search

kubernetes-sigs / external-dns

Configure external DNS servers (AWS Route53, Google CloudDNS and others) for Kubernetes Ingresses and Services
Apache License 2.0
7.43k stars 2.52k forks source link

Add cloudflare-proxied annotation to service #3956

Open chrxmvtik opened 9 months ago

chrxmvtik commented 9 months ago

What would you like to be added:

Service object should have possibility to set external-dns.alpha.kubernetes.io/cloudflare-proxied flag.

Why is this needed:

The only way to enable cloudflare proxy is to set it up on the ingress configuration or specify it globally within deployment, however some services are not exposed by ingress whereas service is more than enough.

lucasfcnunes commented 9 months ago

It already works via annotations...

apiVersion:
kind: Service|Ingress|...
metadata:
  annotations:
    external-dns.alpha.kubernetes.io/hostname: example.com
    external-dns.alpha.kubernetes.io/ttl: '120'
    external-dns.alpha.kubernetes.io/cloudflare-proxied: 'true'

Have you quoted the true value as above?

chrxmvtik commented 9 months ago

It already works via annotations...

apiVersion:
kind: Service|Ingress|...
metadata:
  annotations:
    external-dns.alpha.kubernetes.io/hostname: example.com
    external-dns.alpha.kubernetes.io/ttl: '120'
    external-dns.alpha.kubernetes.io/cloudflare-proxied: 'true'

Have you quoted the true value as above?

Yes, of course I tried, as I mentioned above, it works for Ingress object, but not for Service object.

If that matters, I am using nginx-ingress controller (not ingress-nginx)

Here are some code snippets:

apiVersion: v1
kind: Service
metadata:
  annotations:
    external-dns.alpha.kubernetes.io/hostname:  argocd.xxx.dev
    external-dns.alpha.kubernetes.io/endpoints-type: HostIP
    external-dns.alpha.kubernetes.io/cloudflare-proxied: "true"

external-dns deployment flags:

  '--log-level=debug',
  '--source=service',
  '--source=ingress',
  '--request-timeout=60s',
  '--domain-filter=xxx.dev',
  '--zone-id-filter=0123456789',
  '--provider=cloudflare',
lucasfcnunes commented 9 months ago

It works for me. I'm using the latest version (external-dns/external-dns version=1.13.1, appVersion: 0.13.6).

Does it sync to the correct IP in cloudflare (kubectl get svc -o wide)?

chrxmvtik commented 9 months ago

It works for me. I'm using the latest version (external-dns/external-dns version=1.13.1, appVersion: 0.13.6).

Does it sync to the correct IP in cloudflare (kubectl get svc -o wide)?

Funny thing, I've been making some changes and figured out that:

  1. Using --cloudflare-proxied flag within deployment + using cloudflare-proxied (true) annotation it will create/update records with proxy disabled - which is weird behaviour.

  2. Using --cloudflare-proxied flag within deployment + using cloudflare-proxied (false) annotation it will create/update records with proxy disabled - OK.

  3. Using --cloudflare-proxied flag within deployment without using any cloudflare-proxied annotation with values true or false will create/update - OK

I am also using external-dns v0.13.6

lucasfcnunes commented 9 months ago

Seems like a bug

k8s-triage-robot commented 5 months ago

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

You can:

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot commented 4 months ago

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

You can:

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

lucasfcnunes commented 4 months ago

/remove-lifecycle stale

lucasfcnunes commented 4 months ago

@chrxmvtik, did you find a solution or/and v0.14.0 fixed it for you?

lucasfcnunes commented 4 months ago

/remove-lifecycle rotten

fingalickn commented 1 month ago

Running into this issue as well now. Prs welcome?

fingalickn commented 1 month ago

Funny thing, I've been making some changes and figured out that:

Using --cloudflare-proxied flag within deployment + using cloudflare-proxied (true) annotation it will create/update records with proxy disabled - which is weird behaviour.

@chrxmvtik any chance you've checked the logs when this happens and found and error message like 

    "Failed to parse annotation [external-dns.alpha.kubernetes.io/cloudflare-proxied]: ...",
chrxmvtik commented 1 month ago

Funny thing, I've been making some changes and figured out that: Using --cloudflare-proxied flag within deployment + using cloudflare-proxied (true) annotation it will create/update records with proxy disabled - which is weird behaviour.

@chrxmvtik any chance you've checked the logs when this happens and found and error message like

  "Failed to parse annotation [external-dns.alpha.kubernetes.io/cloudflare-proxied]: ...",

Sadly I don't remember this anymore. I moved to another project which didn't make use of cloudflare and didn't come back to it from then. :(

szuecs commented 5 days ago

not sure if it is a new feature or an old bug