Skip to content

Instantly share code, notes, and snippets.

@mturnaviotov

mturnaviotov/hełm.yaml

Created March 30, 2026 09:37
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save mturnaviotov/d6d3bbdc78cd575d5bc67dcbe9659319 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save mturnaviotov/d6d3bbdc78cd575d5bc67dcbe9659319 to your computer and use it in GitHub Desktop.
Download ZIP
hełm external-dns
Raw
hełm.yaml
---
# Source: external-dns/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: external-dns
namespace: dns
labels:
helm.sh/chart: external-dns-1.20.0
app.kubernetes.io/name: external-dns
app.kubernetes.io/instance: external-dns
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/managed-by: Helm
automountServiceAccountToken: true
---
# Source: external-dns/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: external-dns
labels:
helm.sh/chart: external-dns-1.20.0
app.kubernetes.io/name: external-dns
app.kubernetes.io/instance: external-dns
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups: [""]
resources: ["nodes"]
verbs: ["list","watch"]
- apiGroups: [""]
resources: ["pods"]
verbs: ["get","watch","list"]
- apiGroups: [""]
resources: ["services"]
verbs: ["get","watch","list"]
- apiGroups: ["discovery.k8s.io"]
resources: ["endpointslices"]
verbs: ["get","watch","list"]
- apiGroups: ["extensions","networking.k8s.io"]
resources: ["ingresses"]
verbs: ["get","watch","list"]
- apiGroups: ["traefik.containo.us", "traefik.io"]
resources: ["ingressroutes", "ingressroutetcps", "ingressrouteudps"]
verbs: ["get","watch","list"]
- apiGroups:
- ""
resources:
- services
- endpoints
- pods
verbs:
- get
- watch
- list
- apiGroups:
- ""
resources:
- nodes
verbs:
- list
- watch
- apiGroups:
- traefik.io
resources:
- ingressroutes
- ingressroutetcps
- ingressrouteudps
verbs:
- get
- watch
- list
---
# Source: external-dns/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: external-dns-viewer
labels:
helm.sh/chart: external-dns-1.20.0
app.kubernetes.io/name: external-dns
app.kubernetes.io/instance: external-dns
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/managed-by: Helm
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: external-dns
subjects:
- kind: ServiceAccount
name: external-dns
namespace: dns
---
# Source: external-dns/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: external-dns
namespace: dns
labels:
helm.sh/chart: external-dns-1.20.0
app.kubernetes.io/name: external-dns
app.kubernetes.io/instance: external-dns
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/managed-by: Helm
spec:
ipFamilies:
- IPv4
- IPv6
ipFamilyPolicy: PreferDualStack
type: ClusterIP
selector:
app.kubernetes.io/name: external-dns
app.kubernetes.io/instance: external-dns
ports:
- name: http
port: 7979
targetPort: http
protocol: TCP
---
# Source: external-dns/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: external-dns
namespace: dns
labels:
helm.sh/chart: external-dns-1.20.0
app.kubernetes.io/name: external-dns
app.kubernetes.io/instance: external-dns
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: external-dns
app.kubernetes.io/instance: external-dns
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/name: external-dns
app.kubernetes.io/instance: external-dns
spec:
automountServiceAccountToken: true
serviceAccountName: external-dns
securityContext:
fsGroup: 65534
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
containers:
- name: external-dns
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsGroup: 65532
runAsNonRoot: true
runAsUser: 65532
image: registry.k8s.io/external-dns/external-dns:v0.20.0
imagePullPolicy: IfNotPresent
args:
- --log-level=debug
- --log-format=json
- --interval=1m
- --source=service
- --source=ingress
- --source=traefik-proxy
- --source=node
- --source=pod
- --policy=sync
- --registry=txt
- --txt-owner-id=k8s-cluster
- --domain-filter=${dns_private_zone_name}
- --provider=pdns
- --pdns-server=${dns_server_address}
- --pdns-server-id=localhost
- --pdns-api-key=${dns_server_password}
- --resolve-service-load-balancer-hostname
- --always-publish-not-ready-addresses
- --publish-host-ip
- --publish-internal-services
ports:
- name: http
protocol: TCP
containerPort: 7979
livenessProbe:
failureThreshold: 2
httpGet:
path: /healthz
port: http
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
readinessProbe:
failureThreshold: 6
httpGet:
path: /healthz
port: http
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
---
# Source: external-dns/templates/servicemonitor.yaml
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: external-dns
namespace: dns
annotations:
release: kps
labels:
helm.sh/chart: external-dns-1.20.0
app.kubernetes.io/name: external-dns
app.kubernetes.io/instance: external-dns
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/managed-by: Helm
spec:
jobLabel: app.kubernetes.io/instance
namespaceSelector:
matchNames:
- dns
selector:
matchLabels:
app.kubernetes.io/name: external-dns
app.kubernetes.io/instance: external-dns
endpoints:
- port: http
path: /metrics
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment