Create a secret with the required OCI config
kubectl create secret generic external-dns-config --from-file=config.yaml
auth: | |
region: us-phoenix-1 | |
tenancy: ocid1.tenancy.oc1..aaaaaaaaxf3fuazosc6xng7l75rj6uist5jb6ken64t3qltimxnkymddqbma | |
user: ocid1.user.oc1..aaaaaaaa3p67n2kmpxnbcnffjow6j5bhe6jze3obob3cjdctfftyfd4zou2q | |
key: | | |
-----BEGIN RSA PRIVATE KEY----- | |
-----END RSA PRIVATE KEY----- | |
fingerprint: "af:81:71:8e:..." | |
compartment: ocid1.compartment.oc1..aaaaaaaaob4ckouj3cjmf36ifjkff33wvln5fnnarumafqzpqq7tmbig2n5q |
apiVersion: v1 | |
kind: Service | |
metadata: | |
name: nginx | |
annotations: | |
external-dns.alpha.kubernetes.io/hostname: nginx.external-dns-test.my-org.com. | |
spec: | |
type: LoadBalancer | |
ports: | |
- port: 80 | |
name: http | |
targetPort: 80 | |
selector: | |
app: nginx | |
--- | |
apiVersion: extensions/v1beta1 | |
kind: Deployment | |
metadata: | |
name: nginx | |
spec: | |
template: | |
metadata: | |
labels: | |
app: nginx | |
spec: | |
containers: | |
- image: nginx | |
name: nginx | |
ports: | |
- containerPort: 80 | |
name: http |
apiVersion: v1 | |
kind: ServiceAccount | |
metadata: | |
name: external-dns | |
--- | |
apiVersion: rbac.authorization.k8s.io/v1beta1 | |
kind: ClusterRole | |
metadata: | |
name: external-dns | |
rules: | |
- apiGroups: [""] | |
resources: ["services"] | |
verbs: ["get","watch","list"] | |
- apiGroups: [""] | |
resources: ["pods"] | |
verbs: ["get","watch","list"] | |
- apiGroups: ["extensions"] | |
resources: ["ingresses"] | |
verbs: ["get","watch","list"] | |
--- | |
apiVersion: rbac.authorization.k8s.io/v1beta1 | |
kind: ClusterRoleBinding | |
metadata: | |
name: external-dns-viewer | |
roleRef: | |
apiGroup: rbac.authorization.k8s.io | |
kind: ClusterRole | |
name: external-dns | |
subjects: | |
- kind: ServiceAccount | |
name: external-dns | |
namespace: default | |
--- | |
apiVersion: extensions/v1beta1 | |
kind: Deployment | |
metadata: | |
name: external-dns | |
spec: | |
strategy: | |
type: Recreate | |
template: | |
metadata: | |
labels: | |
app: external-dns | |
spec: | |
serviceAccountName: external-dns | |
containers: | |
- name: external-dns | |
image: iad.ocir.io/spinnaker/external-dns:v0.5.0-alpha.1-81-g61af3c7e | |
args: | |
- --source=service | |
- --source=ingress | |
- --provider=oci | |
- --policy=upsert-only # prevent ExternalDNSfrom deleting any records, omit to enable full synchronization | |
- --registry=txt | |
- --txt-owner-id=oracle.com | |
volumeMounts: | |
- name: config | |
mountPath: /etc/kubernetes/ | |
volumes: | |
- name: config | |
secret: | |
secretName: external-dns-config |
Create a secret with the required OCI config
kubectl create secret generic external-dns-config --from-file=config.yaml