From ee79d0da01aeb3a1df2d382b26272205ebc5606f Mon Sep 17 00:00:00 2001 From: juan-vg Date: Mon, 18 Nov 2024 14:09:39 +0100 Subject: [PATCH 1/4] Improve sources' docs to mention '--managed-record-types' * Also add some CRD examples for AWS and Cloudflare --- docs/sources/mx-record.md | 4 +- docs/sources/ns-record.md | 6 +++ docs/sources/service.md | 16 +++++--- docs/sources/txt-record.md | 4 +- docs/tutorials/aws.md | 72 ++++++++++++++++++++++++++++++++++-- docs/tutorials/cloudflare.md | 67 ++++++++++++++++++++++++++++++++- docs/tutorials/pdns.md | 4 +- 7 files changed, 155 insertions(+), 18 deletions(-) diff --git a/docs/sources/mx-record.md b/docs/sources/mx-record.md index 725491b235..3abf618a25 100644 --- a/docs/sources/mx-record.md +++ b/docs/sources/mx-record.md @@ -3,10 +3,10 @@ You can create and manage MX records with the help of [CRD source](../contributing/crd-source.md) and `DNSEndpoint` CRD. Currently, this feature is only supported by `aws`, `azure`, `google` and `digitalocean` providers. -In order to start managing MX records you need to set the `--managed-record-types MX` flag. +In order to start managing MX records you need to set the `--managed-record-types=MX` flag. ```console -external-dns --source crd --provider {aws|azure|google|digitalocean} --managed-record-types A --managed-record-types CNAME --managed-record-types MX +external-dns --source crd --provider {aws|azure|google|digitalocean} --managed-record-types=A --managed-record-types=CNAME --managed-record-types=MX ``` Targets within the CRD need to be specified according to the RFC 1034 (section 3.6.1). Below is an example of diff --git a/docs/sources/ns-record.md b/docs/sources/ns-record.md index 4250aed750..9baba533e5 100644 --- a/docs/sources/ns-record.md +++ b/docs/sources/ns-record.md @@ -3,6 +3,12 @@ You can create NS records with the help of [CRD source](../contributing/crd-source.md) and `DNSEndpoint` CRD. +In order to start managing NS records you need to set the `--managed-record-types=NS` flag. + +```console +external-dns --source crd --managed-record-types=A --managed-record-types=CNAME --managed-record-types=NS +``` + Consider the following example ```yaml diff --git a/docs/sources/service.md b/docs/sources/service.md index c112408d09..0e13c5bdc7 100644 --- a/docs/sources/service.md +++ b/docs/sources/service.md @@ -35,7 +35,7 @@ the value of the Pod's `spec.hostname` field and a `.`. ## Targets -If the Service has an `external-dns.alpha.kubernetes.io/target` annotation, uses +If the Service has an `external-dns.alpha.kubernetes.io/target` annotation, uses the values from that. Otherwise, the targets of the DNS entries created from a service are sourced depending on the Service's `spec.type`: @@ -61,7 +61,7 @@ also iterates over the Endpoints's `subsets.notReadyAddresses`. 1. If an address does not target a `Pod` that matches the Service's `spec.selector`, it is ignored. -2. If the target pod has an `external-dns.alpha.kubernetes.io/target` annotation, uses +2. If the target pod has an `external-dns.alpha.kubernetes.io/target` annotation, uses the values from that. 3. Otherwise, if the Service has an `external-dns.alpha.kubernetes.io/endpoints-type: NodeExternalIP` @@ -87,13 +87,13 @@ and has a `status.phase` of `Running`. Otherwise iterates over all Nodes, of any Iterates over each relevant Node's `status.addresses`: -1. If there is an `external-dns.alpha.kubernetes.io/access: public` annotation on the Service, uses both addresses with +1. If there is an `external-dns.alpha.kubernetes.io/access: public` annotation on the Service, uses both addresses with a `type` of `ExternalIP` and IPv6 addresses with a `type` of `InternalIP`. -2. Otherwise, if there is an `external-dns.alpha.kubernetes.io/access: private` annotation on the Service, uses addresses with +2. Otherwise, if there is an `external-dns.alpha.kubernetes.io/access: private` annotation on the Service, uses addresses with a `type` of `InternalIP`. -3. Otherwise, if there is at least one address with a `type` of `ExternalIP`, uses both addresses with +3. Otherwise, if there is at least one address with a `type` of `ExternalIP`, uses both addresses with a `type` of `ExternalIP` and IPv6 addresses with a `type` of `InternalIP`. 4. Otherwise, uses addresses with a `type` of `InternalIP`. @@ -101,9 +101,13 @@ a `type` of `ExternalIP` and IPv6 addresses with a `type` of `InternalIP`. Also iterates over the Service's `spec.ports`, creating a SRV record for each port which has a `nodePort`. The SRV record has a service of the Service's `name`, a protocol taken from the port's `protocol` field, a priority of `0` and a weight of `50`. -In order for SRV records to be created, the `--managed-record-types`must have been specified, including `SRV` +In order for SRV records to be created, the `--managed-record-types` must have been specified, including `SRV` as one of the values. +```console +external-dns ... --managed-record-types=A --managed-record-types=CNAME --managed-record-types=SRV +``` + ### ExternalName 1. If the Service has one or more `spec.externalIPs`, uses the values in that field. diff --git a/docs/sources/txt-record.md b/docs/sources/txt-record.md index 1786d24991..89ba458b42 100644 --- a/docs/sources/txt-record.md +++ b/docs/sources/txt-record.md @@ -3,10 +3,10 @@ You can create and manage TXT records with the help of [CRD source](../contributing/crd-source.md) and `DNSEndpoint` CRD. Currently, this feature is only supported by `digitalocean` providers. -In order to start managing TXT records you need to set the `--managed-record-types TXT` flag. +In order to start managing TXT records you need to set the `--managed-record-types=TXT` flag. ```console -external-dns --source crd --provider {digitalocean} --managed-record-types A --managed-record-types CNAME --managed-record-types TXT +external-dns --source crd --provider {digitalocean} --managed-record-types=A --managed-record-types=CNAME --managed-record-types=TXT ``` Targets within the CRD need to be specified according to the RFC 1035 (section 3.3.14). Below is an example of diff --git a/docs/tutorials/aws.md b/docs/tutorials/aws.md index c5797092b9..afe765a695 100644 --- a/docs/tutorials/aws.md +++ b/docs/tutorials/aws.md @@ -233,11 +233,11 @@ kubectl create secret generic external-dns \ Follow the steps under [Deploy ExternalDNS](#deploy-externaldns) using either RBAC or non-RBAC. Make sure to uncomment the section that mounts volumes, so that the credentials can be mounted. > [!TIP] -> By default ExternalDNS takes the profile named `default` from the credentials file. If you want to use a different -> profile, you can set the environment variable `EXTERNAL_DNS_AWS_PROFILE` to the desired profile name or use the +> By default ExternalDNS takes the profile named `default` from the credentials file. If you want to use a different +> profile, you can set the environment variable `EXTERNAL_DNS_AWS_PROFILE` to the desired profile name or use the > `--aws-profile` command line argument. It is even possible to use more than one profile at ones, separated by space in -> the environment variable `EXTERNAL_DNS_AWS_PROFILE` or by using `--aws-profile` multiple times. In this case -> ExternalDNS looks for the hosted zones in all profiles and keeps maintaining a mapping table between zone and profile +> the environment variable `EXTERNAL_DNS_AWS_PROFILE` or by using `--aws-profile` multiple times. In this case +> ExternalDNS looks for the hosted zones in all profiles and keeps maintaining a mapping table between zone and profile > in order to be able to modify the zones in the correct profile. ### IAM Roles for Service Accounts @@ -987,3 +987,67 @@ There are 3 options to control batch size for AWS provider: Default values for flags `aws-batch-change-size-bytes` and `aws-batch-change-size-values` are taken from [AWS documentation](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSLimitations.html#limits-api-requests) for Route53 API. **You should not change those values until you really have to.**
