github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/external-dns/values.yaml

## Global Docker image parameters
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
## Current available global Docker image parameters: imageRegistry and imagePullSecrets
##
# global:
#   imageRegistry: myRegistryName
#   imagePullSecrets:
#     - myRegistryKeySecretName

## Bitnami external-dns image version
## ref: https://hub.docker.com/r/bitnami/external-dns/tags/
##
image:
  registry: docker.io
  repository: bitnami/external-dns
  tag: 0.6.0-debian-10-r13
  ## Specify a imagePullPolicy
  ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
  ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
  ##
  pullPolicy: IfNotPresent
  ## Optionally specify an array of imagePullSecrets.
  ## Secrets must be manually created in the namespace.
  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
  ##
  # pullSecrets:
  #   - myRegistryKeySecretName

## String to partially override external-dns.fullname template (will maintain the release name)
# nameOverride:

## String to fully override external-dns.fullname template
# fullnameOverride:

## allows filtering for GLOBAL and PRIVATE zones, defaults to GLOBAL.
#  To target both (GLOBAL and PRIVATE zones), set it to empty string (`--oci-zone-scope ""`).
ociDnsScope:

## K8s resources type to be observed for new DNS entries by ExternalDNS
##
sources:
- service
- ingress
# - crd

## DNS provider where the DNS records will be created. Available providers are:
## - aws, azure, azure-private-dns, cloudflare, coredns, designate, digitalocean, google, infoblox, rfc2136, transip
##
provider: aws

## Flags related to processing sources
## ref: https://github.com/kubernetes-sigs/external-dns/blob/master/pkg/apis/externaldns/types.go#L272
##
## Limit sources of endpoints to a specific namespace (default: all namespaces)
##
namespace: ""
## Templated strings that are used to generate DNS names from sources that don't define a hostname themselves
##
fqdnTemplates: []
## Combine FQDN template and annotations instead of overwriting
##
combineFQDNAnnotation: false
## Ignore hostname annotation when generating DNS names, valid only when fqdn-template is set
##
ignoreHostnameAnnotation: false
## Allow external-dns to publish DNS records for ClusterIP services
##
publishInternalServices: false
## Allow external-dns to publish host-ip for headless services
##
publishHostIP: false
## The service types to take care about (default: all, options: ClusterIP, NodePort, LoadBalancer, ExternalName)
##
serviceTypeFilter: []

## AWS configuration to be set via arguments/env. variables
##
aws:
  ## AWS credentials
  ##
  credentials:
    secretKey: ""
    accessKey: ""
    ## pre external-dns 0.5.9 home dir should be `/root/.aws`
    ##
    mountPath: "/.aws"
    ## Use an existing secret with key "credentials" defined.
    ## This ignores aws.credentials.secretKey, and aws.credentials.accessKey
    ##
    # secretName:

  ## AWS region
  ##
  region: "us-east-1"
  ## Zone Filter. Available values are: public, private
  ##
  zoneType: ""
  ## AWS Role to assume
  ##
  assumeRoleArn: ""
  ## Maximum number of changes that will be applied in each batch
  ##
  batchChangeSize: 1000
  ## AWS Zone tags
  ##
  zoneTags: []
  ## Enable AWS Prefer CNAME. Available values are: true, false
  ##
  preferCNAME: ""
  ## Enable AWS evaluation of target health. Available values are: true, false
  ##
  evaluateTargetHealth: ""
## Azure configuration to be set via arguments/env. variables
##
azure:
  ## When a secret to load azure.json is not specified,
  ## the host's /etc/kubernetes/azure.json will be used
  ##
  ## Deprecated: please use tenantId, subscriptionId, aadClientId and aadClientSecret values instead.
  ##
  secretName: ""
  ## Azure resource group to use
  ##
  cloud: ""
  ## Azure Cloud to use
  ##
  resourceGroup: ""
  ## Azure tenant ID to use
  ##
  tenantId: ""
  ## Azure subscription ID to use
  ##
  subscriptionId: ""
  ## Azure Application Client ID to use
  ##
  aadClientId: ""
  ## Azure Application Client Secret to use
  ##
  aadClientSecret: ""
  ## If you use Azure MSI, this should be set to true
  ##
  useManagedIdentityExtension: false

## Cloudflare configuration to be set via arguments/env. variables
##
cloudflare:
  ## `CF_API_TOKEN` to set in the environment
  ##
  apiToken: ""
  ## `CF_API_KEY` to set in the environment
  ##
  apiKey: ""
  ## Use an existing secret with keys "cloudflare_api_token" or "cloudflare_api_key" defined.
  ## This ignores cloudflare.apiToken, and cloudflare.apiKey
  ##
  # secretName:
  ## `CF_API_EMAIL` to set in the environment
  ##
  email: ""
  ## Enable the proxy feature of Cloudflare
  ##
  proxied: true

