How to config ExternalDNS in kubeprod with Cloudflare

[meodemsao]

I want to ask how to config kubeprod external dns with cloudflare

[meodemsao]

I can't find any document to overwrite externaldns default config

https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/cloudflare.md

https://github.com/bitnami/kube-prod-runtime/blob/master/manifests/components/externaldns.jsonnet

[javsalgar]

Hi! Thank you for using BKPR. My advice would be configuring your kubeprod-manifest.jsonnet file and so you can modify the external-dns args. There you could set the necessary args to make it work with cloudflare. Would that work for your case?

[meodemsao]

I hope kubeprod need moore example or document

[javsalgar]

Thank you very much for the feedback, I will forward this to the rest of the team to review our current docs.

[meodemsao]

external dns document

apiVersion: apps/v1
kind: Deployment
metadata:
  name: external-dns
spec:
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: external-dns
  template:
    metadata:
      labels:
        app: external-dns
    spec:
      serviceAccountName: external-dns
      containers:
      - name: external-dns
        image: k8s.gcr.io/external-dns/external-dns:v0.7.3
        args:
        - --source=service # ingress is also possible
        - --domain-filter=example.com # (optional) limit to only example.com domains; change to match the zone created above.
        - --zone-id-filter=023e105f4ecef8ad9ca31a8372d0c353 # (optional) limit to a specific zone.
        - --provider=cloudflare
        - --cloudflare-proxied # (optional) enable the proxy feature of Cloudflare (DDOS protection, CDN...)
        env:
        - name: CF_API_KEY
          value: "YOUR_CLOUDFLARE_API_KEY"
        - name: CF_API_EMAIL
          value: "YOUR_CLOUDFLARE_EMAIL"

kubeprod overwrite

(import "https://releases.kubeprod.io/files/v1.6.1/manifests/platforms/eks.jsonnet") {
	config:: import "kubeprod-autogen.json",
	// Place your overrides here
    edns+: {
        deploy+:{
            spec+: {
                template+: {
                    spec+: {
                        containers_+: {
                            edns+: {
                                env_+: {
                                    source: "service",
                                    provider: "cloudflare",
                                    "cloudflare-proxied": true
                                },
                                args_+: {
                                    CF_API_KEY: "xxx",
                                    CF_API_EMAIL: "xxx"
                                }
                            }
                        }
                    }
                }
            }
        },
    }
}

@javsalgar i'm not sure "cloudflare-proxied": true because jsonnet syntax not allow "-" character
do u have any solution with externaldns config for cloudflare provider ?

[meodemsao]

@javsalgar and seem overwrite not work, dns record still created in route53

[javsalgar]

Hi,

Shouldn't this be the other way round?

Instead of

                                env_+: {
                                    source: "service",
                                    provider: "cloudflare",
                                    "cloudflare-proxied": true
                                },
                                args_+: {
                                    CF_API_KEY: "xxx",
                                    CF_API_EMAIL: "xxx"
                                }

Instead

                                args_+: {
                                    source: "service",
                                    provider: "cloudflare",
                                    "cloudflare-proxied": true
                                },
                                env_+: {
                                    CF_API_KEY: "xxx",
                                    CF_API_EMAIL: "xxx"
                                }

Using quotes, the arg cloudflare-proxied should be read correctly.

[meodemsao]

@javsalgar thank for support but decide use helm for setup new cluster