...
Perform helm install with the config file oci-native-ingress-controller-values.yaml
...
Create a Kubernetes secret containing the Oracle Cloud Infrastructure user authentication details for ExternalDNS to use when connecting to the Oracle Cloud Infrastructure API to insert and update DNS records in the DNS zone. Create a credentials file named
oci.yaml
and populate with the following content:Code Block language bash auth: region: <region-identifier> tenancy: <tenancy-ocid> user: <user-ocid> key: | -----BEGIN RSA PRIVATE KEY----- <private-key> -----END RSA PRIVATE KEY----- fingerprint: <fingerprint> # Omit if there is not a password for the key passphrase: <passphrase> compartment: <compartment-ocid>
Create a Kubernetes secret named
external-dns-config
from the credentials file you just created.
Code Block |
---|
kubectl create secret generic external-dns-config --from-file=oci.yaml -n uepe |
Create a configuration file (for example, called
external-dns-values.yaml
and populate it with the following helm values:), and specify the name of the Kubernetes secret you just created.
Code Block |
---|
oci:
secretName: external-dns-config
provider: oci
policy: sync
domainFilters:
- <cluster_dns_zone_name from terraform output>
txtOwnerId: <cluster_dns_zone_ocid from terraform output> |
Create a configuration file (for example, called
external-dns-deployment.yaml
) to create the ExternalDNS deployment, and specify the name of the Kubernetes secret you just created.
Code Block |
---|
apiVersion: v1
kind: ServiceAccount
metadata:
name: external-dns
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: external-dns
rules:
- apiGroups: [""]
resources: ["services","endpoints","pods"]
verbs: ["get","watch","list"]
- apiGroups: ["extensions","networking.k8s.io"]
resources: ["ingresses"]
verbs: ["get","watch","list"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: external-dns-viewer
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: external-dns
subjects:
- kind: ServiceAccount
name: external-dns
namespace: uepe
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: external-dns
spec:
strategy:
type: Recreate
selector:
matchLabels:
app: external-dns
template:
metadata:
labels:
app: external-dns
spec:
serviceAccountName: external-dns
containers:
- name: external-dns
image: k8s.gcr.io/external-dns/external-dns:v0.13.4
args:
- --source=service
- --source=ingress
- --provider=oci
- --txt-owner-id=<cluster_dns_zone_ocid from terraform output>
volumeMounts:
- name: config
mountPath: /etc/kubernetes/
volumes:
- name: config
secret:
secretName: external-dns-config |
Apply the configuration file to deploy ExternalDNS
...
Add the bitnami helm repository:
Code Block |
---|
helm repo add bitnami https://charts.bitnami.com/bitnami |
Update the helm repository to get the latest software:
Code Block |
---|
helm repo update |
Perform helm install with the yaml file
external-dns-values.yaml
to deploy ExternalDNS
Code Block |
---|
helm install external-dns bitnami/external-dns -f external-dns-deploymentvalues.yaml -n uepe |
Confirm that external-dns has been installed successfully
...