helm-charts/external-dns/values.yaml

1016 lines
42 KiB
YAML

## @section Global parameters
## Global Docker image parameters
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass
##
## @param global.imageRegistry Global Docker image registry
## @param global.imagePullSecrets Global Docker registry secret names as an array
##
global:
imageRegistry: ""
## E.g.
## imagePullSecrets:
## - myRegistryKeySecretName
##
imagePullSecrets: []
## @section Common parameters
##
## @param nameOverride String to partially override external-dns.fullname template (will maintain the release name)
##
nameOverride: ""
## @param fullnameOverride String to fully override external-dns.fullname template
##
fullnameOverride: ""
## @param clusterDomain Kubernetes Cluster Domain
##
clusterDomain: cluster.local
## @param commonLabels Labels to add to all deployed objects
##
commonLabels: {}
## @param commonAnnotations Annotations to add to all deployed objects
##
commonAnnotations: {}
##
## @param extraDeploy Array of extra objects to deploy with the release (evaluated as a template).
##
extraDeploy: []
## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set)
##
kubeVersion: ""
## @param watchReleaseNamespace Watch only namepsace used for the release
##
watchReleaseNamespace: false
## @section external-dns parameters
##
## Bitnami external-dns image version
## ref: https://hub.docker.com/r/bitnami/external-dns/tags/
## @param image.registry ExternalDNS image registry
## @param image.repository ExternalDNS image repository
## @param image.tag ExternalDNS Image tag (immutable tags are recommended)
## @param image.digest ExternalDNS image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
## @param image.pullPolicy ExternalDNS image pull policy
## @param image.pullSecrets ExternalDNS image pull secrets
##
image:
registry: docker.io
repository: bitnami/external-dns
tag: 0.12.2-debian-11-r5
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
## e.g:
## pullSecrets:
## - myRegistryKeySecretName
##
pullSecrets: []
## @param hostAliases Deployment pod host aliases
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
##
hostAliases: []
## @param updateStrategy update strategy type
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#update-strategies
##
updateStrategy: {}
## @param command Override kiam default command
##
command: []
## @param args Override kiam default args
##
args: []
## @param sources [array] K8s resources type to be observed for new DNS entries by ExternalDNS
##
sources:
# - crd
- service
- ingress
# - contour-httpproxy
## @param provider DNS provider where the DNS records will be created.
## Available providers are:
## - alibabacloud, aws, azure, azure-private-dns, cloudflare, coredns, designate, digitalocean, google, hetzner, infoblox, linode, rfc2136, transip, oci
##
provider: aws
## @param initContainers Attach additional init containers to the pod (evaluated as a template)
##
initContainers: []
## @param sidecars Attach additional containers to the pod (evaluated as a template)
##
sidecars: []
## Flags related to processing sources
## ref: https://github.com/kubernetes-sigs/external-dns/blob/master/pkg/apis/externaldns/types.go#L272
## @param namespace Limit sources of endpoints to a specific namespace (default: all namespaces)
##
namespace: ""
## @param fqdnTemplates Templated strings that are used to generate DNS names from sources that don't define a hostname themselves
##
fqdnTemplates: []
## @param containerPorts.http HTTP Container port
##
containerPorts:
http: 7979
## @param combineFQDNAnnotation Combine FQDN template and annotations instead of overwriting
##
combineFQDNAnnotation: false
## @param ignoreHostnameAnnotation Ignore hostname annotation when generating DNS names, valid only when fqdn-template is set
##
ignoreHostnameAnnotation: false
## @param publishInternalServices Allow external-dns to publish DNS records for ClusterIP services
##
publishInternalServices: false
## @param publishHostIP Allow external-dns to publish host-ip for headless services
##
publishHostIP: false
## @param serviceTypeFilter The service types to take care about (default: all, options: ClusterIP, NodePort, LoadBalancer, ExternalName)
##
serviceTypeFilter: []
## Alibaba cloud configuration to be set via arguments/env. variables
## These will be added to /etc/kubernetes/alibaba-cloud.json via secret
##
alibabacloud:
## @param alibabacloud.accessKeyId When using the Alibaba Cloud provider, set `accessKeyId` in the Alibaba Cloud configuration file (optional)
##
accessKeyId: ""
## @param alibabacloud.accessKeySecret When using the Alibaba Cloud provider, set `accessKeySecret` in the Alibaba Cloud configuration file (optional)
##
accessKeySecret: ""
## @param alibabacloud.regionId When using the Alibaba Cloud provider, set `regionId` in the Alibaba Cloud configuration file (optional)
##
regionId: ""
## @param alibabacloud.vpcId Alibaba Cloud VPC Id
##
vpcId: ""
