first commit

01-namespace.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: dns

02-etcd.yaml

@@ -0,0 +1,86 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: etcd-dns
+  namespace: dns
+spec:
+  ports:
+  - name: etcd-client
+    port: 2379
+    protocol: TCP
+  - name: etcd-peer
+    port: 2380
+    protocol: TCP
+  selector:
+    app: etcd-dns
+  publishNotReadyAddresses: true
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: etcd-dns
+  namespace: dns
+  labels:
+    app: etcd-dns
+spec:
+  serviceName: "etcd-dns"
+  replicas: 3
+  selector:
+    matchLabels:
+      app: etcd-dns
+  template:
+    metadata:
+      labels:
+        app: etcd-dns
+    spec:
+      containers:
+      - name: etcd-dns
+        image: quay.io/coreos/etcd:latest
+        ports:
+        - containerPort: 2379
+          name: client
+        - containerPort: 2380
+          name: peer
+        env:
+        - name: CLUSTER_SIZE
+          value: "3"
+        - name: SET_NAME
+          value: "etcd-dns"
+        volumeMounts:
+        - name: datadir
+          mountPath: /var/run/etcd
+        command:
+          - /bin/sh
+          - -c
+          - |
+            IP=$(hostname -i)
+            PEERS=""
+            for i in $(seq 0 $((${CLUSTER_SIZE} - 1))); do
+                PEERS="${PEERS}${PEERS:+,}${SET_NAME}-${i}=http://${SET_NAME}-${i}.${SET_NAME}:2380"
+            done
+
+            exec /usr/local/bin/etcd --name ${HOSTNAME} \
+              --listen-peer-urls http://${IP}:2380 \
+              --listen-client-urls http://${IP}:2379,http://127.0.0.1:2379 \
+              --advertise-client-urls http://${HOSTNAME}.${SET_NAME}:2379 \
+              --initial-advertise-peer-urls http://${HOSTNAME}.${SET_NAME}:2380 \
+              --initial-cluster-token etcd-cluster-1 \
+              --initial-cluster ${PEERS} \
+              --initial-cluster-state new \
+              --data-dir /var/run/etcd/default.etcd
+        ports:
+        - containerPort: 2379
+          name: client
+          protocol: TCP
+        - containerPort: 2380
+          name: peer
+          protocol: TCP
+  volumeClaimTemplates:
+  - metadata:
+      name: datadir
+    spec:
+      accessModes:
+        - "ReadWriteOnce"
+      resources:
+        requests:
+          storage: 1Gi

03-external-dns.yaml

@@ -0,0 +1,65 @@
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+  name: external-dns
+rules:
+- apiGroups: [""]
+  resources: ["endpoints", "pods","services"]
+  verbs: ["get","watch","list"]
+- apiGroups: ["extensions"]
+  resources: ["ingresses"]
+  verbs: ["get","watch","list"]
+- apiGroups: [""]
+  resources: ["nodes"]
+  verbs: ["list"]
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+  name: external-dns-viewer
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: external-dns
+subjects:
+- kind: ServiceAccount
+  name: external-dns
+  namespace: dns
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: external-dns
+  namespace: dns
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: external-dns
+  namespace: dns
+spec:
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      app: external-dns
+  template:
+    metadata:
+      labels:
+        app: external-dns
+    spec:
+      serviceAccountName: external-dns
+      containers:
+      - name: external-dns
+        image: k8s.gcr.io/external-dns/external-dns:v0.7.4
+        args:
+        - --source=service
+        - --source=ingress
+        - --provider=coredns
+        - --registry=txt
+        #- --log-level=debug
+        - --interval=15s
+        - --txt-owner-id=external-dns
+        env:
+          - name: ETCD_URLS 
+            value: http://etcd-dns:2379

04-coredns.yaml

@@ -0,0 +1,85 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: coredns
+  namespace: dns
+spec:
+  ports:
+  - name: coredns
+    port: 53
+    protocol: UDP
+    targetPort: 53
+  selector:
+    app: coredns
+  type: LoadBalancer
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: coredns
+  namespace: dns
+data:
+  Corefile: |
+    hyponeros.intra {
+        errors
+        health
+        log
+        etcd {
+           endpoint http://etcd-dns:2379
+        }
+        cache 30
+        prometheus 0.0.0.0:9153
+    }
+    
+    . {
+        forward . 192.168.1.1
+        cache
+    }
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: coredns
+  namespace: dns
+  labels:
+    app: coredns
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: coredns
+  template:
+    metadata:
+      labels:
+        app: coredns
+        k8s_app: kube-dns
+      annotations:
+        prometheus.io/scrape: "true"
+        prometheus.io/port: "9153"
+        prometheus.io/path: /metrics
+    spec:
+      containers:
+      - name: coredns
+        image: coredns/coredns:latest
+        imagePullPolicy: IfNotPresent
+        args: [ "-conf", "/etc/coredns/Corefile" ]
+        volumeMounts:
+        - name: config-volume
+          mountPath: /etc/coredns
+        ports:
+        - containerPort: 53
+          name: dns
+          protocol: UDP
+        - containerPort: 53
+          name: dns-tcp
+          protocol: TCP
+        - containerPort: 9153
+          name: metrics
+          protocol: TCP
+      volumes:
+      - name: config-volume
+        configMap:
+          name: coredns
+          items:
+          - key: Corefile
+            path: Corefile

cleanup.sh

@@ -0,0 +1,3 @@
+kubectl delete namespace dns
+kubectl delete clusterrole external-dns
+kubectl delete clusterrolebinding external-dns-viewer

test-nginx-service.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx-frontend
+  annotations:
+    external-dns.alpha.kubernetes.io/hostname: "nginx.hyponeros.intra"
+spec:
+  ports:
+  - name: "web"
+    port: 80
+    targetPort: 80
+  selector:
+    app: nginx
+  type: LoadBalancer