01d1c7fa1d
Follow up to #11069; use cmp.Diff to compare got vs want. |
||
|---|---|---|
| .. | ||
| cmd/dns-controller | ||
| docs | ||
| pkg | ||
| README.md | ||
README.md
dns-controller
dns-controller creates DNS records.
Motivation
In the bring-up of a new cluster, protokube has already ensured that
we have an etcd cluster and an apiserver. It also sets up DNS
records for the etcd nodes (this is a much simpler problem, because
we have a 1:1 mapping from an etcd node to a DNS name.)
However, none of the nodes can reach the API server to register. Nor
can end-users reach the API. In future we might expose the API server
as a normal service via Type=LoadBalancer or via a normal Ingress,
but for now we just expose it via DNS.
How it works
Pods with hostNetworking
dns-controller can add DNS records that point to nodes with hostNetworknig enabled.
The dns-controller recognizes annotations on pod.
dns.alpha.kubernetes.io/externalwill set up records for accessing the resource using the node's public IP.dns.alpha.kubernetes.io/internalwill set up records for accessing the resource using the node's private IP.
Services
NodePort
The controller also recognizes these annotations on NodePort services:
dns.alpha.kubernetes.io/externalcreates a Route53 A record withpublicIPs of all the nodesdns.alpha.kubernetes.io/internalcreates a Route53 A record withprivateIPs of all the nodes
Loadbalancer
If either of the two annotations are set on a LoadBalancer service, it will create a CNAME for the load balancer hostname or it will create an A record if the load balancer has an IP.
Ingress
dns-controller can optionally watch Ingress resources. To enable this, you need to add the following to the cluster spec:
spec:
externalDns:
watchIngress: true
dns-controller will then map the specified ingress hostname and the LoadBalancer assigned to the ingress.