Currently, nginx-ingress controller can be run as a
ClusterIP type service, however, it does not allow publishing this service's endpoints to associated ingress objects. As a result, external-dns is not able to detect these ingress objects without any IP Address to create/update
A DNS records for them.
Many may argue that why will someone need DNS records for ingress objects using
ClusterIP type nginx-ingress service. They aren't reachable from outside the kubernetes cluster, anyways.
However, I see a number of reasons why you will want to create DNS records for ingress objects associated with a
- Regarding accessing the cluster's internal network from outside, we can always install OpenVPN in the Kubernetes cluster using this chart, and expose it to the internet using
- Always creating
LoadBalancertype service can be costly.
- Some cloud providers like DigitalOcean do not support private load balancer, and their compute nodes are accessible over the public internet. So, we cannot expose our internal applications via
NodePorttype service in these cloud providers.
So, I see a solid reason why we might want to enable publishing endpoints for
nginx-ingress service to the associated
ingress objects, so that
external-dns can discover them for publishing DNS records for them.
If you look at the source of
nginx-ingress here: kubernetes/ingress-nginx, you will see that
publishService is done only for
NodePort type service. All we need to do is enable it for
ClusterIP as well.
This is how I achieved it here: https://github.com/kubernetes/ingress-nginx/pull/4462
I have already built a docker image from this change and I am using this custom image in my personal DigitalOcean Kubernetes cluster. And, it worked like a charm.
If you want to do something similar, please feel free to use my work above.