d11c2900de
Adds the bind-operator and the three BindClusters that replace the Puppet-managed BIND estate (authoritative / resolver / external-dns). - add apps/base/bind-system: 9 CRDs, operator Deployment, RBAC (ns bind-system) - add apps/base/binddns-auth: authoritative BindCluster + catalog zone + TSIG key - add apps/base/binddns-resolver: recursive-resolver BindCluster with forwarders - add apps/base/binddns-externaldns: dynamic (RFC2136) BindCluster + TSIG key - add au-syd1 overlays for all four apps - register the four apps in the platform ApplicationSet - add binddns-* namespaces to the platform AppProject destinations - add schemas/bind.unkin.net/*.json so kubeconform validates the new CRs DNS Services are LoadBalancer via PureLB. TSIG key material is generated by the operator into Secrets at runtime (no plain Secrets in git).
6 lines
66 B
YAML
6 lines
66 B
YAML
---
|
|
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: binddns-auth
|