-
Notifications
You must be signed in to change notification settings - Fork 184
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Suggestion for AWS: use CNAMEs instead of A Alias records in Route53 #364
Comments
A colleague of mine also contributed something similar to the "external-dns" project for plain k8s: https://github.com/kubernetes-sigs/external-dns/blob/master/docs/faq.md#can-i-force-externaldns-to-create-cname-records-for-elbalb Maybe this approach might be useful here as well. |
Interesting. There are also cost considerations (see https://aws.amazon.com/route53/pricing/). |
(Specifically, queries to ALIAS records mapped to ELBs are free.) |
You are right, I discussed it with a colleague a few days ago. Therefore, it possibly would be best to be able to pick between the two choices. |
Issues go stale after 90d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle stale |
Stale issues rot after 30d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle rotten |
Rotten issues close after 30d of inactivity. Reopen the issue by commenting /close |
@openshift-bot: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Hi,
I already opened a similar issue for the OpenShift installer: openshift/installer#3150
The gist is: I'm suggesting to use a CNAME record instead of an A Alias record for the "*.apps.<cluster-url" DNS record in Route53 on AWS since CNAME records conform to the RFC standard while A Alias records (to my knowledge) do not.
Would that be feasible for the cluster-ingress-operator or are there any big advantages to using the A Alias that I'm just not seeing because I cannot use them in my enterprise environment?
Another feasible approach for me would, if we were able to parameterize the operator so that it uses CNAME instead of A Alias. This way, A Alias could still be the default and the impact of the change would be a bit lower.
The text was updated successfully, but these errors were encountered: