You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What happened: Current GKE documentation around Workload Identity (ref) has some issues:
grants access to R/W Cloud DNS zones through scopes w/i the same project, making Workload Identity unnecessary
assumes that both GKE cluster and CloudDNS are in the same project, when using GSA can access CloudDNS across projects
inconsistent namespace usage, tutorial uses default, while these instructions use external-dns
setting up nodeSelector for clusters with multiple NodePools is not listed, Workload Identity may not work. (ref)
unecessarily redocuments ExternalDNS deployment and nginx example, when one deployment will work for all scenarios.
binding current user context as a cluster-admin is not a typical required step, no further documentation on this step.
What you expected to happen: I would expect this to be more tightly integrated with the rest of the documentation, such as single-project vs multi-project scenarios, and the later includes Workload SA, static credentials, and Workload Identity. For static variables that are embedded in the instructions, this would be better if these are replacable variables, as it is more clear and consistent.
What happened: Current GKE documentation around Workload Identity (ref) has some issues:
default
, while these instructions useexternal-dns
cluster-admin
is not a typical required step, no further documentation on this step.What you expected to happen: I would expect this to be more tightly integrated with the rest of the documentation, such as single-project vs multi-project scenarios, and the later includes Workload SA, static credentials, and Workload Identity. For static variables that are embedded in the instructions, this would be better if these are replacable variables, as it is more clear and consistent.
How to reproduce it (as minimally and precisely as possible): Follow the steps under https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/gke.md#gke-with-workload-identity.
Anything else we need to know?: Working on a PR to fix this one, can assign this one to me.
Environment:
external-dns --version
): v0.11.0The text was updated successfully, but these errors were encountered: