mirror of
https://github.com/kubernetes-sigs/external-dns.git
synced 2025-08-06 01:26:59 +02:00
RFC2136: Update tutorial to show Helm example with TSIG in secret
This commit is contained in:
parent
f6cd8b9bab
commit
7d57ac2394
@ -497,6 +497,35 @@ external-dns \
|
||||
--rfc2136-insecure
|
||||
```
|
||||
|
||||
### Helm
|
||||
|
||||
```yaml
|
||||
extraArgs:
|
||||
- --rfc2136-host="dns-host-1.yourdomain.com"
|
||||
- --rfc2136-port=53
|
||||
- --rfc2136-zone=example.com
|
||||
- --rfc2136-tsig-secret-alg=hmac-sha256
|
||||
- --rfc2136-tsig-axfr
|
||||
|
||||
env:
|
||||
- name: "EXTERNAL_DNS_RDC2136_TSIG_SECRET"
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: rfc2136-keys
|
||||
key: rfc2136-tsig-secret
|
||||
- name: "EXTERNAL_DNS_RDC2136_TSIG_KEYNAME"
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: rfc2136-keys
|
||||
key: rfc2136-tsig-keyname
|
||||
```
|
||||
|
||||
#### Secret creation
|
||||
|
||||
```shell
|
||||
kubectl create secret generic rfc2136-keys --from-literal=rfc2136-tsig-secret='xxx' --from-literal=rfc2136-tsig-keyname='k8s-external-dns-key' -n external-dns
|
||||
```
|
||||
|
||||
### Benefits
|
||||
|
||||
- Distributes the load of DNS updates across multiple data centers, preventing any single DC from becoming a bottleneck.
|
||||
|
Loading…
Reference in New Issue
Block a user