## @param alibabacloud.secretName Use an existing secret with key "alibaba-cloud.json" defined.
## This ignores alibabacloud.accessKeyId, and alibabacloud.accessKeySecret
##
secretName: ""
## @param alibabacloud.zoneType Zone Filter. Available values are: public, private, or no value for both
##
zoneType: ""
## AWS configuration to be set via arguments/env. variables
##
aws:
## AWS credentials
## @param aws.credentials.secretKey When using the AWS provider, set `aws_secret_access_key` in the AWS credentials (optional)
## @param aws.credentials.accessKey When using the AWS provider, set `aws_access_key_id` in the AWS credentials (optional)
## @param aws.credentials.mountPath When using the AWS provider, determine `mountPath` for `credentials` secret
##
credentials:
secretKey: ""
accessKey: ""
## Before external-dns 0.5.9 home dir should be `/root/.aws`
##
mountPath: "/.aws"
## @param aws.credentials.secretName Use an existing secret with key "credentials" defined.
## This ignores aws.credentials.secretKey, and aws.credentials.accessKey
##
secretName: ""
## @param aws.region When using the AWS provider, `AWS_DEFAULT_REGION` to set in the environment (optional)
##
region: "us-east-1"
## @param aws.zoneType When using the AWS provider, filter for zones of this type (optional, options: public, private)
##
zoneType: ""
## @param aws.assumeRoleArn When using the AWS provider, assume role by specifying --aws-assume-role to the external-dns daemon
##
assumeRoleArn: ""
## @param aws.roleArn Specify role ARN to the external-dns daemon
##
roleArn: ""
## @param aws.apiRetries Maximum number of retries for AWS API calls before giving up
##
apiRetries: 3
## @param aws.batchChangeSize When using the AWS provider, set the maximum number of changes that will be applied in each batch
##
batchChangeSize: 1000
## @param aws.zonesCacheDuration If the list of Route53 zones managed by ExternalDNS doesn't change frequently, cache it by setting a TTL
## (default 0 - disabled, can be set to time interval like 1m or 1h)
##
zonesCacheDuration: 0
## @param aws.zoneTags When using the AWS provider, filter for zones with these tags
##
zoneTags: []
## @param aws.preferCNAME When using the AWS provider, replaces Alias records with CNAME (options: true, false)
##
preferCNAME: ""
## @param aws.evaluateTargetHealth When using the AWS provider, sets the evaluate target health flag (options: true, false)
##
evaluateTargetHealth: ""
## Azure configuration to be set via arguments/env. variables
##
azure:
## When a secret to load azure.json is not specified, the host's /etc/kubernetes/azure.json will be used
## @param azure.secretName When using the Azure provider, set the secret containing the `azure.json` file
##
secretName: ""
## @param azure.cloud When using the Azure provider, set the Azure Cloud
##
cloud: ""
## @param azure.resourceGroup When using the Azure provider, set the Azure Resource Group
##
resourceGroup: ""
## @param azure.tenantId When using the Azure provider, set the Azure Tenant ID
##
tenantId: ""
## @param azure.subscriptionId When using the Azure provider, set the Azure Subscription ID
##
subscriptionId: ""
## @param azure.aadClientId When using the Azure provider, set the Azure AAD Client ID
##
aadClientId: ""
## @param azure.aadClientSecret When using the Azure provider, set the Azure AAD Client Secret
##
aadClientSecret: ""
## @param azure.useManagedIdentityExtension When using the Azure provider, set if you use Azure MSI
##
useManagedIdentityExtension: false
## @param azure.userAssignedIdentityID When using the Azure provider with Azure MSI, set Client ID of Azure user-assigned managed identity (optional, otherwise system-assigned managed identity is used)
##
userAssignedIdentityID: ""
## Cloudflare configuration to be set via arguments/env. variables
##
cloudflare:
## @param cloudflare.apiToken When using the Cloudflare provider, `CF_API_TOKEN` to set (optional)
##
apiToken: ""
## @param cloudflare.apiKey When using the Cloudflare provider, `CF_API_KEY` to set (optional)
##
apiKey: ""
## @param cloudflare.secretName When using the Cloudflare provider, it's the name of the secret containing cloudflare_api_token or cloudflare_api_key.
