feat: resolve LB-type Service hostname to create A/AAAA instead of CNAME #3554
Conversation
k8s-ci-robot
added
the
do-not-merge/work-in-progress
k8s-ci-robot
added
cncf-cla: yes
k8s-ci-robot
removed
the
do-not-merge/work-in-progress
|
I'm sorry, I can't seem to get what you are trying to solve here. On AWS much better solution is Aliases. About resolving - the only place where it "can" work as duct tape - with domain/zone name. Because we can not create CNAME Record Thanks! |
|
FWIW, I think this PR is trying to solve the exact same issue as #2050. |
Never mind. I initially though the approach was related since I saw EKS, LoadBalancer-type Service and AAAA. While it may have been tangentially related, it doesn't seem to be solving the same problem. |
|
@nefelim4ag Thanks for taking a look! My specific use case is that I want to create Cloudflare DNS records for AWS NLB. The problem I ran into is that Cloudflare does not allow With this PR, the workaround is to not create The feature flag I added is meant to be a generic solution regardless of which DNS providers the user want. Thus, I instrumented the DNS resolution in the |
|
Hey @cxuu thanks for your PR. This would solve my problem with hetzner where i have to set the "load-balancer.hetzner.cloud/hostname: " annotation to fix some issues (see hetznercloud/hcloud-cloud-controller-manager#160). This causes external-dns to create CNAME records instead of A records which does not work for apex: Edit: This PR currently only implements the dns resolution for Services, for fixing my issue with Hetzner i would need the same for Ingresses. |
|
@cxuu i just build an image for this PR and i found one bug. You named the argument "resolve-lb-hostname" in go but "resolve-load-balancer-hostname" in the helm chart. I would also consider either renaming the argument to resolve-service-load-balancer-hostname or adjust the behaviour so it works for ingresses to. Antoher option would be to add 2 arguments for enabling this seperatly for services/ingresses but i do not see a usecase for this. |
|
@benedikt-bartscher Thank you for the bug report! I have fixed it in 5e6f1a8. I have also renamed the option to |
cxuu
force-pushed
the
resolve-lb-hostname
branch
from
1cf6530 to
5e6f1a8
Compare
|
/ok-to-test |
k8s-ci-robot
added
the
ok-to-test
|
/approve |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: cxuu, szuecs The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
@szuecs sorry I wasn't able to review this with you but I don't usually accept combined merges with code changes and Helm chart config. @cxuu we don't accept flags as structure inputs unless they're required so I'm going to open a PR to remove the submitted Helm chart changes. Please use |
|
I would think about writing a seperate function which does the DNS Lookups. This function could then be used for both, Service and Ingress Resources. We could also implement a configureable timeout for the DNS Lookups. |
Description
This PR adds an optional feature (turned off by default).
On EKS for example, the LoadBalancer-type Service object will not have external IP addresses but external hostnames. In this case, external-dns will always create an
Endpoint(an external-dns concept, see its go struct) whoseRecordTypeisCNAME. But the user might want to createAorAAAArecords instead, and perhaps on a different DNS provider (e.g. Cloudflare) than the cluster provider (e.g. AWS).This PR adds an optional feature that allows external-dns to resolve the LB hostname into IP addresses before creating the
Endpointstruct.Fixes #ISSUE
Checklist