ExternalDNS for Managed Kubernetes
ExternalDNS is an open-source tool that automates the management of public DNS records for Kubernetes resources such as services and ingresses, that are publicly exposed outside the cluster.
The ExternalDNS solution offers the following capabilities:
- Control to developers to manage DNS resources that are usually managed manually by third teams. Example: Infrastructure team.
- Ensures that the DNS records are always up-to-date with the current state of the Kubernetes cluster.
- Manages a large number of records automatedly.
- Simplifies the management of DNS records with improved security.
Prerequisites: Ensure that you have the following before you begin:
- A domain name that is registered with your domain provider aka Registrar or a subdomain under your control.
- An IONOS Managed Kubernetes cluster.
- The Helm tool for installing a Helm chart.
Follow these steps to set up ExternalDNS for your Managed Kubernetes with IONOS DNS Provider Cloud DNS:
- 1.Prepare domain name: You need to first Create a DNS Zone for your domain name with Cloud DNS and then Connect Domain Name to Cloud DNS.
- 2.Add Helm chart: Add the Bitnami Helm repository, which contains the official external-dns Helm chart.
helm repo add bitnami https://charts.bitnami.com/bitnami
- 3.Create configuration: Create values file for ExternalDNS Helm chart that includes the plugin configuration. In this example, the values file is called external-dns-ionos-values.yaml.
# OCI image of ExternalDNS that contains the plugin provider feature
image:
registry: ghcr.io
repository: ionos-cloud/external-dns-plugin-provider
tag: latest
# Modify how DNS records are synchronised between sources and providers (default: sync, options: sync, upsert-only, create-only)
policy: sync
# provider needs to be set to plugin
provider: plugin
# url of the provider which the external-dns will target
extraArgs:
plugin-provider-url: http://localhost:8888
# plugin is deployed as sidecar
sidecars:
- name: ionos-plugin
image: ghcr.io/ionos-cloud/external-dns-ionos-plugin:latest
ports:
- containerPort: 8888
name: http
livenessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 10
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 10
timeoutSeconds: 5
env:
# Set port of plugin (value needs to match the container port and plugin provider url port, default value: 8888)
- name: SERVER_PORT
value: "8888"
# Listen on all interfaces for kubernetes probes
- name: SERVER_HOST
value: ""
# Limit possible target zones by a domain suffix (optional)
- name: DOMAIN_FILTER
value: "example1.com,example2.com"
# Exclude subdomains (optional)
- name: EXCLUDE_DOMAIN_FILTER
value: "example3.com"
# Limit possible domains and target zones by a Regex filter. Overrides domain-filter (optional)
- name: REGEXP_DOMAIN_FILTER
value: ".*.example4.com"
# Regex filter that excludes domains and target zones matched by regex-domain-filter (optional)
- name: REGEXP_DOMAIN_FILTER_EXCLUSION
value: ".*.example5.com"
# When enabled, prints DNS record changes rather than actually performing them (default: false)
- name: DRY_RUN
value: "true"
# Token for DNSaaS rest API authentication (mandatory)
- name: IONOS_API_KEY
value: "21215454"
- name: LOG_LEVEL
value: debug
# When enabled debug logs for the DNSaaS rest API are enabled (default: false)
- name: IONOS_DEBUG
value: "true"
- 4.Install ExternalDNS: To install ExternalDNS with Bitnami Helm chart, use the following commad:
helm install external-dns-ionos bitnami/external-dns -f external-dns-ionos-values.yaml
- 5.Deploy application: Follow this step to deploy an application:
- Deploy an echo server application by using the file echoserver_app.yaml.
apiVersion: apps/v1
kind: Deployment
metadata:
name: echoserver
namespace: echoserver
spec:
replicas: 1
selector:
matchLabels:
app: echoserver
template:
metadata:
labels:
app: echoserver
spec:
containers:
- image: ealen/echo-server:latest
imagePullPolicy: IfNotPresent
name: echoserver
ports:
- containerPort: 80
env:
- name: PORT
value: "80"
---
apiVersion: v1
kind: Service
metadata:
name: echoserver
namespace: echoserver
spec:
ports:
- port: 80
targetPort: 80
protocol: TCP
type: ClusterIP
selector:
app: echoserver
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: echoserver
namespace: echoserver
annotations:
kubernetes.io/ingress.class: nginx
spec:
rules:
- host: app.example1.com #This is your subdomain / record name
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: echoserver
port:
number: 80
If you want to use a service, you do not need to install an ingress controller. You can install an ingress controller in the cluster and deploy the application with kubectl by using the following command:
kubectl apply -f echoserver_app.yaml
Result: The deployment of ExternalDNS on Managed Kubernetes is complete.
You can verify that the application deployed is functioning as expected by using one of the following options.
Check that the echo server app runs on the subdomain you have specified by using the following command:
curl -I app.example1.com/?echo_code=404-300
Expected result:
HTTP/1.1 404 Not Found
HTTP/1.1 300 Multiple Choices
Check that the new A and TXT records are created by using the following command:
curl --location --request GET 'https://dns.de-fra.ionos.com/records?filter.name=app' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJraWQiOiI4MmE5' \
--data ''
Last modified 25d ago