mirrors/external-dns
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/external-dns.git synced 2025-08-08 10:36:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
gh-pages
external-dns/v0.18.0/docs/sources/istio/index.html

3655 lines
103 KiB
HTML
Raw Permalink Blame History

<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="author" content="external-dns maintainers">
<link rel="prev" href="../ingress/">
<link rel="next" href="../kong/">
<link rel="icon" href="../../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.17">
<title>Istio Gateway / Virtual Service Source - external-dns</title>
<link rel="stylesheet" href="../../../assets/stylesheets/main.bcfcd587.min.css">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback">
<style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style>
<script>__md_scope=new URL("../../..",location),__md_hash=e=>[...e].reduce((e,_)=>(e<<5)-e+_.charCodeAt(0),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
</head>
<body dir="ltr">
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#istio-gateway-virtual-service-source" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
</div>
<div data-md-color-scheme="default" data-md-component="outdated" hidden>
</div>
<header class="md-header md-header--shadow md-header--lifted" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Header">
<a href="../../.." title="external-dns" class="md-header__button md-logo" aria-label="external-dns" data-md-component="logo">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3 3 3 0 0 0 3 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54Z"/></svg>
</a>
<label class="md-header__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg>
</label>
<div class="md-header__title" data-md-component="header-title">
<div class="md-header__ellipsis">
<div class="md-header__topic">
<span class="md-ellipsis">
external-dns
</span>
</div>
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
Istio Gateway / Virtual Service Source
</span>
</div>
</div>
</div>
<script>var media,input,key,value,palette=__md_get("__palette");if(palette&&palette.color){"(prefers-color-scheme)"===palette.color.media&&(media=matchMedia("(prefers-color-scheme: light)"),input=document.querySelector(media.matches?"[data-md-color-media='(prefers-color-scheme: light)']":"[data-md-color-media='(prefers-color-scheme: dark)']"),palette.color.media=input.getAttribute("data-md-color-media"),palette.color.scheme=input.getAttribute("data-md-color-scheme"),palette.color.primary=input.getAttribute("data-md-color-primary"),palette.color.accent=input.getAttribute("data-md-color-accent"));for([key,value]of Object.entries(palette.color))document.body.setAttribute("data-md-color-"+key,value)}</script>
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</label>
<nav class="md-search__options" aria-label="Search">
<button type="reset" class="md-search__icon md-icon" title="Clear" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
</button>
</nav>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list" role="presentation"></ol>
</div>
</div>
</div>
</div>
</div>
<div class="md-header__source">
<a href="https://github.com/kubernetes-sigs/external-dns/" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.5.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2023 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
kubernetes-sigs/external-dns
</div>
</a>
</div>
</nav>
<nav class="md-tabs" aria-label="Tabs" data-md-component="tabs">
<div class="md-grid">
<ul class="md-tabs__list">
<li class="md-tabs__item">
<a href="../../.." class="md-tabs__link">
Home
</a>
</li>
<li class="md-tabs__item">
<a href="../../../charts/external-dns/" class="md-tabs__link">
Chart
</a>
</li>
<li class="md-tabs__item">
<a href="../../faq/" class="md-tabs__link">
About
</a>
</li>
<li class="md-tabs__item">
<a href="../../tutorials/akamai-edgedns/" class="md-tabs__link">
Tutorials
</a>
</li>
<li class="md-tabs__item">
<a href="../../annotations/annotations/" class="md-tabs__link">
Annotations
</a>
</li>
<li class="md-tabs__item md-tabs__item--active">
<a href="../about/" class="md-tabs__link">
Sources
</a>
</li>
<li class="md-tabs__item">
<a href="../../registry/registry/" class="md-tabs__link">
Registries
</a>
</li>
<li class="md-tabs__item">
<a href="../../initial-design/" class="md-tabs__link">
Advanced Topics
</a>
</li>
<li class="md-tabs__item">
<a href="../../../CONTRIBUTING/" class="md-tabs__link">
Contributing
</a>
</li>
</ul>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary md-nav--lifted" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="../../.." title="external-dns" class="md-nav__button md-logo" aria-label="external-dns" data-md-component="logo">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3 3 3 0 0 0 3 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54Z"/></svg>
</a>
external-dns
</label>
<div class="md-nav__source">
<a href="https://github.com/kubernetes-sigs/external-dns/" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.5.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2023 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
kubernetes-sigs/external-dns
</div>
</a>
</div>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../.." class="md-nav__link">
<span class="md-ellipsis">
Home
</span>
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_2" >
<div class="md-nav__link md-nav__container">
<a href="../../../charts/external-dns/" class="md-nav__link ">
<span class="md-ellipsis">
Chart
</span>
</a>
<label class="md-nav__link " for="__nav_2" id="__nav_2_label" tabindex="0">
<span class="md-nav__icon md-icon"></span>
</label>
</div>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_2">
<span class="md-nav__icon md-icon"></span>
Chart
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../charts/external-dns/CHANGELOG/" class="md-nav__link">
<span class="md-ellipsis">
Changelog
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_3" >
<label class="md-nav__link" for="__nav_3" id="__nav_3_label" tabindex="0">
<span class="md-ellipsis">
About
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_3_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span>
About
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../faq/" class="md-nav__link">
<span class="md-ellipsis">
FAQ
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../flags/" class="md-nav__link">
<span class="md-ellipsis">
Flags
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../20190708-external-dns-incubator/" class="md-nav__link">
<span class="md-ellipsis">
Out of Incubator
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../../code-of-conduct/" class="md-nav__link">
<span class="md-ellipsis">
Code of Conduct
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../../LICENSE/" class="md-nav__link">
<span class="md-ellipsis">
License
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../providers/" class="md-nav__link">
<span class="md-ellipsis">
Providers
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_4" >
<label class="md-nav__link" for="__nav_4" id="__nav_4_label" tabindex="0">
<span class="md-ellipsis">
Tutorials
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_4_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_4">
<span class="md-nav__icon md-icon"></span>
Tutorials
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../tutorials/akamai-edgedns/" class="md-nav__link">
<span class="md-ellipsis">
Akamai Edge DNS
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/alibabacloud/" class="md-nav__link">
<span class="md-ellipsis">
Alibaba Cloud
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/aws-filters/" class="md-nav__link">
<span class="md-ellipsis">
AWS Filters
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/aws-load-balancer-controller/" class="md-nav__link">
<span class="md-ellipsis">
AWS Load Balancer Controller
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/aws-public-private-route53/" class="md-nav__link">
<span class="md-ellipsis">
AWS Route53 with same domain for public and private zones
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/aws-sd/" class="md-nav__link">
<span class="md-ellipsis">
AWS Cloud Map API
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/aws/" class="md-nav__link">
<span class="md-ellipsis">
AWS
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/azure-private-dns/" class="md-nav__link">
<span class="md-ellipsis">
Azure Private DNS
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/azure/" class="md-nav__link">
<span class="md-ellipsis">
Azure DNS
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/civo/" class="md-nav__link">
<span class="md-ellipsis">
Civo DNS
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/cloudflare/" class="md-nav__link">
<span class="md-ellipsis">
Cloudflare DNS
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/contour/" class="md-nav__link">
<span class="md-ellipsis">
Contour HTTPProxy
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/coredns/" class="md-nav__link">
<span class="md-ellipsis">
CoreDNS with minikube
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/crd/" class="md-nav__link">
<span class="md-ellipsis">
Using CRD Source for DNS Records
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/digitalocean/" class="md-nav__link">
<span class="md-ellipsis">
DigitalOcean DNS
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/dnsimple/" class="md-nav__link">
<span class="md-ellipsis">
DNSimple
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/exoscale/" class="md-nav__link">
<span class="md-ellipsis">
Exoscale
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/externalname/" class="md-nav__link">
<span class="md-ellipsis">
ExternalName Services
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/gandi/" class="md-nav__link">
<span class="md-ellipsis">
Gandi
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/gke-nginx/" class="md-nav__link">
<span class="md-ellipsis">
GKE with nginx-ingress-controller
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/gke/" class="md-nav__link">
<span class="md-ellipsis">
GKE with default controller
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/godaddy/" class="md-nav__link">
<span class="md-ellipsis">
GoDaddy
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/hostport/" class="md-nav__link">
<span class="md-ellipsis">
Headless Services
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/ionoscloud/" class="md-nav__link">
<span class="md-ellipsis">
IONOS Cloud
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/kops-dns-controller/" class="md-nav__link">
<span class="md-ellipsis">
kOps dns-controller
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/kube-ingress-aws/" class="md-nav__link">
<span class="md-ellipsis">
kube-ingress-aws-controller
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/linode/" class="md-nav__link">
<span class="md-ellipsis">
Linode
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/ns1/" class="md-nav__link">
<span class="md-ellipsis">
NS1
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/oracle/" class="md-nav__link">
<span class="md-ellipsis">
Oracle Cloud Infrastructure
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/ovh/" class="md-nav__link">
<span class="md-ellipsis">
OVHcloud
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/pdns/" class="md-nav__link">
<span class="md-ellipsis">
PowerDNS
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/pihole/" class="md-nav__link">
<span class="md-ellipsis">
Pi-hole
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/plural/" class="md-nav__link">
<span class="md-ellipsis">
Plural
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/rfc2136/" class="md-nav__link">
<span class="md-ellipsis">
RFC2136 provider
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/scaleway/" class="md-nav__link">
<span class="md-ellipsis">
Scaleway
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/security-context/" class="md-nav__link">
<span class="md-ellipsis">
Running ExternalDNS with limited privileges
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/transip/" class="md-nav__link">
<span class="md-ellipsis">
TransIP
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../tutorials/webhook-provider/" class="md-nav__link">
<span class="md-ellipsis">
Webhook provider
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_5" >
<label class="md-nav__link" for="__nav_5" id="__nav_5_label" tabindex="0">
<span class="md-ellipsis">
Annotations
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_5_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_5">
<span class="md-nav__icon md-icon"></span>
Annotations
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../annotations/annotations/" class="md-nav__link">
<span class="md-ellipsis">
About
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_6" checked>
<label class="md-nav__link" for="__nav_6" id="__nav_6_label" tabindex="">
<span class="md-ellipsis">
Sources
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_6_label" aria-expanded="true">
<label class="md-nav__title" for="__nav_6">
<span class="md-nav__icon md-icon"></span>
Sources
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../about/" class="md-nav__link">
<span class="md-ellipsis">
About
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../crd/" class="md-nav__link">
<span class="md-ellipsis">
CRD Source
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../f5-transportserver/" class="md-nav__link">
<span class="md-ellipsis">
F5 Networks TransportServer Source
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../f5-virtualserver/" class="md-nav__link">
<span class="md-ellipsis">
F5 Networks VirtualServer Source
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../gateway-api/" class="md-nav__link">
<span class="md-ellipsis">
Gateway API Route Sources
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../gateway/" class="md-nav__link">
<span class="md-ellipsis">
Gateway sources
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../gloo-proxy/" class="md-nav__link">
<span class="md-ellipsis">
Gloo Proxy Source
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../ingress/" class="md-nav__link">
<span class="md-ellipsis">
Ingress source
</span>
</a>
</li>
<li class="md-nav__item md-nav__item--active">
<input class="md-nav__toggle md-toggle" type="checkbox" id="__toc">
<label class="md-nav__link md-nav__link--active" for="__toc">
<span class="md-ellipsis">
Istio Gateway / Virtual Service Source
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<a href="./" class="md-nav__link md-nav__link--active">
<span class="md-ellipsis">
Istio Gateway / Virtual Service Source
</span>
</a>
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#manifest-for-clusters-without-rbac-enabled" class="md-nav__link">
<span class="md-ellipsis">
Manifest (for clusters without RBAC enabled)
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#manifest-for-clusters-with-rbac-enabled" class="md-nav__link">
<span class="md-ellipsis">
Manifest (for clusters with RBAC enabled)
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#update-existing-externaldns-deployment" class="md-nav__link">
<span class="md-ellipsis">
Update existing ExternalDNS Deployment
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#verify-that-istio-gatewayvirtualservice-source-works" class="md-nav__link">
<span class="md-ellipsis">
Verify that Istio Gateway/VirtualService Source works
</span>
</a>
<nav class="md-nav" aria-label="Verify that Istio Gateway/VirtualService Source works">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#install-a-sample-service" class="md-nav__link">
<span class="md-ellipsis">
Install a sample service
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#using-a-gateway-as-a-source" class="md-nav__link">
<span class="md-ellipsis">
Using a Gateway as a source
</span>
</a>
<nav class="md-nav" aria-label="Using a Gateway as a source">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#create-an-istio-gateway" class="md-nav__link">
<span class="md-ellipsis">
Create an Istio Gateway
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#configure-routes-for-traffic-entering-via-the-gateway" class="md-nav__link">
<span class="md-ellipsis">
Configure routes for traffic entering via the Gateway
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#using-a-virtualservice-as-a-source" class="md-nav__link">
<span class="md-ellipsis">
Using a VirtualService as a source
</span>
</a>
<nav class="md-nav" aria-label="Using a VirtualService as a source">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#create-an-istio-gateway_1" class="md-nav__link">
<span class="md-ellipsis">
Create an Istio Gateway
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#configure-routes-for-traffic-entering-via-the-gateway_1" class="md-nav__link">
<span class="md-ellipsis">
Configure routes for traffic entering via the Gateway
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#access-the-sample-service-using-curl" class="md-nav__link">
<span class="md-ellipsis">
Access the sample service using curl
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#optional-gateway-annotation" class="md-nav__link">
<span class="md-ellipsis">
Optional Gateway Annotation
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#debug-externaldns" class="md-nav__link">
<span class="md-ellipsis">
Debug ExternalDNS
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../kong/" class="md-nav__link">
<span class="md-ellipsis">
Kong TCPIngress Source
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../mx-record/" class="md-nav__link">
<span class="md-ellipsis">
MX record with CRD source
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../nodes/" class="md-nav__link">
<span class="md-ellipsis">
Cluster Nodes as Source
