mirrors/external-dns
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/external-dns.git synced 2025-08-07 10:06:57 +02:00
Code Issues Packages Projects Releases Wiki Activity

adding config for bind for tsig (#790)

Browse Source 
* adding config for bind for tsig

* add indentation as requested
This commit is contained in:
Davis Phillips 2018-11-30 13:57:06 -06:00 committed by Henning Jacobs
parent 78c63c3187
commit f25f90db0e
1 changed files with 34 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
docs/tutorials/rfc2136.md
View File

@ -12,6 +12,39 @@ key "externaldns-key" {
``` ```
- `Warning!` Bind server configuration should enable for this key AFXR zone transfer protocol. It is used for listing DNS records. - `Warning!` Bind server configuration should enable for this key AFXR zone transfer protocol. It is used for listing DNS records.
```text
# cat /etc/named.conf
...
include "/etc/rndc.key";
controls {
inet 123.123.123.123 port 953 allow { 10.x.y.151; } keys { "externaldns-key"; };
};
options {
include "/etc/named/options.conf";
};
include "/etc/named/zones.conf";
...
# cat /etc/named/options.conf
...
dnssec-enable yes;
dnssec-validation yes;
...
# cat /etc/named/zones.conf
...
zone "example.com" {
type master;
file "/var/named/dynamic/db.example.com";
update-policy {
grant externaldns-key zonesub ANY;
};
};
...
```
## RFC2136 provider configuration: ## RFC2136 provider configuration:
- Example fragment of real configuration of ExternalDNS service pod. - Example fragment of real configuration of ExternalDNS service pod.
@ -31,4 +64,4 @@ key "externaldns-key" {
- `rfc2136-tsig-keyname` - this is string parameter with secret key name it is should `MATCH!` with server key name. In example it is `externaldns-key`. - `rfc2136-tsig-keyname` - this is string parameter with secret key name it is should `MATCH!` with server key name. In example it is `externaldns-key`.