search

kubernetes-sigs / external-dns

Configure external DNS servers (AWS Route53, Google CloudDNS and others) for Kubernetes Ingresses and Services
Apache License 2.0
7.73k stars 2.57k forks source link

external-dns.alpha.kubernetes.io/target annotation not works properly on Gateway resources #4687

Open anacelto opened 3 months ago

anacelto commented 3 months ago

What happened: I was trying to set the target using the external-dns.alpha.kubernetes.io/target annotation on a Gateway resource, and received the following error:

Endpoints generated from HTTPRoute demo-aks-app1/podinfo1: [podinfo1.aks.example.com 0 IN A 135.246.36.229 ] podinfo1.aks.example.com 0 IN CNAME asdfasdf.azurefd.net []] Domain podinfo1.aks.example.com. contains conflicting record type candidates; discarding CNAME record

What you expected to happen: From my understanding, it should set a CNAME record as the target annotation overrides any other auto-discovered endpoint.

How to reproduce it (as minimally and precisely as possible):

apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  name: public
  namespace: nginx-gateway
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt
    external-dns.alpha.kubernetes.io/target: "asdfasdf.azurefd.net"
spec:
  gatewayClassName: public
  listeners:
    - name: public
      hostname: "*.aks.example.com"
      port: 443
      protocol: HTTPS
      allowedRoutes:
        namespaces:
          from: All
      tls:
        mode: Terminate
        certificateRefs:
          - name: secret-tls
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: podinfo1
spec:
  parentRefs:
    - name: public
      namespace: nginx-gateway
  hostnames:
    - podinfo1.aks.example.com
  rules:
    - backendRefs:
        - name: podinfo-frontend
          port: 80

Anything else we need to know?:

Environment:

Dadeos-Menlo commented 5 days ago

Assuming that you're using the default, TXT, registry the issue you encountered is probably caused by its attempt to create an old-style TXT record with the name "podinfo1.aks.example.com"; because the Azure DNS provider, rightly, does not permit a CNAME record to coexist with any other record type under the same name.

Generation of the old-style TXT record may be suppressed by specifying a txt-prefix containing the record template placeholder; to replicate the default form of the new-style TXT records, but without generation of the old-style, one would specify a value of %{record_type}-; i.e. using a command line of the form:

external-dns --txt-prefix '%{record_type}-' …