sigs.k8s.io/external-dns@v0.14.1/docs/tutorials/gandi.md (about) 1 # Setting up ExternalDNS for Services on Gandi 2 3 This tutorial describes how to setup ExternalDNS for usage within a Kubernetes cluster using Gandi. 4 5 Make sure to use **>=0.7.7** version of ExternalDNS for this tutorial. 6 7 ## Creating a Gandi DNS zone (domain) 8 9 Create a new DNS zone where you want to create your records in. Let's use `example.com` as an example here. Make sure the zone uses 10 11 ## Creating Gandi Personal Access Token (PAT) 12 13 Generate a Personal Access Token on [your account](https://admin.gandi.net) (click on "User Settings") with `Manage domain name technical configurations` permission. 14 15 The environment variable `GANDI_PAT` will be needed to run ExternalDNS with Gandi. 16 17 You can also set `GANDI_KEY` if you have an old API key. 18 19 ## Deploy ExternalDNS 20 21 Connect your `kubectl` client to the cluster you want to test ExternalDNS with. 22 Then apply one of the following manifests file to deploy ExternalDNS. 23 24 ### Manifest (for clusters without RBAC enabled) 25 ```yaml 26 apiVersion: apps/v1 27 kind: Deployment 28 metadata: 29 name: external-dns 30 spec: 31 replicas: 1 32 selector: 33 matchLabels: 34 app: external-dns 35 strategy: 36 type: Recreate 37 template: 38 metadata: 39 labels: 40 app: external-dns 41 spec: 42 containers: 43 - name: external-dns 44 image: registry.k8s.io/external-dns/external-dns:v0.14.0 45 args: 46 - --source=service # ingress is also possible 47 - --domain-filter=example.com # (optional) limit to only example.com domains; change to match the zone created above. 48 - --provider=gandi 49 env: 50 - name: GANDI_PAT 51 value: "YOUR_GANDI_PAT" 52 ``` 53 54 ### Manifest (for clusters with RBAC enabled) 55 ```yaml 56 apiVersion: v1 57 kind: ServiceAccount 58 metadata: 59 name: external-dns 60 --- 61 apiVersion: rbac.authorization.k8s.io/v1 62 kind: ClusterRole 63 metadata: 64 name: external-dns 65 rules: 66 - apiGroups: [""] 67 resources: ["services","endpoints","pods"] 68 verbs: ["get","watch","list"] 69 - apiGroups: ["extensions","networking.k8s.io"] 70 resources: ["ingresses"] 71 verbs: ["get","watch","list"] 72 - apiGroups: [""] 73 resources: ["nodes"] 74 verbs: ["list","watch"] 75 --- 76 apiVersion: rbac.authorization.k8s.io/v1 77 kind: ClusterRoleBinding 78 metadata: 79 name: external-dns-viewer 80 roleRef: 81 apiGroup: rbac.authorization.k8s.io 82 kind: ClusterRole 83 name: external-dns 84 subjects: 85 - kind: ServiceAccount 86 name: external-dns 87 namespace: default 88 --- 89 apiVersion: apps/v1 90 kind: Deployment 91 metadata: 92 name: external-dns 93 spec: 94 replicas: 1 95 selector: 96 matchLabels: 97 app: external-dns 98 strategy: 99 type: Recreate 100 template: 101 metadata: 102 labels: 103 app: external-dns 104 spec: 105 serviceAccountName: external-dns 106 containers: 107 - name: external-dns 108 image: registry.k8s.io/external-dns/external-dns:v0.14.0 109 args: 110 - --source=service # ingress is also possible 111 - --domain-filter=example.com # (optional) limit to only example.com domains; change to match the zone created above. 112 - --provider=gandi 113 env: 114 - name: GANDI_PAT 115 value: "YOUR_GANDI_PAT" 116 ``` 117 118 119 ## Deploying an Nginx Service 120 121 Create a service file called 'nginx.yaml' with the following contents: 122 123 ```yaml 124 apiVersion: apps/v1 125 kind: Deployment 126 metadata: 127 name: nginx 128 spec: 129 replicas: 1 130 selector: 131 matchLabels: 132 app: nginx 133 template: 134 metadata: 135 labels: 136 app: nginx 137 spec: 138 containers: 139 - image: nginx 140 name: nginx 141 ports: 142 - containerPort: 80 143 --- 144 apiVersion: v1 145 kind: Service 146 metadata: 147 name: nginx 148 annotations: 149 external-dns.alpha.kubernetes.io/hostname: my-app.example.com 150 spec: 151 selector: 152 app: nginx 153 type: LoadBalancer 154 ports: 155 - protocol: TCP 156 port: 80 157 targetPort: 80 158 ``` 159 160 Note the annotation on the service; use the same hostname as the Gandi Domain. Make sure that your Domain is configured to use Live-DNS. 161 162 ExternalDNS uses this annotation to determine what services should be registered with DNS. Removing the annotation will cause ExternalDNS to remove the corresponding DNS records. 163 164 Create the deployment and service: 165 166 ```console 167 $ kubectl create -f nginx.yaml 168 ``` 169 170 Depending where you run your service it can take a little while for your cloud provider to create an external IP for the service. 171 172 Once the service has an external IP assigned, ExternalDNS will notice the new service IP address and synchronize the Gandi DNS records. 173 174 ## Verifying Gandi DNS records 175 176 Check your [Gandi Dashboard](https://admin.gandi.net/domain) to view the records for your Gandi DNS zone. 177 178 Click on the zone for the one created above if a different domain was used. 179 180 This should show the external IP address of the service as the A record for your domain. 181 182 ## Cleanup 183 184 Now that we have verified that ExternalDNS will automatically manage Gandi DNS records, we can delete the tutorial's example: 185 186 ``` 187 $ kubectl delete service -f nginx.yaml 188 $ kubectl delete service -f externaldns.yaml 189 ``` 190 191 # Additional options 192 193 If you're using organizations to separate your domains, you can pass the organization's ID in an environment variable called `GANDI_SHARING_ID` to get access to it.