-
Notifications
You must be signed in to change notification settings - Fork 0
TOML Configuration
kubernetes-dns-sync accepts a configuration file in TOML format. The configuration specifies how to discover DNS records (sources) and where to push the DNS records (providers). There are three different sections, each described below. Your config file will have at least one of each kind of block.
The configuration file should be named config.toml and is read from the working directory of the process. The Docker image defaults to the root folder (so, /config.toml) unless you change the working directory.
This config.toml discovers DNS names from Kubernetes Ingress resources which have ingressClassName: nginx, and creates DNS records in Cloudflare, using TXT records as a "registry" to keep track of which records are managed by kubernetes-dns-sync.
[[source]]
type = "ingress"
ingress_class_names = ["nginx"]
[[provider]]
type = "cloudflare"
[registry]
type = "txt"
txt_owner_id = "dns-sync"Further example files can be found in the configs/ directory.
There are a couple extra options which you can add at the top of the file. These concern the timing of the synchronization loop:
# How often to start a sync even if nothing has visibly changed from a Source.
# This interval is useful for fixing any accidental changes on the Provider side.
# Defaults to 1 hour, or 1 minute if watching is disabled.
interval_seconds = 60
# Minimum time between event-triggered syncs.
# This helps deduplicate a batch update (a `kubectl apply` of multiple Ingresses).
# Defaults to 2 seconds. A higher value probably makes sense in a noisy cluster.
debounce_seconds = 2
# If you want to disable watching completely,
# and only depend on `interval_seconds`, set this to true.
# A fresh list of resources will be downloaded from the API Server on every iteration.
# Possibly makes sense on super noisy clusters.
disable_watching = falseA configuration has one or more [[source]] blocks.
Sources are where DNS names and targets are fetched from.
When there are multiple sources, all of the discovered DNS names get combined together into one list.
A configuration has one or more [[provider]] blocks.
Providers are the DNS services that actually serve your DNS records on the Internet.
When there are multiple providers, each of them are operated on individually.
Each provider will receive the combined DNS names from all configured sources.
A valid configuration will have exactly one [registry] block.
The registry allows you to have a DNS sync program share a DNS zone with others, such as Terraform, your manually created records, or another DNS sync program (perhaps running in a different cluster).