coredns manual setup
diff --git a/core/installer/values-tmpl/coredns-config.yaml b/core/installer/values-tmpl/coredns-config.yaml
new file mode 100644
index 0000000..65aba69
--- /dev/null
+++ b/core/installer/values-tmpl/coredns-config.yaml
@@ -0,0 +1,53 @@
+---
+# Source: coredns/templates/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: dodo-dns
+ namespace: dodo-core-coredns
+data:
+ dodo.conf: |-
+ t10.lekva.me:53 {
+ file /etc/dodo/t10.lekva.me.db
+ errors
+ log
+ health {
+ lameduck 5s
+ }
+ ready
+ cache 30
+ loop
+ reload
+ loadbalance
+ }
+
+ shve.li:53 {
+ file /etc/dodo/shve.li.db
+ dnssec {
+ key file Kshve.li.+013+55992
+ }
+ errors
+ log
+ health {
+ lameduck 5s
+ }
+ ready
+ cache 30
+ loop
+ reload
+ loadbalance
+ }
+
+ shve.li.db: |
+ shve.li. IN SOA ns1.shve.li. hostmaster.shve.li. 2015082541 7200 3600 1209600 3600
+ @ 10800 IN A 65.109.222.108
+ * 10800 IN CNAME shve.li.
+ p 10800 IN CNAME shve.li.
+ *.p 10800 IN A 10.1.0.1
+
+ t10.lekva.me.db: |
+ t10.lekva.me. IN SOA ns1.lekva.me. hostmaster.lekva.me. 2015082541 7200 3600 1209600 3600
+ * 10800 IN CNAME t10.lekva.me.
+ @ 10800 IN A 65.109.222.107
+ p 10800 IN CNAME t10.lekva.me.
+ *.p 10800 IN A 10.1.0.1
diff --git a/core/installer/values-tmpl/coredns-keys.yaml b/core/installer/values-tmpl/coredns-keys.yaml
new file mode 100644
index 0000000..a605deb
--- /dev/null
+++ b/core/installer/values-tmpl/coredns-keys.yaml
@@ -0,0 +1,37 @@
+# apiVersion: v1
+# kind: PersistentVolumeClaim
+# metadata:
+# name: keys
+# namespace: dodo-core-coredns
+# spec:
+# storageClassName: ""
+# accessModes:
+# - ReadWriteMany
+# resources:
+# requests:
+# storage: 1Gi
+# volumeName: keys
+---
+apiVersion: v1
+kind: Pod
+metadata:
+ name: keys
+ namespace: dodo-core-coredns
+spec:
+ containers:
+ - name: keys
+ image: busybox:1.36.1
+ command: ["sleep", "infinity"]
+ volumeMounts:
+ - name: dodo
+ mountPath: /etc/dodo
+ - name: dodo-config
+ mountPath: /etc/dodo-config
+ volumes:
+ - name: dodo
+ persistentVolumeClaim:
+ claimName: keys
+ - name: dodo-config
+ configMap:
+ name: dodo-dns
+
diff --git a/core/installer/values-tmpl/coredns.yaml b/core/installer/values-tmpl/coredns.yaml
new file mode 100644
index 0000000..4310c38
--- /dev/null
+++ b/core/installer/values-tmpl/coredns.yaml
@@ -0,0 +1,398 @@
+# apiVersion: helm.toolkit.fluxcd.io/v2beta1
+# kind: HelmRelease
+# metadata:
+# name: rpuppy
+# namespace: {{ .Release.Namespace }}
+# spec:
+# chart:
+# spec:
+# chart: charts/rpuppy
+# sourceRef:
+# kind: GitRepository
+# name: pcloud
+# namespace: {{ .Global.Id }}
+# interval: 1m0s
+# values:
+# Default values for coredns.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+image:
+ repository: coredns/coredns
+ # Overrides the image tag whose default is the chart appVersion.
+ tag: ""
+ pullPolicy: IfNotPresent
+ ## Optionally specify an array of imagePullSecrets.
+ ## Secrets must be manually created in the namespace.
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+ ##
+ pullSecrets: []
+ # pullSecrets:
+ # - name: myRegistryKeySecretName
+
+replicaCount: 1
+
+resources:
+ limits:
+ cpu: 100m
+ memory: 128Mi
+ requests:
+ cpu: 100m
+ memory: 128Mi
+
+rollingUpdate:
+ maxUnavailable: 1
+ maxSurge: 25%
+
+terminationGracePeriodSeconds: 30
+
+podAnnotations: {}
+# cluster-autoscaler.kubernetes.io/safe-to-evict: "false"
+
+serviceType: "ClusterIP"
+
+prometheus:
+ service:
+ enabled: false
+ annotations:
+ prometheus.io/scrape: "true"
+ prometheus.io/port: "9153"
+ monitor:
+ enabled: false
+ additionalLabels: {}
+ namespace: ""
+ interval: ""
+
+service:
+# clusterIP: ""
+# clusterIPs: []
+# loadBalancerIP: ""
+# externalIPs: []
+# externalTrafficPolicy: ""
+# ipFamilyPolicy: ""
+ # The name of the Service
+ # If not set, a name is generated using the fullname template
+ name: coredns
+ annotations: {}
+ # metallb.universe.tf/address-pool: local
+
+serviceAccount:
+ create: false
+ # The name of the ServiceAccount to use
+ # If not set and create is true, a name is generated using the fullname template
+ name: ""
+ annotations: {}
+
+rbac:
+ # If true, create & use RBAC resources
+ create: true
+ # If true, create and use PodSecurityPolicy
+ pspEnable: false
+ # The name of the ServiceAccount to use.
+ # If not set and create is true, a name is generated using the fullname template
+ # name:
+
+# isClusterService specifies whether chart should be deployed as cluster-service or normal k8s app.
+isClusterService: true
+
+# Optional priority class to be used for the coredns pods. Used for autoscaler if autoscaler.priorityClassName not set.
+priorityClassName: ""
+
+# Configure the pod level securityContext.
+podSecurityContext: {}
+
+# Configure SecurityContext for Pod.
+# Ensure that required linux capability to bind port number below 1024 is assigned (`CAP_NET_BIND_SERVICE`).
+securityContext:
+ capabilities:
+ add:
+ - NET_BIND_SERVICE
+
+# Default zone is what Kubernetes recommends:
+# https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/#coredns-configmap-options
+servers:
+- zones:
+ - zone: .
+ port: 53
+ # If serviceType is nodePort you can specify nodePort here
+ # nodePort: 30053
+ # hostPort: 53
+ plugins:
+ - name: log
+ # Serves a /health endpoint on :8080, required for livenessProbe
+ - name: health
+ configBlock: |-
+ lameduck 5s
+ # Serves a /ready endpoint on :8181, required for readinessProbe
+ - name: ready
+
+# Complete example with all the options:
+# - zones: # the `zones` block can be left out entirely, defaults to "."
+# - zone: hello.world. # optional, defaults to "."
+# scheme: tls:// # optional, defaults to "" (which equals "dns://" in CoreDNS)
+# - zone: foo.bar.
+# scheme: dns://
+# use_tcp: true # set this parameter to optionally expose the port on tcp as well as udp for the DNS protocol
+# # Note that this will not work if you are also exposing tls or grpc on the same server
+# port: 12345 # optional, defaults to "" (which equals 53 in CoreDNS)
+# plugins: # the plugins to use for this server block
+# - name: kubernetes # name of plugin, if used multiple times ensure that the plugin supports it!
+# parameters: foo bar # list of parameters after the plugin
+# configBlock: |- # if the plugin supports extra block style config, supply it here
+# hello world
+# foo bar
+
+# Extra configuration that is applied outside of the default zone block.
