diff --git a/control-plane/roles/gardener/defaults/main/extensions.yaml b/control-plane/roles/gardener/defaults/main/extensions.yaml index 2b724d6c..d17f11f2 100644 --- a/control-plane/roles/gardener/defaults/main/extensions.yaml +++ b/control-plane/roles/gardener/defaults/main/extensions.yaml @@ -1,4 +1,11 @@ --- +# TODO: move to image vector +gardener_extension_backup_s3_image_tag: gardener-v1.100 +gardener_extension_backup_s3_image_name: ghcr.io/metal-stack/gardener-extension-backup-s3 +gardener_extension_dns_powerdns_image_tag: gardener-v1.100 +gardener_extension_dns_powerdns_image_name: ghcr.io/metal-stack/gardener-extension-dns-powerdns +# END TODO + gardener_extension_networking_calico_enabled: true gardener_extension_networking_cilium_enabled: true gardener_extension_os_metal_enabled: true @@ -6,11 +13,15 @@ gardener_extension_provider_gcp_enabled: true gardener_extension_provider_metal_enabled: true gardener_extension_shoot_cert_service_enabled: true gardener_extension_shoot_dns_service_enabled: true +gardener_extension_dns_powerdns_enabled: false +gardener_extension_backup_s3_enabled: false gardener_extension_provider_metal_repo_ref: "{{ gardener_extension_provider_metal_image_tag }}" gardener_networking_cilium_repo_ref: "gardener/gardener-extension-networking-cilium/{{ gardener_networking_cilium_image_tag }}" gardener_os_controller_repo_ref: "{{ gardener_os_controller_image_tag }}" gardener_shoot_dns_service_repo_ref: "gardener/gardener-extension-shoot-dns-service/{{ gardener_shoot_dns_service_image_tag }}" +gardener_extension_backup_s3_repo_ref: "metal-stack/gardener-extension-backup-s3/{{ gardener_extension_backup_s3_image_tag }}" +gardener_extension_dns_powerdns_repo_ref: "metal-stack/gardener-extension-dns-powerdns/{{ gardener_extension_dns_powerdns_image_tag }}" gardener_metal_admission_replicas: 1 gardener_metal_admission_vpa: true diff --git a/control-plane/roles/gardener/tasks/extensions.yaml b/control-plane/roles/gardener/tasks/extensions.yaml index c2a7cbab..1497f460 100644 --- a/control-plane/roles/gardener/tasks/extensions.yaml +++ b/control-plane/roles/gardener/tasks/extensions.yaml @@ -100,3 +100,32 @@ - controller-deployment.yaml - controller-registration.yaml when: gardener_extension_shoot_dns_service_enabled + +- name: "Register controller: dns powerdns" + k8s: + definition: "{{ lookup('template', 'powerdns/{{ item }}', split_lines=False) }}" + kubeconfig: "{{ gardener_kube_apiserver_kubeconfig_path }}" + apply: yes + register: result + until: result is success + retries: 10 + delay: 6 + loop: + - controller-deployment.yaml + - controller-registration.yaml + when: gardener_extension_dns_powerdns_enabled + +- name: "Register controller: backup s3" + k8s: + definition: "{{ lookup('template', 'backup-s3/{{ item }}', split_lines=False) }}" + kubeconfig: "{{ gardener_kube_apiserver_kubeconfig_path }}" + apply: yes + tags: shoot-dns-service + register: result + until: result is success + retries: 10 + delay: 6 + loop: + - controller-deployment.yaml + - controller-registration.yaml + when: gardener_extension_backup_s3_enabled diff --git a/control-plane/roles/gardener/templates/backup-s3/controller-deployment.yaml b/control-plane/roles/gardener/templates/backup-s3/controller-deployment.yaml new file mode 100644 index 00000000..1a9a520b --- /dev/null +++ b/control-plane/roles/gardener/templates/backup-s3/controller-deployment.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: core.gardener.cloud/v1 +kind: ControllerDeployment +metadata: + name: backup-s3 +helm: + rawChart: "{{ (lookup('url', 'https://raw.githubusercontent.com/' + gardener_extension_backup_s3_repo_ref + '/example/controller-registration.yaml', split_lines=False) | from_yaml_all | list)[0].helm.rawChart }}" + values: + image: + repository: "{{ gardener_extension_backup_s3_image_name }}" + tag: "{{ gardener_extension_backup_s3_image_tag }}" diff --git a/control-plane/roles/gardener/templates/backup-s3/controller-registration.yaml b/control-plane/roles/gardener/templates/backup-s3/controller-registration.yaml new file mode 100644 index 00000000..2ec73ab7 --- /dev/null +++ b/control-plane/roles/gardener/templates/backup-s3/controller-registration.yaml @@ -0,0 +1,16 @@ +--- +apiVersion: core.gardener.cloud/v1beta1 +kind: ControllerRegistration +metadata: + name: backup-s3 + annotations: + security.gardener.cloud/pod-security-enforce: baseline +spec: + deployment: + deploymentRefs: + - name: backup-s3 + resources: + - kind: BackupBucket + type: S3 + - kind: BackupEntry + type: S3 diff --git a/control-plane/roles/gardener/templates/powerdns/controller-deployment.yaml b/control-plane/roles/gardener/templates/powerdns/controller-deployment.yaml new file mode 100644 index 00000000..4b4cffbb --- /dev/null +++ b/control-plane/roles/gardener/templates/powerdns/controller-deployment.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: core.gardener.cloud/v1 +kind: ControllerDeployment +metadata: + name: powerdns +helm: + rawChart: "{{ (lookup('url', 'https://raw.githubusercontent.com/' + gardener_extension_dns_powerdns_repo_ref + '/example/controller-registration.yaml', split_lines=False) | from_yaml_all | list)[0].helm.rawChart }}" + values: + image: + repository: "{{ gardener_extension_dns_powerdns_image_name }}" + tag: "{{ gardener_extension_dns_powerdns_image_tag }}" diff --git a/control-plane/roles/gardener/templates/powerdns/controller-registration.yaml b/control-plane/roles/gardener/templates/powerdns/controller-registration.yaml new file mode 100644 index 00000000..b6845be6 --- /dev/null +++ b/control-plane/roles/gardener/templates/powerdns/controller-registration.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: core.gardener.cloud/v1beta1 +kind: ControllerRegistration +metadata: + name: powerdns + annotations: + security.gardener.cloud/pod-security-enforce: baseline +spec: + deployment: + deploymentRefs: + - name: powerdns + resources: + - kind: DNSRecord + type: powerdns