Add default region propagation to route53 and configurable log level

Otherwise external-dns fails with to add records with ``` operation error Route 53: ListHostedZones, failed to resolve service endpoint, endpoint rule error, Invalid Configuration: Missing Region ``` Optimize env handling(avoid conditionals in templating) Make externaldns log level configurable Signed-off-by: Yury Tsarev <yury@upbound.io>
k8gb-io · Feb 2, 2025 · 55ef42e · 55ef42e
1 parent 94dd0ce
commit 55ef42e
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 6 deletions.
diff --git a/chart/k8gb/templates/external-dns/external-dns.yaml b/chart/k8gb/templates/external-dns/external-dns.yaml
@@ -24,7 +24,6 @@ spec:
         - --source=crd
         - --domain-filter={{ .Values.k8gb.edgeDNSZone }} # will make ExternalDNS see only the hosted zones matching provided domain, omit to process all available hosted zones
         - --policy=sync # enable full synchronization including record removal
-        - --log-level=debug # debug only
         - --managed-record-types=A
         - --managed-record-types=CNAME
         - --managed-record-types=NS
@@ -46,14 +45,17 @@ spec:
             cpu: "500m"
         securityContext:
           readOnlyRootFilesystem: true
-        {{- with .Values.externaldns.extraEnv }}
         env:
+          - name: EXTERNAL_DNS_LOG_LEVEL
+            value: {{ .Values.externaldns.logLevel }}
+        {{- with .Values.externaldns.extraEnv }}
           {{- toYaml . | nindent 10 }}
         {{- end }}
-      {{- if .Values.route53.secret }}
-        {{- if not .Values.externaldns.extraEnv }}
-        env:
-        {{- end }}
+      {{- if and .Values.route53.enabled .Values.route53.region }}
+          - name: AWS_DEFAULT_REGION
+            value: {{ .Values.route53.region }}
+      {{- end }}
+      {{- if and .Values.route53.enabled .Values.route53.secret }}
           - name: AWS_SHARED_CREDENTIALS_FILE
             value: /.aws/credentials
         volumeMounts:

diff --git a/chart/k8gb/values.schema.json b/chart/k8gb/values.schema.json
@@ -136,6 +136,9 @@
                 "interval": {
                     "type": "string"
                 },
+                "logLevel": {
+                    "type": "string"
+                },
                 "securityContext": {
                     "$ref": "#/definitions/ExternaldnsSecurityContext"
                 }
@@ -601,6 +604,10 @@
                     "type": "string",
                     "minLength": 2
                 },
+                "region": {
+                    "type": "string",
+                    "minLength": 2
+                },
                 "irsaRole": {
                     "oneOf": [
                         {

diff --git a/chart/k8gb/values.yaml b/chart/k8gb/values.yaml
@@ -77,6 +77,8 @@ externaldns:
   image: registry.k8s.io/external-dns/external-dns:v0.15.1
   # -- external-dns sync interval
   interval: "20s"
+  # -- external-dns log level
+  logLevel: debug
   securityContext:
     # -- For more options consult https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#securitycontext-v1-core
     runAsUser: 1000
@@ -140,6 +142,8 @@ route53:
   # this can be useful when IRSA is not present or when using say Azure cluster and Route53
   # docs: https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/aws.md#create-iam-user-and-attach-the-policy
   secret: null
+  # -- AWS default region
+  region: us-west-1
 
 ns1:
   # -- Enable NS1 provider