+# Example to include additional config files, which may come from extraVolumes:
+# extraConfig:
+# import:
+# parameters: /opt/coredns/*.conf
+extraConfig:
+ import:
+ parameters: /etc/dodo/dodo.conf
+
+# To use the livenessProbe, the health plugin needs to be enabled in CoreDNS' server config
+livenessProbe:
+ enabled: true
+ initialDelaySeconds: 60
+ periodSeconds: 10
+ timeoutSeconds: 5
+ failureThreshold: 5
+ successThreshold: 1
+# To use the readinessProbe, the ready plugin needs to be enabled in CoreDNS' server config
+readinessProbe:
+ enabled: true
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ timeoutSeconds: 5
+ failureThreshold: 5
+ successThreshold: 1
+
+# expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#affinity-v1-core
+# for example:
+# affinity:
+# nodeAffinity:
+# requiredDuringSchedulingIgnoredDuringExecution:
+# nodeSelectorTerms:
+# - matchExpressions:
+# - key: foo.bar.com/role
+# operator: In
+# values:
+# - master
+affinity: {}
+
+# expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#topologyspreadconstraint-v1-core
+# and supports Helm templating.
+# For example:
+# topologySpreadConstraints:
+# - labelSelector:
+# matchLabels:
+# app.kubernetes.io/name: '{{ template "coredns.name" . }}'
+# app.kubernetes.io/instance: '{{ .Release.Name }}'
+# topologyKey: topology.kubernetes.io/zone
+# maxSkew: 1
+# whenUnsatisfiable: ScheduleAnyway
+# - labelSelector:
+# matchLabels:
+# app.kubernetes.io/name: '{{ template "coredns.name" . }}'
+# app.kubernetes.io/instance: '{{ .Release.Name }}'
+# topologyKey: kubernetes.io/hostname
+# maxSkew: 1
+# whenUnsatisfiable: ScheduleAnyway
+topologySpreadConstraints: []
+
+# Node labels for pod assignment
+# Ref: https://kubernetes.io/docs/user-guide/node-selection/
+nodeSelector: {}
+
+# expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#toleration-v1-core
+# for example:
+# tolerations:
+# - key: foo.bar.com/role
+# operator: Equal
+# value: master
+# effect: NoSchedule
+tolerations: []
+
+# https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
+podDisruptionBudget: {}
+
+# configure custom zone files as per https://coredns.io/2017/05/08/custom-dns-entries-for-kubernetes/
+zoneFiles: []
+ # - filename: bar.ge.db
+ # domain: bar.ge
+ # contents: |
+ # bar.ge. IN SOA sns.dns.icann.com. noc.dns.icann.com. 2015082541 7200 3600 1209600 3600
+ # * 10800 IN CNAME bar.ge.
+ # bar.ge. IN A 192.168.99.102
+ # *.t1 10800 IN A 65.109.222.106
+ # *.t2 10800 IN A 65.109.222.107
+ # *.t3 10800 IN A 65.109.222.108
+ # *.t4 10800 IN A 65.109.222.109
+ # *.t5 10800 IN A 65.109.222.100
+ # @ 10800 IN A 65.109.222.106
+ # www 10800 IN CNAME bar.ge.
+
+# optional array of sidecar containers
+extraContainers: []
+# - name: rename-keys
+# image: giolekva/rename-keys:latest
+# imagePullPolicy: Always
+# command: ["/usr/bin/rename-keys.sh"]
+# volumeMounts:
+# - name: dodo
+# mountPath: /etc/dodo
+# optional array of extra volumes to create
+extraVolumes:
+- name: keys
+ persistentVolumeClaim:
+ claimName: keys
+# - name: dodo
+# configMap:
+# name: dodo-dns
+# - name: some-volume-name
+# emptyDir: {}
+# optional array of mount points for extraVolumes
+extraVolumeMounts:
+- name: keys
+ mountPath: /etc/dodo
+# - name: dodo
+# mountPath: /etc/dodo
+# - name: some-volume-name
+# mountPath: /etc/wherever
+
+# optional array of secrets to mount inside coredns container
+# possible usecase: need for secure connection with etcd backend
+extraSecrets: []
+# - name: etcd-client-certs
+# mountPath: /etc/coredns/tls/etcd
+# defaultMode: 420
+# - name: some-fancy-secret
+# mountPath: /etc/wherever
+# defaultMode: 440
+
+# To support legacy deployments using CoreDNS with the "k8s-app: kube-dns" label selectors.
