generalize external-dns

Author: nandajavarma

.werft/installer-tests.ts

@@ -93,7 +93,7 @@ const TEST_CONFIGURATIONS: { [name: string]: TestConfig } = {
             "STANDARD_AKS_CLUSTER",
             "CERT_MANAGER",
             "AZURE_ISSUER",
-            "AZURE_EXTERNALDNS",
+            "EXTERNALDNS",
             "ADD_NS_RECORD",
             "GENERATE_KOTS_CONFIG",
             "INSTALL_GITPOD",
@@ -107,9 +107,11 @@ const TEST_CONFIGURATIONS: { [name: string]: TestConfig } = {
         CLOUD: "aws",
         DESCRIPTION: "Create an EKS cluster",
         PHASES: [
-            "STANDARD_EKS_CLUSTER",
+            "STANDARD_GKE_CLUSTER",
             "CERT_MANAGER",
+            "EXTERNALDNS",
             // TODO phases are:
+            // external dns with aws
             // 1) register domains in AWS, associate with route53
             // 2) add the associated ns record to gcp(since we use gitpod-self-hsoted.com domain)
             // 3) create cluster issuer with route53 as solver
@@ -174,10 +176,10 @@ const INFRA_PHASES: { [name: string]: InfraConfig } = {
         makeTarget: "azure-issuer",
         description: "Deploys ClusterIssuer for azure",
     },
-    AZURE_EXTERNALDNS: {
-        phase: "azure-external-dns",
-        makeTarget: "azure-external-dns",
-        description: "Deploys external-dns with azure provider",
+    EXTERNALDNS: {
+        phase: "external-dns",
+        makeTarget: `external-dns provider=${cloud}`,
+        description: `Deploys external-dns with ${cloud} provider`,
     },
     ADD_NS_RECORD: {
         phase: "add-ns-record",

install/infra/terraform/tools/external-dns/README.md renamed to install/infra/terraform/tools/cloud-dns-external-dns/README.md

@@ -0,0 +1,74 @@
+provider "kubernetes" {
+  config_path = var.kubeconfig
+}
+
+data local_file "gcp_credentials" {
+  filename = var.credentials
+}
+
+provider "google" {
+  credentials = var.credentials
+  project = var.gcp_project
+  region  = var.gcp_region
+  zone    = var.gcp_zone
+}
+
+provider "helm" {
+  kubernetes {
+    config_path = var.kubeconfig
+  }
+}
+
+#create namespace for external-dns
+resource "kubernetes_namespace" "external_dns" {
+  metadata {
+    name = "external-dns"
+  }
+}
+
+resource "kubernetes_secret" "external_dns" {
+  depends_on = [
+    kubernetes_namespace.external_dns
+  ]
+  metadata {
+    name      = "external-dns"
+    namespace = "external-dns"
+  }
+  data = {
+    "credentials.json" = data.local_file.gcp_credentials.content
+  }
+}
+
+resource "helm_release" "external-dns" {
+  depends_on = [
+    kubernetes_secret.external_dns,
+    kubernetes_namespace.external_dns
+  ]
+  name             = "external-dns"
+  namespace        = "external-dns"
+  create_namespace = true
+  chart            = "external-dns"
+  repository       = "https://charts.bitnami.com/bitnami"
+  cleanup_on_fail  = true
+  replace          = true
+  set {
+    name  = "provider"
+    value = "google"
+  }
+  set {
+    name  = "google.project"
+    value = var.gcp_project
+  }
+  set {
+    name  = "logFormat"
+    value = "json"
+  }
+  set {
+    name  = "google.serviceAccountSecret"
+    value = "external-dns"
+  }
+  set {
+    name = "txt-owner-id"
+    value = var.txt_owner_id
+  }
+}

install/infra/terraform/tools/cloud-dns-external-dns/main.tf

@@ -1,74 +1,70 @@
-provider "kubernetes" {
-  config_path = var.kubeconfig
-}
-
-data local_file "gcp_credentials" {
-  filename = var.credentials
-}
-
-provider "google" {
-  credentials = var.credentials
-  project = var.gcp_project
-  region  = var.gcp_region
-  zone    = var.gcp_zone
-}
+variable settings {}
+variable domain_name { default = "test"}
+variable kubeconfig { default = "conf"}
+variable provider { default = "azure"}
 
 provider "helm" {
   kubernetes {
     config_path = var.kubeconfig
   }
 }
 
-#create namespace for external-dns
-resource "kubernetes_namespace" "external_dns" {
-  metadata {
-    name = "external-dns"
-  }
-}
-
-resource "kubernetes_secret" "external_dns" {
-  depends_on = [
-    kubernetes_namespace.external_dns
-  ]
-  metadata {
-    name      = "external-dns"
-    namespace = "external-dns"
-  }
-  data = {
-    "credentials.json" = data.local_file.gcp_credentials.content
-  }
-}
-
-resource "helm_release" "external-dns" {
-  depends_on = [
-    kubernetes_secret.external_dns,
-    kubernetes_namespace.external_dns
-  ]
+# External DNS Deployment using Helm
+resource "helm_release" "external_dns" {
   name             = "external-dns"
+  repository       = "https://charts.bitnami.com"
+  chart            = "external-dns"
   namespace        = "external-dns"
   create_namespace = true
-  chart            = "external-dns"
-  repository       = "https://charts.bitnami.com/bitnami"
-  cleanup_on_fail  = true
-  replace          = true
-  set {
-    name  = "provider"
-    value = "google"
-  }
-  set {
-    name  = "google.project"
-    value = var.gcp_project
-  }
+
   set {
-    name  = "logFormat"
-    value = "json"
+    name  = "domainFilters[0]"
+    value = var.domain_name
   }
+
   set {
-    name  = "google.serviceAccountSecret"
-    value = "external-dns"
+    name  = "provider"
+    value = var.provider
   }
-  set {
-    name = "txt-owner-id"
-    value = var.txt_owner_id
+
+  dynamic "set" {
+    for_each = var.settings
+    content {
+      name = setting.value["name"]
+      value = setting.value["value"]
+    }
   }
+  # set {
+  #   name  = "azure.userAssignedIdentityID"
+  #   value = var.settings["azure.userAssignedIdentityID"]
+  # }
+
+  # set {
+  #   name  = "azure.useManagedIdentityExtension"
+  #   value = var.settings["azure.useManagedIdentityExtension"]
+  # }
+
+  # set {
+  #   name  = "azure.tenantId"
+  #   value = var.settings["azure.tenantId"]
+  # }
+
+  # set {
+  #   name  = "azure.subscriptionId"
+  #   value = var.settings["azure.subscriptionId"]
+  # }
+
+  # set {
+  #   name  = "azure.resourceGroup"
+  #   value = var.settings["azure.resourceGroup"]
+  # }
+
+  # TODO Add tags using dynamic block
+  # https://github.com/hashicorp/terraform/issues/22340
+  #  dynamic "set" {
+  #    for_each = var.tags
+  #    iterator = "tag"
+  #    name     = "podLabels[${index(var.tags, tag.key)}]"
+  #    value    = tag.value
+  #  }
 }

install/infra/terraform/tools/external-dns/variables.tf renamed to install/infra/terraform/tools/cloud-dns-external-dns/variables.tf

@@ -42,14 +42,6 @@ aks-standard-cluster:
 	terraform workspace new $(TF_VAR_TEST_ID) || terraform workspace select $(TF_VAR_TEST_ID) && \
 	terraform apply -target=module.aks -var k8s_flavor="aks" -var kubeconfig=${KUBECONFIG} --auto-approve
 
-.PHONY:
-## azure-external-dns: Sets up external-dns with azure provider
-azure-external-dns:
-azure-external-dns:
-	terraform init --upgrade && \
-	terraform workspace new $(TF_VAR_TEST_ID) || terraform workspace select $(TF_VAR_TEST_ID) && \
-	terraform apply -target=module.azure-externaldns  -var kubeconfig=${KUBECONFIG} --auto-approve
-
 .PHONY:
 ## add-ns-record: Adds NS record for subdomain under gitpod-selfhosted.com
 add-ns-record:
@@ -83,9 +75,16 @@ cert-manager:
 ## managed-dns: Installs external-dns, and setup up CloudDNS access
 managed-dns: check-env-sub-domain
 	terraform workspace select $(TF_VAR_TEST_ID) && \
-	terraform apply -target=module.externaldns -var kubeconfig=${KUBECONFIG} --auto-approve && \
+	terraform apply -target=module.clouddns-externaldns -var kubeconfig=${KUBECONFIG} --auto-approve && \
     kubectl --kubeconfig=${KUBECONFIG} apply -f ${CLUSTER_ISSUER_CLOUD_DNS}
 
+provider ?= "azure"
+.PHONY:
+## external-dns: Installs external-dns
+external-dns: check-env-sub-domain
+	terraform workspace select $(TF_VAR_TEST_ID) && \
+	terraform apply -target=module.externaldns -var provider=${provider} -var kubeconfig=${KUBECONFIG} --auto-approve
+
 .PHONY:
 ## get-kubeconfig: Returns KUBECONFIG of a just created cluster
 get-kubeconfig:
@@ -210,16 +209,16 @@ select-workspace:
 	terraform workspace select $(TF_VAR_TEST_ID)
 
 destroy-gcp-externaldns: select-workspace
-	ls ${KUBECONFIG} && terraform destroy -target=module.externaldns -var kubeconfig=${KUBECONFIG} --auto-approve || echo "No kubeconfig file"
+	ls ${KUBECONFIG} && terraform destroy -target=module.clouddns-externaldns -var kubeconfig=${KUBECONFIG} --auto-approve || echo "No kubeconfig file"
 
 destroy-certmanager: select-workspace
 	ls ${KUBECONFIG} && terraform destroy -target=module.certmanager -var kubeconfig=${KUBECONFIG} --auto-approve || echo "No kubeconfig file"
 
 destroy-gcpns: select-workspace
 	terraform destroy -target=module.add_gcp_nameservers -var kubeconfig=${KUBECONFIG} --auto-approve
 
-destroy-aks-edns: select-workspace
-	ls ${KUBECONFIG} && terraform destroy -target=module.azure-externaldns -var kubeconfig=${KUBECONFIG} --auto-approve || echo "No kubeconfig file"
+destroy-edns: select-workspace
+	ls ${KUBECONFIG} && terraform destroy -target=module.externaldns -var kubeconfig=${KUBECONFIG} --auto-approve || echo "No kubeconfig file"
 
 destroy-aks-issuer: select-workspace
 	ls ${KUBECONFIG} && terraform destroy -target=module.azure-issuer -var kubeconfig=${KUBECONFIG} --auto-approve || echo "No kubeconfig file"

install/infra/terraform/tools/external-dns/main.tf

@@ -68,19 +68,22 @@ module "certmanager" {
   credentials    = var.dns_sa_creds
 }
 
-module "externaldns" {
+module "clouddns-externaldns" {
   # source = "github.com/gitpod-io/gitpod//install/infra/terraform/tools/external-dns?ref=main"
-  source = "../infra/terraform/tools/external-dns"
+  source = "../infra/terraform/tools/cloud-dns-external-dns"
   kubeconfig     = var.kubeconfig
   credentials    = var.dns_sa_creds
 }
 
-module "azure-externaldns" {
-  source = "../infra/terraform/tools/azure-external-dns"
-  kubeconfig     = var.kubeconfig
-  settings = module.aks.external_dns_settings
+variable "cloud" { default = "azure" }
+
+module "externaldns" {
+  source      = "../infra/terraform/tools/external-dns"
+  kubeconfig  = var.kubeconfig
+  settings    = module.aks.external_dns_settings
   domain_name = "${var.TEST_ID}.gitpod-self-hosted.com"
   txt_owner_id   = var.TEST_ID
+  cloud       = var.cloud
 }
 
 module "azure-issuer" {