sigs.k8s.io/external-dns@v0.14.1/docs/tutorials/scaleway.md (about) 1 # Setting up ExternalDNS for Services on Scaleway 2 3 This tutorial describes how to setup ExternalDNS for usage within a Kubernetes cluster using Scaleway DNS. 4 5 Make sure to use **>=0.7.4** version of ExternalDNS for this tutorial. 6 7 **Warning**: Scaleway DNS is currently in Public Beta and may not be suited for production usage. 8 9 ## Importing a Domain into Scaleway DNS 10 11 In order to use your domain, you need to import it into Scaleway DNS. If it's not already done, you can follow [this documentation](https://www.scaleway.com/en/docs/scaleway-dns/) 12 13 Once the domain is imported you can either use the root zone, or create a subzone to use. 14 15 In this example we will use `example.com` as an example. 16 17 ## Creating Scaleway Credentials 18 19 To use ExternalDNS with Scaleway DNS, you need to create an API token (composed of the Access Key and the Secret Key). 20 You can either use existing ones or you can create a new token, as explained in [How to generate an API token](https://www.scaleway.com/en/docs/generate-an-api-token/) or directly by going to the [credentials page](https://console.scaleway.com/account/organization/credentials). 21 22 Scaleway provider supports configuring credentials using profiles or supplying it directly with environment variables. 23 24 ### Configuration using a config file 25 You can supply the credentials through a config file: 26 1. Create the config file. Check out [Scaleway docs](https://github.com/scaleway/scaleway-sdk-go/blob/master/scw/README.md#scaleway-config) for instructions 27 2. Mount it as a Secret into the Pod 28 3. Configure environment variable `SCW_PROFILE` to match the profile name in the config file 29 4. Configure environment variable `SCW_CONFIG_PATH` to match the location of the mounted config file 30 31 ### Configuration using environment variables 32 Two environment variables are needed to run ExternalDNS with Scaleway DNS: 33 - `SCW_ACCESS_KEY` which is the Access Key. 34 - `SCW_SECRET_KEY` which is the Secret Key. 35 36 ## Deploy ExternalDNS 37 38 Connect your `kubectl` client to the cluster you want to test ExternalDNS with. 39 Then apply one of the following manifests file to deploy ExternalDNS. 40 41 The following example are suited for development. For a production usage, prefer secrets over environment, and use a [tagged release](https://github.com/kubernetes-sigs/external-dns/releases). 42 43 ### Manifest (for clusters without RBAC enabled) 44 ```yaml 45 apiVersion: apps/v1 46 kind: Deployment 47 metadata: 48 name: external-dns 49 spec: 50 replicas: 1 51 selector: 52 matchLabels: 53 app: external-dns 54 strategy: 55 type: Recreate 56 template: 57 metadata: 58 labels: 59 app: external-dns 60 spec: 61 containers: 62 - name: external-dns 63 image: registry.k8s.io/external-dns/external-dns:v0.14.0 64 args: 65 - --source=service # ingress is also possible 66 - --domain-filter=example.com # (optional) limit to only example.com domains; change to match the zone created above. 67 - --provider=scaleway 68 env: 69 - name: SCW_ACCESS_KEY 70 value: "<your access key>" 71 - name: SCW_SECRET_KEY 72 value: "<your secret key>" 73 ### Set if configuring using a config file. Make sure to create the Secret first. 