
service:
annotations: {}
clusterIP: ""
## List of IP addresses at which the service is available
## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
##
externalIPs: []
loadBalancerIP: ""
loadBalancerSourceRanges: []
servicePort: 7979
type: ClusterIP
priorityClassName: ""
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment