This is to change the way batching works when using the aws provider.
Originally, batching would take the first n records you want to update
and perform the desired actions on those records as part of a sync. It
would then wait for the configured sync period and take the first n
records again and sync them. The issue with this is that when you are
using the TXT registry with a custom prefix, the updates can sync a TXT
record and not the accompanying A/CNAME record. This causes external-dns
to get out of sync with what is created and what the current state
actually is. This update uses the same idea of batching, however, rather
than stopping after the first batch until the next run, batching will
now have a separate batch interval which controls the interval between
each batch in the same sync period. This allows external-dns to fully
sync with route53 as part of each sync and can then know that the state
is complete.
Fixes https://github.com/kubernetes-incubator/external-dns/issues/679
* add Istio Gateway Source
* add documentation for Istio Gateway Source
* make both istio namespace and ingress gateway service configurable
* prefix gateway types, constructors, and flags with 'istio-'
* fix: add missing sources to source flag docs
When running in a pod sometimes the request to get ingreses/services
stalls indefinitely. A simple pod restart fixes this. Hard to reproduce
but I got lucky and did thread dump which revealed a gorouting blocked
on call to k8s.
What's new is a `--request-timeout` flag that makes requests to k8s
bounded in time. The default is 30s - this may cause some deployments
with a slow api-server to timeout.
* Create `NewAWSProvider` with `AWSConfig` struct
Rather than calling `NewAWSProvider` with a list of objects, you will
now call it using a new `AWSConfig` struct. This allows for clearer
declarations of variables which becomes even more important as more
variables are added.
* Add `aws-max-change-count` flag
Adding a new `aws-max-change-count` flag to override the default max
change count on the aws provider.
Included updated tests with a new `defaultMaxChangeCount` constant and
tests for setting the value as a flag and as an environment variable.
* Update CHANGELOG.md
Updating CHANGELOG.md with 'Add aws max change count flag' PR.
Commit adds:
* Implementation of PowerDNS as a provider
* Tests for said implementation
* github.com/ffledgling/pdns-go, which provides go client bindings for
PowerDNS's HTTP API, as a dependency
* "pdns" as an additional option for the `--provider` flag
* `--pdns-server` and `--pdns-api-key` as additional flags for PowerDNS
specific configuration
* Add a flag that allows FQDN and Annotations to combine
Old behaviour is kept by default, a new flag is introduced to combine instead of overwrite
Fixes#218
* docs: add fqdn template combine to changelog
* Graceful handling of misconfigure password for dyn
If a bad password is given for provider "dyn" then the next
login attempt is at least 30minutes apart. This prevents an
account from being suspended.
Improve validation of flags for dyn provider. Add test for
ValidateConfig() and Config.String()
Also add --dyn-min-ttl option which sets the lower limit
of a record's TTL. Ignored if 0 (the default).
* docs: add graceful handling of misconfiguration to changelog
* Don't log passwords on start
The two passwords configurable as flags (for infoblox and dyn) are
masked now and not logged.
* docs: add masking sensitive data in logs to changelog
* add "dyn" provider
* add several --dyn-* args to configure Dyn login
* add github.com/nesv/go-dynect/dynect@0.6.0 to Gopkg and vender/ (the client
of choice by Terraform)
* make externdns.Version public so it can be stored when committing
zone changes
* add tutorial for Ingress resources and update root README.md file
Dyn REST API is documented here: https://help.dyn.com/dns-api-knowledge-base/
Example usage:
external-dns \
--provider=dyn \
--dyn-customer-name=acme \
--dyn-username=acme-api \
--dyn-password=t0pS3cr3t \
--domain-filter=portal.acme.com \
--zone-id-filter=acme.com \
--namespace=my-test-ns \
--log-level=debug \
--txt-prefix=_
* Add aws-zone-id flag
* Add Zone ID filter
* Update AWS provider and main
* Make ZoneIDFilter generic
* Implement ZoneIDFilter for all providers
* Update CHANGELOG
This commit adds ability to use TLS transport for etcd.
New logic is applied when the etcd URL has https:// scheme.
TLS parameters are passed in the environment variables:
ETCD_CA_FILE - path to CA certificate. If not specified, then
system-provided certificates are used.
ETCD_CERT_FILE - client certificate
ETCD_KEY_FILE - client key file
- either both of none of this two must be specified
ETCD_TLS_SERVER_NAME - expected CN of the certificate. Useful when
URL points to a different domain from that in server certificate
ETCD_TLS_INSECURE - if set to "1" (or "true" or "yes") makes client
bypass server certificate validation.
Also for unification with other providers and rest of connection
settings, etcd URL is no longer specified in the command line, but
rather in ETCD_URLS environment variable (defaults to
http://localhost:2379). More than one comma-separated URL can be
specified. All of the URLs must start with either http:// or https://
Also, now it possible to communicate with etcd through proxy specified
in standard environment variables
