Warning This document has not been updated for a while now. It may be out of date.

Last updated: 27 Aug 2021

govuk-infrastructure: 9. Use external-dns for DNS record management

Date: 2021-08-27

Status

Accepted

Context

We want to be able to manage DNS records for Kubernetes Ingress and Service type=Loadbalancer resources declaratively via Kubernetes resources, so that we avoid the overhead and brittleness of manual DNS management with Terraform.

external-dns is the primary project in this space and gives us everything we need; Route53 integration, support for all AWS load balancer types, integration with alb-ingress-controller and IRSA support.

Decision

Use external-dns.

Consequences

Can be installed via a Helm chart.

Ingress and Service resources can configure a DNS record with a simple annotation:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    external-dns.alpha.kubernetes.io/hostname: foo.test.govuk.digital