diff --git a/charts/powerdns/0.1.11/.helmignore b/charts/powerdns/0.1.11/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/powerdns/0.1.11/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/powerdns/0.1.11/Chart.yaml b/charts/powerdns/0.1.11/Chart.yaml new file mode 100644 index 0000000..39f8b7d --- /dev/null +++ b/charts/powerdns/0.1.11/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +appVersion: 4.3.4 +description: A Helm chart for Kubernetes +name: powerdns +type: application +version: 0.1.11 diff --git a/charts/powerdns/0.1.11/README.md b/charts/powerdns/0.1.11/README.md new file mode 100644 index 0000000..cc59a70 --- /dev/null +++ b/charts/powerdns/0.1.11/README.md @@ -0,0 +1,148 @@ +# Powerdns +PowerDNS with Mariadb and PowerDNS-Admin Helm to easy PowerDNS deploy on Kubernetes + +[PowerDNS](https://www.powerdns.com/) is an open source DNS Authoritative Server (answer questions about domains it knows about, but will not go out on the net to resolve queries about other domains) software. + +## TL;DR; + +Supported for Helm v3 + +```console +helm repo add aecharts https://raw.githubusercontent.com/aescanero/helm-charts/master/ +helm repo update +helm install aecharts/powerdns +``` + +## Introduction + +This chart bootstraps a [pschiffe/docker-pdns](https://github.com/pschiffe/docker-pdns) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +It also packages: +- [aescanero/docker-powerdns-admin-alpine](https://github.com/aescanero/docker-powerdns-admin-alpine) based in [ngoduykhanh/PowerDNS-Admin](https://github.com/ngoduykhanh/PowerDNS-Admin) which provide a dashboard for PowerDNS management. +- [mariadb](https://www.mariadb.org) which is required for bootstrapping a MariaDB deployment for the database requirements of PowerDNS and PowerDNS-Admin applications. + +## Prerequisites + +- Kubernetes 1.8+ with Beta APIs enabled +- PV provisioner support in the underlying infrastructure (Optional) + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +helm repo add aecharts https://raw.githubusercontent.com/aescanero/helm-charts/master/ +helm repo update +helm install my-release aecharts/powerdns +``` + +The command deploys PowerDNS on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. + +> **Tip**: List all releases using `helm list` + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```console +$ helm delete my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Configuration + +The following table lists the configurable parameters of the PowerDNS chart and their default values. + +| Parameter | Description | Default | +|-----------------------------------|--------------------------------------------|---------------------------------------------------------| +| `powerdns.enabled` | Deploy the DNS Server packaged with Helm | `true` | +| `powerdns.service.dns.tcp.enabled`| Enable DNS (TCP) Service | `false` | +| `powerdns.service.dns.tcp.port` | Port of the DNS (TCP) Service | `53` | +| `powerdns.service.dns.tcp.type` | Class of the Kubernetes DNS (TCP) Service | `LoadBalancer` | +| `powerdns.service.dns.tcp.loadBalancerIP` | Statically assign LoadBalancerIP (UDP) | `` | +| `powerdns.service.dns.tcp.annotations` | Annotations for service (TCP) | `` | +| `powerdns.service.dns.udp.enabled`| Enable DNS (UDP) Service | `true` | +| `powerdns.service.dns.udp.port` | Port of the DNS (UDP) Service | `53` | +| `powerdns.service.dns.udp.type` | Class of the Kubernetes DNS (UDP) Service | `LoadBalancer` | +| `powerdns.service.dns.udp.loadBalancerIP` | Statically assign LoadBalancerIP (TCP) | `` | +| `powerdns.service.dns.udp.annotations` | Annotations for service (UDP) | `` | +| `powerdns.service.api.type` | Class of the Kubernetes PowerDNSAPI Service| `ClusterIP` | +| `powerdns.service.api.port` | Port of the DNS Service | `53` | +| `powerdns.image.repository` | PowerDNS image name | `pschiffe/pdns-mysql` | +| `powerdns.image.tag` | PowerDNS image tag | `alpine` | +| `powerdns.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `powerdns.domain` | Automatically create a domain | `external.local` | +| `powerdns.master` | Deploy PowerDNS as master | `yes` | +| `powerdns.api` | Enable API for Management (need webserver) | `yes` | +| `powerdns.webserver` | Enable web server to publish API | `yes` | +| `powerdns.webserver_address` | IP where the web server is published | `0.0.0.0` | +| `powerdns.webserver_allow_from` | Allow access to web server only from | `0.0.0.0/0` | +| `powerdns.version_string` | Version to designate the DNS Server | `anonymous` | +| `powerdns.default_ttl` | time-to-live of the DNS resources | `1500` | +| `powerdns.soa_minimum_ttl` | Minimal time-to-live of SOA | `1200` | +| `powerdns.default_soa_name` | Name to designate the zone | `ns1.external.local` | +| `powerdns.mysql_host` | Host of the external database | `127.0.0.1` | +| `powerdns.mysql_database` | Name of the external database | `powerdns` | +| `powerdns.mysql_user` | User of the external database | `powerdns` | +| `powerdns.mysql_rootpass` | Password of the root user of external BD | `nil` | +| `powerdns.mysql_pass` | Password of the user | `nil` | +| `powerdns.innodb_read_committed` | Set powerdns option gmysql-innodb-read-commited | `no` | +| `powerdns.resources` | CPU/Memory resource requests/limits | Memory: `512Mi`, CPU: `300m` | +| `mariadb.enabled` | Deploy the Database packaged with Helm | `true` | +| `mariadb.image.repository` | MariaDB image name | `mariadb` | +| `mariadb.image.tag` | MariaDB image tag | `latest` | +| `mariadb.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `mariadb.mysql_rootpass` | Password of the root user of internal BD | `nil` | +| `mariadb.mysql_pass` | Password of the user | `nil` | +| `mariadb.persistence.enabled` | Enable persistence using PVC | `true` | +| `mariadb.persistence.storageClass`| PVC Storage Class for MariaDB volume | `nil` | +| `mariadb.persistence.accessMode` | PVC Access Mode for MariaDB volume | `ReadWriteOnce` | +| `mariadb.persistence.size` | PVC Storage Request for MariaDB volume | `1Gi` | +| `mariadb.resources` | CPU/Memory resource requests/limits | Memory: `512Mi`, CPU: `300m` | +| `mariadb.args` | mysqld arguments | `--bind-address=127.0.0.1 --innodb_use_native_aio=0 --innodb_flush_method=fsync` | +| `powerdnsadmin.enabled` | Deploy the Dashboard packaged with Helm | `true` | +| `powerdnsadmin.service.type` | Class of Kubernetes PowerDNS-Admin Service | `LoadBalancer` | +| `powerdnsadmin.service.port` | Port of the PowerDNS-Admin Service | `9191` | +| `powerdnsadmin.image.repository` | PowerDNS-Admin image name | `aescanero/powerdns-admin` | +| `powerdnsadmin.image.tag` | PowerDNS-Admin image tag | `latest` | +| `powerdnsadmin.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `powerdnsadmin.proto` | Protocol of PowerDNS-Admin Service | `http` | +| `powerdnsadmin.powerdns_host` | Where is PowerDNS Service | `127.0.0.1` | +| `powerdnsadmin.powerdns_port` | Port of the PowerDNS API Service | `8081` | +| `powerdnsadmin.mysql_host` | Host of the external database | `127.0.0.1` | +| `powerdnsadmin.mysql_database` | Name of the external database | `powerdns` | +| `powerdnsadmin.mysql_user` | User of the external database | `powerdns` | +| `powerdnsadmin.mysql_pass` | Password of the user | `nil` | +| `powerdnsadmin.resources` | CPU/Memory resource requests/limits | Memory: `512Mi`, CPU: `300m` | +| `powerdnsadmin.ingress.enabled` | Deploy the Dashboard with Ingress | `false` | +| `powerdnsadmin.ingress.class` | Class of Ingress | `traefik` | +| `powerdnsadmin.ingress.hostname` | Hostname without domain part | `powerdns-admin` | +| `powerdnsadmin.ingress.path` | Path within the url structure | `/` | + +The above parameters map to the env variables defined in each container. For more information please refer to each image documentation. + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```console +helm repo add aecharts https://raw.githubusercontent.com/aescanero/helm-charts/master/ +helm repo update +helm install powerdns-release --set domain=disasterproject.com aecharts/powerdns +``` + +The above command sets the domain managed by PowerDNS to `disasterproject.com`. + +Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, + +```console +helm repo add aecharts https://raw.githubusercontent.com/aescanero/helm-charts/master/ +helm repo update +helm install powerdns-release -f values.yaml aecharts/powerdns +``` + +## Persistence + +The [mariadb](https://www.mariadb.org) image stores the Database at `/var/lib/mysql` path of the container. + +Persistent Volume Claims are used to keep the data across deployments. + diff --git a/charts/powerdns/0.1.11/templates/NOTES.txt b/charts/powerdns/0.1.11/templates/NOTES.txt new file mode 100644 index 0000000..3b9d1b4 --- /dev/null +++ b/charts/powerdns/0.1.11/templates/NOTES.txt @@ -0,0 +1,35 @@ +Access to the DNS Server and Dashboard by running these commands: +{{- if .Values.admin.ingress.enabled }} + http://{{ .Values.admin.ingress.hostname }}.{{ .Values.powerdns.domain }}{{ .Values.admin.ingress.path }} +{{- end }} +{{- if eq .Values.service.dns.tcp.type "NodePort" }} + export NODE_PORT=$(kubectl {{- if .Release.Namespace }} -n {{.Release.Namespace}} {{ end -}} get -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "powerdns.fullname" . }})-service-dns-tcp + export NODE_IP=$(kubectl {{- if .Release.Namespace }} -n {{.Release.Namespace}} {{ end -}} get nodes -o jsonpath="{.items[0].status.addresses[0].address}") + echo Point your DNS client to $NODE_IP:$NODE_PORT +{{- end }} +{{- if eq .Values.admin.service.type "NodePort" }} + export NODE_PORT=$(kubectl {{- if .Release.Namespace }} -n {{.Release.Namespace}} {{ end -}} get -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "powerdns.fullname" . }})-service-admin + export NODE_IP=$(kubectl {{- if .Release.Namespace }} -n {{.Release.Namespace}} {{ end -}} get nodes -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT + echo Dashboard access at http://$SERVICE_IP2:{{ .Values.admin.service.port }} +{{- end }} + +{{- if eq .Values.service.dns.tcp.type "LoadBalancer" }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl {{ if .Release.Namespace }} -n {{.Release.Namespace}} {{ end }} get svc -w {{ template "powerdns.fullname" . }}' + export SERVICE_IP1=$(kubectl {{ if .Release.Namespace }} -n {{.Release.Namespace}} {{ end }} get svc {{ template "powerdns.fullname" . }}-service-dns-tcp -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + export SERVICE_IP2=$(kubectl {{ if .Release.Namespace }} -n {{.Release.Namespace}} {{ end }} get svc {{ template "powerdns.fullname" . }}-service-admin -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo Point your DNS client to $SERVICE_IP1:{{ .Values.service.dns.tcp.port }} + echo Dashboard access at http://$SERVICE_IP2:{{ .Values.admin.service.port }} +{{- end }} + +{{- if contains "ClusterIP" .Values.service.dns.tcp.type }} + export POD_NAME=$(kubectl {{- if .Release.Namespace }} -n {{.Release.Namespace}} {{ end -}} get pods -l "app={{ template "powerdns.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Point your DNS client to 127.0.0.1:53" + kubectl port-forward $POD_NAME 53:53 +{{- end }} +{{- if contains "ClusterIP" .Values.admin.service.type }} + export POD_NAME=$(kubectl {{- if .Release.Namespace }} -n {{.Release.Namespace}} {{ end -}} get pods -l "app={{ template "powerdns.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use the dashboard" + kubectl port-forward $POD_NAME 8080:80 +{{- end }} diff --git a/charts/powerdns/0.1.11/templates/_helpers.tpl b/charts/powerdns/0.1.11/templates/_helpers.tpl new file mode 100644 index 0000000..2bc49d4 --- /dev/null +++ b/charts/powerdns/0.1.11/templates/_helpers.tpl @@ -0,0 +1,45 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "powerdns.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "powerdns.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "powerdns.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "powerdns.labels" -}} +app.kubernetes.io/name: {{ include "powerdns.name" . }} +helm.sh/chart: {{ include "powerdns.chart" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} diff --git a/charts/powerdns/0.1.11/templates/_metallb.tpl b/charts/powerdns/0.1.11/templates/_metallb.tpl new file mode 100644 index 0000000..7824697 --- /dev/null +++ b/charts/powerdns/0.1.11/templates/_metallb.tpl @@ -0,0 +1,3 @@ +{{- define "metallb.pool.annotation" -}} +{{ printf "metallb.universe.tf/address-pool: %s" .Values.metallb.address_pool }} +{{- end -}} diff --git a/charts/powerdns/0.1.11/templates/admin-deployment.yaml b/charts/powerdns/0.1.11/templates/admin-deployment.yaml new file mode 100644 index 0000000..2154e61 --- /dev/null +++ b/charts/powerdns/0.1.11/templates/admin-deployment.yaml @@ -0,0 +1,67 @@ +{{- if .Values.admin.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "{{ template "powerdns.fullname" . }}-admin" + labels: + powerdns.com/role: admin +{{ include "powerdns.labels" . | indent 4 }} +spec: + replicas: {{ default .Values.replicaCount 1 }} + selector: + matchLabels: +{{ include "powerdns.labels" . | indent 6 }} + app.kubernetes.io/name: {{ include "powerdns.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + powerdns.com/role: admin + template: + metadata: + labels: +{{ include "powerdns.labels" . | indent 8 }} + app.kubernetes.io/name: {{ include "powerdns.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + powerdns.com/role: admin + spec: + containers: + - name: {{ .Chart.Name }}-powerdnsadmin + image: "{{ .Values.admin.image.repository }}:{{ .Values.admin.image.tag }}" + imagePullPolicy: {{ .Values.admin.image.pullPolicy }} + livenessProbe: + exec: + command: ["/bin/sh", "-c", "nc -vz 127.0.0.1 9191 2>/dev/null"] + initialDelaySeconds: 80 + resources: +{{ toYaml .Values.admin.resources | indent 12 }} + env: + - name: PDNS_API_KEY + valueFrom: + secretKeyRef: + name: "{{ template "powerdns.fullname" . }}-secret" + key: PDNS_APIKEY + - name: PDNSADMIN_SECRET_KEY + valueFrom: + secretKeyRef: + name: "{{ template "powerdns.fullname" . }}-secret" + key: PDNSADMIN_SECRET + - name: PDNS_PROTO + value: {{ .Values.admin.proto | quote }} + - name: PDNS_HOST + value: {{ template "powerdns.fullname" . }}-service-api + - name: PDNS_PORT + value: {{ .Values.admin.powerdns_port | quote }} + - name: PDNSADMIN_SQLA_DB_HOST + value: {{ template "powerdns.fullname" . }}-service-db + - name: PDNSADMIN_SQLA_DB_PASSWORD + valueFrom: + secretKeyRef: + name: "{{ template "powerdns.fullname" . }}-secret" + key: MYSQL_PASS + - name: PDNSADMIN_SQLA_DB_NAME + value: {{ .Values.admin.mysql_database | quote }} + - name: PDNSADMIN_SQLA_DB_USER + value: {{ .Values.admin.mysql_user | quote }} + ports: + - containerPort: 9191 + name: pdns-admin-http + protocol: TCP +{{- end }} diff --git a/charts/powerdns/0.1.11/templates/admin-service.yaml b/charts/powerdns/0.1.11/templates/admin-service.yaml new file mode 100644 index 0000000..9a99dd1 --- /dev/null +++ b/charts/powerdns/0.1.11/templates/admin-service.yaml @@ -0,0 +1,19 @@ +{{- if .Values.admin.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "powerdns.fullname" . }}-service-admin + labels: +{{ include "powerdns.labels" . | indent 4 }} +spec: + type: {{ .Values.admin.service.type }} + ports: + - port: {{ .Values.admin.service.port }} + targetPort: pdns-admin-http + protocol: TCP + name: pdns-admin-http + selector: + app.kubernetes.io/name: {{ include "powerdns.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + powerdns.com/role: admin +{{- end }} diff --git a/charts/powerdns/0.1.11/templates/db-deployment.yaml b/charts/powerdns/0.1.11/templates/db-deployment.yaml new file mode 100644 index 0000000..5bc30d3 --- /dev/null +++ b/charts/powerdns/0.1.11/templates/db-deployment.yaml @@ -0,0 +1,65 @@ +{{- if .Values.mariadb.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "{{ template "powerdns.fullname" . }}-db" + labels: + powerdns.com/role: db +{{ include "powerdns.labels" . | indent 4 }} +spec: + replicas: {{ coalesce .Values.mariadb.replicaCount 1 }} + selector: + matchLabels: +{{ include "powerdns.labels" . | indent 6 }} + app.kubernetes.io/name: {{ include "powerdns.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + powerdns.com/role: db + template: + metadata: + labels: +{{ include "powerdns.labels" . | indent 8 }} + app.kubernetes.io/name: {{ include "powerdns.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + powerdns.com/role: db + spec: + containers: + - name: mariadb + image: "{{ .Values.mariadb.image.repository }}:{{ .Values.mariadb.image.tag }}" + imagePullPolicy: {{ .Values.mariadb.image.pullPolicy }} + resources: +{{ toYaml .Values.mariadb.resources | indent 12 }} +{{- if .Values.mariadb.args }} + args: +{{- range .Values.mariadb.args }} + - {{ . | quote }} +{{- end }} +{{- end }} + env: + - name: MYSQL_INITDB_SKIP_TZINFO + value: "1" + - name: MYSQL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "powerdns.fullname" . }}-secret + key: MYSQL_PASS + - name: MYSQL_DATABASE + value: {{ .Values.powerdns.mysql_database | quote }} + - name: MYSQL_USER + value: {{ .Values.powerdns.mysql_user | quote }} + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "powerdns.fullname" . }}-secret + key: MYSQL_PASS +{{- if .Values.mariadb.persistence.enabled }} + volumeMounts: + - name: data + mountPath: /var/lib/mysql +{{- end }} +{{- if .Values.mariadb.persistence.enabled }} + volumes: + - name: data + persistentVolumeClaim: + claimName: "pvc-{{ template "powerdns.fullname" . }}-mariadb" +{{- end }} +{{ end -}} diff --git a/charts/powerdns/0.1.11/templates/db-service.yaml b/charts/powerdns/0.1.11/templates/db-service.yaml new file mode 100644 index 0000000..11cc46a --- /dev/null +++ b/charts/powerdns/0.1.11/templates/db-service.yaml @@ -0,0 +1,19 @@ +{{- if .Values.mariadb.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "powerdns.fullname" . }}-service-db + labels: +{{ include "powerdns.labels" . | indent 4 }} +spec: + type: ClusterIP + ports: + - port: 3306 + name: db + protocol: TCP + targetPort: 3306 + selector: + app.kubernetes.io/name: {{ include "powerdns.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + powerdns.com/role: db +{{ end -}} diff --git a/charts/powerdns/0.1.11/templates/ingress.yaml b/charts/powerdns/0.1.11/templates/ingress.yaml new file mode 100644 index 0000000..489a968 --- /dev/null +++ b/charts/powerdns/0.1.11/templates/ingress.yaml @@ -0,0 +1,28 @@ +{{- if .Values.admin.ingress.enabled -}} +{{- $fullName := include "powerdns.fullname" . -}} +{{- $svcPort := .Values.admin.service.port -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ $fullName }} +{{- if eq .Values.admin.ingress.class "traefik" }} + annotations: + kubernetes.io/ingress.class: traefik + traefik.ingress.kubernetes.io/frontend-entry-points: http,https + traefik.ingress.kubernetes.io/redirect-entry-point: https + traefik.ingress.kubernetes.io/redirect-permanent: "true" +{{- end }} +{{- if eq .Values.admin.ingress.class "nginx" }} + annotations: + kubernetes.io/ingress.class: nginx +{{- end }} +spec: + rules: + - host: {{ .Values.admin.ingress.hostname }}.{{ .Values.powerdns.domain }} + http: + paths: + - path: {{ .Values.admin.ingress.path | quote }} + backend: + serviceName: {{ $fullName }}-service-admin + servicePort: {{ $svcPort }} +{{- end }} diff --git a/charts/powerdns/0.1.11/templates/mariadb-pvc.yaml b/charts/powerdns/0.1.11/templates/mariadb-pvc.yaml new file mode 100644 index 0000000..109b18a --- /dev/null +++ b/charts/powerdns/0.1.11/templates/mariadb-pvc.yaml @@ -0,0 +1,15 @@ +{{ if .Values.mariadb.persistence.enabled }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pvc-{{ template "powerdns.fullname" . }}-mariadb +spec: + accessModes: + - {{ .Values.mariadb.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.mariadb.persistence.size }} +{{ if .Values.mariadb.persistence.storageClass }} + storageClassName: {{ .Values.mariadb.persistence.storageClass }} +{{ end }} +{{ end }} diff --git a/charts/powerdns/0.1.11/templates/powerdns-admin-secret.yaml b/charts/powerdns/0.1.11/templates/powerdns-admin-secret.yaml new file mode 100644 index 0000000..4bdc02c --- /dev/null +++ b/charts/powerdns/0.1.11/templates/powerdns-admin-secret.yaml @@ -0,0 +1,18 @@ +{{ if .Values.admin.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "powerdns.fullname" . }}-admin-secret + labels: +{{ include "powerdns.labels" . | indent 4}} + release: {{ .Release.Name }} + chart: {{ template "powerdns.chart" . }} +type: Opaque +data: + PDNS_APIKEY: {{ required "Missing value: apikey" .Values.apikey | b64enc }} + MYSQL_PASS: {{ required "Missing value: mariadb.mysql_pass" .Values.mariadb.mysql_pass | b64enc }} + {{ if .Values.mariadb.mysql_rootpass }} + MYSQL_ROOTPASS: {{ .Values.mariadb.mysql_rootpass | b64enc }} + {{ end }} + PDNSADMIN_SECRET: {{ required "Missing value: .admin.secret" .Values.admin.secret | b64enc }} +{{ end }} diff --git a/charts/powerdns/0.1.11/templates/powerdns-api-service.yaml b/charts/powerdns/0.1.11/templates/powerdns-api-service.yaml new file mode 100644 index 0000000..fc2f72c --- /dev/null +++ b/charts/powerdns/0.1.11/templates/powerdns-api-service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "powerdns.fullname" . }}-service-api + labels: +{{ include "powerdns.labels" . | indent 4 }} +spec: + type: {{ .Values.service.api.type }} + ports: + - port: {{ .Values.service.api.port }} + targetPort: api + protocol: TCP + name: api + selector: + app.kubernetes.io/name: {{ include "powerdns.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + powerdns.com/role: api diff --git a/charts/powerdns/0.1.11/templates/powerdns-deployment.yaml b/charts/powerdns/0.1.11/templates/powerdns-deployment.yaml new file mode 100644 index 0000000..f4e0e6b --- /dev/null +++ b/charts/powerdns/0.1.11/templates/powerdns-deployment.yaml @@ -0,0 +1,103 @@ +{{- $db_host := coalesce .Values.powerdns.mysql_host (printf "%s-service-db" (include "powerdns.fullname" . )) -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "{{ template "powerdns.fullname" . }}" + labels: +{{ include "powerdns.labels" . | indent 4 }} + powerdns.com/role: api +spec: + replicas: {{ default .Values.replicaCount 1 }} + selector: + matchLabels: +{{ include "powerdns.labels" . | indent 6 }} + app.kubernetes.io/name: {{ include "powerdns.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + powerdns.com/role: api + template: + metadata: + labels: +{{ include "powerdns.labels" . | indent 8 }} + app.kubernetes.io/name: {{ include "powerdns.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + powerdns.com/role: api + spec: + containers: + - name: powerdns + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + livenessProbe: + exec: + command: ["/bin/sh", "-c", "pdnsutil list-zone {{ .Values.domain }}"] + readinessProbe: + exec: + command: ["/bin/sh", "-c", "nc -vz {{ $db_host }} 3306"] + initialDelaySeconds: 20 + lifecycle: + postStart: + exec: + command: + - "/bin/sh" + - "-c" + - "a=0;while [ $a -lt 200 ];do sleep 1;a=$[a+1];echo 'stage: '$a;if nc -vz {{ $db_host }} 3306;then (! pdnsutil list-zone {{ .Values.powerdns.domain }}) && pdnsutil create-zone {{ .Values.powerdns.domain }};echo 'End Stage';a=200;fi;done" + resources: +{{ toYaml .Values.powerdns.resources | indent 12 }} + env: + - name: PDNS_api_key + valueFrom: + secretKeyRef: + name: "{{ template "powerdns.fullname" . }}-secret" + key: PDNS_APIKEY + - name: PDNS_master + value: {{ .Values.powerdns.master | quote}} + - name: PDNS_api + value: {{ .Values.powerdns.api | quote }} + - name: PDNS_webserver + value: {{ .Values.powerdns.webserver | quote }} + - name: PDNS_webserver_address + value: {{ .Values.powerdns.webserver_address | quote }} + - name: PDNS_webserver_allow_from + value: {{ .Values.powerdns.webserver_allow_from | quote }} + - name: PDNS_webserver_password + valueFrom: + secretKeyRef: + name: "{{ template "powerdns.fullname" . }}-secret" + key: PDNS_APIKEY + - name: PDNS_version_string + value: {{ .Values.powerdns.version_string | quote }} + - name: PDNS_default_ttl + value: {{ .Values.powerdns.default_ttl | quote }} + - name: PDNS_soa_minimum_ttl + value: {{ .Values.powerdns.soa_minimum_ttl | quote }} + - name: PDNS_default_soa_name + value: "ns1.{{ .Values.powerdns.domain }}" + - name: PDNS_default_soa_mail + value: "hostmaster.{{ .Values.powerdns.domain }}" + - name: PDNS_gmysql_innodb_read_committed + value: {{ .Values.powerdns.innodb_read_committed | quote }} + - name: MYSQL_ENV_MYSQL_HOST + value: {{ quote $db_host }} + - name: MYSQL_ENV_MYSQL_PASSWORD + valueFrom: + secretKeyRef: + name: "{{ template "powerdns.fullname" . }}-secret" + key: MYSQL_PASS + - name: MYSQL_ENV_MYSQL_DATABASE + value: {{ .Values.powerdns.mysql_database | quote }} + - name: MYSQL_ENV_MYSQL_USER + value: {{ .Values.powerdns.mysql_user | quote }} + - name: MYSQL_ENV_MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: "{{ template "powerdns.fullname" . }}-secret" + key: MYSQL_PASS + ports: + - containerPort: 53 + name: dns-udp + protocol: UDP + - containerPort: 53 + name: dns-tcp + protocol: TCP + - containerPort: 8081 + name: api + protocol: TCP diff --git a/charts/powerdns/0.1.11/templates/powerdns-dns-service-tcp.yaml b/charts/powerdns/0.1.11/templates/powerdns-dns-service-tcp.yaml new file mode 100644 index 0000000..92d012e --- /dev/null +++ b/charts/powerdns/0.1.11/templates/powerdns-dns-service-tcp.yaml @@ -0,0 +1,28 @@ +{{- if .Values.service.dns.tcp.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "powerdns.fullname" . }}-service-dns-tcp + labels: +{{ include "powerdns.labels" . | indent 4 }} +{{- with .Values.service.dns.tcp.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +{{ template "metallb.address.pool" . | indent 4}} +spec: + type: {{ .Values.service.dns.tcp.type }} + {{- if .Values.service.dns.tcp.loadBalancerIP }} + loadBalancerIP: {{ .Values.service.dns.tcp.loadBalancerIP }} + {{- end }} + ports: + - port: {{ .Values.service.dns.tcp.port }} + targetPort: dns-tcp + protocol: TCP + name: dns-tcp + selector: + app.kubernetes.io/name: {{ include "powerdns.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + powerdns.com/role: api +{{- end }} + diff --git a/charts/powerdns/0.1.11/templates/powerdns-dns-service-udp.yaml b/charts/powerdns/0.1.11/templates/powerdns-dns-service-udp.yaml new file mode 100644 index 0000000..73ad339 --- /dev/null +++ b/charts/powerdns/0.1.11/templates/powerdns-dns-service-udp.yaml @@ -0,0 +1,26 @@ +{{- if .Values.service.dns.udp.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "powerdns.fullname" . }}-service-dns-udp + labels: +{{ include "powerdns.labels" . | indent 4 }} +{{- with .Values.service.dns.udp.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: + type: {{ .Values.service.dns.udp.type }} + {{- if .Values.service.dns.udp.loadBalancerIP }} + loadBalancerIP: {{ .Values.service.dns.udp.loadBalancerIP }} + {{- end }} + ports: + - port: {{ .Values.service.dns.udp.port }} + targetPort: dns-udp + protocol: UDP + name: dns-udp + selector: + app.kubernetes.io/name: {{ include "powerdns.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + powerdns.com/role: api +{{- end }} diff --git a/charts/powerdns/0.1.11/templates/powerdns-secret.yaml b/charts/powerdns/0.1.11/templates/powerdns-secret.yaml new file mode 100644 index 0000000..3b2f5b9 --- /dev/null +++ b/charts/powerdns/0.1.11/templates/powerdns-secret.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "powerdns.fullname" . }}-secret + labels: +{{ include "powerdns.labels" . | indent 4}} + release: {{ .Release.Name }} + chart: {{ template "powerdns.chart" . }} +type: Opaque +data: + PDNS_APIKEY: {{ required "Missing variable: apikey" .Values.apikey | b64enc }} + MYSQL_PASS: {{ required "Missing variable: mariadb.mysql_pass" .Values.mariadb.mysql_pass | b64enc }} + {{ if .Values.mariadb.mysql_rootpass }} + MYSQL_ROOTPASS: {{ .Values.mariadb.mysql_rootpass | b64enc }} + {{ end }} + PDNSADMIN_SECRET: {{ required "Missing variable: powerdnsadmin.secret" .Values.admin.secret | b64enc }} + diff --git a/charts/powerdns/0.1.11/values.yaml b/charts/powerdns/0.1.11/values.yaml new file mode 100644 index 0000000..f7ec4c8 --- /dev/null +++ b/charts/powerdns/0.1.11/values.yaml @@ -0,0 +1,121 @@ +#Author: aescanero@disasterproject.com +#Website: www.disasterproject.com +#Version: 0.3 + +enabled: true +service: + dns: + tcp: + enabled: false + type: LoadBalancer + port: 53 + annotations: + udp: + enabled: true + type: LoadBalancer + port: 53 + annotations: + api: + type: ClusterIP + port: 8081 +image: + repository: pschiffe/pdns-mysql + tag: alpine + pullPolicy: IfNotPresent +domain: external.local +master: "yes" +api: "yes" +version_string: "anonymous" +default_ttl: "1500" +soa_minimum_ttl: "1200" +default_soa_name: "ns1.external.local" +apikey: foobarbaz + +metallb: + address_pool: default + +powerdns: + enabled: true + image: + repository: pschiffe/pdns-mysql + tag: alpine + pullPolicy: IfNotPresent + domain: external.local + master: "yes" + api: "yes" + webserver: "yes" + webserver_address: "0.0.0.0" + webserver_allow_from: "0.0.0.0/0" + version_string: "anonymous" + default_ttl: "1500" + soa_minimum_ttl: "1200" + default_soa_name: "ns1.external.local" + mysql_host: "127.0.0.1" + mysql_database: "powerdns" + mysql_user: "powerdns" + innodb_read_committed: "no" + requests: + memory: "512Mi" + cpu: "300m" + limits: + memory: "512Mi" + cpu: "300m" + +mariadb: + enabled: true + image: + repository: mariadb + tag: latest + pullPolicy: IfNotPresent + persistence: + enabled: false + accessMode: 'ReadWriteOnce' + size: '1Gi' + args: + - --bind-address=0.0.0.0 + - --innodb_use_native_aio=0 + - --innodb_flush_method=fsync + requests: + memory: "512Mi" + cpu: "300m" + limits: + memory: "512Mi" + cpu: "300m" + mysql_pass: changeme + +admin: + enabled: true + service: + type: LoadBalancer + port: 9191 + image: + repository: aescanero/powerdns-admin + tag: latest + pullPolicy: IfNotPresent + proto: "http" + powerdns_host: "127.0.0.1" + powerdns_port: "8081" + mysql_host: powerdns-db + mysql_database: "powerdns" + mysql_user: "powerdns" + ingress: + enabled: "false" + class: "traefik" + path: "/" + hostname: "powerdns-admin" + requests: + memory: "512Mi" + cpu: "300m" + limits: + memory: "512Mi" + cpu: "300m" + secret: changeme + +nameOverride: "" +fullnameOverride: "" + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/charts/powerdns/powerdns-0.1.11.tgz b/charts/powerdns/powerdns-0.1.11.tgz new file mode 100644 index 0000000..10c3993 Binary files /dev/null and b/charts/powerdns/powerdns-0.1.11.tgz differ