venkatnsrinivasan/external-dns-deployment-google-kubefed.yaml

## external-dns-deployment-google-kubefed.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: external-dns
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
  name: external-dns
rules:
- apiGroups: [""]
  resources: ["services","endpoints","pods"]
  verbs: ["get","watch","list"]
- apiGroups: ["extensions"]
  resources: ["ingresses"]
  verbs: ["get","watch","list"]
- apiGroups: [""]
  resources: ["nodes"]
  verbs: ["list"]
- apiGroups: ["multiclusterdns.kubefed.io"]
  resources: ["*"]
  verbs: ["*"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: external-dns-viewer
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: external-dns
subjects:
- kind: ServiceAccount
  name: external-dns
  namespace: default
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: external-dns
spec:
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: external-dns
  template:
    metadata:
      labels:
        app: external-dns
    spec:
      serviceAccountName: external-dns
      volumes:
      - name: external-dns-google-config
        secret:
          secretName: external-dns-google-config
      containers:
      - name: external-dns
        image: registry.opensource.zalan.do/teapot/external-dns:latest
        args:
        - --source=crd
        - --crd-source-apiversion=multiclusterdns.kubefed.io/v1alpha1
        - --crd-source-kind=DNSEndpoint
        - --domain-filter=fulliautomatix.site
        - --google-project=venkatnsrinivasan-pers
        - --provider=google
        - --log-level=debug
        volumeMounts:
        - mountPath: /secrets/external-dns-google-config
          name: external-dns-google-config
          readOnly: true
        env:
        - name: GOOGLE_APPLICATION_CREDENTIALS
          value: /secrets/external-dns-google-config/externaldns-sa.json
	apiVersion: v1
	kind: ServiceAccount
	metadata:
	name: external-dns
	---
	apiVersion: rbac.authorization.k8s.io/v1beta1
	kind: ClusterRole
	metadata:
	name: external-dns
	rules:
	- apiGroups: [""]
	resources: ["services","endpoints","pods"]
	verbs: ["get","watch","list"]
	- apiGroups: ["extensions"]
	resources: ["ingresses"]
	verbs: ["get","watch","list"]
	- apiGroups: [""]
	resources: ["nodes"]
	verbs: ["list"]
	- apiGroups: ["multiclusterdns.kubefed.io"]
	resources: ["*"]
	verbs: ["*"]
	---
	apiVersion: rbac.authorization.k8s.io/v1beta1
	kind: ClusterRoleBinding
	metadata:
	name: external-dns-viewer
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: ClusterRole
	name: external-dns
	subjects:
	- kind: ServiceAccount
	name: external-dns
	namespace: default
	---
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: external-dns
	spec:
	strategy:
	type: Recreate
	selector:
	matchLabels:
	app: external-dns
	template:
	metadata:
	labels:
	app: external-dns
	spec:
	serviceAccountName: external-dns
	volumes:
	- name: external-dns-google-config
	secret:
	secretName: external-dns-google-config
	containers:
	- name: external-dns
	image: registry.opensource.zalan.do/teapot/external-dns:latest
	args:
	- --source=crd
	- --crd-source-apiversion=multiclusterdns.kubefed.io/v1alpha1
	- --crd-source-kind=DNSEndpoint
	- --domain-filter=fulliautomatix.site
	- --google-project=venkatnsrinivasan-pers
	- --provider=google
	- --log-level=debug
	volumeMounts:
	- mountPath: /secrets/external-dns-google-config
	name: external-dns-google-config
	readOnly: true
	env:
	- name: GOOGLE_APPLICATION_CREDENTIALS
	value: /secrets/external-dns-google-config/externaldns-sa.json