Because those limits are in place, `aws-batch-change-size` can be set to any value: Even if your batch size is `4000` records, your change will be split to separate batches due to bytes/values size limits and apply request will be finished without issues. + + +## Using CRD source to manage DNS records in AWS + +[CRD source](https://github.com/kubernetes-sigs/external-dns/blob/master/docs/contributing/crd-source.md) provides a generic mechanism and declarative way to manage DNS records in AWS using external-dns. + +**Not all the record types are enabled by default so we must enable the required record types using `--managed-record-types`.** + +```bash +external-dns --source=crd --provider=aws \ + --domain-filter=example.com \ + --managed-record-types=A \ + --managed-record-types=CNAME \ + --managed-record-types=NS +``` + +* Example for record type `A` + +```yaml +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: examplearecord +spec: + endpoints: + - dnsName: example.com + recordTTL: 60 + recordType: A + targets: + - 10.0.0.1 +``` + +* Example for record type `CNAME` + +```yaml +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: examplecnamerecord +spec: + endpoints: + - dnsName: test-a.example.com + recordTTL: 300 + recordType: CNAME + targets: + - example.com +``` + +* Example for record type `NS` + +```yaml +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: ns-record +spec: + endpoints: + - dnsName: zone.example.com + recordTTL: 300 + recordType: NS + targets: + - ns1.example.com + - ns2.example.com +``` diff --git a/docs/tutorials/cloudflare.md b/docs/tutorials/cloudflare.md index 71d5cc670a..50b431724b 100644 --- a/docs/tutorials/cloudflare.md +++ b/docs/tutorials/cloudflare.md @@ -58,7 +58,7 @@ Then apply one of the following manifests file to deploy ExternalDNS. Create a values.yaml file to configure ExternalDNS to use CloudFlare as the DNS provider. This file should include the necessary environment variables: ```yaml -provider: +provider: name: cloudflare env: - name: CF_API_KEY @@ -76,7 +76,7 @@ env: Use this in your values.yaml, if you are using API Token: ```yaml -provider: +provider: name: cloudflare env: - name: CF_API_TOKEN @@ -307,3 +307,66 @@ Using the `external-dns.alpha.kubernetes.io/cloudflare-proxied: "true"` annotati Using the `external-dns.alpha.kubernetes.io/cloudflare-region-key` annotation on your ingress, you can restrict which data centers can decrypt and serve HTTPS traffic. A list of available options can be seen [here](https://developers.cloudflare.com/data-localization/regional-services/get-started/). If not set the value will default to `global`. + +## Using CRD source to manage DNS records in Cloudflare + +[CRD source](https://github.com/kubernetes-sigs/external-dns/blob/master/docs/contributing/crd-source.md) provides a generic mechanism and declarative way to manage DNS records in Cloudflare using external-dns. + +**Not all the record types are enabled by default so we must enable the required record types using `--managed-record-types`.** + +```bash +external-dns --source=crd --provider=cloudflare \ + --domain-filter=example.com \ + --managed-record-types=A \ + --managed-record-types=CNAME \ + --managed-record-types=NS +``` + +* Example for record type `A` + +```yaml +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: examplearecord +spec: + endpoints: + - dnsName: example.com + recordTTL: 60 + recordType: A + targets: + - 10.0.0.1 +``` + +* Example for record type `CNAME` + +```yaml +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: examplecnamerecord +spec: + endpoints: + - dnsName: test-a.example.com + recordTTL: 300 + recordType: CNAME + targets: + - example.com +``` + +* Example for record type `NS` + +```yaml +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: ns-record +spec: + endpoints: + - dnsName: zone.example.com + recordTTL: 300 + recordType: NS + targets: + - ns1.example.com + - ns2.example.com +``` diff --git a/docs/tutorials/pdns.md b/docs/tutorials/pdns.md index edcd651f69..d239c3f07a 100644 --- a/docs/tutorials/pdns.md +++ b/docs/tutorials/pdns.md @@ -178,6 +178,8 @@ $ dig @${PDNS_FQDN} echo.example.com. [CRD source](https://github.com/kubernetes-sigs/external-dns/blob/master/docs/contributing/crd-source.md) provides a generic mechanism and declarative way to manage DNS records in PowerDNS using external-dns. +Not all the record types are enabled by default so we can enable the required record types using `--managed-record-types`. + ```bash external-dns --source=crd --provider=pdns \ --pdns-server={{ pdns-api-url }} \ @@ -190,8 +192,6 @@ external-dns --source=crd --provider=pdns \ --managed-record-types=SRV ``` -Not all the record types are enabled by default so we can enable the required record types using `--managed-record-types`. - * Example for record type `A` ```yaml From 71c5a05183752700892d290e00798bd14653f1f0 Mon Sep 17 00:00:00 2001 From: juan-vg Date: Tue, 26 Nov 2024 09:31:56 +0100 Subject: [PATCH 2/4] Remove extra line --- docs/sources/crd.md | 0 docs/tutorials/aws.md | 1 - 2 files changed, 1 deletion(-) create mode 100644 docs/sources/crd.md diff --git a/docs/sources/crd.md b/docs/sources/crd.md new file mode 100644 index 0000000000..e69de29bb2 diff --git a/docs/tutorials/aws.md b/docs/tutorials/aws.md index afe765a695..741c2aaf24 100644 --- a/docs/tutorials/aws.md +++ b/docs/tutorials/aws.md @@ -988,7 +988,6 @@ There are 3 options to control batch size for AWS provider: Default values for flags `aws-batch-change-size-bytes` and `aws-batch-change-size-values` are taken from [AWS documentation](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSLimitations.html#limits-api-requests) for Route53 API. **You should not change those values until you really have to.**
Because those limits are in place, `aws-batch-change-size` can be set to any value: Even if your batch size is `4000` records, your change will be split to separate batches due to bytes/values size limits and apply request will be finished without issues. - ## Using CRD source to manage DNS records in AWS [CRD source](https://github.com/kubernetes-sigs/external-dns/blob/master/docs/contributing/crd-source.md) provides a generic mechanism and declarative way to manage DNS records in AWS using external-dns. From cc937a36aa29b2f105788bbc98494a4c06449cd3 Mon Sep 17 00:00:00 2001 From: juan-vg Date: Tue, 26 Nov 2024 09:43:55 +0100 Subject: [PATCH 3/4] Move CRD-source doc to sources * Also move example to CRD-source doc --- docs/contributing/crd-source.md | 120 ------------ docs/sources/crd.md | 183 ++++++++++++++++++ .../crd}/crd-manifest.yaml | 0 .../crd}/dnsendpoint-aws-example.yaml | 0 .../crd}/dnsendpoint-example.yaml | 0 5 files changed, 183 insertions(+), 120 deletions(-) delete mode 100644 docs/contributing/crd-source.md rename docs/{contributing/crd-source => sources/crd}/crd-manifest.yaml (100%) rename docs/{contributing/crd-source => sources/crd}/dnsendpoint-aws-example.yaml (100%) rename docs/{contributing/crd-source => sources/crd}/dnsendpoint-example.yaml (100%) diff --git a/docs/contributing/crd-source.md b/docs/contributing/crd-source.md deleted file mode 100644 index 40e3814a5b..0000000000 --- a/docs/contributing/crd-source.md +++ /dev/null @@ -1,120 +0,0 @@ -# CRD Source - -CRD source provides a generic mechanism to manage DNS records in your favourite DNS provider supported by external-dns. - -### Details - -CRD source watches for a user specified CRD to extract [Endpoints](https://github.com/kubernetes-sigs/external-dns/blob/HEAD/endpoint/endpoint.go) from its `Spec`. -So users need to create such a CRD and register it to the kubernetes cluster and then create new object(s) of the CRD specifying the Endpoints. - -### Registering CRD - -Here is typical example of [CRD API type](https://github.com/kubernetes-sigs/external-dns/blob/HEAD/endpoint/endpoint.go) which provides Endpoints to `CRD source`: - -```go -type TTL int64 -type Targets []string -type ProviderSpecificProperty struct { - Name string `json:"name,omitempty"` - Value string `json:"value,omitempty"` -} -type ProviderSpecific []ProviderSpecificProperty -type Labels map[string]string - -type Endpoint struct { - // The hostname of the DNS record - DNSName string `json:"dnsName,omitempty"` - // The targets the DNS record points to - Targets Targets `json:"targets,omitempty"` - // RecordType type of record, e.g. CNAME, A, SRV, TXT etc - RecordType string `json:"recordType,omitempty"` - // TTL for the record - RecordTTL TTL `json:"recordTTL,omitempty"` - // Labels stores labels defined for the Endpoint - // +optional - Labels Labels `json:"labels,omitempty"` - // ProviderSpecific stores provider specific config - // +optional - ProviderSpecific ProviderSpecific `json:"providerSpecific,omitempty"` -} - -type DNSEndpointSpec struct { - Endpoints []*Endpoint `json:"endpoints,omitempty"` -} - -type DNSEndpointStatus struct { - // The generation observed by the external-dns controller. - // +optional - ObservedGeneration int64 `json:"observedGeneration,omitempty"` -} - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// DNSEndpoint is the CRD wrapper for Endpoint -// +k8s:openapi-gen=true -// +kubebuilder:resource:path=dnsendpoints -// +kubebuilder:subresource:status -type DNSEndpoint struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - Spec DNSEndpointSpec `json:"spec,omitempty"` - Status DNSEndpointStatus `json:"status,omitempty"` -} - -``` - -Refer to [kubebuilder](https://github.com/kubernetes-sigs/kubebuilder) to create and register the CRD. - -### Usage - -One can use CRD source by specifying `--source` flag with `crd` and specifying the ApiVersion and Kind of the CRD with `--crd-source-apiversion` and `crd-source-kind` respectively. -for e.g: - -``` -$ build/external-dns --source crd --crd-source-apiversion externaldns.k8s.io/v1alpha1 --crd-source-kind DNSEndpoint --provider inmemory --once --dry-run -``` - -### Creating DNS Records - -Create the objects of CRD type by filling in the fields of CRD and DNS record would be created accordingly. - -### Example - -Here is an example [CRD manifest](crd-source/crd-manifest.yaml) generated by kubebuilder. -Apply this to register the CRD - -``` -$ kubectl apply --validate=false -f docs/contributing/crd-source/crd-manifest.yaml -customresourcedefinition.apiextensions.k8s.io "dnsendpoints.externaldns.k8s.io" created -``` - -Then you can create the dns-endpoint yaml similar to [dnsendpoint-example](crd-source/dnsendpoint-example.yaml) - -``` -$ kubectl apply -f docs/contributing/crd-source/dnsendpoint-example.yaml -dnsendpoint.externaldns.k8s.io "examplednsrecord" created -``` - -Run external-dns in dry-mode to see whether external-dns picks up the DNS record from CRD. - -``` -$ build/external-dns --source crd --crd-source-apiversion externaldns.k8s.io/v1alpha1 --crd-source-kind DNSEndpoint --provider inmemory --once --dry-run -INFO[0000] running in dry-run mode. No changes to DNS records will be made. -INFO[0000] Connected to cluster at https://192.168.99.100:8443 -INFO[0000] CREATE: foo.bar.com 180 IN A 192.168.99.216 -INFO[0000] CREATE: foo.bar.com 0 IN TXT "heritage=external-dns,external-dns/owner=default" -``` - -### RBAC configuration - -If you use RBAC, extend the `external-dns` ClusterRole with: -``` -- apiGroups: ["externaldns.k8s.io"] - resources: ["dnsendpoints"] - verbs: ["get","watch","list"] -- apiGroups: ["externaldns.k8s.io"] - resources: ["dnsendpoints/status"] - verbs: ["*"] -``` diff --git a/docs/sources/crd.md b/docs/sources/crd.md index e69de29bb2..379741b9a5 100644 --- a/docs/sources/crd.md +++ b/docs/sources/crd.md @@ -0,0 +1,183 @@ +# CRD Source + +CRD source provides a generic mechanism to manage DNS records in your favourite DNS provider supported by external-dns. + +### Details + +CRD source watches for a user specified CRD to extract [Endpoints](https://github.com/kubernetes-sigs/external-dns/blob/HEAD/endpoint/endpoint.go) from its `Spec`. +So users need to create such a CRD and register it to the kubernetes cluster and then create new object(s) of the CRD specifying the Endpoints. + +### Registering CRD + +Here is typical