From d6782cf3ad3cae2fcc6a5f1285accd9ca533d176 Mon Sep 17 00:00:00 2001 From: Andre Baptista Aguas Date: Tue, 1 Oct 2024 20:07:56 +0200 Subject: [PATCH] use upstream coredns chart instead of fork Signed-off-by: Andre Baptista Aguas --- Makefile | 18 +++++----- chart/k8gb/Chart.lock | 8 ++--- chart/k8gb/Chart.yaml | 4 +-- chart/k8gb/README.md | 3 -- chart/k8gb/templates/coredns-cm.yaml | 30 ----------------- chart/k8gb/values.schema.json | 23 ------------- chart/k8gb/values.yaml | 33 ++++++++++++------- deploy/ingress/nginx-ingress-values.yaml | 6 ---- deploy/istio-ingress-namespace.yaml | 4 +++ deploy/istio-system-namespace.yaml | 4 +++ .../{namespace.yaml => k8gb-namespace.yaml} | 0 deploy/k8gb/values.yaml | 21 ++++++++++++ deploy/test/coredns-tcp-svc.yaml | 15 --------- .../examples/azure/k8gb/aks1-helm-values.yaml | 24 ++++++++++++-- .../examples/azure/k8gb/aks2-helm-values.yaml | 24 ++++++++++++-- .../windowsdns/k8gb/aks1-helm-values.yaml | 24 +++++++++++--- .../windowsdns/k8gb/aks2-helm-values.yaml | 24 +++++++++++--- k3d/test-gslb1.yaml | 8 ++--- k3d/test-gslb2.yaml | 8 ++--- k3d/test-gslb3.yaml | 8 ++--- 20 files changed, 156 insertions(+), 133 deletions(-) delete mode 100644 chart/k8gb/templates/coredns-cm.yaml create mode 100644 deploy/istio-ingress-namespace.yaml create mode 100644 deploy/istio-system-namespace.yaml rename deploy/{namespace.yaml => k8gb-namespace.yaml} (100%) create mode 100644 deploy/k8gb/values.yaml delete mode 100644 deploy/test/coredns-tcp-svc.yaml diff --git a/Makefile b/Makefile index 3d062f4126..cb655c0d9b 100644 --- a/Makefile +++ b/Makefile @@ -38,7 +38,7 @@ CLUSTER_GSLB_GATEWAY = docker network inspect ${CLUSTER_GSLB_NETWORK} -f '{{ (in GSLB_DOMAIN ?= cloud.example.com REPO := absaoss/k8gb SHELL := bash -VALUES_YAML ?= "" +VALUES_YAML ?= deploy/k8gb/values.yaml PODINFO_IMAGE_REPO ?= ghcr.io/stefanprodan/podinfo HELM_ARGS ?= K8GB_COREDNS_IP ?= kubectl get svc k8gb-coredns -n k8gb -o custom-columns='IP:spec.clusterIP' --no-headers @@ -157,7 +157,6 @@ deploy-test-version: ## Upgrade k8gb to the test version on existing clusters @for c in $(CLUSTER_IDS); do \ $(MAKE) deploy-local-cluster CLUSTER_ID=$$c VERSION=$(SEMVER)-$(ARCH) CHART='./chart/k8gb' ;\ - kubectl apply -n k8gb -f ./deploy/test/coredns-tcp-svc.yaml ;\ done .PHONY: list-running-pods @@ -178,7 +177,7 @@ deploy-local-cluster: kubectl config use-context k3d-$(CLUSTER_NAME)$(CLUSTER_ID) @echo -e "\n$(YELLOW)Create namespace $(NC)" - kubectl apply -f deploy/namespace.yaml + kubectl apply -f deploy/k8gb-namespace.yaml @echo -e "\n$(YELLOW)Deploy GSLB operator from $(VERSION) $(NC)" $(MAKE) deploy-k8gb-with-helm @@ -190,18 +189,18 @@ deploy-local-cluster: --version 4.0.15 -f $(NGINX_INGRESS_VALUES_PATH) @echo -e "\n$(YELLOW)Install Istio CRDs $(NC)" - kubectl create namespace istio-system + kubectl apply -f deploy/istio-system-namespace.yaml helm repo add --force-update istio https://istio-release.storage.googleapis.com/charts helm repo update - helm upgrade -i istio-base istio/base -n istio-system + helm upgrade -i istio-base istio/base -n istio-system --version 1.23.2 @echo -e "\n$(YELLOW)Install Istiod $(NC)" - helm upgrade -i istiod istio/istiod -n istio-system --wait + helm upgrade -i istiod istio/istiod -n istio-system --version 1.23.2 --wait @echo -e "\n$(YELLOW)Install Istio Ingress Gateway $(NC)" - kubectl create namespace istio-ingress + kubectl apply -f deploy/istio-ingress-namespace.yaml helm upgrade -i istio-ingressgateway istio/gateway -n istio-ingress \ - -f $(ISTIO_INGRESS_VALUES_PATH) + --version 1.23.2 -f $(ISTIO_INGRESS_VALUES_PATH) @if [ "$(DEPLOY_APPS)" = true ]; then $(MAKE) deploy-test-apps ; fi @@ -254,7 +253,6 @@ deploy-k8gb-with-helm: helm -n k8gb upgrade -i k8gb $(CHART) -f $(VALUES_YAML) \ --set $(call get-helm-args,$(CLUSTER_ID)) \ --set k8gb.reconcileRequeueSeconds=10 \ - --set k8gb.dnsZoneNegTTL=10 \ --set k8gb.imageTag=${VERSION:"stable"=""} \ --set k8gb.log.format=$(LOG_FORMAT) \ --set k8gb.log.level=$(LOG_LEVEL) \ @@ -264,7 +262,7 @@ deploy-k8gb-with-helm: .PHONY: deploy-gslb-operator deploy-gslb-operator: ## Deploy k8gb operator - kubectl apply -f deploy/namespace.yaml + kubectl apply -f deploy/k8gb-namespace.yaml cd chart/k8gb && helm dependency update helm -n k8gb upgrade -i k8gb chart/k8gb -f $(VALUES_YAML) $(HELM_ARGS) \ --set k8gb.log.format=$(LOG_FORMAT) diff --git a/chart/k8gb/Chart.lock b/chart/k8gb/Chart.lock index 01fab4ed9c..7b07ba2b66 100644 --- a/chart/k8gb/Chart.lock +++ b/chart/k8gb/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: coredns - repository: https://k8gb-io.github.io/coredns-helm - version: 1.15.3 -digest: sha256:6e8906f6d2e0772826658468a0ff436fe0b1f6b7e2daeb4a03b27edfedcba41c -generated: "2024-09-06T11:25:39.309536+02:00" + repository: https://coredns.github.io/helm + version: 1.34.0 +digest: sha256:4a8560d95d3584c274cc64034394da8b2b57f5372694186a9d0a5488a728a0ff +generated: "2024-10-01T20:03:17.515057+02:00" diff --git a/chart/k8gb/Chart.yaml b/chart/k8gb/Chart.yaml index a4465fcc9a..0bc6a77fa8 100644 --- a/chart/k8gb/Chart.yaml +++ b/chart/k8gb/Chart.yaml @@ -9,8 +9,8 @@ kubeVersion: ">= 1.19.0-0" dependencies: - name: coredns - repository: https://k8gb-io.github.io/coredns-helm - version: 1.15.3 + repository: https://coredns.github.io/helm + version: 1.36.0 home: https://www.k8gb.io/ sources: diff --git a/chart/k8gb/README.md b/chart/k8gb/README.md index 13aee42c0d..16f4055dd2 100644 --- a/chart/k8gb/README.md +++ b/chart/k8gb/README.md @@ -89,12 +89,9 @@ For Kubernetes `< 1.19` use this chart and k8gb in version `0.8.8` or lower. | infoblox.wapiVersion | string | `"2.3.1"` | WAPI version | | istio.enabled | bool | `true` | install istio RBAC | | k8gb.clusterGeoTag | string | `"eu"` | used for places where we need to distinguish between different Gslb instances | -| k8gb.coredns.extraServerBlocks | string | `""` | Extra CoreDNS server blocks | -| k8gb.coredns.extra_plugins | list | `[]` | Extra CoreDNS plugins to be enabled | | k8gb.deployCrds | bool | `true` | whether it should also deploy the gslb and dnsendpoints CRDs | | k8gb.deployRbac | bool | `true` | whether it should also deploy the service account, cluster role and cluster role binding | | k8gb.dnsZone | string | `"cloud.example.com"` | dnsZone controlled by gslb | -| k8gb.dnsZoneNegTTL | int | `300` | Negative TTL for SOA record | | k8gb.edgeDNSServers | list | `["1.1.1.1"]` | host/ip[:port] format is supported here where port defaults to 53 | | k8gb.edgeDNSServers[0] | string | `"1.1.1.1"` | use this DNS server as a main resolver to enable cross k8gb DNS based communication | | k8gb.edgeDNSZone | string | `"example.com"` | main zone which would contain gslb zone to delegate | diff --git a/chart/k8gb/templates/coredns-cm.yaml b/chart/k8gb/templates/coredns-cm.yaml deleted file mode 100644 index b1ffcc6caa..0000000000 --- a/chart/k8gb/templates/coredns-cm.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{- if .Values.coredns.deployment.enabled }} -kind: ConfigMap -metadata: - labels: -{{ include "chart.labels" . | indent 4 }} - name: {{ .Release.Name }}-coredns -apiVersion: v1 -data: - Corefile: |- - {{ .Values.k8gb.dnsZone }}:5353 { - errors - health -{{- if .Values.k8gb.coredns.extra_plugins }} -{{- range .Values.k8gb.coredns.extra_plugins }} - {{ . }} -{{- end }} -{{- end }} - ready - prometheus 0.0.0.0:9153 - forward . /etc/resolv.conf - k8s_crd { - filter k8gb.absa.oss/dnstype=local - negttl {{ .Values.k8gb.dnsZoneNegTTL }} - loadbalance weight - } - } - {{- with .Values.k8gb.coredns.extraServerBlocks -}} - {{- tpl . $ | nindent 4 }} - {{- end }} -{{- end }} diff --git a/chart/k8gb/values.schema.json b/chart/k8gb/values.schema.json index 8eec0b7954..9ad7d263cd 100644 --- a/chart/k8gb/values.schema.json +++ b/chart/k8gb/values.schema.json @@ -270,10 +270,6 @@ "format": "idn-hostname", "minLength": 1 }, - "dnsZoneNegTTL": { - "type": "integer", - "minimum": 0 - }, "edgeDNSZone": { "format": "idn-hostname", "minLength": 1 @@ -300,9 +296,6 @@ "log": { "$ref": "#/definitions/k8gbLog" }, - "coredns": { - "$ref": "#/definitions/k8gbCoreDNS" - }, "splitBrainCheck": { "type": "boolean" }, @@ -360,22 +353,6 @@ }, "title": "Log" }, - "k8gbCoreDNS": { - "type": "object", - "additionalProperties": false, - "properties": { - "extra_plugins": { - "type": [ - "array", - "null" - ] - }, - "extraServerBlocks": { - "type": "string" - } - }, - "title": "k8gbCoredns" - }, "k8gbSecurityContext": { "type": "object", "additionalProperties": false, diff --git a/chart/k8gb/values.yaml b/chart/k8gb/values.yaml index df7cdb4704..cb2a24fd94 100644 --- a/chart/k8gb/values.yaml +++ b/chart/k8gb/values.yaml @@ -14,9 +14,7 @@ k8gb: # -- whether it should also deploy the service account, cluster role and cluster role binding deployRbac: true # -- dnsZone controlled by gslb - dnsZone: "cloud.example.com" - # -- Negative TTL for SOA record - dnsZoneNegTTL: 300 + dnsZone: &dnsZone "cloud.example.com" # -- main zone which would contain gslb zone to delegate edgeDNSZone: "example.com" # main zone which would contain gslb zone to delegate # -- host/ip[:port] format is supported here where port defaults to 53 @@ -29,11 +27,6 @@ k8gb: extGslbClustersGeoTags: "us" # -- Reconcile time in seconds reconcileRequeueSeconds: 30 - coredns: - # -- Extra CoreDNS server blocks - extraServerBlocks: "" - # -- Extra CoreDNS plugins