Open yukccy opened 6 months ago
The wildcard record will not create anymore once removed the tls
section under spec
. I was using the Certificate Discovery feature by tls
field. Now I use the Discover vis Ingress host rule
method.
Reference: https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/guide/ingress/cert_discovery/
However, I doubt a wildcard record should be created just because of using Discover vis Ingress tls
method, as this is just a way of attaching TLS certificate instead of a route. Not sure if this case has been discussed before.
This is my updated ingress.yaml,
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress
annotations:
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 443}]'
alb.ingress.kubernetes.io/load-balancer-name: ingress-test
spec:
ingressClassName: alb
rules:
- host: abc.example.com
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: abc
port:
number: 80
The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle stale
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
/remove-lifecycle stale
The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle stale
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
What happened: I used External-DNS to create DNS records on Route53 for my dynamic environments. It works fine to create the records I need, however, it also creates A and TXT records for
*.example.com
.What you expected to happen: Only the records specified in Ingress rule are being created.
For example, in my Ingress rules, there is only one record
abc.example.com
. I expect only A and TXT record forabc.example.com
would be created. However, there are 6 records in total, 3 forabc.example.com
and 3 for*.example.com
.How to reproduce it (as minimally and precisely as possible): My ingress YAML:
Anything else we need to know?: values.yaml for Helm:
Log
Environment:
external-dns --version
): v0.14.0, Chart version v1.14.3