Kubernetes Networking Deep Dive

Kubernetes Ingress

Demo External DNS

In this guide, you will learn how to install and configure ExternalDNS on a Kubernetes cluster to automatically manage DNS records in GoDaddy based on Ingress resources. This approach ensures that your services are always reachable via the correct domain names without manual DNS updates.

Cluster Overview

Before we begin, verify the current state of your cluster and the Traefik ingress controller.

kubectl get all
NAME                                READY   STATUS    RESTARTS   AGE
pod/whoami-8c9864b56-phnp7          1/1     Running   0          17m

NAME                TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE
service/kubernetes  ClusterIP   10.96.0.1        <none>        443/TCP   14h
service/whoami      ClusterIP   10.104.155.171   <none>        80/TCP    17m

NAME                                READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/whoami              1/1     1            1           17m

NAME                                        DESIRED   CURRENT   READY   AGE
replicaset.apps/whoami-8c9864b56           1         1         1       17m

Check Traefik in the traefik namespace:

kubectl get pods -n traefik
NAME                             READY   STATUS    RESTARTS   AGE
traefik-7df9fd988f-j49ln         1/1     Running   0          18m

1. Install ExternalDNS via Helm

  1. Add and update the ExternalDNS Helm repository:

    helm repo add external-dns https://kubernetes-sigs.github.io/external-dns/
    helm repo update
    
  2. Create a values.yaml file with your GoDaddy credentials:

    # values.yaml
    provider:
      name: godaddy
    sources:
      - ingress
    domainFilters:
      - kubernetkk.xyz
    txtPrefix: external-dns
    txtOwnerId: owner-id
    extraArgs:
      - --godaddy-api-key=YOUR_GO_DADDY_API_KEY
      - --godaddy-api-secret=YOUR_GO_DADDY_API_SECRET
      - --godaddy-api-ote
    

Values Reference

KeyDescriptionExample
provider.nameDNS provider to usegodaddy
sourcesKubernetes resources to watch (service, ingress, etc.)- ingress
domainFiltersDomains allowed for record management- kubernetkk.xyz
txtPrefixPrefix for TXT ownership recordsexternal-dns
txtOwnerIdIdentifier for TXT record ownershipowner-id
extraArgsAdditional CLI flags, including API credentials & OTE flag--godaddy-api-key=...

Warning

Never commit your GoDaddy API key/secret to version control. Use a secure secret management system or Kubernetes Secret.

  1. Install ExternalDNS in the default namespace:

    helm install external-dns external-dns/external-dns \
      --values ./values.yaml --namespace default
    
  2. Confirm the ExternalDNS pod is running:

    kubectl get pods -n default -l app.kubernetes.io/name=external-dns
    
  3. View logs to verify it authenticates and syncs:

    kubectl logs -f deployment/external-dns -n default
    

    Expected log excerpt:

    time="2024-07-18T23:18:02Z" level=info msg="Using inCluster-config based on serviceaccount-token"
    time="2024-07-18T23:18:04Z" level=info msg="GoDaddy: 2 zones found"
    time="2024-07-18T23:18:04Z" level=info msg="All records are already up to date"
    

2. Create and Apply the Ingress

Define an Ingress that exposes the whoami service and instructs ExternalDNS to manage the DNS record whoami.kubernetkk.xyz pointing to your node IP (192.168.121.243 in this example).

# ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: whoami-ingress
  annotations:
    external-dns.alpha.kubernetes.io/hostname: whoami.kubernetkk.xyz
    external-dns.alpha.kubernetes.io/target: "192.168.121.243"
spec:
  rules:
    - http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: whoami
                port:
                  number: 80

Apply the Ingress:

kubectl apply -f ingress.yaml

Watch ExternalDNS logs as it detects the new Ingress:

kubectl logs -f deployment/external-dns -n default

Look for a log entry like:

time="2024-07-18T23:21:05Z" level=info msg="GoDaddy: 3 changes will be done"

This confirms that ExternalDNS is creating the DNS record.

Note

If you use a cloud provider’s LoadBalancer service type, omit the external-dns.alpha.kubernetes.io/target annotation. ExternalDNS will automatically use the LoadBalancer’s IP.


References

Watch Video

Watch video content

Previous
External DNS Overview