From 55ef42e59ad9c25eaf00739a51121b1426ecba37 Mon Sep 17 00:00:00 2001 From: Yury Tsarev Date: Mon, 3 Feb 2025 00:18:26 +0100 Subject: [PATCH] Add default region propagation to route53 and configurable log level Otherwise external-dns fails with to add records with ``` operation error Route 53: ListHostedZones, failed to resolve service endpoint, endpoint rule error, Invalid Configuration: Missing Region ``` Optimize env handling(avoid conditionals in templating) Make externaldns log level configurable Signed-off-by: Yury Tsarev --- .../k8gb/templates/external-dns/external-dns.yaml | 14 ++++++++------ chart/k8gb/values.schema.json | 7 +++++++ chart/k8gb/values.yaml | 4 ++++ 3 files changed, 19 insertions(+), 6 deletions(-) diff --git a/chart/k8gb/templates/external-dns/external-dns.yaml b/chart/k8gb/templates/external-dns/external-dns.yaml index 1476d90b97..7530519e13 100644 --- a/chart/k8gb/templates/external-dns/external-dns.yaml +++ b/chart/k8gb/templates/external-dns/external-dns.yaml @@ -24,7 +24,6 @@ spec: - --source=crd - --domain-filter={{ .Values.k8gb.edgeDNSZone }} # will make ExternalDNS see only the hosted zones matching provided domain, omit to process all available hosted zones - --policy=sync # enable full synchronization including record removal - - --log-level=debug # debug only - --managed-record-types=A - --managed-record-types=CNAME - --managed-record-types=NS @@ -46,14 +45,17 @@ spec: cpu: "500m" securityContext: readOnlyRootFilesystem: true - {{- with .Values.externaldns.extraEnv }} env: + - name: EXTERNAL_DNS_LOG_LEVEL + value: {{ .Values.externaldns.logLevel }} + {{- with .Values.externaldns.extraEnv }} {{- toYaml . | nindent 10 }} {{- end }} - {{- if .Values.route53.secret }} - {{- if not .Values.externaldns.extraEnv }} - env: - {{- end }} + {{- if and .Values.route53.enabled .Values.route53.region }} + - name: AWS_DEFAULT_REGION + value: {{ .Values.route53.region }} + {{- end }} + {{- if and .Values.route53.enabled .Values.route53.secret }} - name: AWS_SHARED_CREDENTIALS_FILE value: /.aws/credentials volumeMounts: diff --git a/chart/k8gb/values.schema.json b/chart/k8gb/values.schema.json index 8b40c2193f..492eb3d9c0 100644 --- a/chart/k8gb/values.schema.json +++ b/chart/k8gb/values.schema.json @@ -136,6 +136,9 @@ "interval": { "type": "string" }, + "logLevel": { + "type": "string" + }, "securityContext": { "$ref": "#/definitions/ExternaldnsSecurityContext" } @@ -601,6 +604,10 @@ "type": "string", "minLength": 2 }, + "region": { + "type": "string", + "minLength": 2 + }, "irsaRole": { "oneOf": [ { diff --git a/chart/k8gb/values.yaml b/chart/k8gb/values.yaml index 29f483cc3e..6985ea4d21 100644 --- a/chart/k8gb/values.yaml +++ b/chart/k8gb/values.yaml @@ -77,6 +77,8 @@ externaldns: image: registry.k8s.io/external-dns/external-dns:v0.15.1 # -- external-dns sync interval interval: "20s" + # -- external-dns log level + logLevel: debug securityContext: # -- For more options consult https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#securitycontext-v1-core runAsUser: 1000 @@ -140,6 +142,8 @@ route53: # this can be useful when IRSA is not present or when using say Azure cluster and Route53 # docs: https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/aws.md#create-iam-user-and-attach-the-policy secret: null + # -- AWS default region + region: us-west-1 ns1: # -- Enable NS1 provider