74 # - name: SCW_PROFILE 75 # value: "<profile name>" 76 # - name: SCW_CONFIG_PATH 77 # value: /etc/scw/config.yaml 78 # volumeMounts: 79 # - name: scw-config 80 # mountPath: /etc/scw/config.yaml 81 # readOnly: true 82 # volumes: 83 # - name: scw-config 84 # secret: 85 # secretName: scw-config 86 ### 87 ``` 88 89 ### Manifest (for clusters with RBAC enabled) 90 ```yaml 91 apiVersion: v1 92 kind: ServiceAccount 93 metadata: 94 name: external-dns 95 --- 96 apiVersion: rbac.authorization.k8s.io/v1 97 kind: ClusterRole 98 metadata: 99 name: external-dns 100 rules: 101 - apiGroups: [""] 102 resources: ["services","endpoints","pods"] 103 verbs: ["get","watch","list"] 104 - apiGroups: ["extensions"] 105 resources: ["ingresses"] 106 verbs: ["get","watch","list"] 107 - apiGroups: [""] 108 resources: ["nodes"] 109 verbs: ["list","watch"] 110 --- 111 apiVersion: rbac.authorization.k8s.io/v1 112 kind: ClusterRoleBinding 113 metadata: 114 name: external-dns-viewer 115 roleRef: 116 apiGroup: rbac.authorization.k8s.io 117 kind: ClusterRole 118 name: external-dns 119 subjects: 120 - kind: ServiceAccount 121 name: external-dns 122 namespace: default 123 --- 124 apiVersion: apps/v1 125 kind: Deployment 126 metadata: 127 name: external-dns 128 spec: 129 replicas: 1 130 selector: 131 matchLabels: 132 app: external-dns 133 strategy: 134 type: Recreate 135 template: 136 metadata: 137 labels: 138 app: external-dns 139 spec: 140 serviceAccountName: external-dns 141 containers: 142 - name: external-dns 143 image: registry.k8s.io/external-dns/external-dns:v0.14.0 144 args: 145 - --source=service # ingress is also possible 146 - --domain-filter=example.com # (optional) limit to only example.com domains; change to match the zone created above. 147 - --provider=scaleway 148 env: 149 - name: SCW_ACCESS_KEY 150 value: "<your access key>" 151 - name: SCW_SECRET_KEY 152 value: "<your secret key>" 153 ### Set if configuring using a config file. Make sure to create the Secret first. 154 # - name: SCW_PROFILE 155 # value: "<profile name>" 156 # - name: SCW_CONFIG_PATH 157 # value: /etc/scw/config.yaml 158 # volumeMounts: 159 # - name: scw-config 160 # mountPath: /etc/scw/config.yaml 161 # readOnly: true 162 # volumes: 163 # - name: scw-config 164 # secret: 165 # secretName: scw-config 166 ### 167 ``` 168 169 170 ## Deploying an Nginx Service 171 172 Create a service file called 'nginx.yaml' with the following contents: 173 174 ```yaml 175 apiVersion: apps/v1 176 kind: Deployment 177 metadata: 178 name: nginx 179 spec: 180 replicas: 1 181 selector: 182 matchLabels: 183 app: nginx 184 template: 185 metadata: 186 labels: 187 app: nginx 188 spec: 189 containers: 190 - image: nginx 191 name: nginx 192 ports: 193 - containerPort: 80 194 --- 195 apiVersion: v1 196 kind: Service 197 metadata: 198 name: nginx 199 annotations: 200 external-dns.alpha.kubernetes.io/hostname: my-app.example.com 201 spec: 202 selector: 203 app: nginx 204 type: LoadBalancer 205 ports: 206 - protocol: TCP 207 port: 80 208 targetPort: 80 209 ``` 210 211 Note the annotation on the service; use the same hostname as the Scaleway DNS zone created above. 212 213 ExternalDNS uses this annotation to determine what services should be registered with DNS. Removing the annotation will cause ExternalDNS to remove the corresponding DNS records. 214 215 Create the deployment and service: 216 217 ```console 218 $ kubectl create -f nginx.yaml 219 ``` 220 221 Depending where you run your service it can take a little while for your cloud provider to create an external IP for the service. 222 223 Once the service has an external IP assigned, ExternalDNS will notice the new service IP address and synchronize the Scaleway DNS records. 224 225 ## Verifying Scaleway DNS records 226 227 Check your [Scaleway DNS UI](https://console.scaleway.com/domains/external) to view the records for your Scaleway DNS zone. 228 229 Click on the zone for the one created above if a different domain was used. 230 231 This should show the external IP address of the service as the A record for your domain. 232 233 ## Cleanup 234 235 Now that we have verified that ExternalDNS will automatically manage Scaleway DNS records, we can delete the tutorial's example: 236 237 ``` 238 $ kubectl delete service -f nginx.yaml 239 $ kubectl delete service -f externaldns.yaml 240 ```