Recursive ingress hostname for record value

[davimmt]

I'm provisioning an AWS EKS cluster with Kong Ingress and ExternalDNS. I want the ingress tied to an Application Load Balancer (not Classic). Problem is, as per AWS EKS limitations (correct me if wrong), ingresses such as Kong or NGINX aren't able to create an ALB, only NLB or CLB.

The workaround is to use AWS Ingress ALB Controller to issue an Application Load Balancer and point it to the ingress service controller.

The architecture would be something like: ALB (created by AWS ALB Ingress Controller) → Kong Controller Service → Kong IngressClass → Ingress (kubernetes object; per application) → ClusterIP Service (kubernetes object; per application)

Example: ALB (created by AWS ALB Ingress Controller)

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: aws-alb-ingress
  namespace: kong
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internal
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}]'
spec:
  rules:
    - http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: kong-proxy
                port:
                  name: kong-proxy

Service kong-proxy generated by Helm or whatever, pointing to Kong pod controller

Ingress (kubernetes object; per application)

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: app-a
  annotations:
    kubernetes.io/ingress.class: kong
spec:
   rules:
   - host: app-a.example.com
     http:
       paths:
       - path: /
         pathType: Prefix
         backend:
           service:
             name: app-a
             port:
               name: http

ClusterIP Service (kubernetes object; per application)

apiVersion: v1
kind: Service
metadata:
  name: app-a
  annotations:
  labels:
    app: app-a
spec:
  type: ClusterIP
  selector:
    app: app-a
  ports:
  - name: http
    port: 80
    protocol: TCP
    targetPort: 8080

In this kind of architecture, the Ingress app-a will get the address from the Kong controller service's ClusterIP, so thats the IP that ExternalDNS will use to create the DNS records, but the real domain name to be used is from the Ingress aws-alb-ingress. Is there any way to go around this issue?

[davimmt]

Also, I can probably add a bunch of annotations to Ingress aws-alb-ingress defining all the hosts to be added and it would work, but I'd rather this be granularly-based (each app ingress with its own host), such as it wolud if I were to use CLB.

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue or PR as fresh with /remove-lifecycle stale
• Mark this issue or PR as rotten with /lifecycle rotten
• Close this issue or PR with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[k8s-triage-robot]

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue or PR as fresh with /remove-lifecycle rotten
• Close this issue or PR with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

[k8s-triage-robot]

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Reopen this issue with /reopen
• Mark this issue as fresh with /remove-lifecycle rotten
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close not-planned

[k8s-ci-robot]

@k8s-triage-robot: Closing this issue, marking it as "Not Planned".

In response to [this](https://github.com/kubernetes-sigs/external-dns/issues/3076#issuecomment-1462414450): >The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. > >This bot triages issues according to the following rules: >- After 90d of inactivity, `lifecycle/stale` is applied >- After 30d of inactivity since `lifecycle/stale` was applied, `lifecycle/rotten` is applied >- After 30d of inactivity since `lifecycle/rotten` was applied, the issue is closed > >You can: >- Reopen this issue with `/reopen` >- Mark this issue as fresh with `/remove-lifecycle rotten` >- Offer to help out with [Issue Triage][1] > >Please send feedback to sig-contributor-experience at [kubernetes/community](https://github.com/kubernetes/community). > >/close not-planned > >[1]: https://www.kubernetes.dev/docs/guide/issue-triage/ Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.