From 3d676df8973f829e317778aa5be0906e5b040eef Mon Sep 17 00:00:00 2001 From: rawmind0 Date: Thu, 29 Mar 2018 18:01:21 +0200 Subject: [PATCH] Feat: infoblox package option to use rancher secrets intead env variable for password --- infra-templates/infoblox/1/README.md | 7 ++++ infra-templates/infoblox/1/docker-compose.yml | 16 --------- .../infoblox/1/docker-compose.yml.tpl | 35 +++++++++++++++++++ .../infoblox/1/rancher-compose.yml | 2 +- 4 files changed, 43 insertions(+), 17 deletions(-) delete mode 100644 infra-templates/infoblox/1/docker-compose.yml create mode 100644 infra-templates/infoblox/1/docker-compose.yml.tpl diff --git a/infra-templates/infoblox/1/README.md b/infra-templates/infoblox/1/README.md index 3f3636b..e012c6e 100644 --- a/infra-templates/infoblox/1/README.md +++ b/infra-templates/infoblox/1/README.md @@ -4,6 +4,13 @@ Rancher External DNS service powered by Infoblox DNS #### Usage +##### Using Rancher Secrets for infloblox Password + +Optionally, you can use the Rancher Secrets to pass infloblox password instead of using environment variable. +1. Run the Rancher Secrets service before deploying this provider stack. +2. Create a secret named "infoblox-pass". +3. Deploy this stack, emptying `Infoblox password` field. + ##### Supported host labels `io.rancher.host.external_dns_ip` diff --git a/infra-templates/infoblox/1/docker-compose.yml b/infra-templates/infoblox/1/docker-compose.yml deleted file mode 100644 index 9208a36..0000000 --- a/infra-templates/infoblox/1/docker-compose.yml +++ /dev/null @@ -1,16 +0,0 @@ -infoblox: - image: rancher/external-dns:v0.7.8 - command: -provider=infoblox - expose: - - 1000 - environment: - INFOBLOX_URL: ${INFOBLOX_URL} - INFOBLOX_USER_NAME: ${INFOBLOX_USER_NAME} - INFOBLOX_PASSWORD: ${INFOBLOX_PASSWORD} - ROOT_DOMAIN: ${ROOT_DOMAIN} - SSL_VERIFY: ${SSL_VERIFY} - USE_COOKIES: ${USE_COOKIES} - TTL: ${TTL} - labels: - io.rancher.container.create_agent: "true" - io.rancher.container.agent.role: "external-dns" diff --git a/infra-templates/infoblox/1/docker-compose.yml.tpl b/infra-templates/infoblox/1/docker-compose.yml.tpl new file mode 100644 index 0000000..817104e --- /dev/null +++ b/infra-templates/infoblox/1/docker-compose.yml.tpl @@ -0,0 +1,35 @@ +version: '2' +services: + infoblox: + image: rancher/external-dns:v0.7.8 + expose: + - 1000 + environment: + INFOBLOX_URL: ${INFOBLOX_URL} + INFOBLOX_USER_NAME: ${INFOBLOX_USER_NAME} + INFOBLOX_PASSWORD: ${INFOBLOX_PASSWORD} + INFOBLOX_SECRET: '/run/secrets/infoblox-pass' + ROOT_DOMAIN: ${ROOT_DOMAIN} + SSL_VERIFY: ${SSL_VERIFY} + USE_COOKIES: ${USE_COOKIES} + TTL: ${TTL} + labels: + io.rancher.container.create_agent: "true" + io.rancher.container.agent.role: "external-dns" +{{- if ne .Values.INFOBLOX_PASSWORD ""}} + command: -provider=infoblox +{{- else}} + entrypoint: + - bash + - -c + - 'INFOBLOX_PASSWORD=$$(cat $${INFOBLOX_SECRET}) /usr/bin/rancher-entrypoint.sh -provider=infoblox' + secrets: + - mode: '0444' + uid: '0' + gid: '0' + source: 'infoblox-pass' + target: '' +secrets: + infoblox-pass: + external: 'true' +{{- end}} diff --git a/infra-templates/infoblox/1/rancher-compose.yml b/infra-templates/infoblox/1/rancher-compose.yml index 809f055..6425436 100644 --- a/infra-templates/infoblox/1/rancher-compose.yml +++ b/infra-templates/infoblox/1/rancher-compose.yml @@ -19,7 +19,7 @@ label: "Infoblox password" description: "Infoblox password for your Infoblox service" type: "password" - required: true + required: false - variable: "SSL_VERIFY" label: "Ssl verify" description: "Infoblox Ssl verify for your Infoblox service"