owainlewis/Install.md

## config.yml
auth:
  region: us-phoenix-1
  tenancy: ocid1.tenancy.oc1..aaaaaaaaxf3fuazosc6xng7l75rj6uist5jb6ken64t3qltimxnkymddqbma
  user: ocid1.user.oc1..aaaaaaaa3p67n2kmpxnbcnffjow6j5bhe6jze3obob3cjdctfftyfd4zou2q
  key: |
    -----BEGIN RSA PRIVATE KEY-----
    -----END RSA PRIVATE KEY-----
  fingerprint: "af:81:71:8e:..."
compartment: ocid1.compartment.oc1..aaaaaaaaob4ckouj3cjmf36ifjkff33wvln5fnnarumafqzpqq7tmbig2n5q

## example-service.yaml
apiVersion: v1
kind: Service
metadata:
  name: nginx
  annotations:
    external-dns.alpha.kubernetes.io/hostname: nginx.external-dns-test.my-org.com.
spec:
  type: LoadBalancer
  ports:
  - port: 80
    name: http
    targetPort: 80
  selector:
    app: nginx
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx
spec:
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - image: nginx
        name: nginx
        ports:
        - containerPort: 80
          name: http

## external-dns.yml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: external-dns
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
  name: external-dns
rules:
- apiGroups: [""]
  resources: ["services"]
  verbs: ["get","watch","list"]
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["get","watch","list"]
- apiGroups: ["extensions"]
  resources: ["ingresses"]
  verbs: ["get","watch","list"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: external-dns-viewer
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: external-dns
subjects:
- kind: ServiceAccount
  name: external-dns
  namespace: default
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: external-dns
spec:
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: external-dns
    spec:
      serviceAccountName: external-dns
      containers:
      - name: external-dns
        image: iad.ocir.io/spinnaker/external-dns:v0.5.0-alpha.1-81-g61af3c7e
        args:
        - --source=service
        - --source=ingress
        - --provider=oci
        - --policy=upsert-only # prevent ExternalDNSfrom deleting any records, omit to enable full synchronization
        - --registry=txt
        - --txt-owner-id=oracle.com
        volumeMounts:
          - name: config
            mountPath: /etc/kubernetes/
      volumes:
      - name: config
        secret:
          secretName: external-dns-config

## Install.md

      
    Raw
  

              Install.md
            
          
    Create a secret with the required OCI config
kubectl create secret generic external-dns-config --from-file=config.yaml
	auth:
	region: us-phoenix-1
	tenancy: ocid1.tenancy.oc1..aaaaaaaaxf3fuazosc6xng7l75rj6uist5jb6ken64t3qltimxnkymddqbma
	user: ocid1.user.oc1..aaaaaaaa3p67n2kmpxnbcnffjow6j5bhe6jze3obob3cjdctfftyfd4zou2q
	key: \|
	-----BEGIN RSA PRIVATE KEY-----
	-----END RSA PRIVATE KEY-----
	fingerprint: "af:81:71:8e:..."
	compartment: ocid1.compartment.oc1..aaaaaaaaob4ckouj3cjmf36ifjkff33wvln5fnnarumafqzpqq7tmbig2n5q
	apiVersion: v1
	kind: Service
	metadata:
	name: nginx
	annotations:
	external-dns.alpha.kubernetes.io/hostname: nginx.external-dns-test.my-org.com.
	spec:
	type: LoadBalancer
	ports:
	- port: 80
	name: http
	targetPort: 80
	selector:
	app: nginx
	---
	apiVersion: extensions/v1beta1
	kind: Deployment
	metadata:
	name: nginx
	spec:
	template:
	metadata:
	labels:
	app: nginx
	spec:
	containers:
	- image: nginx
	name: nginx
	ports:
	- containerPort: 80
	name: http
	apiVersion: v1
	kind: ServiceAccount
	metadata:
	name: external-dns
	---
	apiVersion: rbac.authorization.k8s.io/v1beta1
	kind: ClusterRole
	metadata:
	name: external-dns
	rules:
	- apiGroups: [""]
	resources: ["services"]
	verbs: ["get","watch","list"]
	- apiGroups: [""]
	resources: ["pods"]
	verbs: ["get","watch","list"]
	- apiGroups: ["extensions"]
	resources: ["ingresses"]
	verbs: ["get","watch","list"]
	---
	apiVersion: rbac.authorization.k8s.io/v1beta1
	kind: ClusterRoleBinding
	metadata:
	name: external-dns-viewer
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: ClusterRole
	name: external-dns
	subjects:
	- kind: ServiceAccount
	name: external-dns
	namespace: default
	---
	apiVersion: extensions/v1beta1
	kind: Deployment
	metadata:
	name: external-dns
	spec:
	strategy:
	type: Recreate
	template:
	metadata:
	labels:
	app: external-dns
	spec:
	serviceAccountName: external-dns
	containers:
	- name: external-dns
	image: iad.ocir.io/spinnaker/external-dns:v0.5.0-alpha.1-81-g61af3c7e
	args:
	- --source=service
	- --source=ingress
	- --provider=oci
	- --policy=upsert-only # prevent ExternalDNSfrom deleting any records, omit to enable full synchronization
	- --registry=txt
	- --txt-owner-id=oracle.com
	volumeMounts:
	- name: config
	mountPath: /etc/kubernetes/
	volumes:
	- name: config
	secret:
	secretName: external-dns-config