sigs.k8s.io/external-dns@v0.14.1/docs/tutorials/transip.md (about) 1 # Setting up ExternalDNS for Services on TransIP 2 3 This tutorial describes how to setup ExternalDNS for usage within a Kubernetes cluster using TransIP. 4 5 Make sure to use **>=0.5.14** version of ExternalDNS for this tutorial, have at least 1 domain registered at TransIP and enabled the API. 6 7 ## Enable TransIP API and prepare your API key 8 9 To use the TransIP API you need an account at TransIP and enable API usage as described in the [knowledge base](https://www.transip.eu/knowledgebase/entry/77-want-use-the-transip-api/). With the private key generated by the API, we create a kubernetes secret: 10 11 ```console 12 $ kubectl create secret generic transip-api-key --from-file=transip-api-key=/path/to/private.key 13 ``` 14 15 ## Deploy ExternalDNS 16 17 Below are example manifests, for both cluster without or with RBAC enabled. Don't forget to replace `YOUR_TRANSIP_ACCOUNT_NAME` with your TransIP account name. In these examples, an example domain-filter is defined. Such a filter can be used to prevent ExternalDNS from touching any domain not listed in the filter. Refer to the docs for any other command-line parameters you might want to use. 18 19 ### Manifest (for clusters without RBAC enabled) 20 21 ```yaml 22 apiVersion: apps/v1 23 kind: Deployment 24 metadata: 25 name: external-dns 26 spec: 27 strategy: 28 type: Recreate 29 selector: 30 matchLabels: 31 app: external-dns 32 template: 33 metadata: 34 labels: 35 app: external-dns 36 spec: 37 containers: 38 - name: external-dns 39 image: registry.k8s.io/external-dns/external-dns:v0.14.0 40 args: 41 - --source=service # ingress is also possible 42 - --domain-filter=example.com # (optional) limit to only example.com domains 43 - --provider=transip 44 - --transip-account=YOUR_TRANSIP_ACCOUNT_NAME 45 - --transip-keyfile=/transip/transip-api-key 46 volumeMounts: 47 - mountPath: /transip 48 name: transip-api-key 49 readOnly: true 50 volumes: 51 - name: transip-api-key 52 secret: 53 secretName: transip-api-key 54 ``` 55 56 ### Manifest (for clusters with RBAC enabled) 57 58 ```yaml 59 apiVersion: v1 60 kind: ServiceAccount 61 metadata: 62 name: external-dns 63 --- 64 apiVersion: rbac.authorization.k8s.io/v1 65 kind: ClusterRole 66 metadata: 67 name: external-dns 68 rules: 69 - apiGroups: [""] 70 resources: ["services","endpoints","pods"] 71 verbs: ["get","watch","list"] 72 - apiGroups: ["extensions","networking.k8s.io"] 73 resources: ["ingresses"] 74 verbs: ["get","watch","list"] 75 - apiGroups: [""] 76 resources: ["nodes"] 77 verbs: ["watch", "list"] 78 --- 79 apiVersion: rbac.authorization.k8s.io/v1 80 kind: ClusterRoleBinding 81 metadata: 82 name: external-dns-viewer 83 roleRef: 84 apiGroup: rbac.authorization.k8s.io 85 kind: ClusterRole 86 name: external-dns 87 subjects: 88 - kind: ServiceAccount 89 name: external-dns 90 namespace: default 91 --- 92 apiVersion: apps/v1 93 kind: Deployment 94 metadata: 95 name: external-dns 96 spec: 97 strategy: 98 type: Recreate 99 selector: 100 matchLabels: 101 app: external-dns 102 template: 103 metadata: 104 labels: 105 app: external-dns 106 spec: 107 serviceAccountName: external-dns 108 containers: 109 - name: external-dns 110 image: registry.k8s.io/external-dns/external-dns:v0.14.0 111 args: 112 - --source=service # ingress is also possible 113 - --domain-filter=example.com # (optional) limit to only example.com domains 114 - --provider=transip 115 - --transip-account=YOUR_TRANSIP_ACCOUNT_NAME 116 - --transip-keyfile=/transip/transip-api-key 117 volumeMounts: 118 - mountPath: /transip 119 name: transip-api-key 120 readOnly: true 121 volumes: 122 - name: transip-api-key 123 secret: 124 secretName: transip-api-key 125 ``` 126 127 ## Deploying an Nginx Service 128 129 Create a service file called 'nginx.yaml' with the following contents: 130 131 ```yaml 132 apiVersion: apps/v1 133 kind: Deployment 134 metadata: 135 name: nginx 136 spec: 137 selector: 138 matchLabels: 139 app: nginx 140 template: 141 metadata: 142 labels: 143 app: nginx 144 spec: 145 containers: 146 - image: nginx 147 name: nginx 148 ports: 149 - containerPort: 80 150 --- 151 apiVersion: v1 152 kind: Service 153 metadata: 154 name: nginx 155 annotations: 156 external-dns.alpha.kubernetes.io/hostname: my-app.example.com 157 spec: 158 selector: 159 app: nginx 160 type: LoadBalancer 161 ports: 162 - protocol: TCP 163 port: 80 164 targetPort: 80 165 ``` 166 167 Note the annotation on the service; this is the name ExternalDNS will create and manage DNS records for. 168 169 ExternalDNS uses this annotation to determine what services should be registered with DNS. Removing the annotation will cause ExternalDNS to remove the corresponding DNS records. 170 171 Create the deployment and service: 172 173 ```console 174 $ kubectl create -f nginx.yaml 175 ``` 176 177 Depending where you run your service it can take a little while for your cloud provider to create an external IP for the service. 178 179 Once the service has an external IP assigned, ExternalDNS will notice the new service IP address and synchronize the TransIP DNS records. 180 181 ## Verifying TransIP DNS records 182 183 Check your [TransIP Control Panel](https://transip.eu/cp) to view the records for your TransIP DNS zone. 184 185 Click on the zone for the one created above if a different domain was used. 186 187 This should show the external IP address of the service as the A record for your domain.