mirrors/external-dns
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/external-dns.git synced 2025-08-11 03:56:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
gh-pages
external-dns/v0.12.0/tutorials/rfc2136/index.html

2222 lines
77 KiB
HTML
Raw Permalink Blame History

<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="author" content="external-dns maintainers">
<link rel="icon" href="../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.3.0, mkdocs-material-8.2.8">
<title>Configuring RFC2136 provider - external-dns</title>
<link rel="stylesheet" href="../../assets/stylesheets/main.644de097.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.e6a45f82.min.css">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback">
<style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style>
<script>__md_scope=new URL("../..",location),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
</head>
<body dir="ltr" data-md-color-scheme="" data-md-color-primary="none" data-md-color-accent="none">
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#configuring-rfc2136-provider" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
</div>
<div data-md-component="outdated" hidden>
<aside class="md-banner md-banner--warning">
</aside>
</div>
<header class="md-header md-header--lifted" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Header">
<a href="../.." title="external-dns" class="md-header__button md-logo" aria-label="external-dns" data-md-component="logo">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3 3 3 0 0 0 3 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54z"/></svg>
</a>
<label class="md-header__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2z"/></svg>
</label>
<div class="md-header__title" data-md-component="header-title">
<div class="md-header__ellipsis">
<div class="md-header__topic">
<span class="md-ellipsis">
external-dns
</span>
</div>
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
Configuring RFC2136 provider
</span>
</div>
</div>
</div>
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg>
</label>
<nav class="md-search__options" aria-label="Search">
<button type="reset" class="md-search__icon md-icon" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41z"/></svg>
</button>
</nav>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list"></ol>
</div>
</div>
</div>
</div>
</div>
<div class="md-header__source">
<a href="https://github.com/kubernetes-sigs/external-dns/" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.1.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
kubernetes-sigs/external-dns
</div>
</a>
</div>
</nav>
<nav class="md-tabs" aria-label="Tabs" data-md-component="tabs">
<div class="md-tabs__inner md-grid">
<ul class="md-tabs__list">
<li class="md-tabs__item">
<a href="../.." class="md-tabs__link">
Home
</a>
</li>
<li class="md-tabs__item">
<a href="../UKFast_SafeDNS/" class="md-tabs__link md-tabs__link--active">
Tutorials
</a>
</li>
<li class="md-tabs__item">
<a href="../../initial-design/" class="md-tabs__link">
Advanced Topics
</a>
</li>
<li class="md-tabs__item">
<a href="../../CONTRIBUTING/" class="md-tabs__link">
Contributing
</a>
</li>
<li class="md-tabs__item">
<a href="../../faq/" class="md-tabs__link">
About
</a>
</li>
</ul>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary md-nav--lifted" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="../.." title="external-dns" class="md-nav__button md-logo" aria-label="external-dns" data-md-component="logo">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3 3 3 0 0 0 3 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54z"/></svg>
</a>
external-dns
</label>
<div class="md-nav__source">
<a href="https://github.com/kubernetes-sigs/external-dns/" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.1.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
kubernetes-sigs/external-dns
</div>
</a>
</div>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../.." class="md-nav__link">
Home
</a>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2" type="checkbox" id="__nav_2" checked>
<label class="md-nav__link" for="__nav_2">
Tutorials
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Tutorials" data-md-level="1">
<label class="md-nav__title" for="__nav_2">
<span class="md-nav__icon md-icon"></span>
Tutorials
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../UKFast_SafeDNS/" class="md-nav__link">
Setting up ExternalDNS for Services on UKFast's SafeDNS
</a>
</li>
<li class="md-nav__item">
<a href="../akamai-edgedns/" class="md-nav__link">
Setting up External-DNS for Services on Akamai Edge DNS
</a>
</li>
<li class="md-nav__item">
<a href="../alb-ingress/" class="md-nav__link">
Using ExternalDNS with alb-ingress-controller
</a>
</li>
<li class="md-nav__item">
<a href="../alibabacloud/" class="md-nav__link">
Setting up ExternalDNS for Services on Alibaba Cloud
</a>
</li>
<li class="md-nav__item">
<a href="../aws-sd/" class="md-nav__link">
Setting up ExternalDNS using AWS Cloud Map API
</a>
</li>
<li class="md-nav__item">
<a href="../aws/" class="md-nav__link">
Setting up ExternalDNS for Services on AWS
</a>
</li>
<li class="md-nav__item">
<a href="../azure-private-dns/" class="md-nav__link">
Set up ExternalDNS for Azure Private DNS
</a>
</li>
<li class="md-nav__item">
<a href="../azure/" class="md-nav__link">
Setting up ExternalDNS for Services on Azure
</a>
</li>
<li class="md-nav__item">
<a href="../bluecat/" class="md-nav__link">
Setting up external-dns for BlueCat
</a>
</li>
<li class="md-nav__item">
<a href="../cloudflare/" class="md-nav__link">
Setting up ExternalDNS for Services on Cloudflare
</a>
</li>
<li class="md-nav__item">
<a href="../contour/" class="md-nav__link">
Setting up External DNS with Contour
</a>
</li>
<li class="md-nav__item">
<a href="../coredns/" class="md-nav__link">
Setting up ExternalDNS for CoreDNS with minikube
</a>
</li>
<li class="md-nav__item">
<a href="../designate/" class="md-nav__link">
Setting up ExternalDNS for Services on OpenStack Designate
</a>
</li>
<li class="md-nav__item">
<a href="../digitalocean/" class="md-nav__link">
Setting up ExternalDNS for Services on DigitalOcean
</a>
</li>
<li class="md-nav__item">
<a href="../dnsimple/" class="md-nav__link">
Setting up ExternalDNS for Services on DNSimple
</a>
</li>
<li class="md-nav__item">
<a href="../dyn/" class="md-nav__link">
Setting up ExternalDNS for Dyn
</a>
</li>
<li class="md-nav__item">
<a href="../exoscale/" class="md-nav__link">
Setting up ExternalDNS for Exoscale
</a>
</li>
<li class="md-nav__item">
<a href="../externalname/" class="md-nav__link">
Setting up ExternalDNS for ExternalName Services
</a>
</li>
<li class="md-nav__item">
<a href="../gandi/" class="md-nav__link">
Setting up ExternalDNS for Services on Gandi
</a>
</li>
<li class="md-nav__item">
<a href="../gateway-api/" class="md-nav__link">
Configuring ExternalDNS to use Gateway API Route Sources
</a>
</li>
<li class="md-nav__item">
<a href="../gke/" class="md-nav__link">
Setting up ExternalDNS on Google Kubernetes Engine
</a>
</li>
<li class="md-nav__item">
<a href="../gloo-proxy/" class="md-nav__link">
Configuring ExternalDNS to use the Gloo Proxy Source
</a>
</li>
<li class="md-nav__item">
<a href="../godaddy/" class="md-nav__link">
Setting up ExternalDNS for Services on GoDaddy
</a>
</li>
<li class="md-nav__item">
<a href="../hostport/" class="md-nav__link">
Setting up ExternalDNS for Headless Services
</a>
</li>
<li class="md-nav__item">
<a href="../ibmcloud/" class="md-nav__link">
Setting up ExternalDNS for Services on IBMCloud
</a>
</li>
<li class="md-nav__item">
<a href="../infoblox/" class="md-nav__link">
Setting up ExternalDNS for Infoblox
</a>
</li>
<li class="md-nav__item">
<a href="../istio/" class="md-nav__link">
Configuring ExternalDNS to use the Istio Gateway and/or Istio Virtual Service Source
</a>
</li>
<li class="md-nav__item">
<a href="../kong/" class="md-nav__link">
Configuring ExternalDNS to use the Kong TCPIngress Source
</a>
</li>
<li class="md-nav__item">
<a href="../kops-dns-controller/" class="md-nav__link">
kOps dns-controller compatibility mode
</a>
</li>
<li class="md-nav__item">
<a href="../kube-ingress-aws/" class="md-nav__link">
Using ExternalDNS with kube-ingress-aws-controller
</a>
</li>
<li class="md-nav__item">
<a href="../linode/" class="md-nav__link">
Setting up ExternalDNS for Services on Linode
</a>
</li>
<li class="md-nav__item">
<a href="../nginx-ingress/" class="md-nav__link">
Setting up ExternalDNS on GKE with nginx-ingress-controller
</a>
</li>
<li class="md-nav__item">
<a href="../nodes/" class="md-nav__link">
Configuring ExternalDNS to use Cluster Nodes as Source
</a>
</li>
<li class="md-nav__item">
<a href="../ns-record/" class="md-nav__link">
Creating NS record with CRD source
</a>
</li>
<li class="md-nav__item">
<a href="../ns1/" class="md-nav__link">
Setting up ExternalDNS for Services on NS1
</a>
</li>
<li class="md-nav__item">
<a href="../openshift/" class="md-nav__link">
Configuring ExternalDNS to use the OpenShift Route Source
</a>
</li>
<li class="md-nav__item">
<a href="../oracle/" class="md-nav__link">
Setting up ExternalDNS for Oracle Cloud Infrastructure (OCI)
</a>
</li>
<li class="md-nav__item">
<a href="../ovh/" class="md-nav__link">
Setting up ExternalDNS for Services on OVH
</a>
</li>
<li class="md-nav__item">
<a href="../pdns/" class="md-nav__link">
Setting up ExternalDNS for PowerDNS
</a>
</li>
<li class="md-nav__item">
<a href="../public-private-route53/" class="md-nav__link">
Setting up ExternalDNS using the same domain for public and private Route53 zones
</a>
</li>
<li class="md-nav__item">
<a href="../rcodezero/" class="md-nav__link">
Setting up ExternalDNS for Services on RcodeZero
</a>
</li>
<li class="md-nav__item">
<a href="../rdns/" class="md-nav__link">
Setting up ExternalDNS for RancherDNS(RDNS) with kubernetes
</a>
</li>
<li class="md-nav__item md-nav__item--active">
<input class="md-nav__toggle md-toggle" data-md-toggle="toc" type="checkbox" id="__toc">
<label class="md-nav__link md-nav__link--active" for="__toc">
Configuring RFC2136 provider
<span class="md-nav__icon md-icon"></span>
</label>
<a href="./" class="md-nav__link md-nav__link--active">
Configuring RFC2136 provider
</a>
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#using-with-bind" class="md-nav__link">
Using with BIND
</a>
<nav class="md-nav" aria-label="Using with BIND">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#server-credentials" class="md-nav__link">
Server credentials:
</a>
</li>
<li class="md-nav__item">
<a href="#bind-configuration" class="md-nav__link">
BIND Configuration:
</a>
</li>
<li class="md-nav__item">
<a href="#using-external-dns" class="md-nav__link">
Using external-dns
</a>
</li>
<li class="md-nav__item">
<a href="#custom-ttl" class="md-nav__link">
Custom TTL
</a>
</li>
<li class="md-nav__item">
<a href="#test-with-external-dns-installed-on-local-machine-optional" class="md-nav__link">
Test with external-dns installed on local machine (optional)
</a>
</li>
<li class="md-nav__item">
<a href="#rfc2136-provider-configuration" class="md-nav__link">
RFC2136 provider configuration:
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#microsoft-dns-insecure-updates" class="md-nav__link">
Microsoft DNS (Insecure Updates)
</a>
<nav class="md-nav" aria-label="Microsoft DNS (Insecure Updates)">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#insecure-updates" class="md-nav__link">
Insecure Updates
</a>
<nav class="md-nav" aria-label="Insecure Updates">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#dns-side-configuration" class="md-nav__link">
DNS-side configuration
</a>
</li>
<li class="md-nav__item">
<a href="#external-dns-configuration" class="md-nav__link">
external-dns configuration
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#secure-updates-using-rfc3645-gss-tsig" class="md-nav__link">
Secure Updates Using RFC3645 (GSS-TSIG)
</a>
</li>
<li class="md-nav__item">
<a href="#dns-side-configuration_1" class="md-nav__link">
DNS-side configuration
</a>
<nav class="md-nav" aria-label="DNS-side configuration">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#kerberos-configuration" class="md-nav__link">
Kerberos Configuration
</a>
</li>
<li class="md-nav__item">
<a href="#external-dns-configuration_1" class="md-nav__link">
external-dns configuration
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../scaleway/" class="md-nav__link">
Setting up ExternalDNS for Services on Scaleway
</a>
</li>
<li class="md-nav__item">
<a href="../security-context/" class="md-nav__link">
Running ExternalDNS with limited privileges
</a>
</li>
<li class="md-nav__item">
<a href="../transip/" class="md-nav__link">
Setting up ExternalDNS for Services on TransIP
</a>
</li>
<li class="md-nav__item">
<a href="../ultradns/" class="md-nav__link">
Setting up ExternalDNS for Services on UltraDNS
</a>
</li>
<li class="md-nav__item">
<a href="../vinyldns/" class="md-nav__link">
Setting up ExternalDNS for VinylDNS
</a>
</li>
<li class="md-nav__item">
<a href="../vultr/" class="md-nav__link">
Setting up ExternalDNS for Services on Vultr
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3" type="checkbox" id="__nav_3" >
<label class="md-nav__link" for="__nav_3">
Advanced Topics
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Advanced Topics" data-md-level="1">
<label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span>
Advanced Topics
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../initial-design/" class="md-nav__link">
Initial Design
</a>
</li>
<li class="md-nav__item">
<a href="../../ttl/" class="md-nav__link">
TTL
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_4" type="checkbox" id="__nav_4" >
<label class="md-nav__link" for="__nav_4">
Contributing
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Contributing" data-md-level="1">
<label class="md-nav__title" for="__nav_4">
<span class="md-nav__icon md-icon"></span>
Contributing
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../CONTRIBUTING/" class="md-nav__link">
Kubernetes Contributions
</a>
</li>
<li class="md-nav__item">
<a href="../../release/" class="md-nav__link">
Release
</a>
</li>
<li class="md-nav__item">
<a href="../../contributing/chart/" class="md-nav__link">
Helm Chart
</a>
</li>
<li class="md-nav__item">
<a href="../../contributing/crd-source/" class="md-nav__link">
CRD Source
</a>
</li>
<li class="md-nav__item">
<a href="../../contributing/getting-started/" class="md-nav__link">
Quick Start
</a>
</li>
<li class="md-nav__item">
<a href="../../contributing/sources-and-providers/" class="md-nav__link">
Sources and Providers
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="__nav_5" type="checkbox" id="__nav_5" >
<label class="md-nav__link" for="__nav_5">
About
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="About" data-md-level="1">
<label class="md-nav__title" for="__nav_5">
<span class="md-nav__icon md-icon"></span>
About
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../faq/" class="md-nav__link">
FAQ
</a>
</li>
<li class="md-nav__item">
<a href="../../20190708-external-dns-incubator/" class="md-nav__link">
Out of Incubator
</a>
</li>
<li class="md-nav__item">
<a href="../../code-of-conduct/" class="md-nav__link">
Code of Conduct
</a>
</li>
<li class="md-nav__item">
<a href="../../LICENSE/" class="md-nav__link">
License
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#using-with-bind" class="md-nav__link">
Using with BIND
</a>
<nav class="md-nav" aria-label="Using with BIND">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#server-credentials" class="md-nav__link">
Server credentials:
</a>
</li>
<li class="md-nav__item">
