commit 8229c7e0f9e7a114bb43f686e5bc181fc0039ee8 Author: Fabrice D Date: Sun Nov 22 10:45:43 2020 +0100 first commit diff --git a/01-namespace.yaml b/01-namespace.yaml new file mode 100644 index 0000000..945e9c2 --- /dev/null +++ b/01-namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: dns diff --git a/02-etcd.yaml b/02-etcd.yaml new file mode 100644 index 0000000..caf264b --- /dev/null +++ b/02-etcd.yaml @@ -0,0 +1,86 @@ +apiVersion: v1 +kind: Service +metadata: + name: etcd-dns + namespace: dns +spec: + ports: + - name: etcd-client + port: 2379 + protocol: TCP + - name: etcd-peer + port: 2380 + protocol: TCP + selector: + app: etcd-dns + publishNotReadyAddresses: true +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: etcd-dns + namespace: dns + labels: + app: etcd-dns +spec: + serviceName: "etcd-dns" + replicas: 3 + selector: + matchLabels: + app: etcd-dns + template: + metadata: + labels: + app: etcd-dns + spec: + containers: + - name: etcd-dns + image: quay.io/coreos/etcd:latest + ports: + - containerPort: 2379 + name: client + - containerPort: 2380 + name: peer + env: + - name: CLUSTER_SIZE + value: "3" + - name: SET_NAME + value: "etcd-dns" + volumeMounts: + - name: datadir + mountPath: /var/run/etcd + command: + - /bin/sh + - -c + - | + IP=$(hostname -i) + PEERS="" + for i in $(seq 0 $((${CLUSTER_SIZE} - 1))); do + PEERS="${PEERS}${PEERS:+,}${SET_NAME}-${i}=http://${SET_NAME}-${i}.${SET_NAME}:2380" + done + + exec /usr/local/bin/etcd --name ${HOSTNAME} \ + --listen-peer-urls http://${IP}:2380 \ + --listen-client-urls http://${IP}:2379,http://127.0.0.1:2379 \ + --advertise-client-urls http://${HOSTNAME}.${SET_NAME}:2379 \ + --initial-advertise-peer-urls http://${HOSTNAME}.${SET_NAME}:2380 \ + --initial-cluster-token etcd-cluster-1 \ + --initial-cluster ${PEERS} \ + --initial-cluster-state new \ + --data-dir /var/run/etcd/default.etcd + ports: + - containerPort: 2379 + name: client + protocol: TCP + - containerPort: 2380 + name: peer + protocol: TCP + volumeClaimTemplates: + - metadata: + name: datadir + spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: 1Gi diff --git a/03-external-dns.yaml b/03-external-dns.yaml new file mode 100644 index 0000000..c2d0bbf --- /dev/null +++ b/03-external-dns.yaml @@ -0,0 +1,65 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: external-dns +rules: +- apiGroups: [""] + resources: ["endpoints", "pods","services"] + verbs: ["get","watch","list"] +- apiGroups: ["extensions"] + resources: ["ingresses"] + verbs: ["get","watch","list"] +- apiGroups: [""] + resources: ["nodes"] + verbs: ["list"] +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: external-dns-viewer +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: external-dns +subjects: +- kind: ServiceAccount + name: external-dns + namespace: dns +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: external-dns + namespace: dns +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: external-dns + namespace: dns +spec: + strategy: + type: Recreate + selector: + matchLabels: + app: external-dns + template: + metadata: + labels: + app: external-dns + spec: + serviceAccountName: external-dns + containers: + - name: external-dns + image: k8s.gcr.io/external-dns/external-dns:v0.7.4 + args: + - --source=service + - --source=ingress + - --provider=coredns + - --registry=txt + #- --log-level=debug + - --interval=15s + - --txt-owner-id=external-dns + env: + - name: ETCD_URLS + value: http://etcd-dns:2379 diff --git a/04-coredns.yaml b/04-coredns.yaml new file mode 100644 index 0000000..5d2d46d --- /dev/null +++ b/04-coredns.yaml @@ -0,0 +1,85 @@ +apiVersion: v1 +kind: Service +metadata: + name: coredns + namespace: dns +spec: + ports: + - name: coredns + port: 53 + protocol: UDP + targetPort: 53 + selector: + app: coredns + type: LoadBalancer +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: coredns + namespace: dns +data: + Corefile: | + hyponeros.intra { + errors + health + log + etcd { + endpoint http://etcd-dns:2379 + } + cache 30 + prometheus 0.0.0.0:9153 + } + + . { + forward . 192.168.1.1 + cache + } +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: coredns + namespace: dns + labels: + app: coredns +spec: + replicas: 3 + selector: + matchLabels: + app: coredns + template: + metadata: + labels: + app: coredns + k8s_app: kube-dns + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "9153" + prometheus.io/path: /metrics + spec: + containers: + - name: coredns + image: coredns/coredns:latest + imagePullPolicy: IfNotPresent + args: [ "-conf", "/etc/coredns/Corefile" ] + volumeMounts: + - name: config-volume + mountPath: /etc/coredns + ports: + - containerPort: 53 + name: dns + protocol: UDP + - containerPort: 53 + name: dns-tcp + protocol: TCP + - containerPort: 9153 + name: metrics + protocol: TCP + volumes: + - name: config-volume + configMap: + name: coredns + items: + - key: Corefile + path: Corefile diff --git a/README.md b/README.md new file mode 100644 index 0000000..e69de29 diff --git a/cleanup.sh b/cleanup.sh new file mode 100755 index 0000000..81615f7 --- /dev/null +++ b/cleanup.sh @@ -0,0 +1,3 @@ +kubectl delete namespace dns +kubectl delete clusterrole external-dns +kubectl delete clusterrolebinding external-dns-viewer diff --git a/test-nginx-service.yaml b/test-nginx-service.yaml new file mode 100644 index 0000000..4fe2f77 --- /dev/null +++ b/test-nginx-service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + name: nginx-frontend + annotations: + external-dns.alpha.kubernetes.io/hostname: "nginx.hyponeros.intra" +spec: + ports: + - name: "web" + port: 80 + targetPort: 80 + selector: + app: nginx + type: LoadBalancer \ No newline at end of file