## CoreDNS configuration to be set via arguments/env variables
##
coredns:
  ## Comma-separated list of the etcd endpoints
  ## Secure (https) endpoints can be used as well, in that case `etcdTLS` section
  ## should be filled in accordingly
  ##
  etcdEndpoints: "http://etcd-extdns:2379"
  ## Configuration of the secure communication and client authentication to the etcd cluster
  ## If enabled all the values under this key must hold a valid data
  ##
  etcdTLS:
    ## Enable or disable secure communication and client authentication to the etcd cluster
    ##
    enabled: false
    ## Name of the existing secret containing cert files for client communication
    ## ref: https://github.com/etcd-io/etcd/blob/master/Documentation/op-guide/security.md
    ## ref (secret creation):
    ##  https://github.com/bitnami/charts/tree/master/bitnami/etcd#configure-certificates-for-client-communication
    ##
    secretName: "etcd-client-certs"
    ## Location of the mounted certificates inside external-dns pod
    ##
    mountPath: "/etc/coredns/tls/etcd"
    ## CA PEM file used to sign etcd TLS cert, should exist in the secret provided above
    ##
    caFilename: "ca.crt"
    ## Certificate PEM file, should exist in the secret provided above
    ## Will be used by external-dns to authenticate against etcd
    ##
    certFilename: "cert.pem"
    ## Private key PEM file, should exist in the secret provided above
    ## Will be used by external-dns to authenticate against etcd
    ##
    keyFilename: "key.pem"

## OpenStack Designate provider configuration to be set via arguments/env. variables
##
designate:
  ## Use a custom CA (optional)
  ##
  customCA:
    enabled: false
    ## The content of the custom CA file
    ##
    content: ""
    ## Location to mount custom CA
    ##
    mountPath: "/config/designate"
    ## Custom CA filename
    ##
    filename: "designate-ca.pem"

  ## Use a host path custom CA (optional)
  ##  This conflicts setting the above customCA to true and chart rendering will fail if you set customCA to true and specify customCAHostPath
  # customCAHostPath: /path/to/cafile

  ## Set Openstack environment variables (optional).  Username and password will be saved in a kubernetes secret.
  ## The alternative to this is to export the necessary Openstack environment variables in the extraEnv argument.
  # username: "someuser"
  # password: "p@55w0rd"
  # authUrl: "https://mykeystone.example.net:5000/v3/"
  # regionName: "dev"
  # userDomainName: "development"
  # projectName: "myteamname"
## DigitalOcean configuration to be set via arguments/env. variables
##
digitalocean:
  ## `DO_TOKEN` to set in the environment
  ##
  apiToken: ""
  ## Use an existing secret with key "digitalocean_api_token" defined.
  ## This ignores digitalocean.apiToken
  ##
  # secretName:

## Google configuration to be set via arguments/env. variables
##
google:
  ## Google Project to use
  ##
  project: ""
  ## Google Application Credentials
  ##
  serviceAccountSecret: ""
  serviceAccountSecretKey: "credentials.json"
  serviceAccountKey: ""

## Infoblox configuration to be set via arguments/env. variables
##
infoblox:
  ## Required keys
  ##
  wapiUsername: "admin"
  wapiPassword: ""
  gridHost: ""
  ## Optional keys
  ##
  domainFilter: ""
  noSslVerify: false
  wapiPort: ""
  wapiVersion: ""
  wapiConnectionPoolSize: ""
  wapiHttpTimeout: ""

## RFC 2136 configuration to be set via arguments/env. variables
##
rfc2136:
  host: ""
  port: 53
  zone: ""
  tsigSecret: ""
  tsigSecretAlg: hmac-sha256
  tsigKeyname: externaldns-key
  tsigAxfr: true

## PowerDNS configuration to be set via arguments/env. variables
##
pdns:
  apiUrl: ""
  apiPort: "8081"
  apiKey: ""

## TransIP configuration to be set via arguments/env. variables
##
transip:
  ## Account name to be used
  ##
  account: ""
  ##
  ## API key that is authorised for the account
  apiKey: ""

## Limit possible target zones by domain suffixes (optional)
##
domainFilters: []
## Limit possible target zones by zone id (optional)
##
zoneIdFilters: []
## Filter sources managed by external-dns via annotation using label selector semantics (optional)
##
annotationFilter: ""
## When enabled, prints DNS record changes rather than actually performing them
##
dryRun: false
## When enabled, triggers run loop on create/update/delete events (optional, in addition of regular interval)
##
triggerLoopOnEvent: false
## Adjust the interval for DNS updates
##
interval: "1m"
## Verbosity of the ExternalDNS logs. Available values are:
## - panic, debug, info, warn, error, fatal
##
logLevel: info
## Formats of the ExternalDNS logs. Available values are:
## - text, json
##
logFormat: text
## Modify how DNS records are sychronized between sources and providers (options: sync, upsert-only)
##
policy: upsert-only
## Registry Type. Available types are: txt, noop
## ref: https://github.com/kubernetes-sigs/external-dns/blob/master/docs/proposal/registry.md
##
registry: "txt"
## TXT Registry Identifier
##
txtOwnerId: ""
## Prefix to create a TXT record with a name following the pattern prefix.<CNAME record>
##
# txtPrefix: ""
## Load balancer service to be used; ie: custom-istio-namespace/custom-istio-ingressgateway.
## Omit to use the default (istio-system/istio-ingressgateway)
##
istioIngressGateways: []

## Extra Arguments to passed to external-dns
##
extraArgs: {}
## Extra env. variable to set on external-dns container.
##
## extraEnv:
## - name: VARNAME1
##   value: value1
## - name: VARNAME2
##   valueFrom:
##     secretKeyRef:
##       name: existing-secret
##       key: varname2-key
extraEnv: []

## Replica count
##
replicas: 1

## Affinity for pod assignment (this value is evaluated as a template)
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
## Node labels for pod assignment (this value is evaluated as a template)
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
##
nodeSelector: {}
## Tolerations for pod assignment (this value is evaluated as a template)
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature
##
tolerations: []
## Annotations for external-dns pods
##
podAnnotations: {}
## Additional labels for the pod(s).
##
podLabels: {}
## Pod priority class name
##
priorityClassName: ""

## Options for the source type "crd"
##
crd:
  ## Install and use the integrated DNSEndpoint CRD
  create: false
  ## Change these to use an external DNSEndpoint CRD (E.g. from kubefed)
  apiversion: ""
  kind: ""

## Kubernetes svc configutarion
##
service:
  ## Kubernetes svc type
  ##
  type: ClusterIP
  port: 7979
  ## Specify the nodePort value for the LoadBalancer and NodePort service types for the client port
  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
  ##
  # nodePort:
  ## Static clusterIP or None for headless services
  ##
  # clusterIP: ""
  ## External IP list to use with ClusterIP service type
  ##
  externalIPs: []
  ## Use loadBalancerIP to request a specific static IP,
  ## otherwise leave blank
  ##
  # loadBalancerIP:
  ## Address that are allowed when svc is LoadBalancer
  ##
  loadBalancerSourceRanges: []
  ## Provide any additional annotations which may be required. This can be used to
  ## set the LoadBalancer service type to internal only.
  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
  ##
  annotations: {}

## RBAC parameteres
## https://kubernetes.io/docs/reference/access-authn-authz/rbac/
##
rbac:
  create: true
  ## Service Account for pods
  ## https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
  ##
  serviceAccountName: default
  ## Annotations for the Service Account
  ##
  serviceAccountAnnotations: {}
  ## RBAC API version
  ##
  apiVersion: v1
  ## Podsecuritypolicy
  ##
  pspEnabled: false

## Kubernetes Security Context
## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext: {}
  # allowPrivilegeEscalation: false
  # readOnlyRootFilesystem: true
  # capabilities:
  #   drop: ["ALL"]
podSecurityContext:
  fsGroup: 1001
  runAsUser: 1001
  # runAsNonRoot: true

## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources: {}
#  limits:
#    cpu: 50m
#    memory: 50Mi
#  requests:
#    memory: 50Mi
#    cpu: 10m

## Liveness Probe. The block is directly forwarded into the deployment, so you can use whatever livenessProbe configuration you want.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
##
livenessProbe:
  httpGet:
    path: /healthz
    port: http
  initialDelaySeconds: 10
  periodSeconds: 10
  timeoutSeconds: 5
  failureThreshold: 2
  successThreshold: 1
## Readiness Probe. The block is directly forwarded into the deployment, so you can use whatever readinessProbe configuration you want.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
##
readinessProbe:
  httpGet:
    path: /healthz
    port: http
  initialDelaySeconds: 5
  periodSeconds: 10
  timeoutSeconds: 5
  failureThreshold: 6
  successThreshold: 1

## Configure extra volumes
extraVolumes: []

## Configure extra volumeMounts
extraVolumeMounts: []

## Prometheus Exporter / Metrics
##
metrics:
  enabled: false
  ## Metrics exporter pod Annotation and Labels
  ##
  # podAnnotations:
  #   prometheus.io/scrape: "true"
  #   prometheus.io/port: "7979"

  ## Prometheus Operator ServiceMonitor configuration
  ##
  serviceMonitor:
    enabled: false
    ## Namespace in which Prometheus is running
    ##
    # namespace: monitoring

    ## Interval at which metrics should be scraped.
    ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
    ##
    # interval: 10s

    ## Timeout after which the scrape is ended
    ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
    ##
    # scrapeTimeout: 10s

    ## ServiceMonitor selector labels
    ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration
    ##
    # selector:
    #   prometheus: my-prometheus