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../ns-record/" class="md-nav__link">
<span class="md-ellipsis">
NS record with CRD source
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../openshift/" class="md-nav__link">
<span class="md-ellipsis">
OpenShift Route Source
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../pod/" class="md-nav__link">
<span class="md-ellipsis">
Pod Source
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../service/" class="md-nav__link">
<span class="md-ellipsis">
Service source
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../traefik-proxy/" class="md-nav__link">
<span class="md-ellipsis">
Traefik Proxy Source
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../txt-record/" class="md-nav__link">
<span class="md-ellipsis">
Creating TXT record with CRD source
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_7" >
<label class="md-nav__link" for="__nav_7" id="__nav_7_label" tabindex="0">
<span class="md-ellipsis">
Registries
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_7_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_7">
<span class="md-nav__icon md-icon"></span>
Registries
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../registry/registry/" class="md-nav__link">
<span class="md-ellipsis">
About
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../registry/txt/" class="md-nav__link">
<span class="md-ellipsis">
TXT
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../registry/dynamodb/" class="md-nav__link">
<span class="md-ellipsis">
DynamoDB
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_8" >
<label class="md-nav__link" for="__nav_8" id="__nav_8_label" tabindex="0">
<span class="md-ellipsis">
Advanced Topics
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_8_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_8">
<span class="md-nav__icon md-icon"></span>
Advanced Topics
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../initial-design/" class="md-nav__link">
<span class="md-ellipsis">
Initial Design
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../proposal/001-leader-election/" class="md-nav__link">
<span class="md-ellipsis">
Leader Election
</span>
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_8_3" >
<div class="md-nav__link md-nav__container">
<a href="../../monitoring/" class="md-nav__link ">
<span class="md-ellipsis">
Monitoring
</span>
</a>
<label class="md-nav__link " for="__nav_8_3" id="__nav_8_3_label" tabindex="0">
<span class="md-nav__icon md-icon"></span>
</label>
</div>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_8_3_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_8_3">
<span class="md-nav__icon md-icon"></span>
Monitoring
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../monitoring/metrics/" class="md-nav__link">
<span class="md-ellipsis">
Available Metrics
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../proposal/multi-target/" class="md-nav__link">
<span class="md-ellipsis">
MultiTarget
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/nat64/" class="md-nav__link">
<span class="md-ellipsis">
NAT64
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/rate-limits/" class="md-nav__link">
<span class="md-ellipsis">
Rate Limits
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/ttl/" class="md-nav__link">
<span class="md-ellipsis">
TTL
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../advanced/fqdn-templating/" class="md-nav__link">
<span class="md-ellipsis">
FQDN Templating
</span>
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_8_9" >
<label class="md-nav__link" for="__nav_8_9" id="__nav_8_9_label" tabindex="0">
<span class="md-ellipsis">
Decisions
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_8_9_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_8_9">
<span class="md-nav__icon md-icon"></span>
Decisions
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../proposal/002-internal-ipv6-handling-rollback/" class="md-nav__link">
<span class="md-ellipsis">
002 internal ipv6 handling rollback
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../proposal/003-dnsendpoint-graduation-to-beta/" class="md-nav__link">
<span class="md-ellipsis">
003 dnsendpoint graduation to beta
</span>
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_9" >
<div class="md-nav__link md-nav__container">
<a href="../../contributing/" class="md-nav__link ">
<span class="md-ellipsis">
Contributing
</span>
</a>
<label class="md-nav__link " for="__nav_9" id="__nav_9_label" tabindex="0">
<span class="md-nav__icon md-icon"></span>
</label>
</div>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_9_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_9">
<span class="md-nav__icon md-icon"></span>
Contributing
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../CONTRIBUTING/" class="md-nav__link">
<span class="md-ellipsis">
Kubernetes Contributions
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../release/" class="md-nav__link">
<span class="md-ellipsis">
Release
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../deprecation/" class="md-nav__link">
<span class="md-ellipsis">
Deprecation Policy
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../contributing/chart/" class="md-nav__link">
<span class="md-ellipsis">
Helm Chart
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../contributing/design/" class="md-nav__link">
<span class="md-ellipsis">
Design
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../contributing/dev-guide/" class="md-nav__link">
<span class="md-ellipsis">
Developer Reference
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../contributing/sources-and-providers/" class="md-nav__link">
<span class="md-ellipsis">
Sources and Providers
</span>
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#manifest-for-clusters-without-rbac-enabled" class="md-nav__link">
<span class="md-ellipsis">
Manifest (for clusters without RBAC enabled)
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#manifest-for-clusters-with-rbac-enabled" class="md-nav__link">
<span class="md-ellipsis">
Manifest (for clusters with RBAC enabled)
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#update-existing-externaldns-deployment" class="md-nav__link">
<span class="md-ellipsis">
Update existing ExternalDNS Deployment
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#verify-that-istio-gatewayvirtualservice-source-works" class="md-nav__link">
<span class="md-ellipsis">
Verify that Istio Gateway/VirtualService Source works
</span>
</a>
<nav class="md-nav" aria-label="Verify that Istio Gateway/VirtualService Source works">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#install-a-sample-service" class="md-nav__link">
<span class="md-ellipsis">
Install a sample service
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#using-a-gateway-as-a-source" class="md-nav__link">
<span class="md-ellipsis">
Using a Gateway as a source
</span>
</a>
<nav class="md-nav" aria-label="Using a Gateway as a source">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#create-an-istio-gateway" class="md-nav__link">
<span class="md-ellipsis">
Create an Istio Gateway
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#configure-routes-for-traffic-entering-via-the-gateway" class="md-nav__link">
<span class="md-ellipsis">
Configure routes for traffic entering via the Gateway
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#using-a-virtualservice-as-a-source" class="md-nav__link">
<span class="md-ellipsis">
Using a VirtualService as a source
</span>
</a>
<nav class="md-nav" aria-label="Using a VirtualService as a source">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#create-an-istio-gateway_1" class="md-nav__link">
<span class="md-ellipsis">
Create an Istio Gateway
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#configure-routes-for-traffic-entering-via-the-gateway_1" class="md-nav__link">
<span class="md-ellipsis">
Configure routes for traffic entering via the Gateway
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#access-the-sample-service-using-curl" class="md-nav__link">
<span class="md-ellipsis">
Access the sample service using curl
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#optional-gateway-annotation" class="md-nav__link">
<span class="md-ellipsis">
Optional Gateway Annotation
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#debug-externaldns" class="md-nav__link">
<span class="md-ellipsis">
Debug ExternalDNS
</span>
</a>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">
<h1 id="istio-gateway-virtual-service-source">Istio Gateway / Virtual Service Source<a class="headerlink" href="#istio-gateway-virtual-service-source" title="Permanent link">&para;</a></h1>
<p>This tutorial describes how to configure ExternalDNS to use the Istio Gateway source.<br />
It is meant to supplement the other provider-specific setup tutorials.</p>