<a href="#bind-configuration" class="md-nav__link">
BIND Configuration:
</a>
</li>
<li class="md-nav__item">
<a href="#using-external-dns" class="md-nav__link">
Using external-dns
</a>
</li>
<li class="md-nav__item">
<a href="#custom-ttl" class="md-nav__link">
Custom TTL
</a>
</li>
<li class="md-nav__item">
<a href="#test-with-external-dns-installed-on-local-machine-optional" class="md-nav__link">
Test with external-dns installed on local machine (optional)
</a>
</li>
<li class="md-nav__item">
<a href="#rfc2136-provider-configuration" class="md-nav__link">
RFC2136 provider configuration:
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#microsoft-dns-insecure-updates" class="md-nav__link">
Microsoft DNS (Insecure Updates)
</a>
<nav class="md-nav" aria-label="Microsoft DNS (Insecure Updates)">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#insecure-updates" class="md-nav__link">
Insecure Updates
</a>
<nav class="md-nav" aria-label="Insecure Updates">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#dns-side-configuration" class="md-nav__link">
DNS-side configuration
</a>
</li>
<li class="md-nav__item">
<a href="#external-dns-configuration" class="md-nav__link">
external-dns configuration
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#secure-updates-using-rfc3645-gss-tsig" class="md-nav__link">
Secure Updates Using RFC3645 (GSS-TSIG)
</a>
</li>
<li class="md-nav__item">
<a href="#dns-side-configuration_1" class="md-nav__link">
DNS-side configuration
</a>
<nav class="md-nav" aria-label="DNS-side configuration">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#kerberos-configuration" class="md-nav__link">
Kerberos Configuration
</a>
</li>
<li class="md-nav__item">
<a href="#external-dns-configuration_1" class="md-nav__link">
external-dns configuration
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">
<a href="https://github.com/kubernetes-sigs/external-dns/edit/master/docs/tutorials/rfc2136.md" title="Edit this page" class="md-content__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20.71 7.04c.39-.39.39-1.04 0-1.41l-2.34-2.34c-.37-.39-1.02-.39-1.41 0l-1.84 1.83 3.75 3.75M3 17.25V21h3.75L17.81 9.93l-3.75-3.75L3 17.25z"/></svg>
</a>
<h1 id="configuring-rfc2136-provider">Configuring RFC2136 provider<a class="headerlink" href="#configuring-rfc2136-provider" title="Permanent link">&para;</a></h1>
<p>This tutorial describes how to use the RFC2136 with either BIND or Windows DNS.</p>
<h2 id="using-with-bind">Using with BIND<a class="headerlink" href="#using-with-bind" title="Permanent link">&para;</a></h2>
<p>To use external-dns with BIND: generate/procure a key, configure DNS and add a<br />
deployment of external-dns.</p>
<h3 id="server-credentials">Server credentials:<a class="headerlink" href="#server-credentials" title="Permanent link">&para;</a></h3>
<ul>
<li>RFC2136 was developed for and tested with<br />
<a href="https://www.isc.org/downloads/bind/">BIND</a> DNS server. This documentation<br />
assumes that you already have a configured and working server. If you don&rsquo;t,<br />
please check BIND documents or tutorials.</li>
<li>If your DNS is provided for you, ask for a TSIG key authorized to update and<br />
transfer the zone you wish to update. The key will look something like below.<br />
Skip the next steps wrt BIND setup.<br />
<div class="highlight"><pre><span></span><code><a id="__codelineno-0-1" name="__codelineno-0-1" href="#__codelineno-0-1"></a>key &quot;externaldns-key&quot; {
<a id="__codelineno-0-2" name="__codelineno-0-2" href="#__codelineno-0-2"></a> algorithm hmac-sha256;
<a id="__codelineno-0-3" name="__codelineno-0-3" href="#__codelineno-0-3"></a> secret &quot;96Ah/a2g0/nLeFGK+d/0tzQcccf9hCEIy34PoXX2Qg8=&quot;;
<a id="__codelineno-0-4" name="__codelineno-0-4" href="#__codelineno-0-4"></a>};
</code></pre></div></li>
<li>If you are your own DNS administrator create a TSIG key. Use<br />
<code>tsig-keygen -a hmac-sha256 externaldns</code> or on older distributions<br />
<code>dnssec-keygen -a HMAC-SHA256 -b 256 -n HOST externaldns</code>. You will end up with<br />
a key printed to standard out like above (or in the case of dnssec-keygen in a<br />
file called <code>Kexternaldns......key</code>).</li>
</ul>
<h3 id="bind-configuration">BIND Configuration:<a class="headerlink" href="#bind-configuration" title="Permanent link">&para;</a></h3>
<p>If you do not administer your own DNS, skip to RFC provider configuration</p>
<ul>
<li>Edit your named.conf file (or appropriate included file) and add/change the<br />
following.</li>
<li>Make sure You are listening on the right interfaces. At least whatever<br />
interface external-dns will be communicating over and the interface that<br />
faces the internet.</li>
<li>Add the key that you generated/was given to you above. Copy paste the four<br />
lines that you got (not the same as the example key) into your file.</li>
<li>Create a zone for kubernetes. If you already have a zone, skip to the next<br />
step. (I put the zone in it&rsquo;s own subdirectory because named,<br />
which shouldn&rsquo;t be running as root, needs to create a journal file and the<br />
default zone directory isn&rsquo;t writeable by named).<br />
<div class="highlight"><pre><span></span><code><a id="__codelineno-1-1" name="__codelineno-1-1" href="#__codelineno-1-1"></a>zone &quot;k8s.example.org&quot; {
<a id="__codelineno-1-2" name="__codelineno-1-2" href="#__codelineno-1-2"></a> type master;
<a id="__codelineno-1-3" name="__codelineno-1-3" href="#__codelineno-1-3"></a> file &quot;/etc/bind/pri/k8s/k8s.zone&quot;;
<a id="__codelineno-1-4" name="__codelineno-1-4" href="#__codelineno-1-4"></a>};
</code></pre></div></li>
<li>Add your key to both transfer and update. For instance with our previous<br />
zone.<br />
<div class="highlight"><pre><span></span><code><a id="__codelineno-2-1" name="__codelineno-2-1" href="#__codelineno-2-1"></a>zone &quot;k8s.example.org&quot; {
<a id="__codelineno-2-2" name="__codelineno-2-2" href="#__codelineno-2-2"></a> type master;
<a id="__codelineno-2-3" name="__codelineno-2-3" href="#__codelineno-2-3"></a> file &quot;/etc/bind/pri/k8s/k8s.zone&quot;;
<a id="__codelineno-2-4" name="__codelineno-2-4" href="#__codelineno-2-4"></a> allow-transfer {
<a id="__codelineno-2-5" name="__codelineno-2-5" href="#__codelineno-2-5"></a> key &quot;externaldns-key&quot;;
<a id="__codelineno-2-6" name="__codelineno-2-6" href="#__codelineno-2-6"></a> };
<a id="__codelineno-2-7" name="__codelineno-2-7" href="#__codelineno-2-7"></a> update-policy {
<a id="__codelineno-2-8" name="__codelineno-2-8" href="#__codelineno-2-8"></a> grant externaldns-key zonesub ANY;
<a id="__codelineno-2-9" name="__codelineno-2-9" href="#__codelineno-2-9"></a> };
<a id="__codelineno-2-10" name="__codelineno-2-10" href="#__codelineno-2-10"></a>};
</code></pre></div></li>
<li>Create a zone file (k8s.zone):<br />
<div class="highlight"><pre><span></span><code><a id="__codelineno-3-1" name="__codelineno-3-1" href="#__codelineno-3-1"></a>$TTL 60 ; 1 minute
<a id="__codelineno-3-2" name="__codelineno-3-2" href="#__codelineno-3-2"></a>k8s.example.org IN SOA k8s.example.org. root.k8s.example.org. (
<a id="__codelineno-3-3" name="__codelineno-3-3" href="#__codelineno-3-3"></a> 16 ; serial
<a id="__codelineno-3-4" name="__codelineno-3-4" href="#__codelineno-3-4"></a> 60 ; refresh (1 minute)
<a id="__codelineno-3-5" name="__codelineno-3-5" href="#__codelineno-3-5"></a> 60 ; retry (1 minute)
<a id="__codelineno-3-6" name="__codelineno-3-6" href="#__codelineno-3-6"></a> 60 ; expire (1 minute)
<a id="__codelineno-3-7" name="__codelineno-3-7" href="#__codelineno-3-7"></a> 60 ; minimum (1 minute)
<a id="__codelineno-3-8" name="__codelineno-3-8" href="#__codelineno-3-8"></a> )
<a id="__codelineno-3-9" name="__codelineno-3-9" href="#__codelineno-3-9"></a> NS ns.k8s.example.org.
<a id="__codelineno-3-10" name="__codelineno-3-10" href="#__codelineno-3-10"></a>ns A 123.456.789.012
</code></pre></div></li>
<li>Reload (or restart) named</li>
</ul>
<h3 id="using-external-dns">Using external-dns<a class="headerlink" href="#using-external-dns" title="Permanent link">&para;</a></h3>
<p>To use external-dns add an ingress or a LoadBalancer service with a host that<br />
is part of the domain-filter. For example both of the following would produce<br />
A records.<br />
<div class="highlight"><pre><span></span><code><a id="__codelineno-4-1" name="__codelineno-4-1" href="#__codelineno-4-1"></a>apiVersion: v1
<a id="__codelineno-4-2" name="__codelineno-4-2" href="#__codelineno-4-2"></a>kind: Service
<a id="__codelineno-4-3" name="__codelineno-4-3" href="#__codelineno-4-3"></a>metadata:
<a id="__codelineno-4-4" name="__codelineno-4-4" href="#__codelineno-4-4"></a> name: nginx
<a id="__codelineno-4-5" name="__codelineno-4-5" href="#__codelineno-4-5"></a> annotations:
<a id="__codelineno-4-6" name="__codelineno-4-6" href="#__codelineno-4-6"></a> external-dns.alpha.kubernetes.io/hostname: svc.example.org
<a id="__codelineno-4-7" name="__codelineno-4-7" href="#__codelineno-4-7"></a>spec:
<a id="__codelineno-4-8" name="__codelineno-4-8" href="#__codelineno-4-8"></a> type: LoadBalancer
<a id="__codelineno-4-9" name="__codelineno-4-9" href="#__codelineno-4-9"></a> ports:
<a id="__codelineno-4-10" name="__codelineno-4-10" href="#__codelineno-4-10"></a> - port: 80
<a id="__codelineno-4-11" name="__codelineno-4-11" href="#__codelineno-4-11"></a> targetPort: 80
<a id="__codelineno-4-12" name="__codelineno-4-12" href="#__codelineno-4-12"></a> selector:
<a id="__codelineno-4-13" name="__codelineno-4-13" href="#__codelineno-4-13"></a> app: nginx
<a id="__codelineno-4-14" name="__codelineno-4-14" href="#__codelineno-4-14"></a>---
<a id="__codelineno-4-15" name="__codelineno-4-15" href="#__codelineno-4-15"></a>apiVersion: networking.k8s.io/v1
<a id="__codelineno-4-16" name="__codelineno-4-16" href="#__codelineno-4-16"></a>kind: Ingress
<a id="__codelineno-4-17" name="__codelineno-4-17" href="#__codelineno-4-17"></a>metadata:
<a id="__codelineno-4-18" name="__codelineno-4-18" href="#__codelineno-4-18"></a> name: my-ingress
<a id="__codelineno-4-19" name="__codelineno-4-19" href="#__codelineno-4-19"></a>spec:
<a id="__codelineno-4-20" name="__codelineno-4-20" href="#__codelineno-4-20"></a> rules:
<a id="__codelineno-4-21" name="__codelineno-4-21" href="#__codelineno-4-21"></a> - host: ingress.example.org
<a id="__codelineno-4-22" name="__codelineno-4-22" href="#__codelineno-4-22"></a> http:
<a id="__codelineno-4-23" name="__codelineno-4-23" href="#__codelineno-4-23"></a> paths:
<a id="__codelineno-4-24" name="__codelineno-4-24" href="#__codelineno-4-24"></a> - path: /
<a id="__codelineno-4-25" name="__codelineno-4-25" href="#__codelineno-4-25"></a> backend:
<a id="__codelineno-4-26" name="__codelineno-4-26" href="#__codelineno-4-26"></a> serviceName: my-service
<a id="__codelineno-4-27" name="__codelineno-4-27" href="#__codelineno-4-27"></a> servicePort: 8000
</code></pre></div></p>
<h3 id="custom-ttl">Custom TTL<a class="headerlink" href="#custom-ttl" title="Permanent link">&para;</a></h3>
<p>The default DNS record TTL (Time-To-Live) is 0 seconds. You can customize this value by setting the annotation <code>external-dns.alpha.kubernetes.io/ttl</code>. e.g., modify the service manifest YAML file above:</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-5-1" name="__codelineno-5-1" href="#__codelineno-5-1"></a>apiVersion: v1
<a id="__codelineno-5-2" name="__codelineno-5-2" href="#__codelineno-5-2"></a>kind: Service
<a id="__codelineno-5-3" name="__codelineno-5-3" href="#__codelineno-5-3"></a>metadata:
<a id="__codelineno-5-4" name="__codelineno-5-4" href="#__codelineno-5-4"></a> name: nginx
<a id="__codelineno-5-5" name="__codelineno-5-5" href="#__codelineno-5-5"></a> annotations:
<a id="__codelineno-5-6" name="__codelineno-5-6" href="#__codelineno-5-6"></a> external-dns.alpha.kubernetes.io/hostname: nginx.external-dns-test.my-org.com
<a id="__codelineno-5-7" name="__codelineno-5-7" href="#__codelineno-5-7"></a> external-dns.alpha.kubernetes.io/ttl: 60
<a id="__codelineno-5-8" name="__codelineno-5-8" href="#__codelineno-5-8"></a>spec:
<a id="__codelineno-5-9" name="__codelineno-5-9" href="#__codelineno-5-9"></a> ...
