ExternalDNS is an open-source tool that automates the management of public DNS records for Kubernetes resources such as services and ingresses, that are publicly exposed outside the cluster.
The ExternalDNS solution offers the following capabilities:
Control to developers to manage DNS resources that are usually managed manually by third teams. Example: Infrastructure team.
Ensures that the DNS records are always up-to-date with the current state of the Kubernetes cluster.
Manages a large number of records automatedly.
Simplifies the management of DNS records with improved security.
Deployment of ExternalDNS on Managed Kubernetes
Prerequisites: Ensure that you have the following before you begin:
A domain name that is registered with your domain provider aka Registrar or a subdomain under your control.
Create configuration: Create values file for ExternalDNS Helm chart that includes the plugin configuration. In this example, the values file is called external-dns-ionos-values.yaml.
# OCI image of ExternalDNS that contains the plugin provider feature
image:
registry: ghcr.io
repository: ionos-cloud/external-dns-plugin-provider
tag: latest
# Modify how DNS records are synchronised between sources and providers (default: sync, options: sync, upsert-only, create-only)
policy: sync
# provider needs to be set to plugin
provider: plugin
# url of the provider which the external-dns will target
extraArgs:
plugin-provider-url: http://localhost:8888
# plugin is deployed as sidecar
sidecars:
- name: ionos-plugin
image: ghcr.io/ionos-cloud/external-dns-ionos-plugin:latest
ports:
- containerPort: 8888
name: http
livenessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 10
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 10
timeoutSeconds: 5
env:
# Set port of plugin (value needs to match the container port and plugin provider url port, default value: 8888)
- name: SERVER_PORT
value: "8888"
# Listen on all interfaces for kubernetes probes
- name: SERVER_HOST
value: ""
# Limit possible target zones by a domain suffix (optional)
- name: DOMAIN_FILTER
value: "example1.com,example2.com"
# Exclude subdomains (optional)
- name: EXCLUDE_DOMAIN_FILTER
value: "example3.com"
# Limit possible domains and target zones by a Regex filter. Overrides domain-filter (optional)
- name: REGEXP_DOMAIN_FILTER
value: ".*.example4.com"
# Regex filter that excludes domains and target zones matched by regex-domain-filter (optional)
- name: REGEXP_DOMAIN_FILTER_EXCLUSION
value: ".*.example5.com"
# When enabled, prints DNS record changes rather than actually performing them (default: false)
- name: DRY_RUN
value: "true"
# Token for DNSaaS rest API authentication (mandatory)
- name: IONOS_API_KEY
value: "21215454"
- name: LOG_LEVEL
value: debug
# When enabled debug logs for the DNSaaS rest API are enabled (default: false)
- name: IONOS_DEBUG
value: "true"
Install ExternalDNS: To install ExternalDNS with Bitnami Helm chart, use the following commad:
If you want to use a service, you do not need to install an ingress controller. You can install an ingress controller in the cluster and deploy the application with kubectl by using the following command:
kubectl apply -f echoserver_app.yaml
Result: The deployment of ExternalDNS on Managed Kubernetes is complete.
Verify deployment
You can verify that the application deployed is functioning as expected by using one of the following options.
Access application
Check that the echo server app runs on the subdomain you have specified by using the following command:
curl -I app.example1.com/?echo_code=404-300
Expected result:
HTTP/1.1 404 Not Found
HTTP/1.1 300 Multiple Choices
Check DNS records
Check that the new A and TXT records are created by using the following command: