mirrors/external-dns
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/external-dns.git synced 2025-08-06 09:36:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
1,240 Commits 195 Branches 119 Tags 150 MiB
c1ebc7726f
Commit Graph

188 Commits

Author SHA1 Message Date
Michael S. Fischer
c1ebc7726f Update AWS documentation 
Using EC2 Instance Roles to provide Route 53 permissions is overly
permissive and dangerous.  Emphasize using alternatives such
as EKS IAM Roles for Service Accounts, kiam, or kube2iam that
limit access to the ExternalDNS pod.
 2020-01-18 16:45:49 -06:00
Ikiru Yoshizaki
a073e30f6c docs: add REgion for aws-sd external-dns deployment 2020-01-14 20:17:05 +09:00
JPantsjoha
7be57d4c53
Update gke.md 2020-01-13 11:52:22 +00:00
Jaromir Vanek
3f488acd6c AWS-SD: Rebrand AWS Auto Naming to Cloud Map 2020-01-07 17:25:35 -08:00
Martin Linkhorst
b78d472940
Merge branch 'master' into docs_apps/v1_deployment 2020-01-07 14:51:20 +01:00
Martin Linkhorst
f02c3c7679 docs: add missing template labels 2020-01-07 14:48:56 +01:00
Martin Linkhorst
ad54d4cad2 docs: switch apiVersion of Ingress to networking 2020-01-07 14:42:47 +01:00
David Grizzanti
084ea67be0
Update vinyldns docs 
Make registry txt usage more clear
 2020-01-06 09:14:45 -05:00
Kubernetes Prow Robot
1055d02037
Merge pull request #1328 from ashleyschuett/multiple-istio-ingress-gateway 
Multiple istio ingress gateway
 2019-12-27 06:27:38 -08:00
fcarletti
9aee917964
fix: use ingress gateway service as target instead of hard-coded ones 2019-12-23 10:33:01 +01:00
Kubernetes Prow Robot
e68ea6050b
Merge pull request #1319 from saidst/feature/extend-azure-private-dns-tutorial 
Reworked tutorial for Azure Private DNS
 2019-12-20 00:39:33 -08:00
saidst
a567ac58d8 changed intending. 2019-12-20 09:00:38 +01:00
saidst
c66576112b added example for simple check of correct ingress-controller configuration. 2019-12-17 19:45:35 +01:00
Andrew Hemming
7706910fe0
Corrected typo in readme 2019-12-16 09:00:17 +00:00
saidst
48ed325c56 added details for configuring nginx-ingress-controller in azure private dns tutorial. 2019-12-12 15:40:58 +01:00
Kubernetes Prow Robot
7ab7b2f3d5
Merge pull request #1163 from adipascu/patch-1 
Fix confusing arrow direction
 2019-12-05 02:50:32 -08:00
Kubernetes Prow Robot
09860ede26
Merge pull request #1305 from kubernetes-sigs/linki-patch-4 
Add missing service account to spec
 2019-12-03 06:56:57 -08:00
Martin Linkhorst
d5709d04d6
docs: add missing service account to spec 2019-12-02 13:49:08 +01:00
Alex Orange
1c8b189859 Improve RFC2136 documentation. 2019-11-26 11:36:27 -07:00
Zhang Jinghui
1e41400149 fix broken link of ingress-gce and ingress-nginx 2019-11-22 21:01:57 +08:00
Tim Jacomb
b7ea40ff78 Refine azure-private-dns tutorial 2019-11-19 12:04:52 +01:00
saidst
f14d792315 resolved review findings as of nov 12. 2019-11-19 12:04:52 +01:00
saidst
eb0cdb0962 Created Azure Private DNS Provider by forking Azure Provider. 2019-11-19 12:04:46 +01:00
Nick Jüttner
9418e3acd8
Merge pull request #1008 from devkid/feature/aws-routing-policies 
[RFC] Add support for all AWS Route53 routing policies; add additional Setldentifier abstraction layer
 2019-11-19 11:21:12 +01:00
Jakub Scholz
8475895fd4
Use apps/v1 for the deployment to be compatible with Kubernetes 1.16 
Signed-off-by: Jakub Scholz <www@scholzj.com>
 2019-11-14 23:01:42 +01:00
Kubernetes Prow Robot
d02b4d11ab
Merge pull request #1268 from yujunz/tutorial/aws 
Fix tutorial for kubernetes 1.16+
 2019-11-12 04:06:06 -08:00
Kubernetes Prow Robot
645ba9b8ef
Merge pull request #1234 from PiotrJander/patch-1 
Update aws.md
 2019-11-12 04:04:07 -08:00
Yujun Zhang
4eb3da327c Fix tutorial for kubernetes 1.16+ 
`Deployment` has been removed from `apiVersion: extensions/v1beta1`

