/route53-kubernetes

Sync Kubernetes Services with AWS Route53

Primary LanguageGoMIT LicenseMIT

Kubernetes => Route53 Mapping Service

This is a Kubernetes service that polls services (in all namespaces) that are configured with the label dns=route53 and adds the appropriate alias to the domain specified by the annotation domainName=sub.mydomain.io.

For example, give the below Kubernetes service definition:

apiVersion: v1
kind: Service
metadata:
  name: my-app
  labels:
    app: my-app
    role: web
    dns: route53
  annotations:
    domainName: "test.mydomain.com"
spec:
  selector:
    app: my-app
    role: web
  ports:
  - name: web
    port: 80
    protocol: TCP
    targetPort: web
  - name: web-ssl
    port: 443
    protocol: TCP
    targetPort: web-ssl
  type: LoadBalancer

An "A" record for test.mydomain.com will be created as an alias to the ELB that is configured by kubernetes. This assumes that a hosted zone exists in Route53 for mydomain.com. Any record that previously existed for that dns record will be updated.

This service expects that it's running on a Kubernetes node on AWS and that the IAM profile for that node is set up to allow the following, along with the default permissions needed by Kubernetes:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "route53:ListHostedZonesByName",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "elasticloadbalancing:DescribeLoadBalancers",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "route53:ChangeResourceRecordSets",
            "Resource": "*"
        }
    ]
}