</code></pre></div>
<p>This will set the DNS record&rsquo;s TTL to 60 seconds.</p>
<p>A default TTL for all records can be set using the the flag with a time in seconds, minutes or hours, such as <code>--rfc2136-min-ttl=60s</code></p>
<p>There are other annotation that can affect the generation of DNS records, but these are beyond the scope of this<br />
tutorial and are covered in the main documentation.</p>
<h3 id="test-with-external-dns-installed-on-local-machine-optional">Test with external-dns installed on local machine (optional)<a class="headerlink" href="#test-with-external-dns-installed-on-local-machine-optional" title="Permanent link">&para;</a></h3>
<p>You may install external-dns and test on a local machine by running:<br />
<code>external-dns --txt-owner-id k8s --provider rfc2136 --rfc2136-host=192.168.0.1 --rfc2136-port=53 --rfc2136-zone=k8s.example.org --rfc2136-tsig-secret=96Ah/a2g0/nLeFGK+d/0tzQcccf9hCEIy34PoXX2Qg8= --rfc2136-tsig-secret-alg=hmac-sha256 --rfc2136-tsig-keyname=externaldns-key --rfc2136-tsig-axfr --source ingress --once --domain-filter=k8s.example.org --dry-run</code><br />
- host should be the IP of your master DNS server.<br />
- tsig-secret should be changed to match your secret.<br />
- tsig-keyname needs to match the keyname you used (if you changed it).<br />
- domain-filter can be used as shown to filter the domains you wish to update.</p>
<h3 id="rfc2136-provider-configuration">RFC2136 provider configuration:<a class="headerlink" href="#rfc2136-provider-configuration" title="Permanent link">&para;</a></h3>
<p>In order to use external-dns with your cluster you need to add a deployment<br />
with access to your ingress and service resources. The following are two<br />
example manifests with and without RBAC respectively.</p>
<ul>
<li>
<p>With RBAC:<br />
<div class="highlight"><pre><span></span><code><a id="__codelineno-6-1" name="__codelineno-6-1" href="#__codelineno-6-1"></a>apiVersion: v1
<a id="__codelineno-6-2" name="__codelineno-6-2" href="#__codelineno-6-2"></a>kind: Namespace
<a id="__codelineno-6-3" name="__codelineno-6-3" href="#__codelineno-6-3"></a>metadata:
<a id="__codelineno-6-4" name="__codelineno-6-4" href="#__codelineno-6-4"></a> name: external-dns
<a id="__codelineno-6-5" name="__codelineno-6-5" href="#__codelineno-6-5"></a> labels:
<a id="__codelineno-6-6" name="__codelineno-6-6" href="#__codelineno-6-6"></a> name: external-dns
<a id="__codelineno-6-7" name="__codelineno-6-7" href="#__codelineno-6-7"></a>---
<a id="__codelineno-6-8" name="__codelineno-6-8" href="#__codelineno-6-8"></a>apiVersion: rbac.authorization.k8s.io/v1
<a id="__codelineno-6-9" name="__codelineno-6-9" href="#__codelineno-6-9"></a>kind: ClusterRole
<a id="__codelineno-6-10" name="__codelineno-6-10" href="#__codelineno-6-10"></a>metadata:
<a id="__codelineno-6-11" name="__codelineno-6-11" href="#__codelineno-6-11"></a> name: external-dns
<a id="__codelineno-6-12" name="__codelineno-6-12" href="#__codelineno-6-12"></a> namespace: external-dns
<a id="__codelineno-6-13" name="__codelineno-6-13" href="#__codelineno-6-13"></a>rules:
<a id="__codelineno-6-14" name="__codelineno-6-14" href="#__codelineno-6-14"></a>- apiGroups:
<a id="__codelineno-6-15" name="__codelineno-6-15" href="#__codelineno-6-15"></a> - &quot;&quot;
<a id="__codelineno-6-16" name="__codelineno-6-16" href="#__codelineno-6-16"></a> resources:
<a id="__codelineno-6-17" name="__codelineno-6-17" href="#__codelineno-6-17"></a> - services
<a id="__codelineno-6-18" name="__codelineno-6-18" href="#__codelineno-6-18"></a> - endpoints
<a id="__codelineno-6-19" name="__codelineno-6-19" href="#__codelineno-6-19"></a> - pods
<a id="__codelineno-6-20" name="__codelineno-6-20" href="#__codelineno-6-20"></a> - nodes
<a id="__codelineno-6-21" name="__codelineno-6-21" href="#__codelineno-6-21"></a> verbs:
<a id="__codelineno-6-22" name="__codelineno-6-22" href="#__codelineno-6-22"></a> - get
<a id="__codelineno-6-23" name="__codelineno-6-23" href="#__codelineno-6-23"></a> - watch
<a id="__codelineno-6-24" name="__codelineno-6-24" href="#__codelineno-6-24"></a> - list
<a id="__codelineno-6-25" name="__codelineno-6-25" href="#__codelineno-6-25"></a>- apiGroups:
<a id="__codelineno-6-26" name="__codelineno-6-26" href="#__codelineno-6-26"></a> - extensions
<a id="__codelineno-6-27" name="__codelineno-6-27" href="#__codelineno-6-27"></a> - networking.k8s.io
<a id="__codelineno-6-28" name="__codelineno-6-28" href="#__codelineno-6-28"></a> resources:
<a id="__codelineno-6-29" name="__codelineno-6-29" href="#__codelineno-6-29"></a> - ingresses
<a id="__codelineno-6-30" name="__codelineno-6-30" href="#__codelineno-6-30"></a> verbs:
<a id="__codelineno-6-31" name="__codelineno-6-31" href="#__codelineno-6-31"></a> - get
<a id="__codelineno-6-32" name="__codelineno-6-32" href="#__codelineno-6-32"></a> - list
<a id="__codelineno-6-33" name="__codelineno-6-33" href="#__codelineno-6-33"></a> - watch
<a id="__codelineno-6-34" name="__codelineno-6-34" href="#__codelineno-6-34"></a>---
<a id="__codelineno-6-35" name="__codelineno-6-35" href="#__codelineno-6-35"></a>apiVersion: v1
<a id="__codelineno-6-36" name="__codelineno-6-36" href="#__codelineno-6-36"></a>kind: ServiceAccount
<a id="__codelineno-6-37" name="__codelineno-6-37" href="#__codelineno-6-37"></a>metadata:
<a id="__codelineno-6-38" name="__codelineno-6-38" href="#__codelineno-6-38"></a> name: external-dns
<a id="__codelineno-6-39" name="__codelineno-6-39" href="#__codelineno-6-39"></a> namespace: external-dns
<a id="__codelineno-6-40" name="__codelineno-6-40" href="#__codelineno-6-40"></a>---
<a id="__codelineno-6-41" name="__codelineno-6-41" href="#__codelineno-6-41"></a>apiVersion: rbac.authorization.k8s.io/v1
<a id="__codelineno-6-42" name="__codelineno-6-42" href="#__codelineno-6-42"></a>kind: ClusterRoleBinding
<a id="__codelineno-6-43" name="__codelineno-6-43" href="#__codelineno-6-43"></a>metadata:
<a id="__codelineno-6-44" name="__codelineno-6-44" href="#__codelineno-6-44"></a> name: external-dns-viewer
<a id="__codelineno-6-45" name="__codelineno-6-45" href="#__codelineno-6-45"></a> namespace: external-dns
<a id="__codelineno-6-46" name="__codelineno-6-46" href="#__codelineno-6-46"></a>roleRef:
<a id="__codelineno-6-47" name="__codelineno-6-47" href="#__codelineno-6-47"></a> apiGroup: rbac.authorization.k8s.io
<a id="__codelineno-6-48" name="__codelineno-6-48" href="#__codelineno-6-48"></a> kind: ClusterRole
<a id="__codelineno-6-49" name="__codelineno-6-49" href="#__codelineno-6-49"></a> name: external-dns
<a id="__codelineno-6-50" name="__codelineno-6-50" href="#__codelineno-6-50"></a>subjects:
<a id="__codelineno-6-51" name="__codelineno-6-51" href="#__codelineno-6-51"></a>- kind: ServiceAccount
<a id="__codelineno-6-52" name="__codelineno-6-52" href="#__codelineno-6-52"></a> name: external-dns
<a id="__codelineno-6-53" name="__codelineno-6-53" href="#__codelineno-6-53"></a> namespace: external-dns
<a id="__codelineno-6-54" name="__codelineno-6-54" href="#__codelineno-6-54"></a>---
<a id="__codelineno-6-55" name="__codelineno-6-55" href="#__codelineno-6-55"></a>apiVersion: apps/v1
<a id="__codelineno-6-56" name="__codelineno-6-56" href="#__codelineno-6-56"></a>kind: Deployment
<a id="__codelineno-6-57" name="__codelineno-6-57" href="#__codelineno-6-57"></a>metadata:
<a id="__codelineno-6-58" name="__codelineno-6-58" href="#__codelineno-6-58"></a> name: external-dns
<a id="__codelineno-6-59" name="__codelineno-6-59" href="#__codelineno-6-59"></a> namespace: external-dns
<a id="__codelineno-6-60" name="__codelineno-6-60" href="#__codelineno-6-60"></a>spec:
<a id="__codelineno-6-61" name="__codelineno-6-61" href="#__codelineno-6-61"></a> selector:
<a id="__codelineno-6-62" name="__codelineno-6-62" href="#__codelineno-6-62"></a> matchLabels:
<a id="__codelineno-6-63" name="__codelineno-6-63" href="#__codelineno-6-63"></a> app: external-dns
<a id="__codelineno-6-64" name="__codelineno-6-64" href="#__codelineno-6-64"></a> template:
<a id="__codelineno-6-65" name="__codelineno-6-65" href="#__codelineno-6-65"></a> metadata:
<a id="__codelineno-6-66" name="__codelineno-6-66" href="#__codelineno-6-66"></a> labels:
<a id="__codelineno-6-67" name="__codelineno-6-67" href="#__codelineno-6-67"></a> app: external-dns
<a id="__codelineno-6-68" name="__codelineno-6-68" href="#__codelineno-6-68"></a> spec:
<a id="__codelineno-6-69" name="__codelineno-6-69" href="#__codelineno-6-69"></a> serviceAccountName: external-dns
<a id="__codelineno-6-70" name="__codelineno-6-70" href="#__codelineno-6-70"></a> containers:
<a id="__codelineno-6-71" name="__codelineno-6-71" href="#__codelineno-6-71"></a> - name: external-dns
<a id="__codelineno-6-72" name="__codelineno-6-72" href="#__codelineno-6-72"></a> image: k8s.gcr.io/external-dns/external-dns:v0.7.6
<a id="__codelineno-6-73" name="__codelineno-6-73" href="#__codelineno-6-73"></a> args:
<a id="__codelineno-6-74" name="__codelineno-6-74" href="#__codelineno-6-74"></a> - --registry=txt
<a id="__codelineno-6-75" name="__codelineno-6-75" href="#__codelineno-6-75"></a> - --txt-prefix=external-dns-
<a id="__codelineno-6-76" name="__codelineno-6-76" href="#__codelineno-6-76"></a> - --txt-owner-id=k8s
<a id="__codelineno-6-77" name="__codelineno-6-77" href="#__codelineno-6-77"></a> - --provider=rfc2136
<a id="__codelineno-6-78" name="__codelineno-6-78" href="#__codelineno-6-78"></a> - --rfc2136-host=192.168.0.1
<a id="__codelineno-6-79" name="__codelineno-6-79" href="#__codelineno-6-79"></a> - --rfc2136-port=53
<a id="__codelineno-6-80" name="__codelineno-6-80" href="#__codelineno-6-80"></a> - --rfc2136-zone=k8s.example.org
<a id="__codelineno-6-81" name="__codelineno-6-81" href="#__codelineno-6-81"></a> - --rfc2136-tsig-secret=96Ah/a2g0/nLeFGK+d/0tzQcccf9hCEIy34PoXX2Qg8=
<a id="__codelineno-6-82" name="__codelineno-6-82" href="#__codelineno-6-82"></a> - --rfc2136-tsig-secret-alg=hmac-sha256
<a id="__codelineno-6-83" name="__codelineno-6-83" href="#__codelineno-6-83"></a> - --rfc2136-tsig-keyname=externaldns-key
<a id="__codelineno-6-84" name="__codelineno-6-84" href="#__codelineno-6-84"></a> - --rfc2136-tsig-axfr
<a id="__codelineno-6-85" name="__codelineno-6-85" href="#__codelineno-6-85"></a> - --source=ingress
<a id="__codelineno-6-86" name="__codelineno-6-86" href="#__codelineno-6-86"></a> - --domain-filter=k8s.example.org
</code></pre></div></p>
</li>
<li>
<p>Without RBAC:<br />
<div class="highlight"><pre><span></span><code><a id="__codelineno-7-1" name="__codelineno-7-1" href="#__codelineno-7-1"></a>apiVersion: v1
<a id="__codelineno-7-2" name="__codelineno-7-2" href="#__codelineno-7-2"></a>kind: Namespace
<a id="__codelineno-7-3" name="__codelineno-7-3" href="#__codelineno-7-3"></a>metadata:
<a id="__codelineno-7-4" name="__codelineno-7-4" href="#__codelineno-7-4"></a> name: external-dns
<a id="__codelineno-7-5" name="__codelineno-7-5" href="#__codelineno-7-5"></a> labels:
<a id="__codelineno-7-6" name="__codelineno-7-6" href="#__codelineno-7-6"></a> name: external-dns
<a id="__codelineno-7-7" name="__codelineno-7-7" href="#__codelineno-7-7"></a>---
<a id="__codelineno-7-8" name="__codelineno-7-8" href="#__codelineno-7-8"></a>apiVersion: apps/v1
<a id="__codelineno-7-9" name="__codelineno-7-9" href="#__codelineno-7-9"></a>kind: Deployment
<a id="__codelineno-7-10" name="__codelineno-7-10" href="#__codelineno-7-10"></a>metadata:
<a id="__codelineno-7-11" name="__codelineno-7-11" href="#__codelineno-7-11"></a> name: external-dns
<a id="__codelineno-7-12" name="__codelineno-7-12" href="#__codelineno-7-12"></a> namespace: external-dns
<a id="__codelineno-7-13" name="__codelineno-7-13" href="#__codelineno-7-13"></a>spec:
<a id="__codelineno-7-14" name="__codelineno-7-14" href="#__codelineno-7-14"></a> selector:
<a id="__codelineno-7-15" name="__codelineno-7-15" href="#__codelineno-7-15"></a> matchLabels:
<a id="__codelineno-7-16" name="__codelineno-7-16" href="#__codelineno-7-16"></a> app: external-dns
<a id="__codelineno-7-17" name="__codelineno-7-17" href="#__codelineno-7-17"></a> template:
<a id="__codelineno-7-18" name="__codelineno-7-18" href="#__codelineno-7-18"></a> metadata:
<a id="__codelineno-7-19" name="__codelineno-7-19" href="#__codelineno-7-19"></a> labels:
<a id="__codelineno-7-20" name="__codelineno-7-20" href="#__codelineno-7-20"></a> app: external-dns
<a id="__codelineno-7-21" name="__codelineno-7-21" href="#__codelineno-7-21"></a> spec:
<a id="__codelineno-7-22" name="__codelineno-7-22" href="#__codelineno-7-22"></a> containers:
<a id="__codelineno-7-23" name="__codelineno-7-23" href="#__codelineno-7-23"></a> - name: external-dns
<a id="__codelineno-7-24" name="__codelineno-7-24" href="#__codelineno-7-24"></a> image: k8s.gcr.io/external-dns/external-dns:v0.7.6
<a id="__codelineno-7-25" name="__codelineno-7-25" href="#__codelineno-7-25"></a> args:
<a id="__codelineno-7-26" name="__codelineno-7-26" href="#__codelineno-7-26"></a> - --registry=txt
<a id="__codelineno-7-27" name="__codelineno-7-27" href="#__codelineno-7-27"></a> - --txt-prefix=external-dns-
<a id="__codelineno-7-28" name="__codelineno-7-28" href="#__codelineno-7-28"></a> - --txt-owner-id=k8s
<a id="__codelineno-7-29" name="__codelineno-7-29" href="#__codelineno-7-29"></a> - --provider=rfc2136
<a id="__codelineno-7-30" name="__codelineno-7-30" href="#__codelineno-7-30"></a> - --rfc2136-host=192.168.0.1
<a id="__codelineno-7-31" name="__codelineno-7-31" href="#__codelineno-7-31"></a> - --rfc2136-port=53
<a id="__codelineno-7-32" name="__codelineno-7-32" href="#__codelineno-7-32"></a> - --rfc2136-zone=k8s.example.org
<a id="__codelineno-7-33" name="__codelineno-7-33" href="#__codelineno-7-33"></a> - --rfc2136-tsig-secret=96Ah/a2g0/nLeFGK+d/0tzQcccf9hCEIy34PoXX2Qg8=
<a id="__codelineno-7-34" name="__codelineno-7-34" href="#__codelineno-7-34"></a> - --rfc2136-tsig-secret-alg=hmac-sha256
<a id="__codelineno-7-35" name="__codelineno-7-35" href="#__codelineno-7-35"></a> - --rfc2136-tsig-keyname=externaldns-key
<a id="__codelineno-7-36" name="__codelineno-7-36" href="#__codelineno-7-36"></a> - --rfc2136-tsig-axfr
<a id="__codelineno-7-37" name="__codelineno-7-37" href="#__codelineno-7-37"></a> - --source=ingress
<a id="__codelineno-7-38" name="__codelineno-7-38" href="#__codelineno-7-38"></a> - --domain-filter=k8s.example.org
</code></pre></div></p>
</li>
</ul>
<h2 id="microsoft-dns-insecure-updates">Microsoft DNS (Insecure Updates)<a class="headerlink" href="#microsoft-dns-insecure-updates" title="Permanent link">&para;</a></h2>
<p>While <code>external-dns</code> was not developed or tested against Microsoft DNS, it can be configured to work against it. YMMV.</p>
<h3 id="insecure-updates">Insecure Updates<a class="headerlink" href="#insecure-updates" title="Permanent link">&para;</a></h3>
<h4 id="dns-side-configuration">DNS-side configuration<a class="headerlink" href="#dns-side-configuration" title="Permanent link">&para;</a></h4>
<ol>
<li>Create a DNS zone</li>
<li>Enable insecure dynamic updates for the zone</li>
<li>Enable Zone Transfers to all servers</li>
</ol>
<h4 id="external-dns-configuration"><code>external-dns</code> configuration<a class="headerlink" href="#external-dns-configuration" title="Permanent link">&para;</a></h4>
<p>You&rsquo;ll want to configure <code>external-dns</code> similarly to the following:</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-8-1" name="__codelineno-8-1" href="#__codelineno-8-1"></a>...
