Ben Vincent
15ca9b68cb
All checks were successful
Build / precommit (pull_request) Successful in 6m10s
- add module to manage externaldns bind for k8s - add infra::dns::externaldns role - add 198.18.19.20 as anycast for k8s external-dns service
36 lines
1.0 KiB
Puppet
36 lines
1.0 KiB
Puppet
# ExternalDNS BIND slave server class
|
|
class externaldns::slave inherits externaldns {
|
|
|
|
include bind
|
|
|
|
# Query PuppetDB for master server IP address
|
|
$query = "inventory[facts.networking.ip] { certname = '${externaldns::bind_master_hostname}' }"
|
|
$master_ip = puppetdb_query($query)[0]['facts.networking.ip']
|
|
|
|
# Create TSIG key for zone transfers (same as master)
|
|
bind::key { 'externaldns-key':
|
|
algorithm => $externaldns::externaldns_key_algorithm,
|
|
secret => $externaldns::externaldns_key_secret,
|
|
}
|
|
|
|
# Create ACL for master server
|
|
bind::acl { 'dns-master':
|
|
addresses => [$master_ip],
|
|
}
|
|
|
|
# Create slave zones for each Kubernetes domain
|
|
$externaldns::k8s_zones.each |$zone| {
|
|
bind::zone { $zone:
|
|
zone_type => 'slave',
|
|
masters => [$master_ip],
|
|
allow_notify => ['dns-master'],
|
|
ns_notify => false,
|
|
}
|
|
}
|
|
|
|
# Create default view to include the zones
|
|
bind::view { 'externaldns':
|
|
recursion => false,
|
|
zones => $externaldns::k8s_zones,
|
|
}
|
|
} |