diff --git a/ci/aws/aws-cluster.lokocfg.envsubst b/ci/aws/aws-cluster.lokocfg.envsubst index 88672c53c..a6f9849eb 100644 --- a/ci/aws/aws-cluster.lokocfg.envsubst +++ b/ci/aws/aws-cluster.lokocfg.envsubst @@ -40,7 +40,8 @@ component "cert-manager" { } component "external-dns" { - policy = "sync" + policy = "sync" + owner_id = "$CLUSTER_ID" aws { zone_id = "$AWS_DNS_ZONE_ID" aws_access_key_id = "$AWS_ACCESS_KEY_ID" diff --git a/ci/packet/packet-cluster.lokocfg.envsubst b/ci/packet/packet-cluster.lokocfg.envsubst index 0ec049417..fec3deb07 100644 --- a/ci/packet/packet-cluster.lokocfg.envsubst +++ b/ci/packet/packet-cluster.lokocfg.envsubst @@ -47,7 +47,8 @@ component "cert-manager" { } component "external-dns"{ - policy = "sync" + policy = "sync" + owner_id = "$CLUSTER_ID" aws { zone_id = "$AWS_DNS_ZONE_ID" aws_access_key_id = "$AWS_ACCESS_KEY_ID" diff --git a/docs/configuration-reference/components/external-dns.md b/docs/configuration-reference/components/external-dns.md index 2a240d31e..ae027f5c3 100644 --- a/docs/configuration-reference/components/external-dns.md +++ b/docs/configuration-reference/components/external-dns.md @@ -59,17 +59,18 @@ Table of all the arguments accepted by the component. Example: -| Argument | Description | Default | Required | -|-----------------------------|-------------------------------------------------------------------------------------------------------------------|:--------------:|:--------:| -| `sources` | Kubernetes resources type to be observed for new DNS entries by ExternalDNS. | ["service"] | false | -| `namespace` | Namespace to install ExternalDNS. | "external-dns" | false | -| `policy` | Modify how DNS records are sychronized between sources and providers (options: sync, upsert-only). | "upsert-only" | false | -| `metrics` | Enable metrics collection by Prometheus. Needs [Prometheus Operator component](prometheus-operator.md) installed. | false | false | -| `aws` | Configuration block for AWS Route53 DNS provider. | - | true | -| `aws.zone_type` | Filter for zones of this type (options: public, private). | "public" | false | -| `aws.zone_id` | ID of the DNS zone. | - | true | -| `aws.aws_access_key_id` | AWS access key ID for AWS credentials. Use environment variable AWS_ACCESS_KEY_ID instead. | - | false | -| `aws.aws_secret_access_key` | AWS secret access key for AWS credentials. Use environment variable AWS_SECRET_ACCESS_KEY instead. | - | false | +| Argument | Description | Default | Required | +|-----------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------|:--------------:|:--------:| +| `sources` | Kubernetes resources type to be observed for new DNS entries by ExternalDNS. | ["service"] | false | +| `namespace` | Namespace to install ExternalDNS. | "external-dns" | false | +| `policy` | Modify how DNS records are sychronized between sources and providers (options: sync, upsert-only). | "upsert-only" | false | +| `metrics` | Enable metrics collection by Prometheus. Needs [Prometheus Operator component](prometheus-operator.md) installed. | false | false | +| `owner_id` | A name that identifies this instace of ExternalDNS. Set it to a unique value across the DNS zone that doesn't change for the lifetime of the cluster. | - | true | +| `aws` | Configuration block for AWS Route53 DNS provider. | - | true | +| `aws.zone_type` | Filter for zones of this type (options: public, private). | "public" | false | +| `aws.zone_id` | ID of the DNS zone. | - | true | +| `aws.aws_access_key_id` | AWS access key ID for AWS credentials. Use environment variable AWS_ACCESS_KEY_ID instead. | - | false | +| `aws.aws_secret_access_key` | AWS secret access key for AWS credentials. Use environment variable AWS_SECRET_ACCESS_KEY instead. | - | false | ## Applying diff --git a/pkg/components/external-dns/component.go b/pkg/components/external-dns/component.go index 6b9a8de0c..0b710ab15 100644 --- a/pkg/components/external-dns/component.go +++ b/pkg/components/external-dns/component.go @@ -43,7 +43,7 @@ aws: secretKey: "{{ .AwsConfig.SecretAccessKey }}" accessKey: "{{ .AwsConfig.AccessKeyID }}" zoneType: {{ .AwsConfig.ZoneType }} -txtOwnerId: {{ .AwsConfig.ZoneID }} +txtOwnerId: {{ .OwnerID }} {{- end }} policy: {{ .Policy }} replicas: 3 @@ -68,6 +68,7 @@ type component struct { Metrics bool `hcl:"metrics,optional"` Policy string `hcl:"policy,optional"` AwsConfig AwsConfig `hcl:"aws,block"` + OwnerID string `hcl:"owner_id"` } func newComponent() *component { diff --git a/pkg/components/external-dns/component_test.go b/pkg/components/external-dns/component_test.go index db67c31d3..4fe183b14 100644 --- a/pkg/components/external-dns/component_test.go +++ b/pkg/components/external-dns/component_test.go @@ -68,6 +68,7 @@ func TestAwsConfigWithoutProvidingCredentials(t *testing.T) { sources = ["service"] metrics = false policy = "upsert-only" + owner_id = "test-owner" aws { zone_id = "TESTZONEID" zone_type = "public" @@ -97,6 +98,7 @@ func TestAwsConfigBySettingEnvVariables(t *testing.T) { sources = ["service"] metrics = false policy = "upsert-only" + owner_id = "test-owner" aws { zone_id = "TESTZONEID" zone_type = "public" @@ -133,6 +135,7 @@ func TestAwsConfigBySettingEmptyEnvVariables(t *testing.T) { sources = ["service"] metrics = false policy = "upsert-only" + owner_id = "test-owner" aws { zone_id = "TESTZONEID" zone_type = "public" @@ -168,6 +171,7 @@ func TestAwsConfigBySettingConfigFields(t *testing.T) { sources = ["service"] metrics = false policy = "upsert-only" + owner_id = "test-owner" aws { zone_id = "TESTZONEID" zone_type = "public"