Skip to content
This repository has been archived by the owner on Jun 29, 2022. It is now read-only.

Commit

Permalink
components/external-dns: expose owner_id
Browse files Browse the repository at this point in the history 
We were setting it to the AWS DNS Zone ID and that means that several
clusters using the same DNS Zone will interact badly with each other.

This exposes it to the user so they can choose a reasonable ID.
  • Loading branch information
@iaguis
iaguis committed Mar 23, 2020
1 parent 903ed9d commit f18706f
Show file tree
Hide file tree
Showing 5 changed files with 20 additions and 12 deletions.
1 change: 1 addition & 0 deletions ci/aws/aws-cluster.lokocfg.envsubst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ component "cert-manager" {

component "external-dns" {
policy = "sync"
owner_id = "$CLUSTER_ID"
aws {
zone_id = "$AWS_DNS_ZONE_ID"
aws_access_key_id = "$AWS_ACCESS_KEY_ID"
Expand Down
1 change: 1 addition & 0 deletions ci/packet/packet-cluster.lokocfg.envsubst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ component "cert-manager" {

component "external-dns"{
policy = "sync"
owner_id = "$CLUSTER_ID"
aws {
zone_id = "$AWS_DNS_ZONE_ID"
aws_access_key_id = "$AWS_ACCESS_KEY_ID"
Expand Down
23 changes: 12 additions & 11 deletions docs/configuration-reference/components/external-dns.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,17 +59,18 @@ Table of all the arguments accepted by the component.

Example:

| Argument | Description | Default | Required |
|-----------------------------|-------------------------------------------------------------------------------------------------------------------|:--------------:|:--------:|
| `sources` | Kubernetes resources type to be observed for new DNS entries by ExternalDNS. | ["service"] | false |
| `namespace` | Namespace to install ExternalDNS. | "external-dns" | false |
| `policy` | Modify how DNS records are sychronized between sources and providers (options: sync, upsert-only). | "upsert-only" | false |
| `metrics` | Enable metrics collection by Prometheus. Needs [Prometheus Operator component](prometheus-operator.md) installed. | false | false |
| `aws` | Configuration block for AWS Route53 DNS provider. | - | true |
| `aws.zone_type` | Filter for zones of this type (options: public, private). | "public" | false |
| `aws.zone_id` | ID of the DNS zone. | - | true |
| `aws.aws_access_key_id` | AWS access key ID for AWS credentials. Use environment variable AWS_ACCESS_KEY_ID instead. | - | false |
| `aws.aws_secret_access_key` | AWS secret access key for AWS credentials. Use environment variable AWS_SECRET_ACCESS_KEY instead. | - | false |
| Argument | Description | Default | Required |
|-----------------------------|-----------------------------------------------------------------------------------------------------------------------------------|:--------------:|:--------:|
| `sources` | Kubernetes resources type to be observed for new DNS entries by ExternalDNS. | ["service"] | false |
| `namespace` | Namespace to install ExternalDNS. | "external-dns" | false |
| `policy` | Modify how DNS records are sychronized between sources and providers (options: sync, upsert-only). | "upsert-only" | false |
| `metrics` | Enable metrics collection by Prometheus. Needs [Prometheus Operator component](prometheus-operator.md) installed. | false | false |
| `owner_id` | A name that identifies this instace of ExternalDNS. Set it to a unique value that doesn't change for the lifetime of the cluster. | - | true |
| `aws` | Configuration block for AWS Route53 DNS provider. | - | true |
| `aws.zone_type` | Filter for zones of this type (options: public, private). | "public" | false |
| `aws.zone_id` | ID of the DNS zone. | - | true |
| `aws.aws_access_key_id` | AWS access key ID for AWS credentials. Use environment variable AWS_ACCESS_KEY_ID instead. | - | false |
| `aws.aws_secret_access_key` | AWS secret access key for AWS credentials. Use environment variable AWS_SECRET_ACCESS_KEY instead. | - | false |

## Applying

Expand Down
3 changes: 2 additions & 1 deletion pkg/components/external-dns/component.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ aws:
secretKey: "{{ .AwsConfig.SecretAccessKey }}"
accessKey: "{{ .AwsConfig.AccessKeyID }}"
zoneType: {{ .AwsConfig.ZoneType }}
txtOwnerId: {{ .AwsConfig.ZoneID }}
txtOwnerId: {{ .OwnerID }}
{{- end }}
policy: {{ .Policy }}
replicas: 3
Expand All @@ -68,6 +68,7 @@ type component struct {
Metrics bool `hcl:"metrics,optional"`
Policy string `hcl:"policy,optional"`
AwsConfig AwsConfig `hcl:"aws,block"`
OwnerID string `hcl:"owner_id"`
}

func newComponent() *component {
Expand Down
4 changes: 4 additions & 0 deletions pkg/components/external-dns/component_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@ func TestAwsConfigWithoutProvidingCredentials(t *testing.T) {
sources = ["service"]
metrics = false
policy = "upsert-only"
owner_id = "test-owner"
aws {
zone_id = "TESTZONEID"
zone_type = "public"
Expand Down Expand Up @@ -97,6 +98,7 @@ func TestAwsConfigBySettingEnvVariables(t *testing.T) {
sources = ["service"]
metrics = false
policy = "upsert-only"
owner_id = "test-owner"
aws {
zone_id = "TESTZONEID"
zone_type = "public"
Expand Down Expand Up @@ -133,6 +135,7 @@ func TestAwsConfigBySettingEmptyEnvVariables(t *testing.T) {
sources = ["service"]
metrics = false
policy = "upsert-only"
owner_id = "test-owner"
aws {
zone_id = "TESTZONEID"
zone_type = "public"
Expand Down Expand Up @@ -168,6 +171,7 @@ func TestAwsConfigBySettingConfigFields(t *testing.T) {
sources = ["service"]
metrics = false
policy = "upsert-only"
owner_id = "test-owner"
aws {
zone_id = "TESTZONEID"
zone_type = "public"
Expand Down

0 comments on commit f18706f

Please sign in to comment.