external-dns-azure-kubernetes-service-azure-dns/

[utterances-bot]

External-DNS with Azure Kubernetes Service and Azure DNS · Thorsten Hans' blog

See how to deploy and configure External-DNS to Azure Kubernetes Service (AKS) to get your Azure DNS managed automatically.

https://www.thorsten-hans.com/external-dns-azure-kubernetes-service-azure-dns/

[Salah-boutayeb]

hello there, can we use that external domain to post payload from github webhook

[ThorstenHans]

@Salah-boutayeb what exactly do you mean? Basically you end up with something like this

• Domain Registrar Nameservers are replaced with Azure DNS Nameserver entries
• Azure DNS entries point requests to your custom domain to the IP address of the Ingress Controller
• From here you need an ingress rule matching your custom domain that instructs the ingress to proxy requests to a particular application running in a container

If that custom API running inside a container is able to process GitHub WebHooks, you're good to go

[umenit-dev]

Hello i followed the exact steps but the url says We can’t connect to the server check firewall rule or try again could you please help me out as could be that i didn't add my name servers to the domain

[Marcurion]

Hi Thorsten,

great tutorial, I followed until the last step and got all the expected intermediate outputs.

The curl test fails with a timeout for me for the sample. subdomain. Non-existent subdomains (like sample2. ) fail immediately with "Could not resolve host"

dig sample. returns me the correct public ip address of Nginx, so domain nameserver was successfully transferred.

Network security group also looks fine I think: https://ibb.co/gJHZ5mn

So my guess is either Nginx does not redirect the request or the Alpine image ignores it. Is there a way to debug the way the request takes further?

[Marcurion]

Okay small update:

I think I can rule out the sample application, I replaced it with a simple flask web image I had around, and the results are the same.

I increased the log level on Nginx to 5 by adjusting the YAML in the Azure webinerface

containers:
        - name: controller
          image: >-
            registry.k8s.io/ingress-nginx/controller:v1.9.1@sha256:605a737877de78969493a4b1213b21de4ee425d2926906857b98050f57a95b25
          args:
            - /nginx-ingress-controller
            - --v=5

and my request seem (not really experienced at interpreting Nginx logs) to cause an instant 404 even though the curl request takes ages to time out. From Nginx's live log: https://zerobin.org/?35c8b1532b18657b#G8gZT66QvA4CkQ1KArjaEhAa8zmvsdrwUofEn3Z23PD8 Again I am not familiar with AKS subnets but the X-Forwarded-Host and similar IPs from the logs do not resemble the endpoint IPs of my sample applications I see in the Azure web interface...

Also connected to my Nginx pod and read the config, but can't really judge if it is correct

kubectl exec --stdin --tty nginx-ingress-ingress-nginx-controller-5cbd874465-xp6sp -- /bin/bash
cat nginx.conf

Output: https://zerobin.org/?c04e4471d23f46df#341AMZxkrM2UzDTLXWJSK6sarb19fPvHnFSAV6ZWMsFf

Also tried to roll back the images to a version from when the article was published, but Helm won't let me:

helm search repo ingress-nginx -l

only covers versions back until 2.0.0

[Marcurion]

Okay, after some consulting, it seems like this configuration currently needs one ingress rule without a host definition to work. This will expose one service via the IP address, but if it concerns you, you can just put a dummy there. If you do want to provide this host-less ingress rule with a DNS entry you can use the following annotation:

kind: Ingress
metadata:
  name: hostless-rule
  annotations:
    external-dns.alpha.kubernetes.io/hostname: subdomain.<Your Domain>

Otherwise, here is an alternative sample-app.yaml that defines an otherwise redundant (apart from that it makes this setup work) hostless-rule. Further pods & subdomains can be added as usual via host, you only need one hostless-rule in your cluster.

apiVersion: v1
kind: Pod
metadata:
  name: webserver
  labels:
    app: nginx
    name: sample
spec:
  containers:
  - name: main
    image: nginx:alpine
    resources:
      limits:
        memory: "64Mi"
        cpu: "200m"
      requests:
        memory: "48Mi"
        cpu: "100m"
    ports:
      - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: web
spec:
  selector:
    app: nginx
    name: sample
  ports:
  - port: 8080
    targetPort: 80
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: sample-rule
  annotations:
    kubernetes.io/ingress.class: "nginx"
spec:
  rules:
    - host: sample.<Your Domain>
      http:
        paths:
          - path: /
            pathType: "Prefix"
            backend:
              service:
                name: web
                port: 
                  number: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: hostless-rule
  annotations:
    kubernetes.io/ingress.class: "nginx"
spec:
  rules:
    - http:
        paths:
          - path: /
            pathType: "Prefix"
            backend:
              service:
                name: web
                port: 
                  number: 8080