-
Notifications
You must be signed in to change notification settings - Fork 0
TOML Configuration
kubernetes-dns-sync accepts a configuration file in TOML format. The configuration specifies how to discover DNS records (sources) and where to push the DNS records (providers). There are three different sections, each described below. Your config file will have at least one of each kind of block.
The configuration file should be named config.toml and is read from the working directory of the process. The Docker image defaults to the root folder (so, /config.toml) unless you select a new working directory when running it.
This config.toml discovers DNS names from Kubernetes Ingress resources (skipping any which don't have ingressClassName: nginx) and creates matching DNS records in Cloudflare. It also uses TXT records as a "registry" to keep track of which records are managed by kubernetes-dns-sync.
[[source]]
type = "ingress"
ingress_class_names = ["nginx"]
[[provider]]
type = "cloudflare"
[registry]
type = "txt"
txt_owner_id = "dns-sync"Further example files can be found in the configs/ directory.
A configuration has one or more [[source]] blocks.
Sources are where the desired DNS names and targets are fetched from.
The only required field is type, and some source types will have additional optional fields.
Currently, every source 'type' is linked to a kind of Kubernetes resource.
Every source accepts an optional annotation_filter which is applied against the resources it operates on.
Most sources also have additional fields which you can specify.
For the full list of sources, see Configuring Sources.
Note: When there are multiple sources, all of the discovered DNS names get combined together into one list.
A configuration has one or more [[provider]] blocks.
Providers are the DNS services that actually serve your DNS records on the Internet.
The primary job of kubernetes-dns-sync is to make changes to your DNS providers via their API.
For the full list of providers, see Configuring Providers.
Note: When there are multiple providers, each of them are operated on individually. Each provider will receive the combined DNS names from all configured sources. So if a DNS zone exists in more than one provider, the records will get duplicated across them. Check out Using Multiple Providers for more details.
A valid configuration will have exactly one [registry] block.
The registry allows you to have a DNS sync program share a DNS zone with others,
such as Terraform, your manually created records, or another DNS sync program
(perhaps running in a different Kubernetes cluster).
For information about the available registry configuration, see Configuring a Registry.
There are a couple extra options which you can add at the top of the file. These concern the timing of the synchronization loop:
# How often to start a sync even if nothing has visibly changed from a Source.
# This interval is useful for fixing any accidental changes on the Provider side.
# Defaults to 1 hour, or 1 minute if watching is disabled.
interval_seconds = 60
# Minimum time between event-triggered syncs.
# This helps deduplicate a batch update (a `kubectl apply` of multiple Ingresses).
# Defaults to 2 seconds. A higher value probably makes sense in a noisy cluster.
debounce_seconds = 2
# If you want to disable watching completely,
# and only depend on `interval_seconds`, set this to true.
# A fresh list of resources will be downloaded from the API Server on every iteration.
# Possibly makes sense on super noisy clusters.
disable_watching = false