Use ExternalDNS as drop-in for dns-controller #11859
Conversation
k8s-ci-robot
added
cncf-cla: yes
k8s-ci-robot
added
area/addons
area/provider/aws
olemarkus
changed the title
k8s-ci-robot
added
do-not-merge/work-in-progress
olemarkus
force-pushed
the
external-dns-provider
branch
from
afbade3
to
95be3f8
Compare
k8s-ci-robot
added
size/XXL
|
The external-dns docs/faq.md should be updated to fix "Compatibility mode with Kops DNS Controller is planned to be added in the future." Currently dns-controller has to watch all the pods in the cluster in order to find the annotations. It's unfortunate we're making external-dns do the same. Could we migrate to using labels instead? I think we should deprecate dns-controller's functionality for services and ingresses, in favor of having people use external-dns's API directly. |
|
I think it would be good to have a discussion on how we can use external-dns without compatibility mode, and what the future role of dns-controller may be (e.g it could become a gossip-only thing). But alone, this PR will make it easier for us to support other DNS providers, and for other cloud providers to not have to implement DNS provider logic in dns-controller. |
|
kOps relies on DNS to NodePort pods, which external-dns doesn't support without compatibility mode. I think it would be better for external-dns to implement a native mechanism for NodePort pods using labels than for it to implement a compatibility mode for the dns-controller API. |
|
I am not sure replacing annotations with labels is the right thing to do. But one could add a label selector to the pod source to limit what it watches. That way we could feed it a common label we set on the CP pods (by default) for example. |
olemarkus
force-pushed
the
external-dns-provider
branch
3 times, most recently
from
36fa560
to
cb6bd17
Compare
k8s-ci-robot
added
the
needs-rebase
olemarkus
force-pushed
the
external-dns-provider
branch
from
cb6bd17
to
cd8b671
Compare
k8s-ci-robot
removed
the
needs-rebase
olemarkus
force-pushed
the
external-dns-provider
branch
from
cd8b671
to
7f3ef0d
Compare
k8s-ci-robot
added
the
needs-rebase
olemarkus
force-pushed
the
external-dns-provider
branch
from
7f3ef0d
to
a491021
Compare
k8s-ci-robot
removed
the
needs-rebase
|
/retest |
4 similar comments
|
/retest |
|
/retest |
|
/retest |
|
/retest |
|
/test pull-kops-e2e-cni-amazonvpc |
olemarkus
force-pushed
the
external-dns-provider
branch
from
7506f07
to
6abae67
Compare
|
/cc @rifelpet |
olemarkus
force-pushed
the
external-dns-provider
branch
from
6abae67
to
67b1ace
Compare
Co-authored-by: Peter Rifel <rifelpet@users.noreply.github.com>
olemarkus
force-pushed
the
external-dns-provider
branch
from
6fe233f
to
b3982e1
Compare
|
/retest |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: rifelpet The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
Can you add a prow job for this? It should be pretty simple |
|
That's absolutely on my agenda 😄 |
All the changes needed should now be in externalDNS. The remaining work is mainly being able to define DNS provider in the cluster spec.
This will probably never work for gossip clusters though.