installer: install dns zone manager
diff --git a/core/installer/values-tmpl/coredns.yaml b/core/installer/values-tmpl/coredns.yaml
index 4310c38..cfd57e6 100644
--- a/core/installer/values-tmpl/coredns.yaml
+++ b/core/installer/values-tmpl/coredns.yaml
@@ -1,398 +1,85 @@
-# apiVersion: helm.toolkit.fluxcd.io/v2beta1
-# kind: HelmRelease
-# metadata:
-# name: rpuppy
-# namespace: {{ .Release.Namespace }}
-# spec:
-# chart:
-# spec:
-# chart: charts/rpuppy
-# sourceRef:
-# kind: GitRepository
-# name: pcloud
-# namespace: {{ .Global.Id }}
-# interval: 1m0s
-# values:
-# Default values for coredns.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-
-image:
- repository: coredns/coredns
- # Overrides the image tag whose default is the chart appVersion.
- tag: ""
- pullPolicy: IfNotPresent
- ## Optionally specify an array of imagePullSecrets.
- ## Secrets must be manually created in the namespace.
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
- ##
- pullSecrets: []
- # pullSecrets:
- # - name: myRegistryKeySecretName
-
-replicaCount: 1
-
-resources:
- limits:
- cpu: 100m
- memory: 128Mi
- requests:
- cpu: 100m
- memory: 128Mi
-
-rollingUpdate:
- maxUnavailable: 1
- maxSurge: 25%
-
-terminationGracePeriodSeconds: 30
-
-podAnnotations: {}
-# cluster-autoscaler.kubernetes.io/safe-to-evict: "false"
-
-serviceType: "ClusterIP"
-
-prometheus:
- service:
- enabled: false
- annotations:
- prometheus.io/scrape: "true"
- prometheus.io/port: "9153"
- monitor:
- enabled: false
- additionalLabels: {}
- namespace: ""
- interval: ""
-
-service:
-# clusterIP: ""
-# clusterIPs: []
-# loadBalancerIP: ""
-# externalIPs: []
-# externalTrafficPolicy: ""
-# ipFamilyPolicy: ""
- # The name of the Service
- # If not set, a name is generated using the fullname template
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
name: coredns
- annotations: {}
- # metallb.universe.tf/address-pool: local
-
-serviceAccount:
- create: false
- # The name of the ServiceAccount to use
- # If not set and create is true, a name is generated using the fullname template
- name: ""
- annotations: {}
-
-rbac:
- # If true, create & use RBAC resources
- create: true
- # If true, create and use PodSecurityPolicy
- pspEnable: false
- # The name of the ServiceAccount to use.
- # If not set and create is true, a name is generated using the fullname template
- # name:
-
-# isClusterService specifies whether chart should be deployed as cluster-service or normal k8s app.
-isClusterService: true
-
-# Optional priority class to be used for the coredns pods. Used for autoscaler if autoscaler.priorityClassName not set.
-priorityClassName: ""
-
-# Configure the pod level securityContext.
-podSecurityContext: {}
-
-# Configure SecurityContext for Pod.
-# Ensure that required linux capability to bind port number below 1024 is assigned (`CAP_NET_BIND_SERVICE`).
-securityContext:
- capabilities:
- add:
- - NET_BIND_SERVICE
-
-# Default zone is what Kubernetes recommends:
-# https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/#coredns-configmap-options
-servers:
-- zones:
- - zone: .
- port: 53
- # If serviceType is nodePort you can specify nodePort here
- # nodePort: 30053
- # hostPort: 53
- plugins:
- - name: log
- # Serves a /health endpoint on :8080, required for livenessProbe
- - name: health
- configBlock: |-
- lameduck 5s
- # Serves a /ready endpoint on :8181, required for readinessProbe
- - name: ready
-
-# Complete example with all the options:
-# - zones: # the `zones` block can be left out entirely, defaults to "."
-# - zone: hello.world. # optional, defaults to "."
-# scheme: tls:// # optional, defaults to "" (which equals "dns://" in CoreDNS)
-# - zone: foo.bar.
-# scheme: dns://
-# use_tcp: true # set this parameter to optionally expose the port on tcp as well as udp for the DNS protocol
-# # Note that this will not work if you are also exposing tls or grpc on the same server
-# port: 12345 # optional, defaults to "" (which equals 53 in CoreDNS)
-# plugins: # the plugins to use for this server block
-# - name: kubernetes # name of plugin, if used multiple times ensure that the plugin supports it!
-# parameters: foo bar # list of parameters after the plugin
-# configBlock: |- # if the plugin supports extra block style config, supply it here
-# hello world
-# foo bar
-
-# Extra configuration that is applied outside of the default zone block.
