Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Gandi - no hosted domain matching record #4981

Open
madchap opened this issue Dec 28, 2024 · 0 comments
Open

Gandi - no hosted domain matching record #4981

madchap opened this issue Dec 28, 2024 · 0 comments
Labels
kind/bug Categorizes issue or PR as related to a bug.

Comments

@madchap
Copy link

madchap commented Dec 28, 2024

What happened:
I configured external-dns within my AWS EKS cluster. It monitors (1) ingress and should create a CNAME record.

Debug logs shows the following:

time="2024-12-28T15:29:43Z" level=debug msg="Endpoints generated from ingress: default/my-sentry: [sentry.example.tech 0 IN CNAME  k8s-default-mysentry-bff6c36e60-1362345438.eu-central-2.elb.amazonaws.com [] sentry.example.tech 0 IN CNAME  k8s-default-mysentry-bff6c36e60-1362345438.eu-central-2.elb.amazonaws.com []]"
time="2024-12-28T15:29:43Z" level=debug msg="Removing duplicate endpoint sentry.example.tech 0 IN CNAME  k8s-default-mysentry-bff6c36e60-1362345438.eu-central-2.elb.amazonaws.com []"
time="2024-12-28T15:29:43Z" level=debug msg="Skipping record sentry.example.tech because no hosted domain matching record DNS Name was detected"
time="2024-12-28T15:29:43Z" level=debug msg="Skipping record sentry.example.tech because no hosted domain matching record DNS Name was detected"
time="2024-12-28T15:29:43Z" level=debug msg="Skipping record cname-sentry.example.tech because no hosted domain matching record DNS Name was detected"

The PAT I created has the following rights:
image

What you expected to happen: The CNAME gets created and later updated.

How to reproduce it (as minimally and precisely as possible):
My tofu kubernetes deployment looks like that:

resource "kubernetes_deployment" "external_dns" {
  metadata {
    name = "external-dns"
    namespace = "default"
  }

  spec {
    replicas = 1
    selector {
      match_labels = {
        app = "external-dns"
      }
    }
    strategy {
      type = "Recreate"
    }
    template {
      metadata {
        labels = {
          app = "external-dns"
        }
        namespace = "default" # must be same as pods using it
      }

      spec {
        service_account_name = "external-dns"
        container {
          name  = "external-dns"
          image = "registry.k8s.io/external-dns/external-dns:v0.15.1"
          args = [
            "--source=ingress", # can be services too
            "--provider=gandi",
            "--domain-filter=example.tech",
            "--log-level=debug"
          ]
          volume_mount {
            name       = "secrets-store-inline"
            mount_path = "/mnt/secrets-store"
            read_only  = true
          }

          env {
            name  = "GANDI_PAT"
            value = kubernetes_secret.external_dns.data["GANDI_PAT"]
          }
        }

        volume {
          name = "secrets-store-inline"
          csi {
            driver = "secrets-store.csi.k8s.io"
            read_only = true
            volume_attributes = {
              secretProviderClass = "aws-secretsmanager"
            }
          }
        }
      }
    }
  }

  timeouts {
    create = "2m"
  }
}

giving this deployment:

Name:               external-dns
Namespace:          default
CreationTimestamp:  Fri, 27 Dec 2024 17:57:15 +0100
Labels:             <none>
Annotations:        deployment.kubernetes.io/revision: 5
Selector:           app=external-dns
Replicas:           1 desired | 1 updated | 1 total | 1 available | 0 unavailable
StrategyType:       Recreate
MinReadySeconds:    0
Pod Template:
  Labels:           app=external-dns
  Service Account:  external-dns
  Containers:
   external-dns:
    Image:      registry.k8s.io/external-dns/external-dns:v0.15.1
    Port:       <none>
    Host Port:  <none>
    Args:
      --source=ingress
      --provider=gandi
      --domain-filter=example.tech
      --log-level=debug
    Environment:
      GANDI_PAT:  xxxxxxxxxxxxxxxx
    Mounts:
      /mnt/secrets-store from secrets-store-inline (ro)
  Volumes:
   secrets-store-inline:
    Type:              CSI (a Container Storage Interface (CSI) volume source)
    Driver:            secrets-store.csi.k8s.io
    FSType:            
    ReadOnly:          true
    VolumeAttributes:      secretProviderClass=aws-secretsmanager
  Node-Selectors:      <none>
  Tolerations:         <none>
Conditions:
  Type           Status  Reason
  ----           ------  ------
  Available      True    MinimumReplicasAvailable
  Progressing    True    NewReplicaSetAvailable
OldReplicaSets:  external-dns-78dc87bd5c (0/0 replicas created), external-dns-7d5c999985 (0/0 replicas created), external-dns-57b5964574 (0/0 replicas created), external-dns-84b99b4d77 (0/0 replicas created)
NewReplicaSet:   external-dns-d4df6695b (1/1 replicas created)
Events:
  Type    Reason             Age    From                   Message
  ----    ------             ----   ----                   -------
  Normal  ScalingReplicaSet  38m    deployment-controller  Scaled down replica set external-dns-7d5c999985 to 0 from 1
  Normal  ScalingReplicaSet  38m    deployment-controller  Scaled up replica set external-dns-57b5964574 to 1
  Normal  ScalingReplicaSet  19m    deployment-controller  Scaled down replica set external-dns-57b5964574 to 0 from 1
  Normal  ScalingReplicaSet  19m    deployment-controller  Scaled up replica set external-dns-84b99b4d77 to 1
  Normal  ScalingReplicaSet  9m56s  deployment-controller  Scaled down replica set external-dns-84b99b4d77 to 0 from 1
  Normal  ScalingReplicaSet  9m55s  deployment-controller  Scaled up replica set external-dns-d4df6695b to 1

I also tried without the --domain-filter, same result.

Anything else we need to know?:

Environment:

  • External-DNS version (use external-dns --version): 15.1
  • DNS provider: Gandi.
  • Others:
@madchap madchap added the kind/bug Categorizes issue or PR as related to a bug. label Dec 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/bug Categorizes issue or PR as related to a bug.
Projects
None yet
Development

No branches or pull requests

1 participant