+# See https://github.com/coredns/helm/blob/master/charts/coredns/README.md#adopting-existing-coredns-resources
+# k8sAppLabelOverride: "kube-dns"
+
+# Custom labels to apply to Deployment, Pod, Configmap, Service, ServiceMonitor. Including autoscaler if enabled.
+customLabels: {}
+
+# Custom annotations to apply to Deployment, Pod, Configmap, Service, ServiceMonitor. Including autoscaler if enabled.
+customAnnotations: {}
+
+## Alternative configuration for HPA deployment if wanted
+## Create HorizontalPodAutoscaler object.
+##
+# hpa:
+# enabled: false
+# minReplicas: 1
+# maxReplicas: 10
+# metrics:
+# metrics:
+# - type: Resource
+# resource:
+# name: memory
+# target:
+# type: Utilization
+# averageUtilization: 60
+# - type: Resource
+# resource:
+# name: cpu
+# target:
+# type: Utilization
+# averageUtilization: 60
+
+hpa:
+ enabled: false
+ minReplicas: 1
+ maxReplicas: 2
+ metrics: []
+
+## Configue a cluster-proportional-autoscaler for coredns
+# See https://github.com/kubernetes-incubator/cluster-proportional-autoscaler
+autoscaler:
+ # Enabled the cluster-proportional-autoscaler
+ enabled: false
+
+ # Number of cores in the cluster per coredns replica
+ coresPerReplica: 256
+ # Number of nodes in the cluster per coredns replica
+ nodesPerReplica: 16
+ # Min size of replicaCount
+ min: 0
+ # Max size of replicaCount (default of 0 is no max)
+ max: 0
+ # Whether to include unschedulable nodes in the nodes/cores calculations - this requires version 1.8.0+ of the autoscaler
+ includeUnschedulableNodes: false
+ # If true does not allow single points of failure to form
+ preventSinglePointFailure: true
+
+ # Annotations for the coredns proportional autoscaler pods
+ podAnnotations: {}
+
+ ## Optionally specify some extra flags to pass to cluster-proprtional-autoscaler.
+ ## Useful for e.g. the nodelabels flag.
+ # customFlags:
+ # - --nodelabels=topology.kubernetes.io/zone=us-east-1a
+
+ image:
+ repository: registry.k8s.io/cpa/cluster-proportional-autoscaler
+ tag: "1.8.5"
+ pullPolicy: IfNotPresent
+ ## Optionally specify an array of imagePullSecrets.
+ ## Secrets must be manually created in the namespace.
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+ ##
+ pullSecrets: []
+ # pullSecrets:
+ # - name: myRegistryKeySecretName
+
+ # Optional priority class to be used for the autoscaler pods. priorityClassName used if not set.
+ priorityClassName: ""
+
+ # expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#affinity-v1-core
+ affinity: {}
+
+ # Node labels for pod assignment
+ # Ref: https://kubernetes.io/docs/user-guide/node-selection/
+ nodeSelector: {}
+
+ # expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#toleration-v1-core
+ tolerations: []
+
+ # resources for autoscaler pod
+ resources:
+ requests:
+ cpu: "20m"
+ memory: "10Mi"
+ limits:
+ cpu: "20m"
+ memory: "10Mi"
+
+ # Options for autoscaler configmap
+ configmap:
+ ## Annotations for the coredns-autoscaler configmap
+ # i.e. strategy.spinnaker.io/versioned: "false" to ensure configmap isn't renamed
+ annotations: {}
+
+ # Enables the livenessProbe for cluster-proportional-autoscaler - this requires version 1.8.0+ of the autoscaler
+ livenessProbe:
+ enabled: true
+ initialDelaySeconds: 10
+ periodSeconds: 5
+ timeoutSeconds: 5
+ failureThreshold: 3
+ successThreshold: 1
+
+ # optional array of sidecar containers
+ extraContainers: []
+ # - name: some-container-name
+ # image: some-image:latest
+ # imagePullPolicy: Always
+
+deployment:
+ enabled: true
+ name: ""
+ ## Annotations for the coredns deployment
+ annotations: {}