Please add support for rfc2136 to manage multiple DNS zones per deployment

[ieugen]

What would you like to be added:

I would like for rfc2136 provider to easily support multiple zones per deployment.
I asked on Slack and this is not currently possible.

Why is this needed:

I have multiple zones that I would like to update with exstenrnal-dns (dev.example.com, beta.example.com, staging.example.com)

I'm looking to deploy external-dns with rfc2136 provider for 3 zones managed by FreeIPA DNS - bind9.
My parent zone is managed by Cloudflare and I delegate control in FreeIPA because I have access controls there and I can delegate to specific users access to each zone.

In https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/rfc2136.md and the helm chart, there seems to be a single value for rfc2136.zone https://github.com/bitnami/charts/tree/master/bitnami/external-dns

I asked on Slack and got the following suggestions

@stefanlasiewski

And I don’t know for certain, but you may be able to set up one ExternalDNS instance for each zone, and make sure they each have a unique value for rfc2136.zone as well as some other sort of unique identifier to distinguish each of the ExternalDNSs. Perhaps keep each one it’s own namespace.

While good, the solution does not scale well past a few zones.

@jgrumboe

I also haven't used rfc2136 provider but with a quick look into the code (https://github.com/kubernetes-sigs/external-dns/blob/master/provider/rfc2136/rfc2136.go#L182) it's implemented as an 1:1 relationship from external-dns deployment to rfc2136.zone.
External-DNS needs to fetch the existing records first and since there's no API like "give me all your domains plus records" a normal AXFR zonetransfer is needed which needs a zone to be specified. (edited)
provider/rfc2136/rfc2136.go:182
m.SetAxfr(r.zoneName)
https://github.com/kubernetes-sigs/external-dns|kubernetes-sigs/external-dnskubernetes-sigs/external-dns

So I would agree with Stefan that you either need to set up three external-dns for each domain with rfc2136.zone and domain-filter configured to each zone or you could try to setup one deployment for the "parent" example.org to manage the subdomain records there.

I don't know or use Go so I won't contribute code, but I can help out with testing, docs and feature refinement for this feature.

[fejta-bot]

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale

[fejta-bot]

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle rotten

[ieugen]

/remove-lifecycle rotten

[fejta-bot]

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale

[fejta-bot]

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle rotten

[ieugen]

/remove-lifecycle rotten

[k8s-triage-robot]

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Reopen this issue or PR with /reopen
• Mark this issue or PR as fresh with /remove-lifecycle rotten
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close

[k8s-ci-robot]

@k8s-triage-robot: Closing this issue.

In response to this:

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Reopen this issue or PR with /reopen
• Mark this issue or PR as fresh with /remove-lifecycle rotten
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[ieugen]

/reopen

[k8s-ci-robot]

@ieugen: Reopened this issue.

In response to this:

/reopen

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[k8s-triage-robot]

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Reopen this issue or PR with /reopen
• Mark this issue or PR as fresh with /remove-lifecycle rotten
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close

[k8s-ci-robot]

@k8s-triage-robot: Closing this issue.

In response to this:

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Reopen this issue or PR with /reopen
• Mark this issue or PR as fresh with /remove-lifecycle rotten
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[CRASH-Tech]

/reopen

[k8s-ci-robot]

@CRASH-Tech: You can't reopen an issue/PR unless you authored it or you are a collaborator.

In response to this:

/reopen

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[ieugen]

/reopen

[k8s-ci-robot]

@ieugen: Reopened this issue.

In response to this:

/reopen

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.