k8gb-io · abaguas · Oct 1, 2024
@@ -158,7 +158,6 @@ deploy-test-version: ## Upgrade k8gb to the test version on existing clusters
 
 	@for c in $(CLUSTER_IDS); do \
 		$(MAKE) deploy-local-cluster CLUSTER_ID=$$c VERSION=$(SEMVER)-$(ARCH) CHART='./chart/k8gb' ;\
-		kubectl apply -n k8gb -f ./deploy/test/coredns-tcp-svc.yaml ;\
 	done
 
 .PHONY: list-running-pods
@@ -179,7 +178,7 @@ deploy-local-cluster:
 	kubectl config use-context k3d-$(CLUSTER_NAME)$(CLUSTER_ID)
 
 	@echo -e "\n$(YELLOW)Create namespace $(NC)"
-	kubectl apply -f deploy/namespace.yaml
+	kubectl apply -f deploy/k8gb-namespace.yaml
 
 	@echo -e "\n$(YELLOW)Deploy GSLB operator from $(VERSION) $(NC)"
 	$(MAKE) deploy-k8gb-with-helm
@@ -191,18 +190,18 @@ deploy-local-cluster:
 		--version 4.0.15 -f $(NGINX_INGRESS_VALUES_PATH)
 
 	@echo -e "\n$(YELLOW)Install Istio CRDs $(NC)"
-	kubectl create namespace istio-system
+	kubectl apply -f deploy/istio-system-namespace.yaml
 	helm repo add --force-update istio https://istio-release.storage.googleapis.com/charts
 	helm repo update
-	helm upgrade -i istio-base istio/base -n istio-system
+	helm upgrade -i istio-base istio/base -n istio-system --version 1.23.2
 
 	@echo -e "\n$(YELLOW)Install Istiod $(NC)"
-	helm upgrade -i istiod istio/istiod -n istio-system --wait
+	helm upgrade -i istiod istio/istiod -n istio-system --version 1.23.2 --wait
 
 	@echo -e "\n$(YELLOW)Install Istio Ingress Gateway $(NC)"
-	kubectl create namespace istio-ingress
+	kubectl apply -f deploy/istio-ingress-namespace.yaml
 	helm upgrade -i istio-ingressgateway istio/gateway -n istio-ingress \
-		-f $(ISTIO_INGRESS_VALUES_PATH)
+		--version 1.23.2 -f $(ISTIO_INGRESS_VALUES_PATH)
 
 	@if [ "$(DEPLOY_APPS)" = true ]; then $(MAKE) deploy-test-apps ; fi
 
@@ -252,8 +251,10 @@ deploy-k8gb-with-helm:
 	kubectl -n k8gb create secret generic rfc2136 --from-literal=secret=96Ah/a2g0/nLeFGK+d/0tzQcccf9hCEIy34PoXX2Qg8= || true
 	helm repo add --force-update k8gb https://www.k8gb.io
 	cd chart/k8gb && helm dependency update
+	kubectl -n k8gb delete svc k8gb-coredns --ignore-not-found
 	helm -n k8gb upgrade -i k8gb $(CHART) -f $(VALUES_YAML) \
 		--set $(call get-helm-args,$(CLUSTER_ID)) \
+		--set coredns.serviceType=LoadBalancer \
 		--set k8gb.reconcileRequeueSeconds=10 \
 		--set k8gb.dnsZoneNegTTL=10 \
 		--set k8gb.imageTag=${VERSION:"stable"=""} \
@@ -265,7 +266,7 @@ deploy-k8gb-with-helm:
 
 .PHONY: deploy-gslb-operator
 deploy-gslb-operator: ## Deploy k8gb operator
-	kubectl apply -f deploy/namespace.yaml
+	kubectl apply -f deploy/k8gb-namespace.yaml
 	cd chart/k8gb && helm dependency update
 	helm -n k8gb upgrade -i k8gb chart/k8gb -f $(VALUES_YAML) $(HELM_ARGS) \
 		--set k8gb.log.format=$(LOG_FORMAT)

@@ -1,6 +1,6 @@
 dependencies:
 - name: coredns
-  repository: https://k8gb-io.github.io/coredns-helm
-  version: 1.15.3
-digest: sha256:6e8906f6d2e0772826658468a0ff436fe0b1f6b7e2daeb4a03b27edfedcba41c
-generated: "2024-09-06T11:25:39.309536+02:00"
+  repository: https://coredns.github.io/helm
+  version: 1.36.1
+digest: sha256:55c867121c6aa4e926387802c02cd44e4c0f26439b79a73dbf4ff750c1e6f743
+generated: "2024-11-10T19:48:28.408951+01:00"
@@ -9,8 +9,8 @@ kubeVersion: ">= 1.19.0-0"
 
 dependencies:
   - name: coredns
-    repository: https://k8gb-io.github.io/coredns-helm
-    version: 1.15.3
+    repository: https://coredns.github.io/helm
+    version: 1.36.1
 
 home: https://www.k8gb.io/
 sources:

@@ -1,10 +1,11 @@
 {{- if .Values.coredns.deployment.enabled }}
+apiVersion: v1
 kind: ConfigMap
 metadata:
+  name: {{ .Release.Name }}-coredns
+  namespace: {{ .Release.Namespace }}
   labels:
 {{ include "chart.labels" . | indent 4  }}
-  name: {{ .Release.Name }}-coredns
-apiVersion: v1
 data:
   Corefile: |-
     {{ .Values.k8gb.dnsZone }}:5353 {

@@ -100,6 +100,16 @@ coredns:
   serviceAccount:
     create: true
     name: coredns
+  securityContext:
+    capabilities:
+      add: []
+  # -- Only meant to open the correct service and container ports, has no other impact on the coredns configuration
+  servers:
+  - port: 5353
+    servicePort: 53
+    plugins:
+    - name: prometheus
+      parameters: 0.0.0.0:9153
 
 infoblox:
   # -- infoblox provider enabled

@@ -89,7 +89,6 @@ func (r *Gslb) CoreDNSExposedIPs() ([]string, error) {
 	}
 	coreDNSService := &serviceList.Items[0]
 
-	var lb corev1.LoadBalancerIngress
 	if len(coreDNSService.Status.LoadBalancer.Ingress) == 0 {
 		errMessage := "no LoadBalancer ExternalIPs are found"
 		log.Warn().
@@ -98,25 +97,29 @@ func (r *Gslb) CoreDNSExposedIPs() ([]string, error) {
 		err := coreerrors.New(errMessage)
 		return nil, err
 	}
-	lb = coreDNSService.Status.LoadBalancer.Ingress[0]
-	return extractIPFromLB(lb, r.edgeDNSServers)
+
+	ips := []string{}
+	for _, lb := range coreDNSService.Status.LoadBalancer.Ingress {
+		ips = append(ips, extractIPFromLB(lb, r.edgeDNSServers)...)
+	}
+	return ips, nil
 }
 
-func extractIPFromLB(lb corev1.LoadBalancerIngress, ns utils.DNSList) (ips []string, err error) {
+func extractIPFromLB(lb corev1.LoadBalancerIngress, ns utils.DNSList) (ips []string) {
 	if lb.Hostname != "" {
 		IPs, err := utils.Dig(lb.Hostname, ns...)
 		if err != nil {
 			log.Warn().Err(err).
 				Str("loadBalancerHostname", lb.Hostname).
 				Msg("Can't dig CoreDNS service LoadBalancer FQDN")
-			return nil, err
+			return nil
 		}
-		return IPs, nil
+		return IPs
 	}
 	if lb.IP != "" {
-		return []string{lb.IP}, nil
+		return []string{lb.IP}
 	}
-	return nil, nil
+	return nil
 }
 
 // SaveDNSEndpoint update DNS endpoint or create new one if doesnt exist

@@ -21,9 +21,3 @@ controller:
 
   service:
     enabled: false
-
-# UDP service key:value pairs
-# Ref: https://github.com/kubernetes/contrib/tree/master/ingress/controllers/nginx/examples/udp
-##
-udp:
-  53: "k8gb/k8gb-coredns:53"
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: istio-ingress
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: istio-system
@@ -23,15 +23,13 @@ ports:
   - port: 9080:30090
     nodeFilters:
       - agent:0:direct
-  - port: 5053:30053/tcp
+  - port: 5053:53/tcp
     nodeFilters:
-      - agent:0:direct
+      - loadbalancer
   - port: 5053:53/udp
     nodeFilters:
-      - agent:0:direct
+      - loadbalancer
 options:
-  k3d:
-    disableLoadbalancer: true
   k3s:
     extraArgs:
       - arg: --disable=traefik,metrics-server,local-storage

@@ -20,15 +20,13 @@ ports:
   - port: 9081:30090
     nodeFilters:
       - agent:0:direct
-  - port: 5054:30053/tcp
+  - port: 5054:53/tcp
     nodeFilters:
-      - agent:0:direct
+      - loadbalancer
   - port: 5054:53/udp
     nodeFilters:
-      - agent:0:direct
+      - loadbalancer
 options:
-  k3d:
-    disableLoadbalancer: true
   k3s:
     extraArgs:
       - arg: --disable=traefik,metrics-server,local-storage

@@ -20,15 +20,13 @@ ports:
   - port: 9082:30090
     nodeFilters:
       - agent:0:direct
-  - port: 5055:30053/tcp
+  - port: 5055:53/tcp
     nodeFilters:
-      - agent:0:direct
+      - loadbalancer
   - port: 5055:53/udp
     nodeFilters:
-      - agent:0:direct
+      - loadbalancer
 options:
-  k3d:
-    disableLoadbalancer: true
   k3s:
     extraArgs:
       - arg: --disable=traefik,metrics-server,local-storage