-
Notifications
You must be signed in to change notification settings - Fork 23
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support to ExternalDNS #11
Comments
I'm interested in this 👍 |
What would make sense in terms of configuration and the user-experience? |
You could use external-dns annotations: apiVersion: openfaas.com/v1alpha2
kind: FunctionIngress
metadata:
name: nodeinfo
namespace: openfaas
annotations:
external-dns.alpha.kubernetes.io/hostname: example.com
external-dns.alpha.kubernetes.io/ttl: "120" #optional
spec:
domain: "nodeinfo.myfaas.club"
function: "nodeinfo"
ingressType: "nginx" Or we could add our flag on apiVersion: openfaas.com/v1alpha2
kind: FunctionIngress
metadata:
name: nodeinfo
namespace: openfaas
spec:
domain: "nodeinfo.myfaas.club"
function: "nodeinfo"
ingressType: "nginx"
# this
externalDns: "true"
# or
enableExternalDns: "true" What do you think? |
The first example will work once #7 is merged, could you try that out and then we'll look at the demand for a custom annotation inside the |
Wow, that's cool! Personally, I prefer the first one, but if there's demand for a custom flag we can implement it. I'll test the As an another discussion (I can open another issue for that if necessary), since the annotations are being copied we could make the apiVersion: openfaas.com/v1alpha2
kind: FunctionIngress
metadata:
name: nodeinfo-tls
namespace: openfaas
annotations:
# Use standard nginx-ingress annotation
kubernetes.io/ingress.class: "nginx"
# Use standard cert-manager annotation
certmanager.k8s.io/issuer: "letsencrypt-staging"
# or
certmanager.k8s.io/cluster-issuer: "letsencrypt-staging"
spec:
domain: "nodeinfo-tls.myfaas.club"
function: "nodeinfo"
# Remove this flag and use standard nginx annotation
ingressType: "nginx"
tls:
enabled: true
# Remove this flag and use standard cert-manager annotation
issuerRef:
name: "letsencrypt-staging"
kind: "Issuer" What do you think? |
Expected Behaviour
It's still needed to manually create a DNS entry when using
FunctionIngress
. Implementing support to ExternalDNS would allowFunctionIngress
to create, delete and update DNS entries automatically.Current Behaviour
The need to create manually DNS entries each time a new
FunctionIngress
is deployed.Possible Solution
Implement support for ExternalDNS to manage DNS entries automatically.
This tutorial shows how to use ExternalDNS with NGINX Ingress. The behaviour is basically synchronising the Ingress domains names with the DNS.
Also, if using with Services, ExternalDNS has annotations to indicate that the DNS entry should be manager, as shown in this example. We could try to enable/disable the ExternalDNS in
FunctionIngress
with these annotations.Context
Would be amazing to eliminate one more manual process to get TLS/custom handlers to our functions ⚡️
The text was updated successfully, but these errors were encountered: