Skip to content

GitLab

Switch branch/tag
Find file Normal viewHistoryPermalink
rdns.md 4.04 KB
Newer Older
Jason-ZW's avatar
Add rancher dns(RDNS) provider  
Jason-ZW committed
1 
# Setting up ExternalDNS for RancherDNS(RDNS) with kubernetes
Eugene Klimov's avatar
update links to RDNS    
Eugene Klimov committed
2 
This tutorial describes how to setup ExternalDNS for usage within a kubernetes cluster that makes use of [RDNS](https://github.com/rancher/rdns-server) and [nginx ingress controller](https://github.com/kubernetes/ingress-nginx).
Jason-ZW's avatar
Add rancher dns(RDNS) provider  
Jason-ZW committed
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56 
You need to:
* install RDNS with [etcd](https://github.com/etcd-io/etcd) enabled
* install external-dns with rdns as a provider

## Installing RDNS with etcdv3 backend

### Clone RDNS
```
git clone https://github.com/rancher/rdns-server.git
```

### Installing ETCD
```
cd rdns-server
docker-compose -f deploy/etcdv3/etcd-compose.yaml up -d
```

> ETCD was successfully deployed on `http://172.31.35.77:2379`

### Installing RDNS
```
export ETCD_ENDPOINTS="http://172.31.35.77:2379"
export DOMAIN="lb.rancher.cloud"
./scripts/start etcdv3
```

> RDNS was successfully deployed on `172.31.35.77`

## Installing ExternalDNS
### Install external ExternalDNS
ETCD_URLS is configured to etcd client service address.
RDNS_ROOT_DOMAIN is configured to the same with RDNS DOMAIN environment. e.g. lb.rancher.cloud.

#### Manifest (for clusters without RBAC enabled)
```yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: external-dns
  namespace: kube-system
spec:
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: external-dns
  template:
    metadata:
      labels:
        app: external-dns
    spec:
      serviceAccountName: external-dns
      containers:
      - name: external-dns
Jeff Spahr's avatar
updated docs to reference the v0.7.6 image    
Jeff Spahr committed
57 
        image: k8s.gcr.io/external-dns/external-dns:v0.7.6
Jason-ZW's avatar
Add rancher dns(RDNS) provider  
Jason-ZW committed
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72 
        args:
        - --source=ingress
        - --provider=rdns
        - --log-level=debug # debug only
        env:
        - name: ETCD_URLS
          value: http://172.31.35.77:2379
        - name: RDNS_ROOT_DOMAIN
          value: lb.rancher.cloud
```

#### Manifest (for clusters with RBAC enabled)
```yaml

---
Kundan Kumar's avatar
fix_2099    
Kundan Kumar committed
73 
apiVersion: rbac.authorization.k8s.io/v1
Jason-ZW's avatar
Add rancher dns(RDNS) provider  
Jason-ZW committed
74
75
76
77
78 
kind: ClusterRole
metadata:
  name: external-dns
rules:
- apiGroups: [""]
Alfred Krohmer's avatar
Address review comments    
Alfred Krohmer committed
79 
  resources: ["services","endpoints","pods"]
Jason-ZW's avatar
Add rancher dns(RDNS) provider  
Jason-ZW committed
80 
  verbs: ["get","watch","list"]
David Dooling's avatar
Update apiVersions in docs (#1690)    
David Dooling committed
81 
- apiGroups: ["extensions","networking.k8s.io"]
Jason-ZW's avatar
Add rancher dns(RDNS) provider  
Jason-ZW committed
82
83
84
85
86
87 
  resources: ["ingresses"]
  verbs: ["get","watch","list"]
- apiGroups: [""]
  resources: ["nodes"]
  verbs: ["list"]
---
Kundan Kumar's avatar
fix_2099    
Kundan Kumar committed
88 
apiVersion: rbac.authorization.k8s.io/v1
Jason-ZW's avatar
Add rancher dns(RDNS) provider  
Jason-ZW committed
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125 
kind: ClusterRoleBinding
metadata:
  name: external-dns-viewer
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: external-dns
subjects:
- kind: ServiceAccount
  name: external-dns
  namespace: kube-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: external-dns
  namespace: kube-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: external-dns
  namespace: kube-system
spec:
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: external-dns
  template:
    metadata:
      labels:
        app: external-dns
    spec:
      serviceAccountName: external-dns
      containers:
      - name: external-dns
Jeff Spahr's avatar
updated docs to reference the v0.7.6 image    
Jeff Spahr committed
126 
        image: k8s.gcr.io/external-dns/external-dns:v0.7.6
Jason-ZW's avatar
Add rancher dns(RDNS) provider  
Jason-ZW committed
127
128
129
130
131
132
133
134
135
136
137
138
139
140 
        args:
        - --source=ingress
        - --provider=rdns
        - --log-level=debug # debug only
        env:
        - name: ETCD_URLS
          value: http://172.31.35.77:2379
        - name: RDNS_ROOT_DOMAIN
          value: lb.rancher.cloud
```

## Testing ingress example
```
$ cat ingress.yaml
Kundan Kumar's avatar
updated ingress apiVersion    
Kundan Kumar committed
141 
apiVersion: networking.k8s.io/v1
Jason-ZW's avatar
Add rancher dns(RDNS) provider  
Jason-ZW committed
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170 
kind: Ingress
metadata:
  name: nginx
  annotations:
    kubernetes.io/ingress.class: "nginx"
spec:
  rules:
  - host: nginx.lb.rancher.cloud
    http:
      paths:
      - backend:
          serviceName: nginx
          servicePort: 80

$ kubectl apply -f ingress.yaml
ingress.extensions "nginx" created
```

Wait a moment until DNS has the ingress IP. The RDNS IP in this example is "172.31.35.77".
```
$ kubectl get ingress
NAME      HOSTS                    ADDRESS         PORTS     AGE
nginx     nginx.lb.rancher.cloud   172.31.42.211   80        2m

$ kubectl run -it --rm --restart=Never --image=infoblox/dnstools:latest dnstools
If you don't see a command prompt, try pressing enter.
dnstools# dig @172.31.35.77 nginx.lb.rancher.cloud +short
172.31.42.211
dnstools#
Nick Jüttner's avatar
Move into kubernetes-sigs organization (#1245)    
Nick Jüttner committed
171 
```