## This ignores cloudflare.apiToken, and cloudflare.apiKey
##
secretName: ""
## @param cloudflare.email When using the Cloudflare provider, `CF_API_EMAIL` to set (optional). Needed when using CF_API_KEY
##
email: ""
## @param cloudflare.proxied When using the Cloudflare provider, enable the proxy feature (DDOS protection, CDN...) (optional)
##
proxied: true
## CoreDNS configuration to be set via arguments/env variables
##
coredns:
## @param coredns.etcdEndpoints When using the CoreDNS provider, set etcd backend endpoints (comma-separated list)
## Secure (https) endpoints can be used as well, in that case `etcdTLS` section
## should be filled in accordingly
##
etcdEndpoints: "http://etcd-extdns:2379"
## Configuration of the secure communication and client authentication to the etcd cluster
## If enabled all the values under this key must hold a valid data
##
etcdTLS:
## @param coredns.etcdTLS.enabled When using the CoreDNS provider, enable secure communication with etcd
##
enabled: false
## @param coredns.etcdTLS.autoGenerated Generate automatically self-signed TLS certificates
##
autoGenerated: false
## @param coredns.etcdTLS.secretName When using the CoreDNS provider, specify a name of existing Secret with etcd certs and keys
## ref: https://github.com/etcd-io/etcd/blob/master/Documentation/op-guide/security.md
## ref (secret creation):
## https://github.com/bitnami/charts/tree/master/bitnami/etcd#configure-certificates-for-client-communication
##
secretName: "etcd-client-certs"
## @param coredns.etcdTLS.mountPath When using the CoreDNS provider, set destination dir to mount data from `coredns.etcdTLS.secretName` to
##
mountPath: "/etc/coredns/tls/etcd"
## @param coredns.etcdTLS.caFilename When using the CoreDNS provider, specify CA PEM file name from the `coredns.etcdTLS.secretName`
##
caFilename: "ca.crt"
## @param coredns.etcdTLS.certFilename When using the CoreDNS provider, specify cert PEM file name from the `coredns.etcdTLS.secretName`
## Will be used by external-dns to authenticate against etcd
##
certFilename: "cert.pem"
## @param coredns.etcdTLS.keyFilename When using the CoreDNS provider, specify private key PEM file name from the `coredns.etcdTLS.secretName`
## Will be used by external-dns to authenticate against etcd
##
keyFilename: "key.pem"
## OpenStack Designate provider configuration to be set via arguments/env. variables
##
designate:
## Set Openstack environment variables (optional). Username and password will be saved in a kubernetes secret
## The alternative to this is to export the necessary Openstack environment variables in the extraEnv argument
## @param designate.username When using the Designate provider, specify the OpenStack authentication username. (optional)
## @param designate.password When using the Designate provider, specify the OpenStack authentication password. (optional)
## @param designate.authUrl When using the Designate provider, specify the OpenStack authentication Url. (optional)
## @param designate.regionName When using the Designate provider, specify the OpenStack region name. (optional)
## @param designate.userDomainName When using the Designate provider, specify the OpenStack user domain name. (optional)
## @param designate.projectName When using the Designate provider, specify the OpenStack project name. (optional)
## @param designate.username When using the Designate provider, specify the OpenStack authentication username. (optional)
## e.g:
## username: "someuser"
## password: "p@55w0rd"
## authUrl: "https://mykeystone.example.net:5000/v3/"
## regionName: "dev"
## userDomainName: "development"
## projectName: "myteamname"
##
username: ""
password: ""
authUrl: ""
regionName: ""
userDomainName: ""
projectName: ""
## @param designate.customCAHostPath When using the Designate provider, use a CA file already on the host to validate Openstack APIs. This conflicts with `designate.customCA.enabled`
## This conflicts setting the above customCA to true and chart rendering will fail if you set customCA to true and specify customCAHostPath
##
customCAHostPath: ""
## Use a custom CA (optional)
## @param designate.customCA.enabled When using the Designate provider, enable a custom CA (optional)
## @param designate.customCA.content When using the Designate provider, set the content of the custom CA
## @param designate.customCA.mountPath When using the Designate provider, set the mountPath in which to mount the custom CA configuration
## @param designate.customCA.filename When using the Designate provider, set the custom CA configuration filename
##
customCA:
enabled: false
content: ""
mountPath: "/config/designate"
filename: "designate-ca.pem"
## DigitalOcean configuration to be set via arguments/env. variables
##
digitalocean:
## @param digitalocean.apiToken When using the DigitalOcean provider, `DO_TOKEN` to set (optional)
##
apiToken: ""
## @param digitalocean.secretName Use an existing secret with key "digitalocean_api_token" defined.
## This ignores digitalocean.apiToken
##
secretName: ""
## Google configuration to be set via arguments/env. variables
##
google:
## @param google.project When using the Google provider, specify the Google project (required when provider=google)
##
project: ""
## @param google.serviceAccountSecret When using the Google provider, specify the existing secret which contains credentials.json (optional)
##
serviceAccountSecret: ""
## @param google.serviceAccountSecretKey When using the Google provider with an existing secret, specify the key name (optional)
##
serviceAccountSecretKey: "credentials.json"
## @param google.serviceAccountKey When using the Google provider, specify the service account key JSON file. In this case a new secret will be created holding this service account (optional)
##
serviceAccountKey: ""
## @param google.zoneVisibility When using the Google provider, fiter for zones of a specific visibility (private or public)
##
zoneVisibility: ""
## Hetzner configuration to be set via arguments/env. variables
##
hetzner:
## @param hetzner.token When using the Hetzner provider, specify your token here. (required when `hetzner.secretName` is not provided. In this case a new secret will be created holding the token.)
## Mutually exclusive with `hetzner.secretName`.
##
token: ""
## @param hetzner.secretName When using the Hetzner provider, specify the existing secret which contains your token. Disables the usage of `hetzner.token` (optional)
##
secretName: ""
## @param hetzner.secretKey When using the Hetzner provider with an existing secret, specify the key name (optional)
##
secretKey: "hetzner_token"
## Infoblox configuration to be set via arguments/env. variables
##
infoblox:
## @param infoblox.wapiUsername When using the Infoblox provider, specify the Infoblox WAPI username
##
wapiUsername: "admin"
## @param infoblox.wapiPassword When using the Infoblox provider, specify the Infoblox WAPI password (required when provider=infoblox)
##
wapiPassword: ""
## @param infoblox.gridHost When using the Infoblox provider, specify the Infoblox Grid host (required when provider=infoblox)
##
gridHost: ""
## @param infoblox.view Infoblox view
##
view: ""
## Optional keys
##
## @param infoblox.secretName Existing secret name, when in place wapiUsername and wapiPassword are not required
##
secretName: ""
##
## @param infoblox.domainFilter When using the Infoblox provider, specify the domain (optional)
##
domainFilter: ""
## @param infoblox.noSslVerify When using the Infoblox provider, disable SSL verification (optional)
##
noSslVerify: false
## @param infoblox.wapiPort When using the Infoblox provider, specify the Infoblox WAPI port (optional)
##
wapiPort: ""
## @param infoblox.wapiVersion When using the Infoblox provider, specify the Infoblox WAPI version (optional)
##
wapiVersion: ""
## @param infoblox.wapiConnectionPoolSize When using the Infoblox provider, specify the Infoblox WAPI request connection pool size (optional)
##
wapiConnectionPoolSize: ""
## @param infoblox.wapiHttpTimeout When using the Infoblox provider, specify the Infoblox WAPI request timeout in seconds (optional)
##
wapiHttpTimeout: ""
## @param infoblox.maxResults When using the Infoblox provider, specify the Infoblox Max Results (optional)
##
maxResults: ""
## Linode configuration to be set via arguments/env. variables
##
linode:
## @param linode.apiToken When using the Linode provider, `LINODE_TOKEN` to set (optional)
##
apiToken: ""
## @param linode.secretName Use an existing secret with key "linode_api_token" defined.
## This ignores linode.apiToken
##
secretName: ""
## NS1 configuration to be set via arguments/env. variables
##
ns1:
## @param ns1.minTTL When using the ns1 provider, specify minimal TTL, as an integer, for records
##
minTTL: 10
## @param ns1.apiKey When using the ns1 provider, specify the API key to use
##
apiKey: ""
## @param ns1.secretName Use an existing secret with key "ns1-api-key" defined.
## This ignores ns1.apiToken
##
secretName: ""
## oci configuration to be set via arguments/env. variables
##
oci:
## @param oci.region When using the OCI provider, specify the region, where your zone is located in.
##
region: ""
## @param oci.tenancyOCID When using the OCI provider, specify your Tenancy OCID
##
tenancyOCID: ""
## @param oci.userOCID When using the OCI provider, specify your User OCID
##
userOCID: ""
## @param oci.compartmentOCID When using the OCI provider, specify your Compartment OCID where your DNS Zone is located in.
##
compartmentOCID: ""
## @param oci.privateKey [string] When using the OCI provider, paste in your RSA private key file for the Oracle API
##
privateKey: |
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
## @param oci.privateKeyFingerprint When using the OCI provider, put in the fingerprint of your privateKey
##
privateKeyFingerprint: ""
## @param oci.privateKeyPassphrase When using the OCI provider and your privateKey has a passphrase, put it in here. (optional)
##
privateKeyPassphrase: ""
## @param oci.secretName When using the OCI provider, it's the name of the secret containing `oci.yaml` file.
## Ref: https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/oracle.md#deploy-externaldns
##
secretName: ""
## OVH configuration to be set via arguments/env. variables
##
ovh:
## @param ovh.consumerKey When using the OVH provider, specify the existing consumer key. (required when provider=ovh and `ovh.secretName` is not provided.)
##
consumerKey: ""
## @param ovh.applicationKey When using the OVH provider with an existing application, specify the application key. (required when provider=ovh and `ovh.secretName` is not provided.)
##
applicationKey: ""
## @param ovh.applicationSecret When using the OVH provider with an existing application, specify the application secret. (required when provider=ovh and `ovh.secretName` is not provided.)
##
applicationSecret: ""
## @param ovh.secretName When using the OVH provider, it's the name of the secret containing `ovh_consumer_key`, `ovh_application_key` and `ovh_application_secret`. Disables usage of other `ovh`.
## with following keys:
## - ovh_consumer_key
## - ovh_application_key
## - ovh_application_secret
## This ignores consumerKey, applicationKey & applicationSecret
##
secretName: ""
## Scaleway configuration to be set via arguments/env. variables
##
scaleway:
## @param scaleway.scwAccessKey When using the Scaleway provider, specify an existing access key. (required when provider=scaleway)
##
scwAccessKey: ""
## @param scaleway.scwSecretKey When using the Scaleway provider, specify an existing secret key. (required when provider=scaleway)
##
scwSecretKey: ""
## @param scaleway.scwDefaultOrganizationId When using the Scaleway provider, specify the existing organization id. (required when provider=scaleway)
##
scwDefaultOrganizationId: ""
## RFC 2136 configuration to be set via arguments/env. variables
##
rfc2136:
## @param rfc2136.host When using the rfc2136 provider, specify the RFC2136 host (required when provider=rfc2136)
##
host: ""
## @param rfc2136.port When using the rfc2136 provider, specify the RFC2136 port (optional)
##
port: 53
## @param rfc2136.zone When using the rfc2136 provider, specify the zone (required when provider=rfc2136)
##
zone: ""
## @param rfc2136.tsigSecret When using the rfc2136 provider, specify the tsig secret to enable security. (do not specify if `rfc2136.secretName` is provided.) (optional)
##
tsigSecret: ""
## @param rfc2136.secretName When using the rfc2136 provider, specify the existing secret which contains your tsig secret. Disables the usage of `rfc2136.tsigSecret` (optional)
##
secretName: ""
## @param rfc2136.tsigSecretAlg When using the rfc2136 provider, specify the tsig secret to enable security (optional)
##
tsigSecretAlg: hmac-sha256
## @param rfc2136.tsigKeyname When using the rfc2136 provider, specify the tsig keyname to enable security (optional)
##
tsigKeyname: externaldns-key
## @param rfc2136.tsigAxfr When using the rfc2136 provider, enable AFXR to enable security (optional)
##
tsigAxfr: true
## @param rfc2136.minTTL When using the rfc2136 provider, specify minimal TTL (in duration format) for records[ns, us, ms, s, m, h], see more https://golang.org/pkg/time/#ParseDuration
##
minTTL: "0s"
## @param rfc2136.rfc3645Enabled When using the rfc2136 provider, extend using RFC3645 to support secure updates over Kerberos with GSS-TSIG
##
rfc3645Enabled: false
## @param rfc2136.kerberosConfig When using the rfc2136 provider with rfc3645Enabled, the contents of a configuration file for krb5 (optional)
##
kerberosConfig: ""
## @param rfc2136.kerberosUsername When using the rfc2136 provider with rfc3645Enabled, specify the username to authenticate with (optional)
##
kerberosUsername: ""
## @param rfc2136.kerberosPassword When using the rfc2136 provider with rfc3645Enabled, specify the password to authenticate with (optional)
##
kerberosPassword: ""
## @param rfc2136.kerberosRealm When using the rfc2136 provider with rfc3645Enabled, specify the realm to authenticate to (required when provider=rfc2136 and rfc2136.rfc3645Enabled=true)
##
kerberosRealm: ""
## PowerDNS configuration to be set via arguments/env. variables
##
pdns:
## @param pdns.apiUrl When using the PowerDNS provider, specify the API URL of the server.
##
apiUrl: ""
## @param pdns.apiPort When using the PowerDNS provider, specify the API port of the server.
##
apiPort: "8081"
## @param pdns.apiKey When using the PowerDNS provider, specify the API key of the server.
##
apiKey: ""
## @param pdns.secretName When using the PowerDNS provider, specify as secret name containing the API Key
##
secretName: ""
## TransIP configuration to be set via arguments/env. variables
##
transip:
## @param transip.account When using the TransIP provider, specify the account name.
##
account: ""
## @param transip.apiKey When using the TransIP provider, specify the API key to use.
##
apiKey: ""
## VinylDNS configuration to be set via arguments/env. variables
##
vinyldns:
## @param vinyldns.host When using the VinylDNS provider, specify the VinylDNS API host.
##
host: ""
## @param vinyldns.accessKey When using the VinylDNS provider, specify the Access Key to use.
##
accessKey: ""
## @param vinyldns.secretKey When using the VinylDNS provider, specify the Secret key to use.
##
secretKey: ""
## @param domainFilters Limit possible target zones by domain suffixes (optional)
##
domainFilters: []
## @param excludeDomains Exclude subdomains (optional)
##
excludeDomains: []
## @param regexDomainFilter Limit possible target zones by regex domain suffixes (optional)
## If regexDomainFilter is specified, domainFilters will be ignored
##
regexDomainFilter: ""
## @param regexDomainExclusion Exclude subdomains by using regex pattern (optional)
## If regexDomainFilter is specified, excludeDomains will be ignored and external-dns will use regexDomainExclusion even though regexDomainExclusion is empty
##
regexDomainExclusion: ""
## @param zoneNameFilters Filter target zones by zone domain (optional)
##
zoneNameFilters: []
## @param zoneIdFilters Limit possible target zones by zone id (optional)
##
zoneIdFilters: []
## @param annotationFilter Filter sources managed by external-dns via annotation using label selector (optional)
##
annotationFilter: ""
## @param ingressClass Filter sources managed by external-dns via annotation using label selector (optional)
##
ingressClass: ""
## @param labelFilter Select sources managed by external-dns using label selector (optional)
##
labelFilter: ""
## @param dryRun When enabled, prints DNS record changes rather than actually performing them (optional)
##
dryRun: false
## @param triggerLoopOnEvent When enabled, triggers run loop on create/update/delete events in addition to regular interval (optional)
##
triggerLoopOnEvent: false
## @param interval Interval update period to use
##
interval: "1m"
## @param logLevel Verbosity of the logs (options: panic, debug, info, warning, error, fatal, trace)
##
logLevel: info
## @param logFormat Which format to output logs in (options: text, json)
##
logFormat: text
## @param policy Modify how DNS records are synchronized between sources and providers (options: sync, upsert-only )
##
policy: upsert-only
## @param registry Registry method to use (options: txt, aws-sd, noop)
## ref: https://github.com/kubernetes-sigs/external-dns/blob/master/docs/proposal/registry.md
##
registry: "txt"
## @param txtPrefix When using the TXT registry, a prefix for ownership records that avoids collision with CNAME entries (optional)<CNAME record> (Mutual exclusive with txt-suffix)
##
txtPrefix: ""
## @param txtSuffix When using the TXT registry, a suffix for ownership records that avoids collision with CNAME entries (optional)<CNAME record>.suffix (Mutual exclusive with txt-prefix)
##
txtSuffix: ""
## @param txtOwnerId A name that identifies this instance of ExternalDNS. Currently used by registry types: txt & aws-sd (optional)
## But other registry types might be added in the future.
##
txtOwnerId: ""
## @param forceTxtOwnerId (backward compatibility) When using the non-TXT registry, it will pass the value defined by `txtOwnerId` down to the application (optional)
