Installing ExternalDNS with a plugin for Yandex Cloud DNS

ExternalDNS allows you to create DNS records in Yandex Cloud DNS automatically. ExternalDNS makes Kubernetes resources discoverable through public DNS servers.

Getting startedGetting started

1. If you do not have the Yandex Cloud CLI yet, install and initialize it.

   The folder specified when creating the CLI profile is used by default. To change the default folder, use the yc config set folder-id <folder_ID> command. You can specify a different folder using the --folder-name or --folder-id parameter.

2. Create a service account for Cloud DNS.

3. Assign it the dns.editor role.

4. Create an authorized key for the service account in JSON format and save it to the key.json file:

   yc iam key create \
     --service-account-name <service_account_name> \
     --format json \
     --output key.json
   

5. Make sure that the security groups for the Managed Service for Kubernetes cluster and its node groups are configured correctly. If any rule is missing, add it.

   Warning

   The configuration of security groups determines the performance and availability of the cluster and the services and applications running in it.

Installation using Yandex Cloud MarketplaceInstallation using Yandex Cloud Marketplace

1. Navigate to the folder dashboard and select Managed Service for Kubernetes.
2. Click the name of the Managed Service for Kubernetes cluster you need and select the Marketplace tab.
3. Under Application available for installation, select ExternalDNS with a plugin for Yandex Cloud DNS and click Go to install.
4. Configure the application:
   • Namespace: Create a new namespace, e.g., externaldns-space. If you leave the default namespace, ExternalDNS may work incorrectly.
   • Application name: Specify the application name.
   • Service account key: Paste the contents of the key.json file or create a new authorized key for the service account. The service account must have the dns.editor role.
   • Folder ID: Specify the folder hosting the Cloud DNS zone.
5. Click Install.
6. Wait for the application to change its status to Deployed.

Installation using a Helm chartInstallation using a Helm chart

1. Install Helm v3.8.0 or higher.

2. Install kubect and configure it to work with the new cluster.

3. To install a Helm chart with ExternalDNS, run the following command:

   helm pull oci://cr.yandex/yc-marketplace/yandex-cloud/externaldns/chart/externaldns \
     --version 0.5.1-b \
     --untar && \
   helm install \
     --namespace <namespace> \
     --create-namespace \
     --set config.folder_id=<ID_of_folder_with_DNS_zone> \
     --set-file config.auth.json=<path_to_file_with_service_account_authorized_key> \
     externaldns ./externaldns/
   

   If you set namespace to the default namespace, ExternalDNS may work incorrectly. We recommend you to specify a value different from all existing namespaces (e.g., externaldns-space).

   Note

   If you are using a Helm version below 3.8.0, append the export HELM_EXPERIMENTAL_OCI=1 && \ string to the command to enable Open Container Initiative (OCI) support in the Helm client.

Operation specificsOperation specifics

To automatically create DNS records using ExternalDNS with a plugin for Yandex Cloud DNS:

• If you have an Ingress controller installed, no additional setup is required.

• For LoadBalancer type services, use this annotation: "external-dns.alpha.kubernetes.io/hostname=<your_domain>".

  To set the TTL of a DNS record, use this annotation: "external-dns.alpha.kubernetes.io/ttl=<TTL_in_seconds>".

Use casesUse cases

• Configuring logging for an Yandex Application Load Balancer L7 load balancer using an Ingress controller.
• Deploying and load testing a gRPC service with scaling.

See alsoSee also

• ExternalDNS documentation