Aws-load-balancer-controller: Make R53 integration optional

Created on 6 Apr 2017  路  11Comments  路  Source: kubernetes-sigs/aws-load-balancer-controller

As this gets rolled out to the larger masses, the front-to-back integration may a be no go when individuals find that Route 53 is coupled to the ALB creation.

It would be helpful to have a flag (ENV var) that disables state sync against Route 53. Making the alb-ingress-controller only concerned with ELBV2s (ALBs), TargetGroups, Listeners, and Rules.

Helpful for those who:

  1. Manage their DNS outside of Route53.
  2. Want to plugin their own Route53-handling controller.
  3. Prefer to manually alter Route53 records.

/cc @bigkraig

kindesign
Source
picture joshrosso
👍5

Most helpful comment

Good point @hjacobs. Having R53 integrated into this controller takes on too many concerns as is.

picture joshrosso on 5 May 2017
👍2

All 11 comments

:+1:

When we started this the only way to do host based routing was using multiple ALBs, now that AWS supports host based routing, the close coupling of R53 names is not needed. Long term I would prefer to strip it completely and create another controller that manages R53.

bigkraig picture bigkraig on 6 Apr 2017

Another use case, which is a subset of 2) and 3) : you want to gradually shift traffic from one cluster to another, e.g. because of an invasive cluster upgrade.

therc picture therc on 7 Apr 2017

Yes, agreed @therc.

joshrosso picture joshrosso on 9 Apr 2017

It would be good to remove Route53 sync from this ALB controller as there is already a controller to manage Route53 entries (also for Ingress): https://github.com/kubernetes-incubator/external-dns

hjacobs picture hjacobs on 4 May 2017

Good point @hjacobs. Having R53 integrated into this controller takes on too many concerns as is.

joshrosso picture joshrosso on 5 May 2017
👍2

Is there any active work to decouple this? If not, I may take a stab at it. I am using Route53, but the zone is in a different AWS account than the ALB, so I need to handle credentials separately. I was planning on editing this project to allow that, but it sounds like there isn't any interest in changing the Route53 bits here at this point.

justinclayton picture justinclayton on 8 Jun 2017

AFAIK nothing active right now, if you want to get it started I can lend a few minutes here and there to help.

My only concern with relying on the existing DNS controller is that it uses TXT records which I would prefer to not to place into public zones, but I don't think that its worth holding up this work over that.

bigkraig picture bigkraig on 8 Jun 2017
👍1

Thanks @bigkraig. My use case would be using a private zone anyway, so I can move forward without dealing with that at a broader level.

justinclayton picture justinclayton on 8 Jun 2017

@bigkraig if you are referring to the "ownership" concept in External DNS which uses TXT records: this can easily be disabled (and the idea is to have it pluggable so record ownership can be tracked somewhere else). See https://github.com/kubernetes-incubator/external-dns/blob/master/docs/proposal/registry.md

hjacobs picture hjacobs on 8 Jun 2017
1

@hjacobs awesome!

bigkraig picture bigkraig on 9 Jun 2017

Has there been any movement on decoupling these? I'd rather not have to maintain another alb for a domain that is not in route53 if possible.

jwhitcraft picture jwhitcraft on 29 Jun 2017
Was this page helpful?
0 / 5 - 0 ratings

Related issues

jchoi926 picture jchoi926  路  3Comments
amalagaura picture amalagaura  路  4Comments
brylex418 picture brylex418  路  4Comments
sawanoboly picture sawanoboly  路  5Comments
joseppla picture joseppla  路  5Comments