| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182 |
- apiVersion: v1
- kind: ServiceAccount
- metadata:
- name: external-dns
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRole
- metadata:
- name: external-dns
- rules:
- - apiGroups: [""]
- resources: ["services"]
- verbs: ["get","watch","list"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["get","watch","list"]
- - apiGroups: ["extensions","networking.k8s.io"]
- resources: ["ingresses"]
- verbs: ["get","watch","list"]
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["list"]
- - apiGroups: [""]
- resources: ["endpoints"]
- verbs: ["get","watch","list"]
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRoleBinding
- metadata:
- name: external-dns-viewer
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: external-dns
- subjects:
- - kind: ServiceAccount
- name: external-dns
- namespace: default
- ---
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- name: external-dns
- spec:
- strategy:
- type: Recreate
- selector:
- matchLabels:
- app: external-dns
- template:
- metadata:
- labels:
- app: external-dns
- spec:
- serviceAccountName: external-dns
- affinity:
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- preference:
- matchExpressions:
- - key: arch
- operator: In
- values:
- - x86
- containers:
- - name: external-dns
- image: registry.k8s.io/external-dns/external-dns:v0.13.5
- args:
- - --source=service # ingress is also possible
- - --domain-filter=dodges.it
- - --exclude-target-net=192.168.2.0/24
- - --exclude-target-net=2a02:168:47b1:0:47a1:a412:1000:0/112
- - --provider=ovh
- - --txt-owner-id=k8s-qdii
- env:
- - name: OVH_APPLICATION_KEY
- value: "1b0c23517e7a8cdb"
- - name: OVH_APPLICATION_SECRET
- value: "16f15776a66a1c873efa4a1e7700c45c"
- - name: OVH_CONSUMER_KEY
- value: "47ad719c2a809db55717fb1722a082c3"
|