example of [CRD API type](https://github.com/kubernetes-sigs/external-dns/blob/HEAD/endpoint/endpoint.go) which provides Endpoints to `CRD source`: + +```go +type TTL int64 +type Targets []string +type ProviderSpecificProperty struct { + Name string `json:"name,omitempty"` + Value string `json:"value,omitempty"` +} +type ProviderSpecific []ProviderSpecificProperty +type Labels map[string]string + +type Endpoint struct { + // The hostname of the DNS record + DNSName string `json:"dnsName,omitempty"` + // The targets the DNS record points to + Targets Targets `json:"targets,omitempty"` + // RecordType type of record, e.g. CNAME, A, SRV, TXT etc + RecordType string `json:"recordType,omitempty"` + // TTL for the record + RecordTTL TTL `json:"recordTTL,omitempty"` + // Labels stores labels defined for the Endpoint + // +optional + Labels Labels `json:"labels,omitempty"` + // ProviderSpecific stores provider specific config + // +optional + ProviderSpecific ProviderSpecific `json:"providerSpecific,omitempty"` +} + +type DNSEndpointSpec struct { + Endpoints []*Endpoint `json:"endpoints,omitempty"` +} + +type DNSEndpointStatus struct { + // The generation observed by the external-dns controller. + // +optional + ObservedGeneration int64 `json:"observedGeneration,omitempty"` +} + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// DNSEndpoint is the CRD wrapper for Endpoint +// +k8s:openapi-gen=true +// +kubebuilder:resource:path=dnsendpoints +// +kubebuilder:subresource:status +type DNSEndpoint struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec DNSEndpointSpec `json:"spec,omitempty"` + Status DNSEndpointStatus `json:"status,omitempty"` +} + +``` + +Refer to [kubebuilder](https://github.com/kubernetes-sigs/kubebuilder) to create and register the CRD. + +### Usage + +One can use CRD source by specifying `--source` flag with `crd` and specifying the ApiVersion and Kind of the CRD with `--crd-source-apiversion` and `crd-source-kind` respectively. +for e.g: + +``` +$ build/external-dns --source crd --crd-source-apiversion externaldns.k8s.io/v1alpha1 --crd-source-kind DNSEndpoint --provider inmemory --once --dry-run +``` + +### Creating DNS Records + +Create the objects of CRD type by filling in the fields of CRD and DNS record would be created accordingly. + +### Example + +Here is an example [CRD manifest](crd/crd-manifest.yaml) generated by kubebuilder. +Apply this to register the CRD + +``` +$ kubectl apply --validate=false -f docs/sources/crd/crd-manifest.yaml +customresourcedefinition.apiextensions.k8s.io "dnsendpoints.externaldns.k8s.io" created +``` + +Then you can create the dns-endpoint yaml similar to [dnsendpoint-example](crd/dnsendpoint-example.yaml) + +``` +$ kubectl apply -f docs/sources/crd/dnsendpoint-example.yaml +dnsendpoint.externaldns.k8s.io "examplednsrecord" created +``` + +Run external-dns in dry-mode to see whether external-dns picks up the DNS record from CRD. + +``` +$ build/external-dns --source crd --crd-source-apiversion externaldns.k8s.io/v1alpha1 --crd-source-kind DNSEndpoint --provider inmemory --once --dry-run +INFO[0000] running in dry-run mode. No changes to DNS records will be made. +INFO[0000] Connected to cluster at https://192.168.99.100:8443 +INFO[0000] CREATE: foo.bar.com 180 IN A 192.168.99.216 +INFO[0000] CREATE: foo.bar.com 0 IN TXT "heritage=external-dns,external-dns/owner=default" +``` + +#### Using CRD source to manage DNS records in different DNS providers + +[CRD source](https://github.com/kubernetes-sigs/external-dns/blob/master/docs/sources/crd.md) provides a generic mechanism and declarative way to manage DNS records in different DNS providers using external-dns. + +**Not all the record types are enabled by default so the required record types must be enabled by using `--managed-record-types`.