使用 ExternalDNS 集成外部DNS服务

准备工作

1. 购买阿里云域名解析服务: https://dns.console.aliyun.com/
2. 查看并记录云账号AK/SK: https://ram.console.aliyun.com/manage/ak
3. 查看并记录云账号资源ID: https://resourcemanager.console.aliyun.com/
4. 创建一个Kubernetes集群: https://console.ucloud.cn/uk8s/manage

环境信息

1. Kubernetes：v1.20.6
2. Helm：v3.5.2
3. nginx-ingress: 0.47.0

思路

1. 部署 external-dns 解析记录来源配置为 ingress/service
2. 配置 external-dns provider 选择 alibabacloud
3. 创建 ingress 记录，验证域名解析是否生效

使用Helm安装 External-dns

helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update

kubectl create namespace external-dns
kubectl annotate namespace external-dns linkerd.io/inject=enabled
kubectl annotate namespace external-dns config.linkerd.io/proxy-await=enabled

kubectl delete secret registry-uhub-secret -n external-dns
kubectl create secret docker-registry registry-uhub-secret \
--namespace=external-dns                                   \
--docker-server=uhub.service.ucloud.cn/shenlan             \
--docker-username='registry_user'                          \
--docker-password='registry_passwd'

docker.io/bitnami/external-dns:0.9.0-debian-10-r0

cat > external-dns-values.yaml << EOF
clusterDomain: admin.local
global:
  imageRegistry: uhub.service.ucloud.cn/shenlan
  imagePullSecrets:
    - registry-uhub-secret
sources:
  - service 
  - ingress
domainFilters:
  - onwalk.net
policy: sync
provider: alibabacloud
alibabacloud:
  accessKeyId: <alibabacloud_accessKey>
  accessKeySecret: <alibabacloud_SecretKey>
  regionId:  <alibabacloud_regionId>
  zoneType: public
EOF

helm upgrade --install external-dns  -f external-dns-values.yaml \
bitnami/external-dns -n external-dns

测试验证

[root@10-9-61-41 ]# kubectl  get svc -n ingress-nginx 
NAME                                 TYPE           CLUSTER-IP       EXTERNAL-IP     PORT(S)                                   AGE
ingress-nginx-controller             LoadBalancer   172.17.248.113   106.75.55.131   80:36929/TCP,443:47897/TCP,22:39400/TCP   17m

[root@10-9-61-41 ]# kubectl  get ingress -A
NAMESPACE     NAME        CLASS    HOSTS                                  ADDRESS         PORTS     AGE
kube-system   hubble-ui   <none>   hubble.onwalk.net                      106.75.55.131   80, 443   47h

登录阿里云控制台，可以看到对应域名已经新增A记录

截屏2021-08-16 下午6.59.45.png

参考

• Sigs/External-DNS: https://github.com/kubernetes-sigs/external-dns
• external-dns chart: https://github.com/bitnami/charts/tree/master/bitnami/external-dns
• 阿里云 External-dns 接入参考 https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/alibabacloud.md