External-dns: Add Kubernetes CustomResourceDefinition Source
Add a source that lists/watches for a specific CustomResourceDefinition objects.
We could make a CRD the central source for DNS entries. And then just create those objects as needed. This would allow other components to declare DNS entries as well.
linki
All 9 comments
what is the need for that?
ideahitme
on 20 Feb 2017
Would just be an alternative way of defining DNS records from inside Kubernetes in a provider independent way.
linki
on 20 Feb 2017
I would postpone this till we get some simple version running :)
ideahitme
on 20 Feb 2017
We're interested in this, or similar, in cert-manager.
Right now we bake in support for various DNS providers into cert-manager itself in order to update TXT records in order to solve ACME challenges. If we could somehow define a TXT record without directly calling out to DNS provider APIs ourself, it'd be a great addition and simplify our codebase considerably.
Generally speaking, a 'DNS controller' that is not bound to services or ingress would also be very useful.
We have a simple model for managing a similar problem in cert-manager:
A user can define a Certificate resource (our own CRD), which allows for advanced customisation of certificates (e.g. explicit CN or special types of subject alt name). We also allow a user to add a simple annotation (kubernetes.io/tls-acme: "true") on ingress resources. We have a component that watches for Ingress resources with this label, and automatically creates and manages a corresponding Certificate resource in order to fulfil the Certificate. This solves the code duplication problem, and gives user a consistent way to debug validation problems.
This same model could be used to provide a migration/transition path from the current external-dns design to something powered by CRDs/custom resources.
More info on how we do this in cert-manager here: https://github.com/jetstack/cert-manager/tree/master/cmd/ingress-shim
munnerz
on 1 Mar 2018
It would also be nice to be able to use kubectl get dns or something like that to look at the DNS records that external-dns created :)
2rs2ts
on 12 Mar 2018
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale
fejta-bot
on 23 Apr 2019
Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle rotten
fejta-bot
on 23 May 2019
Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/close
fejta-bot
on 22 Jun 2019
@fejta-bot: Closing this issue.
In response to this:
Rotten issues close after 30d of inactivity.
Reopen the issue with/reopen.
Mark the issue as fresh with/remove-lifecycle rotten.Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/close
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
k8s-ci-robot
on 22 Jun 2019
Related issues
Fettah
路
4Comments
neilhwatson
路
3Comments
dryewo
路
3Comments
placydo
路
5Comments
nyetwurk
路
4Comments
Most helpful comment
We're interested in this, or similar, in cert-manager.
Right now we bake in support for various DNS providers into cert-manager itself in order to update TXT records in order to solve ACME challenges. If we could somehow define a TXT record without directly calling out to DNS provider APIs ourself, it'd be a great addition and simplify our codebase considerably.
Generally speaking, a 'DNS controller' that is not bound to services or ingress would also be very useful.
We have a simple model for managing a similar problem in cert-manager:
A user can define a Certificate resource (our own CRD), which allows for advanced customisation of certificates (e.g. explicit CN or special types of subject alt name). We also allow a user to add a simple annotation (
kubernetes.io/tls-acme: "true") on ingress resources. We have a component that watches for Ingress resources with this label, and automatically creates and manages a corresponding Certificate resource in order to fulfil the Certificate. This solves the code duplication problem, and gives user a consistent way to debug validation problems.This same model could be used to provide a migration/transition path from the current external-dns design to something powered by CRDs/custom resources.
More info on how we do this in cert-manager here: https://github.com/jetstack/cert-manager/tree/master/cmd/ingress-shim