## This setting added for backward compatibility for
## customers who already used bitnami/external-dns helm chart
## to privision 'aws-sd' registry type.
## Previously bitnami/external-dns helm chart did not pass
## txtOwnerId value down to the external-dns application
## so the app itself sets that value to be a string 'default'.
## If existing customers force the actual txtOwnerId value to be
## passed properly, their external-dns updates will stop working
## because the owner's value for exting DNS records in
## AWS Service Discovery would remain 'default'.
## NOTE: It is up to the end user to update AWS Service Discovery
## 'default' values in description fields to make it work with new
## value passed as txtOwnerId when forceTxtOwnerId=true
##
forceTxtOwnerId: false
## @param extraArgs Extra arguments to be passed to external-dns
##
extraArgs: {}
## @param extraEnvVars An array to add extra env vars
##
extraEnvVars: []
## @param extraEnvVarsCM ConfigMap containing extra env vars
##
extraEnvVarsCM: ""
## @param extraEnvVarsSecret Secret containing extra env vars (in case of sensitive data)
##
extraEnvVarsSecret: ""
## @param lifecycleHooks [object] Override default etcd container hooks
##
lifecycleHooks: {}
## @param schedulerName Alternative scheduler
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
schedulerName: ""
## @param topologySpreadConstraints Topology Spread Constraints for pod assignment
## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
## The value is evaluated as a template
##
topologySpreadConstraints: []
## @param replicaCount Desired number of ExternalDNS replicas
##
replicaCount: 1
## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
##
podAffinityPreset: ""
## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## Allowed values: soft, hard
##
podAntiAffinityPreset: soft
## Node affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
##
nodeAffinityPreset:
## @param nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
##
type: ""
## @param nodeAffinityPreset.key Node label key to match Ignored if `affinity` is set.
## E.g.
## key: "kubernetes.io/e2e-az-name"
##
key: ""
## @param nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set.
## E.g.
## values:
## - e2e-az1
## - e2e-az2
##
values: []
## @param affinity Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
##
affinity: {}
## @param nodeSelector Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## @param tolerations Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## @param podAnnotations Additional annotations to apply to the pod.
##
podAnnotations: {}
## @param podLabels Additional labels to be added to pods
##
podLabels: {}
## @param priorityClassName priorityClassName
##
priorityClassName: ""
## @param secretAnnotations Additional annotations to apply to the secret
##
secretAnnotations: {}
## Options for the source type "crd"
##
crd:
## @param crd.create Install and use the integrated DNSEndpoint CRD
##
create: false
## @param crd.apiversion Sets the API version for the CRD to watch
##
apiversion: ""
## @param crd.kind Sets the kind for the CRD to watch
##
kind: ""
## Kubernetes svc configutarion
##
service:
## @param service.enabled Whether to create Service resource or not
##
enabled: true
## @param service.type Kubernetes Service type
##
type: ClusterIP
## @param service.ports.http ExternalDNS client port
##
ports:
http: 7979
## @param service.nodePorts.http Port to bind to for NodePort service type (client port)
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
nodePorts:
http: ""
## @param service.clusterIP IP address to assign to service
##
clusterIP: ""
## @param service.externalIPs Service external IP addresses
##
externalIPs: []
## @param service.loadBalancerIP IP address to assign to load balancer (if supported)
##
loadBalancerIP: ""
## @param service.loadBalancerSourceRanges List of IP CIDRs allowed access to load balancer (if supported)
##
loadBalancerSourceRanges: []
## @param service.externalTrafficPolicy Enable client source IP preservation
## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
##
externalTrafficPolicy: Cluster
## @param service.extraPorts Extra ports to expose in the service (normally used with the `sidecar` value)
##
extraPorts: []
## @param service.annotations Annotations to add to service
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
annotations: {}
## @param service.labels Provide any additional labels which may be required.
## This can be used to have external-dns show up in `kubectl cluster-info`
## kubernetes.io/cluster-service: "true"
## kubernetes.io/name: "external-dns"
##
labels: {}
## @param service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP"
## If "ClientIP", consecutive client requests will be directed to the same Pod
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
##
sessionAffinity: None
## @param service.sessionAffinityConfig Additional settings for the sessionAffinity
## sessionAffinityConfig:
## clientIP:
## timeoutSeconds: 300
##
sessionAffinityConfig: {}
## ServiceAccount parameters
## https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
##
serviceAccount:
## @param serviceAccount.create Determine whether a Service Account should be created or it should reuse a exiting one.
##
create: true
## @param serviceAccount.name ServiceAccount to use. A name is generated using the external-dns.fullname template if it is not set
##
name: ""
## @param serviceAccount.annotations Additional Service Account annotations
##
annotations: {}
## @param serviceAccount.automountServiceAccountToken Automount API credentials for a service account.
##
automountServiceAccountToken: true
## @param serviceAccount.labels [object] Additional labels to be included on the service account
##
labels: {}
## RBAC parameters
## https://kubernetes.io/docs/reference/access-authn-authz/rbac/
##
rbac:
## @param rbac.create Whether to create & use RBAC resources or not
##
create: true
## @param rbac.clusterRole Whether to create Cluster Role. When set to false creates a Role in `namespace`
##
clusterRole: true
## @param rbac.apiVersion Version of the RBAC API
##
apiVersion: v1
## @param rbac.pspEnabled Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later
##
pspEnabled: false
## @param containerSecurityContext Security context for the container
## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
## Example:
## securityContext:
## allowPrivilegeEscalation: false
## readOnlyRootFilesystem: true
## capabilities:
## drop: ["ALL"]
##
containerSecurityContext: {}
## @param podSecurityContext.enabled Enable pod security context
## @param podSecurityContext.fsGroup Group ID for the container
## @param podSecurityContext.runAsUser User ID for the container
##
podSecurityContext:
enabled: true
fsGroup: 1001
runAsUser: 1001
## Container resource requests and limits
## ref: https://kubernetes.io/docs/user-guide/compute-resources/
## We usually recommend not to specify default resources and to leave this as a conscious
## choice for the user. This also increases chances charts run on environments with little
## resources, such as Minikube. If you do want to specify resources, uncomment the following
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
## @param resources.limits The resources limits for the container
## @param resources.requests The requested resources for the container
##
resources:
## Example:
## limits:
## cpu: 50m
## memory: 50Mi
##
limits: {}
## Examples:
## requests:
## cpu: 10m
## memory: 50Mi
##
requests: {}
## Configure extra options for liveness probe
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
## @param livenessProbe.enabled Enable livenessProbe
## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
## @param livenessProbe.periodSeconds Period seconds for livenessProbe
## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
## @param livenessProbe.failureThreshold Failure threshold for livenessProbe
## @param livenessProbe.successThreshold Success threshold for livenessProbe
##
livenessProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 2
successThreshold: 1
## Configure extra options for readiness probe
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
## @param readinessProbe.enabled Enable readinessProbe
## @param readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
## @param readinessProbe.periodSeconds Period seconds for readinessProbe
## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
## @param readinessProbe.failureThreshold Failure threshold for readinessProbe
## @param readinessProbe.successThreshold Success threshold for readinessProbe
##
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
## Configure extra options for startup probe
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-startup-probes/#configure-probes
## @param startupProbe.enabled Enable startupProbe
## @param startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
## @param startupProbe.periodSeconds Period seconds for startupProbe
## @param startupProbe.timeoutSeconds Timeout seconds for startupProbe
## @param startupProbe.failureThreshold Failure threshold for startupProbe
## @param startupProbe.successThreshold Success threshold for startupProbe
##
startupProbe:
enabled: false
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
## @param customLivenessProbe Override default liveness probe
##
customLivenessProbe: {}
## @param customReadinessProbe Override default readiness probe
##
customReadinessProbe: {}
## @param customStartupProbe Override default startup probe
##
customStartupProbe: {}
## @param extraVolumes A list of volumes to be added to the pod
##
extraVolumes: []
## @param extraVolumeMounts A list of volume mounts to be added to the pod
##
extraVolumeMounts: []
## @param podDisruptionBudget Configure PodDisruptionBudget
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
##
podDisruptionBudget: {}
## Prometheus Exporter / Metrics
##
metrics:
## @param metrics.enabled Enable prometheus to access external-dns metrics endpoint
##
enabled: false
## @param metrics.podAnnotations Annotations for enabling prometheus to access the metrics endpoint
##
podAnnotations: {}
## Prometheus Operator ServiceMonitor configuration
##
serviceMonitor:
## @param metrics.serviceMonitor.enabled Create ServiceMonitor object
##
enabled: false
## @param metrics.serviceMonitor.namespace Namespace in which Prometheus is running
##
namespace: ""
## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
##
interval: ""
## @param metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
##
scrapeTimeout: ""
## @param metrics.serviceMonitor.selector Additional labels for ServiceMonitor object
## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration
## e.g:
## selector:
## prometheus: my-prometheus
##
selector: {}
## @param metrics.serviceMonitor.metricRelabelings Specify Metric Relabelings to add to the scrape endpoint
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
##
metricRelabelings: []
## @param metrics.serviceMonitor.relabelings [array] Prometheus relabeling rules
##
relabelings: []
## @param metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint
##
honorLabels: false
## DEPRECATED metrics.serviceMonitor.additionalLabels will be removed in a future release - Please use metrics.serviceMonitor.labels instead
## @param metrics.serviceMonitor.labels Used to pass Labels that are required by the installed Prometheus Operator
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
##
labels: {}
## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus.
##
jobLabel: ""