CI: replace Terraform with external-dns
Summary
Per Slack comment
When resolving gitlab-org/gitlab-ee#7683, I implemented the use of ephemeral IPs for Ingress combined with external-dns
for the automated updates to the DNS records associated with deployments. This turned out rather simple, and more direct than using Terraform to manage the lifecycle of static IP reservations & DNS records. It simplifies the pipeline, reduces requirements & versions to manage.
Detail
- Remove
terraform_init
,terraform_up
,terraform_down
functions from.gitlab-ci.yml
- Remove Terraform from registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base
- Remove the use of
$DOMAIN_IP
, as it is populated from Terraform and not needed when using ephemeral IPs for theIngress
es - Remove
global.hosts.exteernalIP
fromdeploy()
function. - Close #81 (closed) as moot.
- Add a step to CI that ensures
external-dns
is deployed & running - Add ingress annotations to configure a low TTL value on the DNS records.
Research
How to automate the deployment of a single instance of external-dns
in the CI cluster, in an automated fashion. Using our existing domain, we'll want to use google.serviceAccountSecert for a service account with specific access to the cloud dns namespace.
Edited by Ian Baum