-# Example to include additional config files, which may come from extraVolumes:
-# extraConfig:
-# import:
-# parameters: /opt/coredns/*.conf
-extraConfig:
- import:
- parameters: /etc/dodo/dodo.conf
-
-# To use the livenessProbe, the health plugin needs to be enabled in CoreDNS' server config
-livenessProbe:
- enabled: true
- initialDelaySeconds: 60
- periodSeconds: 10
- timeoutSeconds: 5
- failureThreshold: 5
- successThreshold: 1
-# To use the readinessProbe, the ready plugin needs to be enabled in CoreDNS' server config
-readinessProbe:
- enabled: true
- initialDelaySeconds: 30
- periodSeconds: 10
- timeoutSeconds: 5
- failureThreshold: 5
- successThreshold: 1
-
-# expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#affinity-v1-core
-# for example:
-# affinity:
-# nodeAffinity:
-# requiredDuringSchedulingIgnoredDuringExecution:
-# nodeSelectorTerms:
-# - matchExpressions:
-# - key: foo.bar.com/role
-# operator: In
-# values:
-# - master
-affinity: {}
-
-# expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#topologyspreadconstraint-v1-core
-# and supports Helm templating.
-# For example:
-# topologySpreadConstraints:
-# - labelSelector:
-# matchLabels:
-# app.kubernetes.io/name: '{{ template "coredns.name" . }}'
-# app.kubernetes.io/instance: '{{ .Release.Name }}'
-# topologyKey: topology.kubernetes.io/zone
-# maxSkew: 1
-# whenUnsatisfiable: ScheduleAnyway
-# - labelSelector:
-# matchLabels:
-# app.kubernetes.io/name: '{{ template "coredns.name" . }}'
-# app.kubernetes.io/instance: '{{ .Release.Name }}'
-# topologyKey: kubernetes.io/hostname
-# maxSkew: 1
-# whenUnsatisfiable: ScheduleAnyway
-topologySpreadConstraints: []
-
-# Node labels for pod assignment
-# Ref: https://kubernetes.io/docs/user-guide/node-selection/
-nodeSelector: {}
-
-# expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#toleration-v1-core
-# for example:
-# tolerations:
-# - key: foo.bar.com/role
-# operator: Equal
-# value: master
-# effect: NoSchedule
-tolerations: []
-
-# https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
-podDisruptionBudget: {}
-
-# configure custom zone files as per https://coredns.io/2017/05/08/custom-dns-entries-for-kubernetes/
-zoneFiles: []
- # - filename: bar.ge.db
- # domain: bar.ge
- # contents: |
- # bar.ge. IN SOA sns.dns.icann.com. noc.dns.icann.com. 2015082541 7200 3600 1209600 3600
- # * 10800 IN CNAME bar.ge.
- # bar.ge. IN A 192.168.99.102
- # *.t1 10800 IN A 65.109.222.106
- # *.t2 10800 IN A 65.109.222.107
- # *.t3 10800 IN A 65.109.222.108
- # *.t4 10800 IN A 65.109.222.109
- # *.t5 10800 IN A 65.109.222.100
- # @ 10800 IN A 65.109.222.106
- # www 10800 IN CNAME bar.ge.
-
-# optional array of sidecar containers
-extraContainers: []
-# - name: rename-keys
-# image: giolekva/rename-keys:latest
-# imagePullPolicy: Always
-# command: ["/usr/bin/rename-keys.sh"]
-# volumeMounts:
-# - name: dodo
-# mountPath: /etc/dodo
-# optional array of extra volumes to create
-extraVolumes:
-- name: keys
- persistentVolumeClaim:
- claimName: keys
-# - name: dodo
-# configMap:
-# name: dodo-dns
-# - name: some-volume-name
-# emptyDir: {}
-# optional array of mount points for extraVolumes
-extraVolumeMounts:
-- name: keys
- mountPath: /etc/dodo
-# - name: dodo
-# mountPath: /etc/dodo
-# - name: some-volume-name
-# mountPath: /etc/wherever
-
-# optional array of secrets to mount inside coredns container
-# possible usecase: need for secure connection with etcd backend
-extraSecrets: []
-# - name: etcd-client-certs
-# mountPath: /etc/coredns/tls/etcd
-# defaultMode: 420
-# - name: some-fancy-secret
-# mountPath: /etc/wherever
-# defaultMode: 440
-
-# To support legacy deployments using CoreDNS with the "k8s-app: kube-dns" label selectors.
-# See https://github.com/coredns/helm/blob/master/charts/coredns/README.md#adopting-existing-coredns-resources
-# k8sAppLabelOverride: "kube-dns"
-
-# Custom labels to apply to Deployment, Pod, Configmap, Service, ServiceMonitor. Including autoscaler if enabled.
-customLabels: {}
-
-# Custom annotations to apply to Deployment, Pod, Configmap, Service, ServiceMonitor. Including autoscaler if enabled.
-customAnnotations: {}
-
-## Alternative configuration for HPA deployment if wanted
-## Create HorizontalPodAutoscaler object.
