External-dns: hostname annotation with ingress resource

Created on 28 Nov 2017  路  4Comments  路  Source: kubernetes-sigs/external-dns

I'm working with nginx ingress controller where the host field points to the external address of my application (ex. app.myapp.com) and I use a CloudFront distribution in front of.

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: my-ingress
spec:
  rules:
  - host: app.myapp.com
    http:
      paths:
      - path: /
        backend:
          serviceName: my-application
          servicePort: 4000

I also use a public Route 53 zone for my k8s cluster (ex. k8s.myapp.com) that ExternalDNS manages.

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: external-dns
  namespace: kube-system
spec:
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: external-dns
    spec:
      tolerations:
      - effect: NoSchedule
        key: node-role.kubernetes.io/master
      nodeSelector:
        kubernetes.io/role: master
      containers:
      - name: external-dns
        image: registry.opensource.zalan.do/teapot/external-dns:v0.4.7
        args:
        - --source=service
        - --source=ingress
        - --domain-filter=k8s.myapp.com
        - --provider=aws
        - --policy=upsert-only
        - --registry=txt
        - --txt-owner-id=k8s-cluster-name
        resources:
          limits:
            cpu: 100m
            memory: 30Mi
          requests:
            cpu: 10m
            memory: 20Mi

Today I've to configure in my myapp.com Route 53 zone the address app.myapp.com directly to the CloudFront distrubution DNS address (this isn't a problem).

In my CloudFront distribution, I've to manually configure the Origin Domain Name to the DNS address of ELB resource that my nginx ingress controller has provisioned. If by some reason this resource change or get's replaced, I've to manually point to the new ELB DNS address.

Is there any way where I can make ExternalDNS configure a record in my k8s zone (ex. k8s.myapp.com) that differs from the host field of my ingress resource? This way would allow me to configure in my CloudFront distribution a fixed record like app-myapp-com.k8s.myapp.com and ExternalDNS would updated that resource with the new ELB DNS address if something happens with my ingress resource.

I thought to solve this with the annotation external-dns.alpha.kubernetes.io/hostname, but I saw that only works with the Service or LoadBalancer resource.

Reading the FAQ (https://github.com/kubernetes-incubator/external-dns/blob/master/docs/faq.md#how-do-i-specify-dns-name-for-my-kubernetes-objects
), I also have found how the ExternalDNS pick the order by the host field specified for the ingress object and only process the annotation for Service or LoadBalancer resources.

I also found the --fqdn-template config, that maybe could resolve this cenario, but I didn't find enought information if this flag could be applied to my case.

Obs: Configure ExternalDNS to manage directly the myapp.com zone in Route 53 isn't a option today (different accounts).

picture amalucelli

Most helpful comment

@hjacobs I just thought the same. @amalucelli please try the "fake" hostname rule that @hjacobs proposed and see if it makes more sense to you over that annotation. If not then we can add this to Ingress as well.

picture linki on 28 Nov 2017
👍2

All 4 comments

We (in Zalando) simply add another "host" rule in the Ingress for this kind of scenario (pointing to the same backend). This should work as expected: External DNS will create two records pointing to the same address.

hjacobs picture hjacobs on 28 Nov 2017
👍1

@linki maybe we can just also support the external-dns.alpha.kubernetes.io/hostname annotation on Ingress objects? It won't hurt...

hjacobs picture hjacobs on 28 Nov 2017
👍1

@hjacobs I just thought the same. @amalucelli please try the "fake" hostname rule that @hjacobs proposed and see if it makes more sense to you over that annotation. If not then we can add this to Ingress as well.

linki picture linki on 28 Nov 2017
👍2

The solution proposed by @hjacobs worked! I didn't had to point to any backend, just a single line with host rule refering to another DNS did the job (ended in the default-backend).

Maybe the annotation external-dns.alpha.kubernetes.io/hostname could be more elegant, as I only want to inform ExternalDNS to create another DNS address pointing to the refered ingress address.

With the solution proposed, another server was created in nginx controller and it will never recive any traffic.

amalucelli picture amalucelli on 29 Nov 2017
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

naveeng68 picture naveeng68  路  4Comments
linki picture linki  路  4Comments
ysoldak picture ysoldak  路  3Comments
Fettah picture Fettah  路  4Comments
bzon picture bzon  路  3Comments