Closed gtomilko closed 1 year ago
What happened: I have Headless service annotated with external-dns entries:
apiVersion: v1 kind: Service metadata: annotations: external-dns.alpha.kubernetes.io/hostname: host.domain.edu external-dns.alpha.kubernetes.io/ttl: "180" name: cplane-for-dns namespace: kube-system spec: clusterIP: None clusterIPs: - None internalTrafficPolicy: Cluster ipFamilies: - IPv4 ipFamilyPolicy: SingleStack ports: - name: api-port port: 6443 protocol: TCP targetPort: 6443 selector: component: kube-apiserver sessionAffinity: None type: ClusterIP
External-dns publishes all dns records for this service as it should:
level=info msg="Adding RR: host.domain.edu 180 A 192.168.50.177" level=info msg="Adding RR: host.domain.edu 180 A 192.168.50.202" level=info msg="Adding RR: host.domain.edu 180 A 192.168.50.248" level=info msg="Adding RR: host.domain.edu 0 TXT \"heritage=external-dns,external-dns/owner=default,external-dns/resource=service/kube-system/cplane-for-dns\"" level=info msg="Adding RR: a-host.domain.edu 0 TXT \"heritage=external-dns,external-dns/owner=default,external-dns/resource=service/kube-system/cplane-for-dns\"" level=info msg="Adding RR: host.domain.edu 180 A 192.168.50.177" level=info msg="Adding RR: host.domain.edu 180 A 192.168.50.202" level=info msg="Adding RR: host.domain.edu 180 A 192.168.50.248" level=info msg="Adding RR: host.domain.edu 0 TXT \"heritage=external-dns,external-dns/owner=default,external-dns/resource=service/kube-system/cplane-for-dns\"" level=info msg="Adding RR: a-host.domain.edu 0 TXT \"heritage=external-dns,external-dns/owner=default,external-dns/resource=service/kube-system/cplane-for-dns\""
What you expected to happen: As my nodes with this service get created and deleted I expect dns records to be created and removed. But records get created and never removed. Policy set to sync.
Here is external-dns config:
apiVersion: v1 kind: Pod metadata: labels: app.kubernetes.io/instance: external-dns app.kubernetes.io/name: external-dns pod-template-hash: 664f757fc7 name: external-dns-664f757fc7-6glvw namespace: external-dns spec: containers: - args: - --log-level=info - --log-format=text - --interval=1m - --source=service - --source=ingress - --policy=sync - --registry=txt - --provider=rfc2136 - --rfc2136-host=192.168.96.5 - --rfc2136-port=53 - --rfc2136-zone=domain.edu - --rfc2136-insecure image: my-internal-registry/internal-infrastructure/external-dns:v0.13.2 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 2 httpGet: path: /healthz port: http scheme: HTTP initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 name: external-dns ports: - containerPort: 7979 name: http protocol: TCP readinessProbe: failureThreshold: 6 httpGet: path: /healthz port: http scheme: HTTP initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: {} securityContext: capabilities: drop: - ALL readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 65534 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-dxpk2 readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true nodeName: gc-dev-dev-worker-81f8f675-ph82s preemptionPolicy: PreemptLowerPriority priority: 0 restartPolicy: Always schedulerName: default-scheduler securityContext: fsGroup: 65534 serviceAccount: external-dns serviceAccountName: external-dns terminationGracePeriodSeconds: 30 tolerations: - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - name: kube-api-access-dxpk2 projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace
Kubernetes engine Rancher/RKE2 ExternalDns version: 0.13.2 DNS provider: rfc2136 , EfficientIP SOLIDserver/Bind
Please advise (((
Figured out, zone transfer was disabled on bind server
What happened: I have Headless service annotated with external-dns entries:
External-dns publishes all dns records for this service as it should:
What you expected to happen:
As my nodes with this service get created and deleted I expect dns records to be created and removed. But records get created and never removed. Policy set to sync.
Here is external-dns config:
Kubernetes engine Rancher/RKE2
ExternalDns version: 0.13.2
DNS provider: rfc2136 , EfficientIP SOLIDserver/Bind
Please advise (((