** + +```bash +external-dns --source=crd \ + --domain-filter=example.com \ + --managed-record-types=A \ + --managed-record-types=CNAME \ + --managed-record-types=NS +``` + +* Example for record type `A` + +```yaml +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: examplearecord +spec: + endpoints: + - dnsName: example.com + recordTTL: 60 + recordType: A + targets: + - 10.0.0.1 +``` + +* Example for record type `CNAME` + +```yaml +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: examplecnamerecord +spec: + endpoints: + - dnsName: test-a.example.com + recordTTL: 300 + recordType: CNAME + targets: + - example.com +``` + +* Example for record type `NS` + +```yaml +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: ns-record +spec: + endpoints: + - dnsName: zone.example.com + recordTTL: 300 + recordType: NS + targets: + - ns1.example.com + - ns2.example.com +``` + +### RBAC configuration + +If you use RBAC, extend the `external-dns` ClusterRole with: +``` +- apiGroups: ["externaldns.k8s.io"] + resources: ["dnsendpoints"] + verbs: ["get","watch","list"] +- apiGroups: ["externaldns.k8s.io"] + resources: ["dnsendpoints/status"] + verbs: ["*"] +``` diff --git a/docs/contributing/crd-source/crd-manifest.yaml b/docs/sources/crd/crd-manifest.yaml similarity index 100% rename from docs/contributing/crd-source/crd-manifest.yaml rename to docs/sources/crd/crd-manifest.yaml diff --git a/docs/contributing/crd-source/dnsendpoint-aws-example.yaml b/docs/sources/crd/dnsendpoint-aws-example.yaml similarity index 100% rename from docs/contributing/crd-source/dnsendpoint-aws-example.yaml rename to docs/sources/crd/dnsendpoint-aws-example.yaml diff --git a/docs/contributing/crd-source/dnsendpoint-example.yaml b/docs/sources/crd/dnsendpoint-example.yaml similarity index 100% rename from docs/contributing/crd-source/dnsendpoint-example.yaml rename to docs/sources/crd/dnsendpoint-example.yaml From c9de76be16dd6d69d4d7d3251fbfc570ecfd3962 Mon Sep 17 00:00:00 2001 From: juan-vg Date: Tue, 26 Nov 2024 09:47:07 +0100 Subject: [PATCH 4/4] Link CRD-source example from DNS providers --- docs/tutorials/aws.md | 61 +---------------------- docs/tutorials/cloudflare.md | 61 +---------------------- docs/tutorials/pdns.md | 97 +----------------------------------- 3 files changed, 3 insertions(+), 216 deletions(-) diff --git a/docs/tutorials/aws.md b/docs/tutorials/aws.md index 741c2aaf24..c9dfd997f6 100644 --- a/docs/tutorials/aws.md +++ b/docs/tutorials/aws.md @@ -990,63 +990,4 @@ Because those limits are in place, `aws-batch-change-size` can be set to any val ## Using CRD source to manage DNS records in AWS -[CRD source](https://github.com/kubernetes-sigs/external-dns/blob/master/docs/contributing/crd-source.md) provides a generic mechanism and declarative way to manage DNS records in AWS using external-dns. - -**Not all the record types are enabled by default so we must enable the required record types using `--managed-record-types`.** - -```bash -external-dns --source=crd --provider=aws \ - --domain-filter=example.com \ - --managed-record-types=A \ - --managed-record-types=CNAME \ - --managed-record-types=NS -``` - -* Example for record type `A` - -```yaml -apiVersion: externaldns.k8s.io/v1alpha1 -kind: DNSEndpoint -metadata: - name: examplearecord -spec: - endpoints: - - dnsName: example.com - recordTTL: 60 - recordType: A - targets: - - 10.0.0.1 -``` - -* Example for record type `CNAME` - -```yaml -apiVersion: externaldns.k8s.io/v1alpha1 -kind: DNSEndpoint -metadata: - name: examplecnamerecord -spec: - endpoints: - - dnsName: test-a.example.com - recordTTL: 300 - recordType: CNAME - targets: - - example.com -``` - -* Example for record type `NS` - -```yaml -apiVersion: externaldns.k8s.io/v1alpha1 -kind: DNSEndpoint -metadata: - name: ns-record -spec: - endpoints: - - dnsName: zone.example.com - recordTTL: 300 - recordType: NS - targets: - - ns1.example.com - - ns2.example.com -``` +Please refer to the [CRD source documentation](../sources/crd.md#example) for more information. \ No newline at end of file diff --git a/docs/tutorials/cloudflare.md b/docs/tutorials/cloudflare.md index 50b431724b..1415dbf2c6 100644 --- a/docs/tutorials/cloudflare.md +++ b/docs/tutorials/cloudflare.md @@ -310,63 +310,4 @@ If not set the value will default to `global`. ## Using CRD source to manage DNS records in Cloudflare -[CRD source](https://github.com/kubernetes-sigs/external-dns/blob/master/docs/contributing/crd-source.md) provides a generic mechanism and declarative way to manage DNS records in Cloudflare using external-dns. - -**Not all the record types are enabled by default so we must enable the required record types using `--managed-record-types`.