--- # external-dns tier (replaces the 3x Puppet external-dns servers). An ordinary # authoritative cluster; external-dns writes to its zones via RFC2136 because # those BindZones set dynamicUpdate (allow-update { key externaldns-key; }). apiVersion: bind.unkin.net/v1alpha1 kind: BindCluster metadata: name: bind-externaldns namespace: bind-internal spec: mode: authoritative replicas: 3 storageClassName: cephrbd-fast-delete storageSize: 1Gi service: type: LoadBalancer externalTrafficPolicy: Local annotations: purelb.io/service-group: common purelb.io/addresses: 198.18.200.8 external-dns.alpha.kubernetes.io/hostname: bind-externaldns.k8s.syd1.au.unkin.net resources: requests: cpu: 100m memory: 128Mi limits: cpu: "1" memory: 512Mi --- # Catalog zone so the dynamic zones replicate onto the cluster's secondaries # (external-dns writes to the primary; secondaries IXFR the result). apiVersion: bind.unkin.net/v1alpha1 kind: BindCatalogZone metadata: name: bind-externaldns-catalog namespace: bind-internal spec: clusterRef: bind-externaldns zoneName: catalog.externaldns.internal transferKeyRef: externaldns-key