See https://kubernetes.io/blog/2019/07/18/api-deprecations-in-1-16/
 2019-11-12 13:50:31 +08:00
Eugene Klimov
b585868372
update links to RDNS 2019-11-06 09:09:15 +03:00
Kubernetes Prow Robot
ceae2f9a38
Merge pull request #1254 from bavarianbidi/docs/openstack/snippet-for-rbac-enabled-environment 
docs/designate: add snippet for rbac env
 2019-11-05 05:30:39 -08:00
Mario Constanti
a16827e73c docs/designate: add snippet for rbac env 
* extend the external-dns deployment to work within a RBAC enabled
environment
* add short hint how to mount/use/trust self-sign certificates
 2019-11-05 09:51:16 +01:00
Mario Constanti
82e43e85ec docs: fix log-level param in tutorials 
* arg --debug is now --log-level=debug
* flag --log-level was merged 2017 with
  PR https://github.com/kubernetes-sigs/external-dns/pull/339
 2019-11-04 06:53:30 +01:00
Nick Jüttner
f763d2a413 Move into kubernetes-sigs organization (#1245) 
* Move into kubernetes-sigs organization

* Disable labeler action for forks
 2019-11-01 17:10:19 +01:00
Piotr Jander
36a8ec987a
Update aws.md 2019-10-18 13:51:27 +02:00
Zoltán Reegn
aff20c1ff7 docs: use apps/v1 instead of extensions/v1beta1 in Deployment examples 
The extensions/v1beta1 API is deprecated for Deployment and with 1.16 is
not served by default anymore. This breaks the examples on k8s 1.16.

See this blog post for details on the deprecations:

https://kubernetes.io/blog/2019/07/18/api-deprecations-in-1-16/
 2019-10-15 22:33:11 +02:00
Kubernetes Prow Robot
cec75d7da4
Merge pull request #1223 from dgrizzanti/namespace_doc_updates 
Propose a few doc changes to make the use of namespace more clear
 2019-10-15 03:47:52 -07:00
David Grizzanti
c4db4af310 Propose a few doc changes to make the use of namespace more clear 2019-10-08 09:54:59 -04:00
Kubernetes Prow Robot
59475a1c5c
Merge pull request #1206 from dooman87/patch-1 
#582: Unknown Serviceaccount error
 2019-10-08 03:09:11 -07:00
Kubernetes Prow Robot
8db7e77d78
Merge pull request #1149 from dkeightley/master 
Add RBAC manifest, update wording around IAM policy
 2019-09-24 04:49:27 -07:00
Pokidov N. Dmitry
aa2b4589cd
#582: Unknown Serviceaccount error 
Seems like there was attempts to fix it but change didn't make it to master
 2019-09-24 10:26:37 +10:00
Kubernetes Prow Robot
40ede2557c
Merge pull request #1189 from Evesy/cf_token 
Support Cloudflare API Token Auth
 2019-09-17 04:12:23 -07:00
Brian Hong
c97781a49d
Fix AWS IAM Roles for Service Accounts permission 
Amazon EKS supports IAM Roles for Service Accounts. It mounts tokens
files to `/var/run/secrets/eks.amazonaws.com/serviceaccount/token`.
Unfortunately, external-dns runs as 'nobody' so it cannot access this
file. External DNS is then unable to make any AWS API calls to work:

```
time="2019-09-11T07:31:53Z" level=error msg="WebIdentityErr: unable to read file at /var/run/secrets/eks.amazonaws.com/serviceaccount/token\ncaused by: open /var/run/secrets/eks.amazonaws.com/serviceaccount/token: permission denied"
```

See: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts-technical-overview.html

Below are the file permissions mounted on External DNS pod:

```
~ $ ls -al /var/run/secrets/eks.amazonaws.com/serviceaccount/
total 0
drwxrwxrwt    3 root     root           100 Sep 11 06:40 .
drwxr-xr-x    3 root     root            28 Sep 11 06:40 ..
drwxr-xr-x    2 root     root            60 Sep 11 06:40 ..2019_09_11_06_40_49.865776187
lrwxrwxrwx    1 root     root            31 Sep 11 06:40 ..data -> ..2019_09_11_06_40_49.865776187
lrwxrwxrwx    1 root     root            12 Sep 11 06:40 token -> ..data/token
~ $ ls -al /var/run/secrets/eks.amazonaws.com/serviceaccount/..data/token
-rw-------    1 root     root          1028 Sep 11 06:40 /var/run/secrets/eks.amazonaws.com/serviceaccount/..data/token
```

This commit fixes this problem by specifying securityContext to make
mounted volumes with 65534 (nobody) group ownership.
 2019-09-16 17:01:07 +09:00
Mike Eves
49e0c8b0e7 Support Cloudflare API Token Auth 2019-09-12 22:00:29 +01:00
Alfred Krohmer
a1738f9828 Add documentation for routing policies 2019-09-10 20:47:36 +02:00
Braxton Schafer
905800f9e5
Update rfc2136 tutorial for use with Microsoft DNS 
Clean up the tutorial and update it to clarify usage with non-BIND DNS servers.
 2019-09-05 13:28:09 -05:00
Adrian Pascu
78c48af7e4
Fix confusing arrow direction 2019-08-23 16:45:14 +03:00
dkeightley
b12f3ef049 Add RBAC manifest, update wording around IAM policy 2019-08-15 11:47:03 +10:00
Kubernetes Prow Robot
eb54263256
Merge pull request #1084 from jonasrmichel/feature/contour-ingressroute 
Add source implementation for Heptio Contour IngressRoute
 2019-07-30 08:54:51 -07:00
Marc Sensenich
cf1827cf36 Add DNSimple Tutorial Document 2019-07-29 17:44:55 -04:00
Jason-ZW
f685704fcc Add rancher dns(RDNS) provider 2019-07-19 19:40:00 +08:00