Giter Site home page Giter Site logo

area53's Introduction

Kubernetes => Route53 Mapping Service

This is a Kubernetes service that polls Services and Ingresses on its cluster that are configured and adds an entry to Route 53.

Services are configured with the label dns=route53 and annotation domainName=test-app.

Ingresses are configured with the annotation elb=unique-id.eu-west-1.elb.amazonaws.com.

The app requires the following environment variables to be set in order to run:

  • HOSTED_ZONE_ID=EXAMPLEID - The hosted zone ID of the route53 zone you wish the app to modify
  • AWS_REGION=ap-southeast-2 - The region of your hosted zone
  • ROUTE53_TTL=60 - Time to live sent in the API call to route53, defaults to 60
  • KUBERNETES_SERVICE_HOST=127.0.0.1 - IP of Kubernetes service API, should be in env by default
  • KUBERNETES_PORT_443_TCP_PORT=443 - Port of Kubernetes service API, should be in env by default
  • TOKEN_PATH=/var/run/secrets/kubernetes.io/serviceaccount/token - path to token file for kube service account, set to path shown by default
  • ELB=unique-id.eu-west-1.elb.amazonaws.com - the address of the default ELB to use for Ingress based addresses, if not specified Ingresses will not be watched

Example

For example, given the below Kubernetes service definition:

apiVersion: v1
kind: Service
metadata:
  name: my-app
  labels:
    app: my-app
    role: web
    dns: route53
  annotations:
    domainName: "test-app"
spec:
  selector:
    app: my-app
    role: web
  ports:
  - name: web
    port: 80
    protocol: TCP
    targetPort: web
  - name: web-ssl
    port: 443
    protocol: TCP
    targetPort: web-ssl
  type: LoadBalancer

A DNS CNAME record is created/modified for test-app.myhostedzonedomain.com pointing to the Elastic Load Balancer that is configured by Kubernetes.

IAM Actions Required

This service expects that it is running on a Kubernetes node on AWS and that the IAM profile for that node is set up to allow the following, along with the default permissions needed by Kubernetes:

{
    "Effect": "Allow",
    "Action": "route53:ListHostedZonesByName",
    "Resource": "*"
},
{
    "Effect": "Allow",
    "Action": [
      "route53:ChangeResourceRecordSets",
      "route53:GetHostedZone"
    ],
    "Resource": "*"
}

area53's People

Contributors

alex-mcd avatar c-knowles avatar mnutt avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.