-##
-# hpa:
-# enabled: false
-# minReplicas: 1
-# maxReplicas: 10
-# metrics:
-# metrics:
-# - type: Resource
-# resource:
-# name: memory
-# target:
-# type: Utilization
-# averageUtilization: 60
-# - type: Resource
-# resource:
-# name: cpu
-# target:
-# type: Utilization
-# averageUtilization: 60
-
-hpa:
- enabled: false
- minReplicas: 1
- maxReplicas: 2
- metrics: []
-
-## Configue a cluster-proportional-autoscaler for coredns
-# See https://github.com/kubernetes-incubator/cluster-proportional-autoscaler
-autoscaler:
- # Enabled the cluster-proportional-autoscaler
- enabled: false
-
- # Number of cores in the cluster per coredns replica
- coresPerReplica: 256
- # Number of nodes in the cluster per coredns replica
- nodesPerReplica: 16
- # Min size of replicaCount
- min: 0
- # Max size of replicaCount (default of 0 is no max)
- max: 0
- # Whether to include unschedulable nodes in the nodes/cores calculations - this requires version 1.8.0+ of the autoscaler
- includeUnschedulableNodes: false
- # If true does not allow single points of failure to form
- preventSinglePointFailure: true
-
- # Annotations for the coredns proportional autoscaler pods
- podAnnotations: {}
-
- ## Optionally specify some extra flags to pass to cluster-proprtional-autoscaler.
- ## Useful for e.g. the nodelabels flag.
- # customFlags:
- # - --nodelabels=topology.kubernetes.io/zone=us-east-1a
-
- image:
- repository: registry.k8s.io/cpa/cluster-proportional-autoscaler
- tag: "1.8.5"
- pullPolicy: IfNotPresent
- ## Optionally specify an array of imagePullSecrets.
- ## Secrets must be manually created in the namespace.
- ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
- ##
- pullSecrets: []
- # pullSecrets:
- # - name: myRegistryKeySecretName
-
- # Optional priority class to be used for the autoscaler pods. priorityClassName used if not set.
- priorityClassName: ""
-
- # expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#affinity-v1-core
- affinity: {}
-
- # Node labels for pod assignment
- # Ref: https://kubernetes.io/docs/user-guide/node-selection/
- nodeSelector: {}
-
- # expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#toleration-v1-core
- tolerations: []
-
- # resources for autoscaler pod
- resources:
- requests:
- cpu: "20m"
- memory: "10Mi"
- limits:
- cpu: "20m"
- memory: "10Mi"
-
- # Options for autoscaler configmap
- configmap:
- ## Annotations for the coredns-autoscaler configmap
- # i.e. strategy.spinnaker.io/versioned: "false" to ensure configmap isn't renamed
- annotations: {}
-
- # Enables the livenessProbe for cluster-proportional-autoscaler - this requires version 1.8.0+ of the autoscaler
- livenessProbe:
- enabled: true
- initialDelaySeconds: 10
- periodSeconds: 5
- timeoutSeconds: 5
- failureThreshold: 3
- successThreshold: 1
-
- # optional array of sidecar containers
- extraContainers: []
- # - name: some-container-name
- # image: some-image:latest
- # imagePullPolicy: Always
-
-deployment:
- enabled: true
- name: ""
- ## Annotations for the coredns deployment
- annotations: {}
+ namespace: {{ .Release.Namespace }}
+spec:
+ chart:
+ spec:
+ chart: charts/coredns
+ sourceRef:
+ kind: GitRepository
+ name: pcloud
+ namespace: {{ .Global.PCloudEnvName }}
+ interval: 1m0s
+ values:
+ image:
+ repository: coredns/coredns
+ tag: 1.11.1
+ pullPolicy: IfNotPresent
+ replicaCount: 1
+ resources:
+ limits:
+ cpu: 100m
+ memory: 128Mi
+ requests:
+ cpu: 100m
+ memory: 128Mi
+ rollingUpdate:
+ maxUnavailable: 1
+ maxSurge: 25%
+ terminationGracePeriodSeconds: 30
+ serviceType: "ClusterIP"
+ service:
+ name: coredns
+ serviceAccount:
+ create: false
+ rbac:
+ create: true
+ pspEnable: false
+ isClusterService: true
+ securityContext:
+ capabilities:
+ add:
+ - NET_BIND_SERVICE
+ servers:
+ - zones:
+ - zone: .
+ port: 53
+ plugins:
+ - name: log
+ - name: health
+ configBlock: |-
+ lameduck 5s
+ - name: ready
+ extraConfig:
+ import:
+ parameters: {{ .Values.Volume.MountPath }}/coredns.conf
+ extraVolumes:
+ - name: zone-configs
+ persistentVolumeClaim:
+ claimName: {{ .Values.Volume.ClaimName }}
+ extraVolumeMounts:
+ - name: zone-configs
+ mountPath: {{ .Values.Volume.MountPath}}
+ livenessProbe:
+ enabled: true
+ initialDelaySeconds: 60
+ periodSeconds: 10
+ timeoutSeconds: 5
+ failureThreshold: 5
+ successThreshold: 1
+ readinessProbe:
+ enabled: true
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ timeoutSeconds: 5
+ failureThreshold: 5
+ successThreshold: 1
+ zoneFiles: []
+ hpa:
+ enabled: false
+ autoscaler:
+ enabled: false
+ deployment:
+ enabled: true