I followed this to deploy K8s ExternalDNS and did followings:
demo.com
)azure.json
)host: api.demo.com
and paths /foo
& /bar
(FYI, AKS AGIC is enabled and "Static Public IP" is being used by Application Gateway)If I understand correctly, ExternalDNS should create record set in Azure DNS Zone and ingresses should work. But no record set is created by ExternalDNS (ingresses are not working).
FYI, If i do the followings, then things are working fine
"Alias type: Azure resource"
which points to the "Static Public IP" used by Application Gateway[Route("api/foo")]
& [Route("api/bar")]
respectivelyhost: demo.com
and paths api/foo/*
& api/bar/*
appgw.ingress.kubernetes.io/backend-path-prefix: "/foo/"
(same for Bar API: "/bar/"
)But, what I want is to host my APIs with api.demo.com
(also SSL with Let's Encrypt)
foo-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: foo-api
namespace: default
annotations:
kubernetes.io/ingress.class: azure/application-gateway
appgw.ingress.kubernetes.io/ssl-redirect: "false"
appgw.ingress.kubernetes.io/backend-path-prefix: "/foo/"
spec:
rules:
- host: api.demo.com
http:
paths:
- path: /foo/*
pathType: Prefix
backend:
service:
name: foo-api
port:
number: 80
external-dns.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: external-dns
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: external-dns
rules:
- apiGroups: [""]
resources: ["services","endpoints","pods"]
verbs: ["get","watch","list"]
- apiGroups: ["extensions","networking.k8s.io"]
resources: ["ingresses"]
verbs: ["get","watch","list"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: external-dns-viewer
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: external-dns
subjects:
- kind: ServiceAccount
name: external-dns
namespace: default
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: external-dns
spec:
strategy:
type: Recreate
selector:
matchLabels:
app: external-dns
template:
metadata:
labels:
app: external-dns
spec:
serviceAccountName: external-dns
containers:
- name: external-dns
image: k8s.gcr.io/external-dns/external-dns:v0.8.0
args:
- --source=service
- --source=ingress
- --domain-filter=demo.com
- --provider=azure
- --azure-resource-group=my-poc-rg
volumeMounts:
- name: azure-config-file
mountPath: /etc/kubernetes
readOnly: true
volumes:
- name: azure-config-file
secret:
secretName: azure-config-file