Overview
This pull request introduces the integration of External-DNS into the
full bundles and adds support for a dns01 ClusterIssuer using
Cloudflare. It enhances the DNS management capabilities for our
deployments by allowing dynamic DNS record management directly from
Kubernetes resources.
Changes Made
1. **External-DNS Integration:**
- Added External-DNS to the full deployment bundles.
- Configured External-DNS to automatically manage DNS records for
services within the Kubernetes cluster ( we must discuss how to
configure external-dns via configmap or create an application in tenant
`external-dns` where we can define values).
We must define some additional annotations for ingresses in order to
make external-dns work , so we must discuss this also which is best
method to configure it ( from configmap or dashboard ).
**2. dns01 ClusterIssuer for Cloudflare:**
- Implemented support for a dns01 ClusterIssuer using Cloudflare.
- This allows for automated certificate issuance via DNS challenge,
leveraging Cloudflare as the DNS provider.
- The configuration can be defined in the Cozystack ConfigMap
3. Default Ingress Configuration:
- Updated the default Ingress resources to use Cloudflare for DNS
challenges.
- Ensured that if the Cloudflare issuer is defined in the Cozystack
ConfigMap, it will be utilized for all default Ingresses, streamlining
the deployment process and improving reliability.
**Benefits**
- Automated DNS Management: With External-DNS, DNS entries will be
created and updated automatically based on the state of Kubernetes
resources, reducing manual overhead.
- Seamless Certificate Management: The dns01 ClusterIssuer integration
allows for automated SSL/TLS certificate issuance, enhancing security
for deployed applications.
- Flexibility in Configuration: Users can easily switch between
different issuers by updating the Cozystack ConfigMap, providing
flexibility in the choice of DNS and certificate management solutions.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
- **New Features**
- Introduced a new `external-dns` release with support for managing DNS
records in Kubernetes.
- Added configuration options for DNS synchronization policies and
provider settings.
- Implemented a new lookup for issuer types in Ingress configurations.
- Expanded configuration with new entries for `external-dns` in multiple
deployment files, enhancing deployment flexibility.
- **Documentation**
- Comprehensive README and configuration schema for the `external-dns`
Helm chart added, detailing installation and customization options.
- **Improvements**
- Enhanced RBAC configuration for flexible permissions management.
- Updated annotations and health check configurations for better service
monitoring.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
Co-authored-by: Andrei Kvapil <kvapss@gmail.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