to be enabled - extra_plugins: [] log: # -- log format (simple,json) format: simple # log format (simple,json) @@ -86,9 +79,6 @@ externaldns: coredns: # -- service: refer to https://www.k8gb.io/docs/service_upgrade.html for upgrading CoreDNS service steps isClusterService: false - deployment: - # -- Skip CoreDNS creation and uses the one shipped by k8gb instead - skipConfig: true image: # -- CoreDNS CRD plugin image repository: absaoss/k8s_crd @@ -98,6 +88,27 @@ coredns: serviceAccount: create: true name: coredns + securityContext: + capabilities: + add: [] + servers: + - zones: + - zone: *dnsZone + port: 5353 + servicePort: 53 + plugins: + - name: errors + - name: health + - name: ready + - name: prometheus + parameters: 0.0.0.0:9153 + - name: forward + parameters: . /etc/resolv.conf + - name: k8s_crd + configBlock: |- + filter k8gb.absa.oss/dnstype=local + negttl 300 + loadbalance weight infoblox: # -- infoblox provider enabled diff --git a/deploy/ingress/nginx-ingress-values.yaml b/deploy/ingress/nginx-ingress-values.yaml index 384bde502d..65908c0439 100644 --- a/deploy/ingress/nginx-ingress-values.yaml +++ b/deploy/ingress/nginx-ingress-values.yaml @@ -21,9 +21,3 @@ controller: service: enabled: false - -# UDP service key:value pairs -# Ref: https://github.com/kubernetes/contrib/tree/master/ingress/controllers/nginx/examples/udp -## -udp: - 53: "k8gb/k8gb-coredns:53" diff --git a/deploy/istio-ingress-namespace.yaml b/deploy/istio-ingress-namespace.yaml new file mode 100644 index 0000000000..5175627138 --- /dev/null +++ b/deploy/istio-ingress-namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: istio-ingress diff --git a/deploy/istio-system-namespace.yaml b/deploy/istio-system-namespace.yaml new file mode 100644 index 0000000000..f394e916f9 --- /dev/null +++ b/deploy/istio-system-namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: istio-system diff --git a/deploy/namespace.yaml b/deploy/k8gb-namespace.yaml similarity index 100% rename from deploy/namespace.yaml rename to deploy/k8gb-namespace.yaml diff --git a/deploy/k8gb/values.yaml b/deploy/k8gb/values.yaml new file mode 100644 index 0000000000..34711b6005 --- /dev/null +++ b/deploy/k8gb/values.yaml @@ -0,0 +1,21 @@ +coredns: + serviceType: LoadBalancer + + servers: + - zones: + - zone: cloud.example.com + port: 5353 + servicePort: 53 + plugins: + - name: errors + - name: health + - name: ready + - name: prometheus + parameters: 0.0.0.0:9153 + - name: forward + parameters: . /etc/resolv.conf + - name: k8s_crd + configBlock: |- + filter k8gb.absa.oss/dnstype=local + negttl 10 + loadbalance weight diff --git a/deploy/test/coredns-tcp-svc.yaml b/deploy/test/coredns-tcp-svc.yaml deleted file mode 100644 index 1511b7ebf0..0000000000 --- a/deploy/test/coredns-tcp-svc.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: k8gb-coredns-tcp -spec: - type: NodePort - selector: - app.kubernetes.io/instance: k8gb - app.kubernetes.io/name: coredns - ports: - - name: tcp-5353 - port: 53 - protocol: TCP - targetPort: 5353 - nodePort: 30053 diff --git a/docs/examples/azure/k8gb/aks1-helm-values.yaml b/docs/examples/azure/k8gb/aks1-helm-values.yaml index 852a2e1d0f..ce7808a6bf 100644 --- a/docs/examples/azure/k8gb/aks1-helm-values.yaml +++ b/docs/examples/azure/k8gb/aks1-helm-values.yaml @@ -1,8 +1,6 @@ k8gb: # -- dnsZone controlled by gslb - dnsZone: "demo.k8gb-kubeconeu2023.com" - # -- Negative TTL for SOA record - dnsZoneNegTTL: 300 + dnsZone: &dnsZone "demo.k8gb-kubeconeu2023.com" # -- main zone which would contain gslb zone to delegate edgeDNSZone: "k8gb-kubeconeu2023.com" # main zone which would contain gslb zone to delegate # -- host/ip[:port] format is supported here where port defaults to 53 @@ -33,3 +31,23 @@ azuredns: resourceGroup: k8gb-kubeconeu2023 aadClientId: myAADClientID aadClientSecret: myAADClientSecret + +coredns: + servers: + - zones: + - zone: *dnsZone + port: 5353 + servicePort: 53 + plugins: + - name: errors + - name: health + - name: ready + - name: prometheus + parameters: 0.0.0.0:9153 + - name: forward + parameters: . /etc/resolv.conf + - name: k8s_crd + configBlock: |- + filter k8gb.absa.oss/dnstype=local + negttl 300 + loadbalance weight diff --git a/docs/examples/azure/k8gb/aks2-helm-values.yaml b/docs/examples/azure/k8gb/aks2-helm-values.yaml index 8caba904f6..61a8dfa356 100644 --- a/docs/examples/azure/k8gb/aks2-helm-values.yaml +++ b/docs/examples/azure/k8gb/aks2-helm-values.yaml @@ -1,8 +1,6 @@ k8gb: # -- dnsZone controlled by gslb - dnsZone: "demo.k8gb-kubeconeu2023.com" - # -- Negative TTL for SOA record - dnsZoneNegTTL: 300 + dnsZone: &dnsZone "demo.k8gb-kubeconeu2023.com" # -- main zone which would contain gslb zone to delegate edgeDNSZone: "k8gb-kubeconeu2023.com" # main zone which would contain gslb zone to delegate # -- host/ip[:port] format is supported here where port defaults to 53 @@ -32,3 +30,23 @@ azuredns: resourceGroup: k8gb-kubeconeu2023 aadClientId: myAADClientID aadClientSecret: myAADClientSecret + +coredns: + servers: + - zones: + - zone: *dnsZone + port: 5353 + servicePort: 53 + plugins: + - name: errors + - name: health + - name: ready + - name: prometheus + parameters: 0.0.0.0:9153 + - name: forward + parameters: . /etc/resolv.conf + - name: k8s_crd + configBlock: |- + filter k8gb.absa.oss/dnstype=local + negttl 300 + loadbalance weight diff --git a/docs/examples/windowsdns/k8gb/aks1-helm-values.yaml b/docs/examples/windowsdns/k8gb/aks1-helm-values.yaml index 898c2052ae..4a335ad53f 100644 --- a/docs/examples/windowsdns/k8gb/aks1-helm-values.yaml +++ b/docs/examples/windowsdns/k8gb/aks1-helm-values.yaml @@ -3,9 +3,7 @@ k8gb: deployCrds: true deployRbac: true # -- dns zone that will be managed by CoreDNS - dnsZone: "global.k8gb.local" - # -- Negative TTL for SOA record - dnsZoneNegTTL: 300 + dnsZone: &dnsZone "global.k8gb.local" # -- main zone which would contain gslb zone to delegate edgeDNSZone: "k8gb.local" # -- host/ip[:port] format is supported here where port defaults to 53 @@ -60,6 +58,24 @@ coredns: rbac: create: true name: coredns + servers: + - zones: + - zone: *dnsZone + port: 5353 + servicePort: 53 + plugins: + - name: errors + - name: health + - name: ready + - name: prometheus + parameters: 0.0.0.0:9153 + - name: forward + parameters: . /etc/resolv.conf + - name: k8s_crd + configBlock: |- + filter k8gb.absa.oss/dnstype=local + negttl 300 + loadbalance weight rfc2136: enabled: true @@ -80,4 +96,4 @@ rfc2136: gssTsigCreds: - kerberos-username: k8gb - kerberos-password: asdfkuj#f8guh1 - - kerberos-realm: k8gb.local \ No newline at end of file + - kerberos-realm: k8gb.local diff --git a/docs/examples/windowsdns/k8gb/aks2-helm-values.yaml b/docs/examples/windowsdns/k8gb/aks2-helm-values.yaml index 1f8a1176c4..0b2b7a406a 100644 --- a/docs/examples/windowsdns/k8gb/aks2-helm-values.yaml +++ b/docs/examples/windowsdns/k8gb/aks2-helm-values.yaml @@ -3,9 +3,7 @@ k8gb: deployCrds: true deployRbac: true # -- dns zone that will be managed by CoreDNS - dnsZone: "global.k8gb.local" - # -- Negative TTL for SOA record - dnsZoneNegTTL: 300 + dnsZone: &dnsZone "global.k8gb.local" # -- main zone which would contain gslb zone to delegate edgeDNSZone: "k8gb.local" # -- host/ip[:port] format is supported here where port defaults to 53 @@ -60,6 +58,24 @@ coredns: rbac: create: true name: coredns + servers: + - zones: + - zone: *dnsZone + port: 5353 + servicePort: 53 + plugins: + - name: errors + - name: health + - name: ready + - name: prometheus + parameters: 0.0.0.0:9153 + - name: forward + parameters: . /etc/resolv.conf + - name: k8s_crd + configBlock: |- + filter k8gb.absa.oss/dnstype=local + negttl 300 + loadbalance weight rfc2136: enabled: true @@ -80,4 +96,4 @@ rfc2136: gssTsigCreds: - kerberos-username: k8gb - kerberos-password: asdfkuj#f8guh1 - - kerberos-realm: K8GB.LOCAL \ No newline at end of file + - kerberos-realm: K8GB.LOCAL diff --git a/k3d/test-gslb1.yaml b/k3d/test-gslb1.yaml index 3fc48deccd..a29aaf552a 100644 --- a/k3d/test-gslb1.yaml +++ b/k3d/test-gslb1.yaml @@ -23,15 +23,13 @@ ports: - port: 9080:30090 nodeFilters: - agent:0:direct - - port: 5053:30053/tcp + - port: 5053:53/tcp nodeFilters: - - agent:0:direct + - loadbalancer - port: 5053:53/udp nodeFilters: - - agent:0:direct + - loadbalancer options: - k3d: - disableLoadbalancer: true k3s: extraArgs: - arg: --disable=traefik,metrics-server,local-storage diff --git a/k3d/test-gslb2.yaml b/k3d/test-gslb2.yaml index 8292a9c4a8..39f5f96b50 100644 --- a/k3d/test-gslb2.yaml +++ b/k3d/test-gslb2.yaml @@ -20,15 +20,13 @@ ports: - port: 9081:30090 nodeFilters: - agent:0:direct - - port: 5054:30053/tcp + - port: 5054:53/tcp nodeFilters: - - agent:0:direct + - loadbalancer - port: 5054:53/udp nodeFilters: - - agent:0:direct + - loadbalancer options: - k3d: - disableLoadbalancer: true k3s: extraArgs: - arg: --disable=traefik,metrics-server,local-storage diff --git a/k3d/test-gslb3.yaml b/k3d/test-gslb3.yaml index 8e0308ab5d..d17ffa2783 100644 --- a/k3d/test-gslb3.yaml +++ b/k3d/test-gslb3.yaml @@ -20,15 +20,13 @@ ports: - port: 9082:30090 nodeFilters: - agent:0:direct - - port: 5055:30053/tcp + - port: 5055:53/tcp nodeFilters: - - agent:0:direct + - loadbalancer - port: 5055:53/udp nodeFilters: - - agent:0:direct + - loadbalancer options: - k3d: - disableLoadbalancer: true k3s: extraArgs: - arg: --disable=traefik,metrics-server,local-storage