** - -```bash -external-dns --source=crd --provider=cloudflare \ - --domain-filter=example.com \ - --managed-record-types=A \ - --managed-record-types=CNAME \ - --managed-record-types=NS -``` - -* Example for record type `A` - -```yaml -apiVersion: externaldns.k8s.io/v1alpha1 -kind: DNSEndpoint -metadata: - name: examplearecord -spec: - endpoints: - - dnsName: example.com - recordTTL: 60 - recordType: A - targets: - - 10.0.0.1 -``` - -* Example for record type `CNAME` - -```yaml -apiVersion: externaldns.k8s.io/v1alpha1 -kind: DNSEndpoint -metadata: - name: examplecnamerecord -spec: - endpoints: - - dnsName: test-a.example.com - recordTTL: 300 - recordType: CNAME - targets: - - example.com -``` - -* Example for record type `NS` - -```yaml -apiVersion: externaldns.k8s.io/v1alpha1 -kind: DNSEndpoint -metadata: - name: ns-record -spec: - endpoints: - - dnsName: zone.example.com - recordTTL: 300 - recordType: NS - targets: - - ns1.example.com - - ns2.example.com -``` +Please refer to the [CRD source documentation](../sources/crd.md#example) for more information. \ No newline at end of file diff --git a/docs/tutorials/pdns.md b/docs/tutorials/pdns.md index d239c3f07a..189f090c73 100644 --- a/docs/tutorials/pdns.md +++ b/docs/tutorials/pdns.md @@ -176,99 +176,4 @@ $ dig @${PDNS_FQDN} echo.example.com. ## Using CRD source to manage DNS records in PowerDNS -[CRD source](https://github.com/kubernetes-sigs/external-dns/blob/master/docs/contributing/crd-source.md) provides a generic mechanism and declarative way to manage DNS records in PowerDNS using external-dns. - -Not all the record types are enabled by default so we can enable the required record types using `--managed-record-types`. - -```bash -external-dns --source=crd --provider=pdns \ - --pdns-server={{ pdns-api-url }} \ - --pdns-api-key={{ pdns-api-key }} \ - --domain-filter=example.com \ - --managed-record-types=A \ - --managed-record-types=CNAME \ - --managed-record-types=TXT \ - --managed-record-types=MX \ - --managed-record-types=SRV -``` - -* Example for record type `A` - -```yaml -apiVersion: externaldns.k8s.io/v1alpha1 -kind: DNSEndpoint -metadata: - name: examplearecord -spec: - endpoints: - - dnsName: example.com - recordTTL: 60 - recordType: A - targets: - - 10.0.0.1 -``` - -* Example for record type `CNAME` - -```yaml -apiVersion: externaldns.k8s.io/v1alpha1 -kind: DNSEndpoint -metadata: - name: examplecnamerecord -spec: - endpoints: - - dnsName: test-a.example.com - recordTTL: 300 - recordType: CNAME - targets: - - example.com -``` - -* Example for record type `TXT` - -```yaml -apiVersion: externaldns.k8s.io/v1alpha1 -kind: DNSEndpoint -metadata: - name: exampletxtrecord -spec: - endpoints: - - dnsName: example.com - recordTTL: 3600 - recordType: TXT - targets: - - '"v=spf1 include:spf.protection.example.com include:example.org -all"' - - '"apple-domain-verification=XXXXXXXXXXXXX"' -``` - -* Example for record type `MX` - -```yaml -apiVersion: externaldns.k8s.io/v1alpha1 -kind: DNSEndpoint -metadata: - name: examplemxrecord -spec: - endpoints: - - dnsName: example.com - recordTTL: 3600 - recordType: MX - targets: - - "10 mailhost1.example.com" -``` - -* Example for record type `SRV` - -```yaml -apiVersion: externaldns.k8s.io/v1alpha1 -kind: DNSEndpoint -metadata: - name: examplesrvrecord -spec: - endpoints: - - dnsName: _service._tls.example.com - recordTTL: 180 - recordType: SRV - targets: - - "100 1 443 service.example.com" -``` \ No newline at end of file +Please refer to the [CRD source documentation](../sources/crd.md#example) for more information. \ No newline at end of file