<p><strong>Note:</strong> Using the Istio Gateway source requires Istio &gt;=1.0.0.</p>
<ul>
<li>Manifest (for clusters without RBAC enabled)</li>
<li>Manifest (for clusters with RBAC enabled)</li>
<li>Update existing ExternalDNS Deployment</li>
</ul>
<h2 id="manifest-for-clusters-without-rbac-enabled">Manifest (for clusters without RBAC enabled)<a class="headerlink" href="#manifest-for-clusters-without-rbac-enabled" title="Permanent link">&para;</a></h2>
<div class="highlight"><pre><span></span><code><a id="__codelineno-0-1" name="__codelineno-0-1" href="#__codelineno-0-1"></a><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">apps/v1</span>
<a id="__codelineno-0-2" name="__codelineno-0-2" href="#__codelineno-0-2"></a><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Deployment</span>
<a id="__codelineno-0-3" name="__codelineno-0-3" href="#__codelineno-0-3"></a><span class="nt">metadata</span><span class="p">:</span>
<a id="__codelineno-0-4" name="__codelineno-0-4" href="#__codelineno-0-4"></a><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-dns</span>
<a id="__codelineno-0-5" name="__codelineno-0-5" href="#__codelineno-0-5"></a><span class="nt">spec</span><span class="p">:</span>
<a id="__codelineno-0-6" name="__codelineno-0-6" href="#__codelineno-0-6"></a><span class="w"> </span><span class="nt">strategy</span><span class="p">:</span>
<a id="__codelineno-0-7" name="__codelineno-0-7" href="#__codelineno-0-7"></a><span class="w"> </span><span class="nt">type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Recreate</span>
<a id="__codelineno-0-8" name="__codelineno-0-8" href="#__codelineno-0-8"></a><span class="w"> </span><span class="nt">selector</span><span class="p">:</span>
<a id="__codelineno-0-9" name="__codelineno-0-9" href="#__codelineno-0-9"></a><span class="w"> </span><span class="nt">matchLabels</span><span class="p">:</span>
<a id="__codelineno-0-10" name="__codelineno-0-10" href="#__codelineno-0-10"></a><span class="w"> </span><span class="nt">app</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-dns</span>
<a id="__codelineno-0-11" name="__codelineno-0-11" href="#__codelineno-0-11"></a><span class="w"> </span><span class="nt">template</span><span class="p">:</span>
<a id="__codelineno-0-12" name="__codelineno-0-12" href="#__codelineno-0-12"></a><span class="w"> </span><span class="nt">metadata</span><span class="p">:</span>
<a id="__codelineno-0-13" name="__codelineno-0-13" href="#__codelineno-0-13"></a><span class="w"> </span><span class="nt">labels</span><span class="p">:</span>
<a id="__codelineno-0-14" name="__codelineno-0-14" href="#__codelineno-0-14"></a><span class="w"> </span><span class="nt">app</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-dns</span>
<a id="__codelineno-0-15" name="__codelineno-0-15" href="#__codelineno-0-15"></a><span class="w"> </span><span class="nt">spec</span><span class="p">:</span>
<a id="__codelineno-0-16" name="__codelineno-0-16" href="#__codelineno-0-16"></a><span class="w"> </span><span class="nt">containers</span><span class="p">:</span>
<a id="__codelineno-0-17" name="__codelineno-0-17" href="#__codelineno-0-17"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-dns</span>
<a id="__codelineno-0-18" name="__codelineno-0-18" href="#__codelineno-0-18"></a><span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">registry.k8s.io/external-dns/external-dns:v0.17.0</span>
<a id="__codelineno-0-19" name="__codelineno-0-19" href="#__codelineno-0-19"></a><span class="w"> </span><span class="nt">args</span><span class="p">:</span>
<a id="__codelineno-0-20" name="__codelineno-0-20" href="#__codelineno-0-20"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--source=service</span>
<a id="__codelineno-0-21" name="__codelineno-0-21" href="#__codelineno-0-21"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--source=ingress</span>
<a id="__codelineno-0-22" name="__codelineno-0-22" href="#__codelineno-0-22"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--source=istio-gateway</span><span class="w"> </span><span class="c1"># choose one</span>
<a id="__codelineno-0-23" name="__codelineno-0-23" href="#__codelineno-0-23"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--source=istio-virtualservice</span><span class="w"> </span><span class="c1"># or both</span>
<a id="__codelineno-0-24" name="__codelineno-0-24" href="#__codelineno-0-24"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--domain-filter=external-dns-test.my-org.com</span><span class="w"> </span><span class="c1"># will make ExternalDNS see only the hosted zones matching provided domain, omit to process all available hosted zones</span>
<a id="__codelineno-0-25" name="__codelineno-0-25" href="#__codelineno-0-25"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--provider=aws</span>
<a id="__codelineno-0-26" name="__codelineno-0-26" href="#__codelineno-0-26"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--policy=upsert-only</span><span class="w"> </span><span class="c1"># would prevent ExternalDNS from deleting any records, omit to enable full synchronization</span>
<a id="__codelineno-0-27" name="__codelineno-0-27" href="#__codelineno-0-27"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--aws-zone-type=public</span><span class="w"> </span><span class="c1"># only look at public hosted zones (valid values are public, private or no value for both)</span>
<a id="__codelineno-0-28" name="__codelineno-0-28" href="#__codelineno-0-28"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--registry=txt</span>
<a id="__codelineno-0-29" name="__codelineno-0-29" href="#__codelineno-0-29"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--txt-owner-id=my-identifier</span>
</code></pre></div>
<h2 id="manifest-for-clusters-with-rbac-enabled">Manifest (for clusters with RBAC enabled)<a class="headerlink" href="#manifest-for-clusters-with-rbac-enabled" title="Permanent link">&para;</a></h2>
<div class="highlight"><pre><span></span><code><a id="__codelineno-1-1" name="__codelineno-1-1" href="#__codelineno-1-1"></a><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">v1</span>
<a id="__codelineno-1-2" name="__codelineno-1-2" href="#__codelineno-1-2"></a><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ServiceAccount</span>
<a id="__codelineno-1-3" name="__codelineno-1-3" href="#__codelineno-1-3"></a><span class="nt">metadata</span><span class="p">:</span>
<a id="__codelineno-1-4" name="__codelineno-1-4" href="#__codelineno-1-4"></a><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-dns</span>
<a id="__codelineno-1-5" name="__codelineno-1-5" href="#__codelineno-1-5"></a><span class="nn">---</span>
<a id="__codelineno-1-6" name="__codelineno-1-6" href="#__codelineno-1-6"></a><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">rbac.authorization.k8s.io/v1</span>
<a id="__codelineno-1-7" name="__codelineno-1-7" href="#__codelineno-1-7"></a><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ClusterRole</span>
<a id="__codelineno-1-8" name="__codelineno-1-8" href="#__codelineno-1-8"></a><span class="nt">metadata</span><span class="p">:</span>
<a id="__codelineno-1-9" name="__codelineno-1-9" href="#__codelineno-1-9"></a><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-dns</span>
<a id="__codelineno-1-10" name="__codelineno-1-10" href="#__codelineno-1-10"></a><span class="nt">rules</span><span class="p">:</span>
<a id="__codelineno-1-11" name="__codelineno-1-11" href="#__codelineno-1-11"></a><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">apiGroups</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="s">&quot;&quot;</span><span class="p p-Indicator">]</span>
<a id="__codelineno-1-12" name="__codelineno-1-12" href="#__codelineno-1-12"></a><span class="w"> </span><span class="nt">resources</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="s">&quot;services&quot;</span><span class="p p-Indicator">,</span><span class="s">&quot;endpoints&quot;</span><span class="p p-Indicator">,</span><span class="s">&quot;pods&quot;</span><span class="p p-Indicator">]</span>
<a id="__codelineno-1-13" name="__codelineno-1-13" href="#__codelineno-1-13"></a><span class="w"> </span><span class="nt">verbs</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="s">&quot;get&quot;</span><span class="p p-Indicator">,</span><span class="s">&quot;watch&quot;</span><span class="p p-Indicator">,</span><span class="s">&quot;list&quot;</span><span class="p p-Indicator">]</span>
<a id="__codelineno-1-14" name="__codelineno-1-14" href="#__codelineno-1-14"></a><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">apiGroups</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="s">&quot;extensions&quot;</span><span class="p p-Indicator">,</span><span class="s">&quot;networking.k8s.io&quot;</span><span class="p p-Indicator">]</span>
<a id="__codelineno-1-15" name="__codelineno-1-15" href="#__codelineno-1-15"></a><span class="w"> </span><span class="nt">resources</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="s">&quot;ingresses&quot;</span><span class="p p-Indicator">]</span>
<a id="__codelineno-1-16" name="__codelineno-1-16" href="#__codelineno-1-16"></a><span class="w"> </span><span class="nt">verbs</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="s">&quot;get&quot;</span><span class="p p-Indicator">,</span><span class="s">&quot;watch&quot;</span><span class="p p-Indicator">,</span><span class="s">&quot;list&quot;</span><span class="p p-Indicator">]</span>
<a id="__codelineno-1-17" name="__codelineno-1-17" href="#__codelineno-1-17"></a><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">apiGroups</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="s">&quot;&quot;</span><span class="p p-Indicator">]</span>
<a id="__codelineno-1-18" name="__codelineno-1-18" href="#__codelineno-1-18"></a><span class="w"> </span><span class="nt">resources</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="s">&quot;nodes&quot;</span><span class="p p-Indicator">]</span>
<a id="__codelineno-1-19" name="__codelineno-1-19" href="#__codelineno-1-19"></a><span class="w"> </span><span class="nt">verbs</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="s">&quot;list&quot;</span><span class="p p-Indicator">]</span>
<a id="__codelineno-1-20" name="__codelineno-1-20" href="#__codelineno-1-20"></a><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">apiGroups</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="s">&quot;networking.istio.io&quot;</span><span class="p p-Indicator">]</span>
<a id="__codelineno-1-21" name="__codelineno-1-21" href="#__codelineno-1-21"></a><span class="w"> </span><span class="nt">resources</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="s">&quot;gateways&quot;</span><span class="p p-Indicator">,</span><span class="w"> </span><span class="s">&quot;virtualservices&quot;</span><span class="p p-Indicator">]</span>
<a id="__codelineno-1-22" name="__codelineno-1-22" href="#__codelineno-1-22"></a><span class="w"> </span><span class="nt">verbs</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="s">&quot;get&quot;</span><span class="p p-Indicator">,</span><span class="s">&quot;watch&quot;</span><span class="p p-Indicator">,</span><span class="s">&quot;list&quot;</span><span class="p p-Indicator">]</span>
<a id="__codelineno-1-23" name="__codelineno-1-23" href="#__codelineno-1-23"></a><span class="nn">---</span>
<a id="__codelineno-1-24" name="__codelineno-1-24" href="#__codelineno-1-24"></a><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">rbac.authorization.k8s.io/v1</span>
<a id="__codelineno-1-25" name="__codelineno-1-25" href="#__codelineno-1-25"></a><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ClusterRoleBinding</span>
<a id="__codelineno-1-26" name="__codelineno-1-26" href="#__codelineno-1-26"></a><span class="nt">metadata</span><span class="p">:</span>
<a id="__codelineno-1-27" name="__codelineno-1-27" href="#__codelineno-1-27"></a><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-dns-viewer</span>
<a id="__codelineno-1-28" name="__codelineno-1-28" href="#__codelineno-1-28"></a><span class="nt">roleRef</span><span class="p">:</span>
<a id="__codelineno-1-29" name="__codelineno-1-29" href="#__codelineno-1-29"></a><span class="w"> </span><span class="nt">apiGroup</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">rbac.authorization.k8s.io</span>
<a id="__codelineno-1-30" name="__codelineno-1-30" href="#__codelineno-1-30"></a><span class="w"> </span><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ClusterRole</span>
<a id="__codelineno-1-31" name="__codelineno-1-31" href="#__codelineno-1-31"></a><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-dns</span>
<a id="__codelineno-1-32" name="__codelineno-1-32" href="#__codelineno-1-32"></a><span class="nt">subjects</span><span class="p">:</span>
<a id="__codelineno-1-33" name="__codelineno-1-33" href="#__codelineno-1-33"></a><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ServiceAccount</span>
<a id="__codelineno-1-34" name="__codelineno-1-34" href="#__codelineno-1-34"></a><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-dns</span>
<a id="__codelineno-1-35" name="__codelineno-1-35" href="#__codelineno-1-35"></a><span class="w"> </span><span class="nt">namespace</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">default</span>
<a id="__codelineno-1-36" name="__codelineno-1-36" href="#__codelineno-1-36"></a><span class="nn">---</span>
<a id="__codelineno-1-37" name="__codelineno-1-37" href="#__codelineno-1-37"></a><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">apps/v1</span>
<a id="__codelineno-1-38" name="__codelineno-1-38" href="#__codelineno-1-38"></a><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Deployment</span>
<a id="__codelineno-1-39" name="__codelineno-1-39" href="#__codelineno-1-39"></a><span class="nt">metadata</span><span class="p">:</span>
<a id="__codelineno-1-40" name="__codelineno-1-40" href="#__codelineno-1-40"></a><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-dns</span>
<a id="__codelineno-1-41" name="__codelineno-1-41" href="#__codelineno-1-41"></a><span class="nt">spec</span><span class="p">:</span>
<a id="__codelineno-1-42" name="__codelineno-1-42" href="#__codelineno-1-42"></a><span class="w"> </span><span class="nt">strategy</span><span class="p">:</span>
<a id="__codelineno-1-43" name="__codelineno-1-43" href="#__codelineno-1-43"></a><span class="w"> </span><span class="nt">type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Recreate</span>
<a id="__codelineno-1-44" name="__codelineno-1-44" href="#__codelineno-1-44"></a><span class="w"> </span><span class="nt">selector</span><span class="p">:</span>
<a id="__codelineno-1-45" name="__codelineno-1-45" href="#__codelineno-1-45"></a><span class="w"> </span><span class="nt">matchLabels</span><span class="p">:</span>
<a id="__codelineno-1-46" name="__codelineno-1-46" href="#__codelineno-1-46"></a><span class="w"> </span><span class="nt">app</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-dns</span>
<a id="__codelineno-1-47" name="__codelineno-1-47" href="#__codelineno-1-47"></a><span class="w"> </span><span class="nt">template</span><span class="p">:</span>
<a id="__codelineno-1-48" name="__codelineno-1-48" href="#__codelineno-1-48"></a><span class="w"> </span><span class="nt">metadata</span><span class="p">:</span>
<a id="__codelineno-1-49" name="__codelineno-1-49" href="#__codelineno-1-49"></a><span class="w"> </span><span class="nt">labels</span><span class="p">:</span>
<a id="__codelineno-1-50" name="__codelineno-1-50" href="#__codelineno-1-50"></a><span class="w"> </span><span class="nt">app</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-dns</span>
<a id="__codelineno-1-51" name="__codelineno-1-51" href="#__codelineno-1-51"></a><span class="w"> </span><span class="nt">spec</span><span class="p">:</span>
<a id="__codelineno-1-52" name="__codelineno-1-52" href="#__codelineno-1-52"></a><span class="w"> </span><span class="nt">serviceAccountName</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-dns</span>
<a id="__codelineno-1-53" name="__codelineno-1-53" href="#__codelineno-1-53"></a><span class="w"> </span><span class="nt">containers</span><span class="p">:</span>
<a id="__codelineno-1-54" name="__codelineno-1-54" href="#__codelineno-1-54"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-dns</span>
<a id="__codelineno-1-55" name="__codelineno-1-55" href="#__codelineno-1-55"></a><span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">registry.k8s.io/external-dns/external-dns:v0.17.0</span>
<a id="__codelineno-1-56" name="__codelineno-1-56" href="#__codelineno-1-56"></a><span class="w"> </span><span class="nt">args</span><span class="p">:</span>
<a id="__codelineno-1-57" name="__codelineno-1-57" href="#__codelineno-1-57"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--source=service</span>
<a id="__codelineno-1-58" name="__codelineno-1-58" href="#__codelineno-1-58"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--source=ingress</span>
<a id="__codelineno-1-59" name="__codelineno-1-59" href="#__codelineno-1-59"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--source=istio-gateway</span>
<a id="__codelineno-1-60" name="__codelineno-1-60" href="#__codelineno-1-60"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--source=istio-virtualservice</span>
<a id="__codelineno-1-61" name="__codelineno-1-61" href="#__codelineno-1-61"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--domain-filter=external-dns-test.my-org.com</span><span class="w"> </span><span class="c1"># will make ExternalDNS see only the hosted zones matching provided domain, omit to process all available hosted zones</span>
<a id="__codelineno-1-62" name="__codelineno-1-62" href="#__codelineno-1-62"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--provider=aws</span>
<a id="__codelineno-1-63" name="__codelineno-1-63" href="#__codelineno-1-63"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--policy=upsert-only</span><span class="w"> </span><span class="c1"># would prevent ExternalDNS from deleting any records, omit to enable full synchronization</span>
<a id="__codelineno-1-64" name="__codelineno-1-64" href="#__codelineno-1-64"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--aws-zone-type=public</span><span class="w"> </span><span class="c1"># only look at public hosted zones (valid values are public, private or no value for both)</span>
<a id="__codelineno-1-65" name="__codelineno-1-65" href="#__codelineno-1-65"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--registry=txt</span>
<a id="__codelineno-1-66" name="__codelineno-1-66" href="#__codelineno-1-66"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--txt-owner-id=my-identifier</span>
</code></pre></div>
<h2 id="update-existing-externaldns-deployment">Update existing ExternalDNS Deployment<a class="headerlink" href="#update-existing-externaldns-deployment" title="Permanent link">&para;</a></h2>
<ul>
<li>For clusters with running <code>external-dns</code>, you can just update the deployment.</li>
<li>With access to the <code>kube-system</code> namespace, update the existing <code>external-dns</code> deployment.</li>
<li>Add a parameter to the arguments of the container to create dns entries with <code>--source=istio-gateway</code>.</li>
</ul>
<p>Execute the following command or update the argument.</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-2-1" name="__codelineno-2-1" href="#__codelineno-2-1"></a><span class="go">kubectl patch deployment external-dns --type=&#39;json&#39; \</span>
<a id="__codelineno-2-2" name="__codelineno-2-2" href="#__codelineno-2-2"></a><span class="go"> -p=&#39;[{&quot;op&quot;: &quot;add&quot;, &quot;path&quot;: &quot;/spec/template/spec/containers/0/args/2&quot;, &quot;value&quot;: &quot;--source=istio-gateway&quot; }]&#39;</span>
</code></pre></div>
<p>In case the setup uses a <code>clusterrole</code>, just append a new value to the enable the istio group.</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-3-1" name="__codelineno-3-1" href="#__codelineno-3-1"></a><span class="go">kubectl patch clusterrole external-dns --type=&#39;json&#39; \</span>
<a id="__codelineno-3-2" name="__codelineno-3-2" href="#__codelineno-3-2"></a><span class="go"> -p=&#39;[{&quot;op&quot;: &quot;add&quot;, &quot;path&quot;: &quot;/rules/4&quot;, &quot;value&quot;: { &quot;apiGroups&quot;: [ &quot;networking.istio.io&quot;], &quot;resources&quot;: [&quot;gateways&quot;],&quot;verbs&quot;: [&quot;get&quot;, &quot;watch&quot;, &quot;list&quot; ]} }]&#39;</span>
</code></pre></div>
<h2 id="verify-that-istio-gatewayvirtualservice-source-works">Verify that Istio Gateway/VirtualService Source works<a class="headerlink" href="#verify-that-istio-gatewayvirtualservice-source-works" title="Permanent link">&para;</a></h2>
<p>Follow the <a href="https://istio.io/docs/tasks/traffic-management/ingress/">Istio ingress traffic tutorial</a><br />
to deploy a sample service that will be exposed outside of the service mesh.<br />
The following are relevant snippets from that tutorial.</p>
<h3 id="install-a-sample-service">Install a sample service<a class="headerlink" href="#install-a-sample-service" title="Permanent link">&para;</a></h3>
<p>With automatic sidecar injection:</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-4-1" name="__codelineno-4-1" href="#__codelineno-4-1"></a>kubectl<span class="w"> </span>apply<span class="w"> </span>-f<span class="w"> </span>https://raw.githubusercontent.com/istio/istio/release-1.6/samples/httpbin/httpbin.yaml
</code></pre></div>
<p>Otherwise:</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-5-1" name="__codelineno-5-1" href="#__codelineno-5-1"></a>kubectl<span class="w"> </span>apply<span class="w"> </span>-f<span class="w"> </span>&lt;<span class="o">(</span>istioctl<span class="w"> </span>kube-inject<span class="w"> </span>-f<span class="w"> </span>https://raw.githubusercontent.com/istio/istio/release-1.6/samples/httpbin/httpbin.yaml<span class="o">)</span>
</code></pre></div>
<h3 id="using-a-gateway-as-a-source">Using a Gateway as a source<a class="headerlink" href="#using-a-gateway-as-a-source" title="Permanent link">&para;</a></h3>
<h4 id="create-an-istio-gateway">Create an Istio Gateway<a class="headerlink" href="#create-an-istio-gateway" title="Permanent link">&para;</a></h4>
<div class="highlight"><pre><span></span><code><a id="__codelineno-6-1" name="__codelineno-6-1" href="#__codelineno-6-1"></a>$<span class="w"> </span>cat<span class="w"> </span><span class="s">&lt;&lt;EOF | kubectl apply -f -</span>
<a id="__codelineno-6-2" name="__codelineno-6-2" href="#__codelineno-6-2"></a><span class="s">apiVersion: networking.istio.io/v1alpha3</span>
<a id="__codelineno-6-3" name="__codelineno-6-3" href="#__codelineno-6-3"></a><span class="s">kind: Gateway</span>
<a id="__codelineno-6-4" name="__codelineno-6-4" href="#__codelineno-6-4"></a><span class="s">metadata:</span>
<a id="__codelineno-6-5" name="__codelineno-6-5" href="#__codelineno-6-5"></a><span class="s"> name: httpbin-gateway</span>
<a id="__codelineno-6-6" name="__codelineno-6-6" href="#__codelineno-6-6"></a><span class="s"> namespace: istio-system</span>
<a id="__codelineno-6-7" name="__codelineno-6-7" href="#__codelineno-6-7"></a><span class="s">spec:</span>
<a id="__codelineno-6-8" name="__codelineno-6-8" href="#__codelineno-6-8"></a><span class="s"> selector:</span>
<a id="__codelineno-6-9" name="__codelineno-6-9" href="#__codelineno-6-9"></a><span class="s"> istio: ingressgateway # use Istio default gateway implementation</span>
<a id="__codelineno-6-10" name="__codelineno-6-10" href="#__codelineno-6-10"></a><span class="s"> servers:</span>
<a id="__codelineno-6-11" name="__codelineno-6-11" href="#__codelineno-6-11"></a><span class="s"> - port:</span>
<a id="__codelineno-6-12" name="__codelineno-6-12" href="#__codelineno-6-12"></a><span class="s"> number: 80</span>
<a id="__codelineno-6-13" name="__codelineno-6-13" href="#__codelineno-6-13"></a><span class="s"> name: http</span>
<a id="__codelineno-6-14" name="__codelineno-6-14" href="#__codelineno-6-14"></a><span class="s"> protocol: HTTP</span>
<a id="__codelineno-6-15" name="__codelineno-6-15" href="#__codelineno-6-15"></a><span class="s"> hosts:</span>
<a id="__codelineno-6-16" name="__codelineno-6-16" href="#__codelineno-6-16"></a><span class="s"> - &quot;httpbin.example.com&quot; # this is used by external-dns to extract DNS names</span>
<a id="__codelineno-6-17" name="__codelineno-6-17" href="#__codelineno-6-17"></a><span class="s">EOF</span>
</code></pre></div>
<h4 id="configure-routes-for-traffic-entering-via-the-gateway">Configure routes for traffic entering via the Gateway<a class="headerlink" href="#configure-routes-for-traffic-entering-via-the-gateway" title="Permanent link">&para;</a></h4>
<div class="highlight"><pre><span></span><code><a id="__codelineno-7-1" name="__codelineno-7-1" href="#__codelineno-7-1"></a>$<span class="w"> </span>cat<span class="w"> </span><span class="s">&lt;&lt;EOF | kubectl apply -f -</span>
<a id="__codelineno-7-2" name="__codelineno-7-2" href="#__codelineno-7-2"></a><span class="s">apiVersion: networking.istio.io/v1alpha3</span>
<a id="__codelineno-7-3" name="__codelineno-7-3" href="#__codelineno-7-3"></a><span class="s">kind: VirtualService</span>
<a id="__codelineno-7-4" name="__codelineno-7-4" href="#__codelineno-7-4"></a><span class="s">metadata:</span>
<a id="__codelineno-7-5" name="__codelineno-7-5" href="#__codelineno-7-5"></a><span class="s"> name: httpbin</span>
<a id="__codelineno-7-6" name="__codelineno-7-6" href="#__codelineno-7-6"></a><span class="s">spec:</span>
<a id="__codelineno-7-7" name="__codelineno-7-7" href="#__codelineno-7-7"></a><span class="s"> hosts:</span>
<a id="__codelineno-7-8" name="__codelineno-7-8" href="#__codelineno-7-8"></a><span class="s"> - &quot;httpbin.example.com&quot;</span>
<a id="__codelineno-7-9" name="__codelineno-7-9" href="#__codelineno-7-9"></a><span class="s"> gateways:</span>
<a id="__codelineno-7-10" name="__codelineno-7-10" href="#__codelineno-7-10"></a><span class="s"> - istio-system/httpbin-gateway</span>
<a id="__codelineno-7-11" name="__codelineno-7-11" href="#__codelineno-7-11"></a><span class="s"> http:</span>
<a id="__codelineno-7-12" name="__codelineno-7-12" href="#__codelineno-7-12"></a><span class="s"> - match:</span>
<a id="__codelineno-7-13" name="__codelineno-7-13" href="#__codelineno-7-13"></a><span class="s"> - uri:</span>
<a id="__codelineno-7-14" name="__codelineno-7-14" href="#__codelineno-7-14"></a><span class="s"> prefix: /status</span>
<a id="__codelineno-7-15" name="__codelineno-7-15" href="#__codelineno-7-15"></a><span class="s"> - uri:</span>
<a id="__codelineno-7-16" name="__codelineno-7-16" href="#__codelineno-7-16"></a><span class="s"> prefix: /delay</span>
<a id="__codelineno-7-17" name="__codelineno-7-17" href="#__codelineno-7-17"></a><span class="s"> route:</span>
<a id="__codelineno-7-18" name="__codelineno-7-18" href="#__codelineno-7-18"></a><span class="s"> - destination:</span>
<a id="__codelineno-7-19" name="__codelineno-7-19" href="#__codelineno-7-19"></a><span class="s"> port:</span>
<a id="__codelineno-7-20" name="__codelineno-7-20" href="#__codelineno-7-20"></a><span class="s"> number: 8000</span>
<a id="__codelineno-7-21" name="__codelineno-7-21" href="#__codelineno-7-21"></a><span class="s"> host: httpbin</span>
<a id="__codelineno-7-22" name="__codelineno-7-22" href="#__codelineno-7-22"></a><span class="s">EOF</span>
</code></pre></div>
<h3 id="using-a-virtualservice-as-a-source">Using a VirtualService as a source<a class="headerlink" href="#using-a-virtualservice-as-a-source" title="Permanent link">&para;</a></h3>
<h4 id="create-an-istio-gateway_1">Create an Istio Gateway<a class="headerlink" href="#create-an-istio-gateway_1" title="Permanent link">&para;</a></h4>
<div class="highlight"><pre><span></span><code><a id="__codelineno-8-1" name="__codelineno-8-1" href="#__codelineno-8-1"></a>$<span class="w"> </span>cat<span class="w"> </span><span class="s">&lt;&lt;EOF | kubectl apply -f -</span>
<a id="__codelineno-8-2" name="__codelineno-8-2" href="#__codelineno-8-2"></a><span class="s">apiVersion: networking.istio.io/v1alpha3</span>
<a id="__codelineno-8-3" name="__codelineno-8-3" href="#__codelineno-8-3"></a><span class="s">kind: Gateway</span>
<a id="__codelineno-8-4" name="__codelineno-8-4" href="#__codelineno-8-4"></a><span class="s">metadata:</span>
<a id="__codelineno-8-5" name="__codelineno-8-5" href="#__codelineno-8-5"></a><span class="s"> name: httpbin-gateway</span>
<a id="__codelineno-8-6" name="__codelineno-8-6" href="#__codelineno-8-6"></a><span class="s"> namespace: istio-system</span>
<a id="__codelineno-8-7" name="__codelineno-8-7" href="#__codelineno-8-7"></a><span class="s">spec:</span>
<a id="__codelineno-8-8" name="__codelineno-8-8" href="#__codelineno-8-8"></a><span class="s"> selector:</span>
<a id="__codelineno-8-9" name="__codelineno-8-9" href="#__codelineno-8-9"></a><span class="s"> istio: ingressgateway # use Istio default gateway implementation</span>
<a id="__codelineno-8-10" name="__codelineno-8-10" href="#__codelineno-8-10"></a><span class="s"> servers:</span>
<a id="__codelineno-8-11" name="__codelineno-8-11" href="#__codelineno-8-11"></a><span class="s"> - port:</span>
<a id="__codelineno-8-12" name="__codelineno-8-12" href="#__codelineno-8-12"></a><span class="s"> number: 80</span>
<a id="__codelineno-8-13" name="__codelineno-8-13" href="#__codelineno-8-13"></a><span class="s"> name: http</span>
<a id="__codelineno-8-14" name="__codelineno-8-14" href="#__codelineno-8-14"></a><span class="s"> protocol: HTTP</span>
<a id="__codelineno-8-15" name="__codelineno-8-15" href="#__codelineno-8-15"></a><span class="s"> hosts:</span>
<a id="__codelineno-8-16" name="__codelineno-8-16" href="#__codelineno-8-16"></a><span class="s"> - &quot;*&quot;</span>
<a id="__codelineno-8-17" name="__codelineno-8-17" href="#__codelineno-8-17"></a><span class="s">EOF</span>
</code></pre></div>
<h4 id="configure-routes-for-traffic-entering-via-the-gateway_1">Configure routes for traffic entering via the Gateway<a class="headerlink" href="#configure-routes-for-traffic-entering-via-the-gateway_1" title="Permanent link">&para;</a></h4>
<div class="highlight"><pre><span></span><code><a id="__codelineno-9-1" name="__codelineno-9-1" href="#__codelineno-9-1"></a>$<span class="w"> </span>cat<span class="w"> </span><span class="s">&lt;&lt;EOF | kubectl apply -f -</span>
<a id="__codelineno-9-2" name="__codelineno-9-2" href="#__codelineno-9-2"></a><span class="s">apiVersion: networking.istio.io/v1alpha3</span>
<a id="__codelineno-9-3" name="__codelineno-9-3" href="#__codelineno-9-3"></a><span class="s">kind: VirtualService</span>
<a id="__codelineno-9-4" name="__codelineno-9-4" href="#__codelineno-9-4"></a><span class="s">metadata:</span>
<a id="__codelineno-9-5" name="__codelineno-9-5" href="#__codelineno-9-5"></a><span class="s"> name: httpbin</span>
<a id="__codelineno-9-6" name="__codelineno-9-6" href="#__codelineno-9-6"></a><span class="s">spec:</span>
<a id="__codelineno-9-7" name="__codelineno-9-7" href="#__codelineno-9-7"></a><span class="s"> hosts:</span>
<a id="__codelineno-9-8" name="__codelineno-9-8" href="#__codelineno-9-8"></a><span class="s"> - &quot;httpbin.example.com&quot; # this is used by external-dns to extract DNS names</span>
<a id="__codelineno-9-9" name="__codelineno-9-9" href="#__codelineno-9-9"></a><span class="s"> gateways:</span>
<a id="__codelineno-9-10" name="__codelineno-9-10" href="#__codelineno-9-10"></a><span class="s"> - istio-system/httpbin-gateway</span>
<a id="__codelineno-9-11" name="__codelineno-9-11" href="#__codelineno-9-11"></a><span class="s"> http:</span>
<a id="__codelineno-9-12" name="__codelineno-9-12" href="#__codelineno-9-12"></a><span class="s"> - match:</span>
<a id="__codelineno-9-13" name="__codelineno-9-13" href="#__codelineno-9-13"></a><span class="s"> - uri:</span>
<a id="__codelineno-9-14" name="__codelineno-9-14" href="#__codelineno-9-14"></a><span class="s"> prefix: /status</span>
<a id="__codelineno-9-15" name="__codelineno-9-15" href="#__codelineno-9-15"></a><span class="s"> - uri:</span>
<a id="__codelineno-9-16" name="__codelineno-9-16" href="#__codelineno-9-16"></a><span class="s"> prefix: /delay</span>
<a id="__codelineno-9-17" name="__codelineno-9-17" href="#__codelineno-9-17"></a><span class="s"> route:</span>
<a id="__codelineno-9-18" name="__codelineno-9-18" href="#__codelineno-9-18"></a><span class="s"> - destination:</span>
<a id="__codelineno-9-19" name="__codelineno-9-19" href="#__codelineno-9-19"></a><span class="s"> port:</span>
<a id="__codelineno-9-20" name="__codelineno-9-20" href="#__codelineno-9-20"></a><span class="s"> number: 8000</span>
<a id="__codelineno-9-21" name="__codelineno-9-21" href="#__codelineno-9-21"></a><span class="s"> host: httpbin</span>
<a id="__codelineno-9-22" name="__codelineno-9-22" href="#__codelineno-9-22"></a><span class="s">EOF</span>
</code></pre></div>
<p>To get the targets to the extracted DNS names, external-dns is able to gather information from the kubernetes service of the Istio Ingress Gateway.<br />
Please take a look at the <a href="../service/">source service documentation</a> for more information on this.</p>
<p>It is also possible to set the targets manually by using the <code>external-dns.alpha.kubernetes.io/target</code> annotation on the Istio Ingress Gateway resource or the Istio VirtualService.</p>
<h3 id="access-the-sample-service-using-curl">Access the sample service using <code>curl</code><a class="headerlink" href="#access-the-sample-service-using-curl" title="Permanent link">&para;</a></h3>
<div class="highlight"><pre><span></span><code><a id="__codelineno-10-1" name="__codelineno-10-1" href="#__codelineno-10-1"></a>$<span class="w"> </span>curl<span class="w"> </span>-I<span class="w"> </span>http://httpbin.example.com/status/200
<a id="__codelineno-10-2" name="__codelineno-10-2" href="#__codelineno-10-2"></a>HTTP/1.1<span class="w"> </span><span class="m">200</span><span class="w"> </span>OK
<a id="__codelineno-10-3" name="__codelineno-10-3" href="#__codelineno-10-3"></a>server:<span class="w"> </span>envoy
<a id="__codelineno-10-4" name="__codelineno-10-4" href="#__codelineno-10-4"></a>date:<span class="w"> </span>Tue,<span class="w"> </span><span class="m">28</span><span class="w"> </span>Aug<span class="w"> </span><span class="m">2018</span><span class="w"> </span><span class="m">15</span>:26:47<span class="w"> </span>GMT
<a id="__codelineno-10-5" name="__codelineno-10-5" href="#__codelineno-10-5"></a>content-type:<span class="w"> </span>text/html<span class="p">;</span><span class="w"> </span><span class="nv">charset</span><span class="o">=</span>utf-8
<a id="__codelineno-10-6" name="__codelineno-10-6" href="#__codelineno-10-6"></a>access-control-allow-origin:<span class="w"> </span>*
<a id="__codelineno-10-7" name="__codelineno-10-7" href="#__codelineno-10-7"></a>access-control-allow-credentials:<span class="w"> </span><span class="nb">true</span>
<a id="__codelineno-10-8" name="__codelineno-10-8" href="#__codelineno-10-8"></a>content-length:<span class="w"> </span><span class="m">0</span>
<a id="__codelineno-10-9" name="__codelineno-10-9" href="#__codelineno-10-9"></a>x-envoy-upstream-service-time:<span class="w"> </span><span class="m">5</span>
</code></pre></div>
<p>Accessing any other URL that has not been explicitly exposed should return an HTTP 404 error:</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-11-1" name="__codelineno-11-1" href="#__codelineno-11-1"></a>$<span class="w"> </span>curl<span class="w"> </span>-I<span class="w"> </span>http://httpbin.example.com/headers
<a id="__codelineno-11-2" name="__codelineno-11-2" href="#__codelineno-11-2"></a>HTTP/1.1<span class="w"> </span><span class="m">404</span><span class="w"> </span>Not<span class="w"> </span>Found
<a id="__codelineno-11-3" name="__codelineno-11-3" href="#__codelineno-11-3"></a>date:<span class="w"> </span>Tue,<span class="w"> </span><span class="m">28</span><span class="w"> </span>Aug<span class="w"> </span><span class="m">2018</span><span class="w"> </span><span class="m">15</span>:27:48<span class="w"> </span>GMT
<a id="__codelineno-11-4" name="__codelineno-11-4" href="#__codelineno-11-4"></a>server:<span class="w"> </span>envoy
<a id="__codelineno-11-5" name="__codelineno-11-5" href="#__codelineno-11-5"></a>transfer-encoding:<span class="w"> </span>chunked
</code></pre></div>
<p><strong>Note:</strong> The <code>-H</code> flag in the original Istio tutorial is no longer necessary in the <code>curl</code> commands.</p>
<h2 id="optional-gateway-annotation">Optional Gateway Annotation<a class="headerlink" href="#optional-gateway-annotation" title="Permanent link">&para;</a></h2>
<p>To support setups where an Ingress resource is used provision an external LB you can add the following annotation to your Gateway</p>
<p><strong>Note:</strong> The Ingress namespace can be omitted if its in the same namespace as the gateway</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-12-1" name="__codelineno-12-1" href="#__codelineno-12-1"></a>$<span class="w"> </span>cat<span class="w"> </span><span class="s">&lt;&lt;EOF | kubectl apply -f -</span>
<a id="__codelineno-12-2" name="__codelineno-12-2" href="#__codelineno-12-2"></a><span class="s">apiVersion: networking.istio.io/v1alpha3</span>
<a id="__codelineno-12-3" name="__codelineno-12-3" href="#__codelineno-12-3"></a><span class="s">kind: Gateway</span>
<a id="__codelineno-12-4" name="__codelineno-12-4" href="#__codelineno-12-4"></a><span class="s">metadata:</span>
<a id="__codelineno-12-5" name="__codelineno-12-5" href="#__codelineno-12-5"></a><span class="s"> name: httpbin-gateway</span>
<a id="__codelineno-12-6" name="__codelineno-12-6" href="#__codelineno-12-6"></a><span class="s"> namespace: istio-system</span>
<a id="__codelineno-12-7" name="__codelineno-12-7" href="#__codelineno-12-7"></a><span class="s"> annotations:</span>
<a id="__codelineno-12-8" name="__codelineno-12-8" href="#__codelineno-12-8"></a><span class="s"> &quot;external-dns.alpha.kubernetes.io/ingress&quot;: &quot;$ingressNamespace/$ingressName&quot;</span>
<a id="__codelineno-12-9" name="__codelineno-12-9" href="#__codelineno-12-9"></a><span class="s">spec:</span>
<a id="__codelineno-12-10" name="__codelineno-12-10" href="#__codelineno-12-10"></a><span class="s"> selector:</span>
<a id="__codelineno-12-11" name="__codelineno-12-11" href="#__codelineno-12-11"></a><span class="s"> istio: ingressgateway # use Istio default gateway implementation</span>
<a id="__codelineno-12-12" name="__codelineno-12-12" href="#__codelineno-12-12"></a><span class="s"> servers:</span>
<a id="__codelineno-12-13" name="__codelineno-12-13" href="#__codelineno-12-13"></a><span class="s"> - port:</span>
<a id="__codelineno-12-14" name="__codelineno-12-14" href="#__codelineno-12-14"></a><span class="s"> number: 80</span>
<a id="__codelineno-12-15" name="__codelineno-12-15" href="#__codelineno-12-15"></a><span class="s"> name: http</span>
<a id="__codelineno-12-16" name="__codelineno-12-16" href="#__codelineno-12-16"></a><span class="s"> protocol: HTTP</span>
<a id="__codelineno-12-17" name="__codelineno-12-17" href="#__codelineno-12-17"></a><span class="s"> hosts:</span>
<a id="__codelineno-12-18" name="__codelineno-12-18" href="#__codelineno-12-18"></a><span class="s"> - &quot;*&quot;</span>
<a id="__codelineno-12-19" name="__codelineno-12-19" href="#__codelineno-12-19"></a><span class="s">EOF</span>
</code></pre></div>
<h2 id="debug-externaldns">Debug ExternalDNS<a class="headerlink" href="#debug-externaldns" title="Permanent link">&para;</a></h2>
<ul>
<li>Look for the deployment pod to see the status</li>
</ul>
<p>```console$ kubectl get pods | grep external-dns<br />
external-dns-6b84999479-4knv9 1/1 Running 0 3h29m<br />
<div class="highlight"><pre><span></span><code><a id="__codelineno-13-1" name="__codelineno-13-1" href="#__codelineno-13-1"></a>* Watch for the logs as follows
<a id="__codelineno-13-2" name="__codelineno-13-2" href="#__codelineno-13-2"></a>
<a id="__codelineno-13-3" name="__codelineno-13-3" href="#__codelineno-13-3"></a>```console
<a id="__codelineno-13-4" name="__codelineno-13-4" href="#__codelineno-13-4"></a>kubectl logs -f external-dns-6b84999479-4knv9
</code></pre></div></p>
<p>At this point, you can <code>create</code> or <code>update</code> any <code>Istio Gateway</code> object with <code>hosts</code> entries array.</p>
<blockquote>
<p><strong>ATTENTION</strong>: Make sure to specify those whose account is related to the DNS record.</p>
</blockquote>
<ul>
<li>Successful executions will print the following</li>
</ul>
<div class="highlight"><pre><span></span><code><a id="__codelineno-14-1" name="__codelineno-14-1" href="#__codelineno-14-1"></a><span class="go">time=&quot;2020-01-17T06:08:08Z&quot; level=info msg=&quot;Desired change: CREATE httpbin.example.com A&quot;</span>
<a id="__codelineno-14-2" name="__codelineno-14-2" href="#__codelineno-14-2"></a><span class="go">time=&quot;2020-01-17T06:08:08Z&quot; level=info msg=&quot;Desired change: CREATE httpbin.example.com TXT&quot;</span>
<a id="__codelineno-14-3" name="__codelineno-14-3" href="#__codelineno-14-3"></a><span class="go">time=&quot;2020-01-17T06:08:08Z&quot; level=info msg=&quot;2 record(s) in zone example.com. were successfully updated&quot;</span>
<a id="__codelineno-14-4" name="__codelineno-14-4" href="#__codelineno-14-4"></a><span class="go">time=&quot;2020-01-17T06:09:08Z&quot; level=info msg=&quot;All records are already up to date, there are no changes for the matching hosted zones&quot;</span>
</code></pre></div>
<ul>
<li>If there&rsquo;s any problem around <code>clusterrole</code>, you would see the errors showing wrong permissions:</li>
</ul>
<div class="highlight"><pre><span></span><code><a id="__codelineno-15-1" name="__codelineno-15-1" href="#__codelineno-15-1"></a><span class="go">source \&quot;gateways\&quot; in API group \&quot;networking.istio.io\&quot; at the cluster scope&quot;</span>
<a id="__codelineno-15-2" name="__codelineno-15-2" href="#__codelineno-15-2"></a><span class="go">time=&quot;2020-01-17T06:07:08Z&quot; level=error msg=&quot;gateways.networking.istio.io is forbidden: User \&quot;system:serviceaccount:kube-system:external-dns\&quot; cannot list resource \&quot;gateways\&quot; in API group \&quot;networking.istio.io\&quot; at the cluster scope&quot;</span>
</code></pre></div>
<aside class="md-source-file">
<span class="md-source-file__fact">
<span class="md-icon" title="Last update">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M21 13.1c-.1 0-.3.1-.4.2l-1 1 2.1 2.1 1-1c.2-.2.2-.6 0-.8l-1.3-1.3c-.1-.1-.2-.2-.4-.2m-1.9 1.8-6.1 6V23h2.1l6.1-6.1-2.1-2M12.5 7v5.2l4 2.4-1 1L11 13V7h1.5M11 21.9c-5.1-.5-9-4.8-9-9.9C2 6.5 6.5 2 12 2c5.3 0 9.6 4.1 10 9.3-.3-.1-.6-.2-1-.2s-.7.1-1 .2C19.6 7.2 16.2 4 12 4c-4.4 0-8 3.6-8 8 0 4.1 3.1 7.5 7.1 7.9l-.1.2v1.8Z"/></svg>
</span>
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">May 14, 2025</span>
</span>
</aside>
</article>
</div>
<script>var target=document.getElementById(location.hash.slice(1));target&&target.name&&(target.checked=target.name.startsWith("__tabbed_"))</script>
</div>
<button type="button" class="md-top md-icon" data-md-component="top" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M13 20h-2V8l-5.5 5.5-1.42-1.42L12 4.16l7.92 7.92-1.42 1.42L13 8v12Z"/></svg>
Back to top
</button>
</main>
<footer class="md-footer">
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<!--
Copyright (c) 2016-2024 Martin Donath <martin.donath@squidfunk.com>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to
deal in the Software without restriction, including without limitation the
rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
sell copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
IN THE SOFTWARE.
-->
<!-- Copyright and theme information -->
<div class="md-copyright">
Made with
<a
href="https://squidfunk.github.io/mkdocs-material/"
target="_blank" rel="noopener"
>
Material for MkDocs
</a>
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "../../..", "features": ["content.code.annotate", "navigation.top", "navigation.tracking", "navigation.indexes", "navigation.instant", "navigation.tabs", "navigation.tabs.sticky"], "search": "../../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}, "version": {"provider": "mike"}}</script>
<script src="../../../assets/javascripts/bundle.1e8ae164.min.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink