in pkg/manifests/external_dns.go [543:643]
func newExternalDNSDeployment(conf *config.Config, externalDnsConfig *ExternalDnsConfig, configMapHash string) *appsv1.Deployment {
domainFilters := []string{}
for _, zoneId := range externalDnsConfig.dnsZoneResourceIDs {
parsedZone, err := azure.ParseResourceID(zoneId)
if err != nil {
continue
}
domainFilters = append(domainFilters, fmt.Sprintf("--domain-filter=%s", parsedZone.ResourceName))
}
podLabels := GetTopLevelLabels()
podLabels["app"] = externalDnsConfig.resourceName
podLabels["checksum/configmap"] = configMapHash[:16]
serviceAccount := externalDnsConfig.serviceAccountName
deploymentArgs := []string{
"--provider=" + externalDnsConfig.provider.string(),
"--interval=" + conf.DnsSyncInterval.String(),
"--txt-owner-id=" + conf.ClusterUid,
"--txt-wildcard-replacement=" + txtWildcardReplacement,
}
deploymentArgs = append(deploymentArgs, labelSelectorDeploymentArgs(externalDnsConfig)...)
resourceTypeArgs := make([]string, 0)
for resourceType := range externalDnsConfig.resourceTypes {
resourceTypeArgs = append(resourceTypeArgs, resourceType.generateResourceDeploymentArgs()...)
}
sort.Slice(resourceTypeArgs, func(i, j int) bool { return resourceTypeArgs[i] < resourceTypeArgs[j] })
deploymentArgs = append(deploymentArgs, resourceTypeArgs...)
deploymentArgs = append(deploymentArgs, domainFilters...)
return &appsv1.Deployment{
TypeMeta: metav1.TypeMeta{
Kind: "Deployment",
APIVersion: "apps/v1",
},
ObjectMeta: metav1.ObjectMeta{
Name: externalDnsConfig.resourceName,
Namespace: externalDnsConfig.namespace,
Labels: GetTopLevelLabels(),
},
Spec: appsv1.DeploymentSpec{
Replicas: to.Int32Ptr(replicas),
RevisionHistoryLimit: util.Int32Ptr(2),
Selector: &metav1.LabelSelector{MatchLabels: map[string]string{"app": externalDnsConfig.resourceName}},
Template: corev1.PodTemplateSpec{
ObjectMeta: metav1.ObjectMeta{
Labels: podLabels,
},
Spec: *WithPreferSystemNodes(&corev1.PodSpec{
ServiceAccountName: serviceAccount,
Containers: []corev1.Container{*withLivenessProbeMatchingReadiness(withTypicalReadinessProbe(7979, &corev1.Container{
Name: "controller",
Image: path.Join(conf.Registry, "/oss/v2/kubernetes/external-dns:v0.15.0"),
Args: deploymentArgs,
VolumeMounts: []corev1.VolumeMount{{
Name: "azure-config",
MountPath: "/etc/kubernetes",
ReadOnly: true,
}},
Resources: corev1.ResourceRequirements{
Requests: corev1.ResourceList{
corev1.ResourceCPU: resource.MustParse("100m"),
corev1.ResourceMemory: resource.MustParse("250Mi"),
},
Limits: corev1.ResourceList{
corev1.ResourceCPU: resource.MustParse("100m"),
corev1.ResourceMemory: resource.MustParse("250Mi"),
},
},
SecurityContext: &corev1.SecurityContext{
Privileged: util.ToPtr(false),
AllowPrivilegeEscalation: util.ToPtr(false),
ReadOnlyRootFilesystem: util.ToPtr(true),
RunAsNonRoot: util.ToPtr(true),
RunAsUser: util.Int64Ptr(65532),
RunAsGroup: util.Int64Ptr(65532),
Capabilities: &corev1.Capabilities{
Drop: []corev1.Capability{"ALL"},
},
},
}))},
Volumes: []corev1.Volume{{
Name: "azure-config",
VolumeSource: corev1.VolumeSource{
ConfigMap: &corev1.ConfigMapVolumeSource{
LocalObjectReference: corev1.LocalObjectReference{
Name: externalDnsConfig.resourceName,
},
},
},
}},
}),
},
},
}
}