Use ExternalDNS in Kubernetes: A Comprehensive Guide

How to Use ExternalDNS in Kubernetes

Kubernetes, often referred to as K8s, simplifies the deployment, scaling, and management of containerized applications. While Kubernetes provides service discovery and internal DNS, managing external DNS records manually across various environments can be cumbersome. This is where ExternalDNS (Official site) plays a crucial role, automating the process by creating DNS records dynamically as services are created or deleted.

Prerequisites

A running Kubernetes cluster (version 1.10 or later).
Kubectl command line tool configured to access your cluster.
Access to a DNS provider supported by ExternalDNS (such as AWS Route 53, Google Cloud DNS, Azure DNS, or Cloudflare).
Admin permissions to manage DNS zone records in your DNS provider account.

Step-by-Step Instructions

Step 1: Install ExternalDNS

To deploy ExternalDNS, first, fetch the latest YAML manifests from the official ExternalDNS repository:

kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/external-dns/master/examples/provider/aws/aws.yaml

Modify the YAML file according to your DNS provider. Ensure it’s configured to watch Ingress or Service objects and sync appropriate domain names.

Step 2: Configure Access

Ensure that Kubernetes nodes have access to the DNS provider. For instance, when using AWS Route 53, assign policies allowing route53 permissions, or associate IAM roles providing necessary access:

apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: externaldns-viewer
  namespace: kube-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: view
subjects:
- kind: ServiceAccount
  name: externaldns
  namespace: kube-system

Step 3: Deploy and Verify

Deploy ExternalDNS by applying your YAML configuration:

kubectl apply -f your-externaldns-configuration.yaml

Verify the deployment. Ensure that the ExternalDNS pod is running:

kubectl get pods --namespace=kube-system -l "app=external-dns"

Step 4: Monitor DNS Records

To verify DNS records are created automatically, create a sample service:

apiVersion: v1
kind: Service
metadata:
  name: example-service
  annotations:
    external-dns.alpha.kubernetes.io/hostname: example.yourdomain.com
spec:
  selector:
    app: example
  ports:
  - protocol: TCP
    port: 80
    targetPort: 9376

Check your DNS provider to see the entry of ‘example.yourdomain.com’.

Troubleshooting

If ExternalDNS is not functioning correctly, ensure that:

The service account has adequate permissions.
The network policy allows access to DNS providers.
Logs from ExternalDNS do not indicate any obvious errors (use kubectl logs <external-dns-pod>).

A Summary Checklist

Set up your environment prerequisites correctly.
Install and configure ExternalDNS using proper manifests for your DNS provider.
Assign necessary permissions for DNS management.
Deploy and verify to ensure DNS records update as expected.
Troubleshoot based on log outputs and service annotations.

To explore similar integrations, you might find How to Configure Cert-Manager for SSL in Kubernetes useful. Cert-manager helps manage SSL certificates within your cluster, complementing your DNS configurations.