yukccy
commented
6 months ago The wildcard record will not create anymore once removed the tls section under spec. I was using the Certificate Discovery feature by tls field. Now I use the Discover vis Ingress host rule method.
Reference: https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/guide/ingress/cert_discovery/
However, I doubt a wildcard record should be created just because of using Discover vis Ingress tls method, as this is just a way of attaching TLS certificate instead of a route. Not sure if this case has been discussed before.
This is my updated ingress.yaml,
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress
annotations:
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 443}]'
alb.ingress.kubernetes.io/load-balancer-name: ingress-test
spec:
ingressClassName: alb
rules:
- host: abc.example.com
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: abc
port:
number: 80
k8s-triage-robot
What happened: I used External-DNS to create DNS records on Route53 for my dynamic environments. It works fine to create the records I need, however, it also creates A and TXT records for
*.example.com.What you expected to happen: Only the records specified in Ingress rule are being created.
For example, in my Ingress rules, there is only one record
abc.example.com. I expect only A and TXT record forabc.example.comwould be created. However, there are 6 records in total, 3 forabc.example.comand 3 for*.example.com.How to reproduce it (as minimally and precisely as possible): My ingress YAML:
Anything else we need to know?: values.yaml for Helm:
Log
Environment:
external-dns --version): v0.14.0, Chart version v1.14.3