roles/coredns/tasks/main.yml - atmosphere - Gitiles

 # Copyright (c) 2022 VEXXHOST, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may
 # not use this file except in compliance with the License. You may obtain
 # a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 # License for the specific language governing permissions and limitations
 # under the License.

 - name: Deploy Helm chart
   kubernetes.core.k8s:
     state: present
     definition:
       - apiVersion: source.toolkit.fluxcd.io/v1beta2
         kind: HelmRepository
         metadata:
           name: coredns
           namespace: openstack
         spec:
           interval: 60s
           url: https://coredns.github.io/helm

       - apiVersion: helm.toolkit.fluxcd.io/v2beta1
         kind: HelmRelease
         metadata:
           name: neutron-coredns
           namespace: openstack
         spec:
           interval: 60s
           chart:
             spec:
               chart: coredns
               version: 1.19.4
               sourceRef:
                 kind: HelmRepository
                 name: coredns
           values:
             replicaCount: 3
             prometheus:
               service:
                 enabled: true
             service:
               name: neutron-coredns
               clusterIP: 10.96.0.20
             isClusterService: false
             servers:
               - port: 53
                 zones:
                   - zone: .
                 plugins:
                   - name: errors
                   - name: ready
                   - name: health
                     configBlock: |-
                       lameduck 5s
                   - name: prometheus
                     parameters: 0.0.0.0:9153
                   - name: cache
                   - name: reload
                   - name: loadbalance
                   - name: forward
                     parameters: . 127.0.0.1:5301 127.0.0.1:5302
               - port: 5301
                 zones:
                   - zone: .
                 plugins:
                   - name: forward
                     parameters: . tls://1.1.1.1 tls://1.0.0.1
                     configBlock: |-
                       tls_servername cloudflare-dns.com
                       health_check 5s
               - port: 5302
                 zones:
                   - zone: .
                 plugins:
                   - name: forward
                     parameters: . tls://8.8.8.8 tls://8.8.4.4
                     configBlock: |-
                       tls_servername dns.google
                       health_check 5s
             nodeSelector:
               openstack-control-plane: enabled
             customLabels:
               application: neutron
               component: coredns
             deployment:
               name: neutron-coredns

       - apiVersion: monitoring.coreos.com/v1
         kind: ServiceMonitor
         metadata:
           name: neutron-coredns
           namespace: monitoring
           labels:
             release: kube-prometheus-stack
         spec:
           jobLabel: app.kubernetes.io/name
           endpoints:
             - port: "metrics"
               path: "/metrics"
               relabelings:
                 - sourceLabels: ["__meta_kubernetes_pod_label_application"]
                   targetLabel: "application"
                 - sourceLabels: ["__meta_kubernetes_pod_name"]
                   targetLabel: "instance"
                 - action: "labeldrop"
                   regex: "^(container|endpoint|namespace|pod|service)$"
           namespaceSelector:
             matchNames:
               - openstack
           selector:
             matchLabels:
               app.kubernetes.io/name: coredns
               app.kubernetes.io/component: metrics
	# Copyright (c) 2022 VEXXHOST, Inc.
	#
	# Licensed under the Apache License, Version 2.0 (the "License"); you may
	# not use this file except in compliance with the License. You may obtain
	# a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
	# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
	# License for the specific language governing permissions and limitations
	# under the License.

	- name: Deploy Helm chart
	kubernetes.core.k8s:
	state: present
	definition:
	- apiVersion: source.toolkit.fluxcd.io/v1beta2
	kind: HelmRepository
	metadata:
	name: coredns
	namespace: openstack
	spec:
	interval: 60s
	url: https://coredns.github.io/helm

	- apiVersion: helm.toolkit.fluxcd.io/v2beta1
	kind: HelmRelease
	metadata:
	name: neutron-coredns
	namespace: openstack
	spec:
	interval: 60s
	chart:
	spec:
	chart: coredns
	version: 1.19.4
	sourceRef:
	kind: HelmRepository
	name: coredns
	values:
	replicaCount: 3
	prometheus:
	service:
	enabled: true
	service:
	name: neutron-coredns
	clusterIP: 10.96.0.20
	isClusterService: false
	servers:
	- port: 53
	zones:
	- zone: .
	plugins:
	- name: errors
	- name: ready
	- name: health
	configBlock: \|-
	lameduck 5s
	- name: prometheus
	parameters: 0.0.0.0:9153
	- name: cache
	- name: reload
	- name: loadbalance
	- name: forward
	parameters: . 127.0.0.1:5301 127.0.0.1:5302
	- port: 5301
	zones:
	- zone: .
	plugins:
	- name: forward
	parameters: . tls://1.1.1.1 tls://1.0.0.1
	configBlock: \|-
	tls_servername cloudflare-dns.com
	health_check 5s
	- port: 5302
	zones:
	- zone: .
	plugins:
	- name: forward
	parameters: . tls://8.8.8.8 tls://8.8.4.4
	configBlock: \|-
	tls_servername dns.google
	health_check 5s
	nodeSelector:
	openstack-control-plane: enabled
	customLabels:
	application: neutron
	component: coredns
	deployment:
	name: neutron-coredns

	- apiVersion: monitoring.coreos.com/v1
	kind: ServiceMonitor
	metadata:
	name: neutron-coredns
	namespace: monitoring
	labels:
	release: kube-prometheus-stack
	spec:
	jobLabel: app.kubernetes.io/name
	endpoints:
	- port: "metrics"
	path: "/metrics"
	relabelings:
	- sourceLabels: ["__meta_kubernetes_pod_label_application"]
	targetLabel: "application"
	- sourceLabels: ["__meta_kubernetes_pod_name"]
	targetLabel: "instance"
	- action: "labeldrop"
	regex: "^(container\|endpoint\|namespace\|pod\|service)$"
	namespaceSelector:
	matchNames:
	- openstack
	selector:
	matchLabels:
	app.kubernetes.io/name: coredns
	app.kubernetes.io/component: metrics