<a id="__codelineno-8-2" name="__codelineno-8-2" href="#__codelineno-8-2"></a> - --provider=rfc2136
<a id="__codelineno-8-3" name="__codelineno-8-3" href="#__codelineno-8-3"></a> - --rfc2136-host=192.168.0.1
<a id="__codelineno-8-4" name="__codelineno-8-4" href="#__codelineno-8-4"></a> - --rfc2136-port=53
<a id="__codelineno-8-5" name="__codelineno-8-5" href="#__codelineno-8-5"></a> - --rfc2136-zone=k8s.example.org
<a id="__codelineno-8-6" name="__codelineno-8-6" href="#__codelineno-8-6"></a> - --rfc2136-insecure
<a id="__codelineno-8-7" name="__codelineno-8-7" href="#__codelineno-8-7"></a> - --rfc2136-tsig-axfr # needed to enable zone transfers, which is required for deletion of records.
<a id="__codelineno-8-8" name="__codelineno-8-8" href="#__codelineno-8-8"></a>...
</code></pre></div>
<h3 id="secure-updates-using-rfc3645-gss-tsig">Secure Updates Using RFC3645 (GSS-TSIG)<a class="headerlink" href="#secure-updates-using-rfc3645-gss-tsig" title="Permanent link">&para;</a></h3>
<h3 id="dns-side-configuration_1">DNS-side configuration<a class="headerlink" href="#dns-side-configuration_1" title="Permanent link">&para;</a></h3>
<ol>
<li>Create a DNS zone</li>
<li>Enable secure dynamic updates for the zone</li>
<li>Enable Zone Transfers to all servers</li>
</ol>
<p>If you see any error messages which indicate that <code>external-dns</code> was somehow not able to fetch<br />
existing DNS records from your DNS server, this could mean that you forgot about step 3.</p>
<h4 id="kerberos-configuration">Kerberos Configuration<a class="headerlink" href="#kerberos-configuration" title="Permanent link">&para;</a></h4>
<p>DNS with secure updates relies upon a valid Kerberos configuration running within the <code>external-dns</code> container. At this time, you will need to create a ConfigMap for the <code>external-dns</code> container to use and mount it in your deployment. Below is an example of a working Kerberos configuration inside a ConfigMap definition. This may be different depending on many factors in your environment:</p>
<p><div class="highlight"><pre><span></span><code><a id="__codelineno-9-1" name="__codelineno-9-1" href="#__codelineno-9-1"></a><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">v1</span><span class="w"></span>
<a id="__codelineno-9-2" name="__codelineno-9-2" href="#__codelineno-9-2"></a><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ConfigMap</span><span class="w"></span>
<a id="__codelineno-9-3" name="__codelineno-9-3" href="#__codelineno-9-3"></a><span class="nt">metadata</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-9-4" name="__codelineno-9-4" href="#__codelineno-9-4"></a><span class="w"> </span><span class="nt">creationTimestamp</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">null</span><span class="w"></span>
<a id="__codelineno-9-5" name="__codelineno-9-5" href="#__codelineno-9-5"></a><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">krb5.conf</span><span class="w"></span>
<a id="__codelineno-9-6" name="__codelineno-9-6" href="#__codelineno-9-6"></a><span class="nt">data</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-9-7" name="__codelineno-9-7" href="#__codelineno-9-7"></a><span class="w"> </span><span class="nt">krb5.conf</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">|</span><span class="w"></span>
<a id="__codelineno-9-8" name="__codelineno-9-8" href="#__codelineno-9-8"></a><span class="w"> </span><span class="no">[logging]</span><span class="w"></span>
<a id="__codelineno-9-9" name="__codelineno-9-9" href="#__codelineno-9-9"></a><span class="w"> </span><span class="no">default = FILE:/var/log/krb5libs.log</span><span class="w"></span>
<a id="__codelineno-9-10" name="__codelineno-9-10" href="#__codelineno-9-10"></a><span class="w"> </span><span class="no">kdc = FILE:/var/log/krb5kdc.log</span><span class="w"></span>
<a id="__codelineno-9-11" name="__codelineno-9-11" href="#__codelineno-9-11"></a><span class="w"> </span><span class="no">admin_server = FILE:/var/log/kadmind.log</span><span class="w"></span>
<a id="__codelineno-9-12" name="__codelineno-9-12" href="#__codelineno-9-12"></a>
<a id="__codelineno-9-13" name="__codelineno-9-13" href="#__codelineno-9-13"></a><span class="w"> </span><span class="no">[libdefaults]</span><span class="w"></span>
<a id="__codelineno-9-14" name="__codelineno-9-14" href="#__codelineno-9-14"></a><span class="w"> </span><span class="no">dns_lookup_realm = false</span><span class="w"></span>
<a id="__codelineno-9-15" name="__codelineno-9-15" href="#__codelineno-9-15"></a><span class="w"> </span><span class="no">ticket_lifetime = 24h</span><span class="w"></span>
<a id="__codelineno-9-16" name="__codelineno-9-16" href="#__codelineno-9-16"></a><span class="w"> </span><span class="no">renew_lifetime = 7d</span><span class="w"></span>
<a id="__codelineno-9-17" name="__codelineno-9-17" href="#__codelineno-9-17"></a><span class="w"> </span><span class="no">forwardable = true</span><span class="w"></span>
<a id="__codelineno-9-18" name="__codelineno-9-18" href="#__codelineno-9-18"></a><span class="w"> </span><span class="no">rdns = false</span><span class="w"></span>
<a id="__codelineno-9-19" name="__codelineno-9-19" href="#__codelineno-9-19"></a><span class="w"> </span><span class="no">pkinit_anchors = /etc/pki/tls/certs/ca-bundle.crt</span><span class="w"></span>
<a id="__codelineno-9-20" name="__codelineno-9-20" href="#__codelineno-9-20"></a><span class="w"> </span><span class="no">default_ccache_name = KEYRING:persistent:%{uid}</span><span class="w"></span>
<a id="__codelineno-9-21" name="__codelineno-9-21" href="#__codelineno-9-21"></a>
<a id="__codelineno-9-22" name="__codelineno-9-22" href="#__codelineno-9-22"></a><span class="w"> </span><span class="no">default_realm = YOUR-REALM.COM</span><span class="w"></span>
<a id="__codelineno-9-23" name="__codelineno-9-23" href="#__codelineno-9-23"></a>
<a id="__codelineno-9-24" name="__codelineno-9-24" href="#__codelineno-9-24"></a><span class="w"> </span><span class="no">[realms]</span><span class="w"></span>
<a id="__codelineno-9-25" name="__codelineno-9-25" href="#__codelineno-9-25"></a><span class="w"> </span><span class="no">YOUR-REALM.COM = {</span><span class="w"></span>
<a id="__codelineno-9-26" name="__codelineno-9-26" href="#__codelineno-9-26"></a><span class="w"> </span><span class="no">kdc = dc1.yourdomain.com</span><span class="w"></span>
<a id="__codelineno-9-27" name="__codelineno-9-27" href="#__codelineno-9-27"></a><span class="w"> </span><span class="no">admin_server = dc1.yourdomain.com</span><span class="w"></span>
<a id="__codelineno-9-28" name="__codelineno-9-28" href="#__codelineno-9-28"></a><span class="w"> </span><span class="no">}</span><span class="w"></span>
<a id="__codelineno-9-29" name="__codelineno-9-29" href="#__codelineno-9-29"></a>
<a id="__codelineno-9-30" name="__codelineno-9-30" href="#__codelineno-9-30"></a><span class="w"> </span><span class="no">[domain_realm]</span><span class="w"></span>
<a id="__codelineno-9-31" name="__codelineno-9-31" href="#__codelineno-9-31"></a><span class="w"> </span><span class="no">yourdomain.com = YOUR-REALM.COM</span><span class="w"></span>
<a id="__codelineno-9-32" name="__codelineno-9-32" href="#__codelineno-9-32"></a><span class="w"> </span><span class="no">.yourdomain.com = YOUR-REALM.COM</span><span class="w"></span>
</code></pre></div><br />
In most cases, the realm name will probably be the same as the domain name, so you can simply replace<br />
<code>YOUR-REALM.COM</code> with something like <code>YOURDOMAIN.COM</code>.</p>
<p>Once the ConfigMap is created, the container <code>external-dns</code> container needs to be told to mount that ConfigMap as a volume at the default Kerberos configuration location. The pod spec should include a similar configuration to the following:</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-10-1" name="__codelineno-10-1" href="#__codelineno-10-1"></a><span class="nn">...</span><span class="w"></span>
<a id="__codelineno-10-2" name="__codelineno-10-2" href="#__codelineno-10-2"></a><span class="w"> </span><span class="nt">volumeMounts</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-10-3" name="__codelineno-10-3" href="#__codelineno-10-3"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">mountPath</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/etc/krb5.conf</span><span class="w"></span>
<a id="__codelineno-10-4" name="__codelineno-10-4" href="#__codelineno-10-4"></a><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">kerberos-config-volume</span><span class="w"></span>
<a id="__codelineno-10-5" name="__codelineno-10-5" href="#__codelineno-10-5"></a><span class="w"> </span><span class="nt">subPath</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">krb5.conf</span><span class="w"></span>
<a id="__codelineno-10-6" name="__codelineno-10-6" href="#__codelineno-10-6"></a><span class="nn">...</span><span class="w"></span>
<a id="__codelineno-10-7" name="__codelineno-10-7" href="#__codelineno-10-7"></a><span class="w"> </span><span class="nt">volumes</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-10-8" name="__codelineno-10-8" href="#__codelineno-10-8"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">configMap</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-10-9" name="__codelineno-10-9" href="#__codelineno-10-9"></a><span class="w"> </span><span class="nt">defaultMode</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">420</span><span class="w"></span>
<a id="__codelineno-10-10" name="__codelineno-10-10" href="#__codelineno-10-10"></a><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">krb5.conf</span><span class="w"></span>
<a id="__codelineno-10-11" name="__codelineno-10-11" href="#__codelineno-10-11"></a><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">kerberos-config-volume</span><span class="w"></span>
<a id="__codelineno-10-12" name="__codelineno-10-12" href="#__codelineno-10-12"></a><span class="nn">...</span><span class="w"></span>
</code></pre></div>
<h4 id="external-dns-configuration_1"><code>external-dns</code> configuration<a class="headerlink" href="#external-dns-configuration_1" title="Permanent link">&para;</a></h4>
<p>You&rsquo;ll want to configure <code>external-dns</code> similarly to the following:</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-11-1" name="__codelineno-11-1" href="#__codelineno-11-1"></a>...
<a id="__codelineno-11-2" name="__codelineno-11-2" href="#__codelineno-11-2"></a> - --provider=rfc2136
<a id="__codelineno-11-3" name="__codelineno-11-3" href="#__codelineno-11-3"></a> - --rfc2136-gss-tsig
<a id="__codelineno-11-4" name="__codelineno-11-4" href="#__codelineno-11-4"></a> - --rfc2136-host=dns-host.yourdomain.com
<a id="__codelineno-11-5" name="__codelineno-11-5" href="#__codelineno-11-5"></a> - --rfc2136-port=53
<a id="__codelineno-11-6" name="__codelineno-11-6" href="#__codelineno-11-6"></a> - --rfc2136-zone=your-zone.com
<a id="__codelineno-11-7" name="__codelineno-11-7" href="#__codelineno-11-7"></a> - --rfc2136-kerberos-username=your-domain-account
<a id="__codelineno-11-8" name="__codelineno-11-8" href="#__codelineno-11-8"></a> - --rfc2136-kerberos-password=your-domain-password
<a id="__codelineno-11-9" name="__codelineno-11-9" href="#__codelineno-11-9"></a> - --rfc2136-kerberos-realm=your-domain.com
<a id="__codelineno-11-10" name="__codelineno-11-10" href="#__codelineno-11-10"></a> - --rfc2136-tsig-axfr # needed to enable zone transfers, which is required for deletion of records.
<a id="__codelineno-11-11" name="__codelineno-11-11" href="#__codelineno-11-11"></a>...
</code></pre></div>
<p>As noted above, the <code>--rfc2136-kerberos-realm</code> flag is completely optional and won&rsquo;t be necessary in many cases.<br />
Most likely, you will only need it if you see errors similar to this: <code>KRB Error: (68) KDC_ERR_WRONG_REALM Reserved for future use</code>.</p>
<p>The flag <code>--rfc2136-host</code> can be set to the host&rsquo;s domain name or IP address.<br />
However, it also determines the name of the Kerberos principal which is used during authentication.<br />
This means that Active Directory might only work if this is set to a specific domain name, possibly leading to errors like this:<br />
<code>KDC_ERR_S_PRINCIPAL_UNKNOWN Server not found in Kerberos database</code>.<br />
To fix this, try setting <code>--rfc2136-host</code> to the &ldquo;actual&rdquo; hostname of your DNS server.</p>
<hr>
<div class="md-source-file">
<small>
Last update:
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">June 16, 2021</span>
</small>
</div>
</article>
</div>
</div>
<a href="#" class="md-top md-icon" data-md-component="top" data-md-state="hidden">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M13 20h-2V8l-5.5 5.5-1.42-1.42L12 4.16l7.92 7.92-1.42 1.42L13 8v12z"/></svg>
Back to top
</a>
</main>
<footer class="md-footer">
<nav class="md-footer__inner md-grid" aria-label="Footer">
<a href="../rdns/" class="md-footer__link md-footer__link--prev" aria-label="Previous: Setting up ExternalDNS for RancherDNS(RDNS) with kubernetes" rel="prev">
<div class="md-footer__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg>
</div>
<div class="md-footer__title">
<div class="md-ellipsis">
<span class="md-footer__direction">
Previous
</span>
Setting up ExternalDNS for RancherDNS(RDNS) with kubernetes
</div>
</div>
</a>
<a href="../scaleway/" class="md-footer__link md-footer__link--next" aria-label="Next: Setting up ExternalDNS for Services on Scaleway" rel="next">
<div class="md-footer__title">
<div class="md-ellipsis">
<span class="md-footer__direction">
Next
</span>
Setting up ExternalDNS for Services on Scaleway
</div>
</div>
<div class="md-footer__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M4 11v2h12l-5.5 5.5 1.42 1.42L19.84 12l-7.92-7.92L10.5 5.5 16 11H4z"/></svg>
</div>
</a>
</nav>
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-copyright">
Made with
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
Material for MkDocs
</a>
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "../..", "features": ["content.code.annotate", "navigation.top", "navigation.tracking", "navigation.indexes", "navigation.instant", "navigation.tabs", "navigation.tabs.sticky"], "search": "../../assets/javascripts/workers/search.5e67fbfe.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "version": {"provider": "mike"}}</script>
<script src="../../assets/javascripts/bundle.c44cc438.min.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink