k8s-route53bot
v1.1.1
Published
a script to create DNS records in an AWS Route53 zone for every loadBalancer service
Downloads
8
Readme
k8s-route53bot
Creates DNS records in an AWS Route53 zone for every loadBalancer service found in a kubernetes cluster.
Purpose
This exists to dynamically create records under an AWS Route 53 Zone for all loadbalancer service IPs in a Kubernetes cluster pointed to a subdomain.
The repository contains both a 1 time job and a cron job so that after the initial creation, it will check, add/update the record as needed every 6 minutes (the length of the default record TTL).
AWS Access
This requires access to AWS via an AWS Account Id and Secret key. These should map to an IAM account that only has access to Route53 Zones and Records to list, create and edit capabilities.
I strongly recommend against using an account with delete permissions or broader access. As it's a job that runs temporarily, it's a difficult target to hit, but least privilege for the win.
Install
Intended for use as a Kubernetes job/cron job. It can be deployed using hikaru in order to create both for you:
hikaru deploy git://github.com/arobson/k8s-route53bot \
-k {kubernetes url} \
-u {username} \
-p {password} \
You will be prompted for the following set of information:
namespace
- the kubernetes namespace to install the jobs inzone
- the name of the parent zone (ex:test.io
)domains
- the comma delimited domains to create the record for (ex:me.test.io,test.io
)aws-account
- the account id for the IAM accountaws-secret
- the account secret key for the IAM account
You may also choose to supply a key/value file as JSON, YAML or TOML using a -f
argument with a path to the file.
Custom Use
You can also choose to copy the mcgonagall specifications into your own cluster spec but you will likely want to replace some of the tokens in this case.