85 lines
4.1 KiB
Markdown
85 lines
4.1 KiB
Markdown
---
|
|
title: External-DNS Setup Guide
|
|
---
|
|
|
|
ExternalDNS synchronizes exposed Kubernetes Services and Ingresses with DNS providers.
|
|
|
|
## What it does?
|
|
|
|
Inspired by Kubernetes DNS, Kubernetes' cluster-internal DNS server, ExternalDNS makes Kubernetes resources discoverable via public DNS servers. Like KubeDNS, it retrieves a list of resources (Services, Ingresses, etc.) from the Kubernetes API to determine a desired list of DNS records. Unlike KubeDNS, however, it's not a DNS server itself, but merely configures other DNS providers accordingly—e.g. AWS Route 53 or Google Cloud DNS.
|
|
|
|
### Prerequisites (required for Support on TrueCharts Discord)
|
|
|
|
- Traefik
|
|
- Clusterissuer / Cert-manager installed (vital if exposed externally)
|
|
|
|
Please follow the [Getting Started](/scale/) guide on the [Truecharts](https://truecharts.org) website.
|
|
|
|
## Installation instructions
|
|
|
|
This guide will cover 2 scenarios, `Cloudflare` and `Pi-Hole` / `Pihole`, for more external DNS record providers, see [External-DNS Docs](https://github.com/kubernetes-sigs/external-dns/tree/master/docs/tutorials).
|
|
|
|
### Cloudflare
|
|
|
|
These instructions taken from [external-dns cloudflare tutorial](https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/cloudflare.md)
|
|
|
|
#### Step 1
|
|
|
|
Enter `CF_API_TOKEN` (preferred) or `CF_API_EMAIL`/`CF_API_KEY`
|
|
|
|
![Cloudflare API Token](./img/Cloudflare-API-token.png)
|
|
|
|
#### Step 2
|
|
|
|
Enter preferences for Logs and DNS updates (I suggest >5m to prevent log spam) and select `cloudflare` as provider and select sources. I find `ingress` and `service` covers everything. If you want to filter by multiple domains add your `Domain Filter Entry`
|
|
|
|
![Cloudflare App Config 1](./img/Cloudflare-App-Config-1.png)
|
|
|
|
I recommend using `noop` for `Registry Type` and leaving the rest as default, can add DNS Zone filters as necessary as well (see upstream/cloudflare docs).
|
|
|
|
![Cloudflare App Config 2](./img/Cloudflare-App-Config-2.png)
|
|
|
|
#### Step 3
|
|
|
|
Verify it works, check the logs for updates to DNS records
|
|
|
|
```shell
|
|
2023-11-07 09:36:07.165596-05:00time="2023-11-07T09:36:07-05:00" level=info msg="Instantiating new Kubernetes client"
|
|
2023-11-07 09:36:07.165633-05:00time="2023-11-07T09:36:07-05:00" level=info msg="Using inCluster-config based on serviceaccount-token"
|
|
2023-11-07 09:36:07.165850-05:00time="2023-11-07T09:36:07-05:00" level=info msg="Created Kubernetes client https://172.17.0.1:443"
|
|
2023-11-07 09:36:08.958946-05:00time="2023-11-07T09:36:08-05:00" level=info msg="Changing record." action=CREATE record=seafile.DOMAIN.com ttl=1 type=A zone=d959ce24eb85d78a7f527b6150446335
|
|
```
|
|
|
|
If this works, you'll see DNS entries inside Cloudflare's DNS page.
|
|
|
|
### PiHole
|
|
|
|
#### Step 1
|
|
|
|
Ignore Provider Credentials, and skip straight to `App Configuration` and select `pihole`, add domain filters as necessary
|
|
|
|
![PiHole App Config 1](./img/PiHole-Config-1.png)
|
|
|
|
Change to `noop` for `Registry Type` and add `PiHole Server Address` (default is `http://pihole.ix-pihole.svc.cluster.local:9089`) and `PiHole Server Password`
|
|
|
|
![PiHole App Config 2](./img/PiHole-Config-2.png)
|
|
|
|
#### Step 2
|
|
|
|
Verify logs from `External-DNS` to see if it connects and updates `PiHole`
|
|
|
|
```shell
|
|
d:false IBMCloudConfigFile:/etc/kubernetes/ibmcloud.json TencentCloudConfigFile:/etc/kubernetes/tencent-cloud.json TencentCloudZoneType: PiholeServer:http://pihole.ix-pihole.svc.cluster.local:9089 PiholePassword:****** PiholeTLSInsecureSkipVerify:false PluralCluster: PluralProvider:}"
|
|
2023-11-07 10:29:07.801555-05:00time="2023-11-07T10:29:07-05:00" level=info msg="Instantiating new Kubernetes client"
|
|
2023-11-07 10:29:07.801568-05:00time="2023-11-07T10:29:07-05:00" level=info msg="Using inCluster-config based on serviceaccount-token"
|
|
2023-11-07 10:29:07.801861-05:00time="2023-11-07T10:29:07-05:00" level=info msg="Created Kubernetes client https://172.17.0.1:443"
|
|
2023-11-07 10:29:08.008741-05:00time="2023-11-07T10:29:08-05:00" level=info msg="add firezone.DOMAIN.com IN A -> 192.168.88.105"
|
|
2023-11-07 10:29:10.048171-05:00time="2023-11-07T10:29:10-05:00" level=info msg="add scrutiny.DOMAIN.com IN A -> 192.168.88.105"
|
|
```
|
|
|
|
Check `PiHole` GUI for A records under `Local DNS`
|
|
|
|
![PiHole-GUI](./img/PiHole-GUI.png)
|
|
|
|
Enjoy!
|