External-dns: TXT registry with apex records
We're having an issue with external-dns not creating the apex record for our zone due to there already being other TXT records on it. This is a pretty common case, with many applications and protocols working via defining a TXT record on the zone root (SPF, site ownership checks, etc).
Currently, external-dns bails out with these logs:
time="2018-08-27T09:27:04Z" level=debug msg="Skipping endpoint our-domain.tld 0 IN A 1.2.3.4 because owner id does not match, found: \"\", required: \"default\""
time="2018-08-27T09:27:04Z" level=debug msg="Skipping endpoint our-domain.tld 300 IN TXT v=spf1 include:spf.protection.outlook.com -all because owner id does not match, found: \"\", required: \"default\""
Adding the required ownership record manually also does not seem work (it occurs to me I may just have gotten unlucky in testing and it _sometimes_ would have worked, with returned order being random?)
Additionally, setting --txt-prefix does not appear to have an effect on apex records? It still seems to read from the apex TXT record, rather than myprefix.our-domain.tld.
carlpett
All 18 comments
FWIW, I'm trying to find a work-around for this too.
I want my website example.com and www.example.com to both be handled by a server running in my kube cluster.
I use external-dns to manage DNS for the cluster. (The cluster in turn runs in AWS.)
But my email domain example.com is of course protected by an SPF TXT record.
As a work-around, I can manually jam the right A record into DNS, but as soon as something needs updating, this will be fragile and fall apart.
jwatte
on 6 Sep 2018
duplicate of #449
The-Loeki
on 13 Sep 2018
I see this issue the other way. I am such a huge fan of external-dns specifically because it uses A records, allowing easy updates for the apex!
Now I want to add an SPF to my existing external-dns TXT record, but it doesn't like to share. I have some ideas:
- Just use a custom subdomain for the TXT record like ACME does (__acme-challenge...)
- Maybe this could be configurable like the fqdn template is? Then we could set it for non-apex records at will (because who knows what other use case people have for their TXT records)
- Use a nice regex "clamp" so you can embed with other data in the same record (###MYDNSDATA### or something?)
- Use a single record with a parsable list in it for the whole zone?
- Maybe this could be configurable like the fqdn template is? Then we could set it for non-apex records at will (because who knows what other use case people have for their TXT records)
Edit: I wasn't aware of --txt-prefix option. Shame it doesn't work? That should basically solve this!
Nuxij
on 23 Sep 2018
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale
fejta-bot
on 25 Apr 2019
/lifecycle active
jwatte
on 27 Apr 2019
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale
fejta-bot
on 26 Jul 2019
/remove-lifecycle stale
frittentheke
on 2 Aug 2019
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale
fejta-bot
on 28 Jan 2020
/remove-lifecycle stale
frittentheke
on 28 Jan 2020
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale
fejta-bot
on 27 Apr 2020
/remove-lifecycle stale
frittentheke
on 28 Apr 2020
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale
fejta-bot
on 27 Jul 2020
/remove-lifecycle stale
itskingori
on 27 Jul 2020
/kind bug
/triage duplicate
As previously mentioned this might be a duplicate of #449. Might want to consider closing this one in the future.
seanmalloy
on 14 Aug 2020
/close
itskingori
on 14 Aug 2020
@itskingori: You can't close an active issue/PR unless you authored it or you are a collaborator.
In response to this:
/close
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
k8s-ci-robot
on 14 Aug 2020
/close
seanmalloy
on 14 Aug 2020
@seanmalloy: Closing this issue.
In response to this:
/close
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
k8s-ci-robot
on 14 Aug 2020
Related issues
amalucelli
路
4Comments
neilhwatson
路
3Comments
naveeng68
路
4Comments
neilhwatson
路
4Comments
njuettner
路
4Comments