Override default ExternalDNS target
Opened this issue Β· 8 comments
For our environment, we are always using a CNAME on the base domain instead of the status.loadbalancer.IP
from the traefik service. Would it be possible to add an override for all ExternalDNS targets similar to how we must pick an Issuer for cert-manager when deploying switchboard?
Could you provide a more tangible example and maybe a sample of the resource that is currently created and how you want it to look like? π
Sure, see the ingress below:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: test
annotations:
external-dns.alpha.kubernetes.io/target: example.com
spec:
rules:
- host: test.example.com
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: test
port:
name: https
tls:
- hosts:
- test.example.net
secretName: test-example-tls
ExternalDNS would generate a CNAME entry for test.example.com
that points to example.com
.
In our use case, all ingresses would use example.com
as the target and never the loadbalancer IP since it is an internal address. Ideally, we would be able to define a default target similar to the certificate template but for DNS:
certificateTemplate:
spec:
issuerRef:
name: letsencrypt-prod
kind: ClusterIssuer
Thanks!
Would this use case be covered if integrations.externalDNS.targetIPs
(or a similarly named option) would allow setting hostnames?
Yes! That would do perfectly. Perhaps it may be more prudent to just call it integrations.externalDNS.target
similar to ExternalDNS and just have that list support IP or hostnames?
@Elegant996 do you want to take a stab at that? π might take me some time to find time for this otherwise π
@borchero Actually, this might not be an issue if kubernetes-sigs/external-dns#3055 is accepted. I'll leave this here for now but the PR may affect half of this project.
Oh nice, that would be cool π historically, external-dns was rather reluctant to include support for anything ither than the native ingress but letβs see how it turns out this time π
Giving this a bump as being able to use our NLBs hostname for TargetIP would be an ideal solution for our environment.