MCPcopy Index your code
hub / github.com/kubernetes-sigs/external-dns

github.com/kubernetes-sigs/external-dns @external-dns-helm-chart-1.21.1

repository ↗ · DeepWiki ↗ · release external-dns-helm-chart-1.21.1 ↗ · + Follow
3,881 symbols 17,016 edges 328 files 1,177 documented · 30%
README

hide: - toc - navigation


ExternalDNS

ExternalDNS

Build Status Coverage Status GitHub release go-doc Go Report Card ExternalDNS docs Ask DeepWiki

ExternalDNS synchronizes exposed Kubernetes Services and Ingresses with DNS providers.

Documentation

This README is a part of the complete documentation, available here and DeepWiki.

What It Does

Inspired by Kubernetes DNS, Kubernetes' cluster-internal DNS server, ExternalDNS makes Kubernetes resources discoverable via public DNS servers. Like KubeDNS, it retrieves a list of resources (Services, Ingresses, etc.) from the Kubernetes API to determine a desired list of DNS records. Unlike KubeDNS, however, it's not a DNS server itself, but merely configures other DNS providers accordingly—e.g. AWS Route 53 or Google Cloud DNS.

In a broader sense, ExternalDNS allows you to control DNS records dynamically via Kubernetes resources in a DNS provider-agnostic way.

The FAQ contains additional information and addresses several questions about key concepts of ExternalDNS.

To see ExternalDNS in action, have a look at this video or read this blogpost.

The Latest Release

ExternalDNS allows you to keep selected zones (via --domain-filter) synchronized with Ingresses and Services of type=LoadBalancer and nodes in various DNS providers:

ExternalDNS is, by default, aware of the records it is managing, therefore it can safely manage non-empty hosted zones. We strongly encourage you to set --txt-owner-id to a unique value that doesn't change for the lifetime of your cluster. You might also want to run ExternalDNS in a dry run mode (--dry-run flag) to see the changes to be submitted to your DNS Provider API.

Note that all flags can be replaced with environment variables; for instance, --dry-run could be replaced with EXTERNAL_DNS_DRY_RUN=1.

New providers

No new provider will be added to ExternalDNS in-tree.

ExternalDNS has introduced a webhook system, which can be used to add a new provider. See PR #3063 for all the discussions about it.

Some known providers using webhooks are the ones in the table below.

NOTE: The maintainers of ExternalDNS have not reviewed those providers, use them at your own risk and following the license and usage recommendations provided by the respective projects. The maintainers of ExternalDNS take no responsibility for any issue or damage from the usage of any externally developed webhook.

Provider Repo
Abion https://github.com/abiondevelopment/external-dns-webhook-abion
Adguard Home Provider https://github.com/muhlba91/external-dns-provider-adguard
Anexia https://github.com/anexia/k8s-external-dns-webhook
Bizfly Cloud https://github.com/bizflycloud/external-dns-bizflycloud-webhook
ClouDNS https://github.com/rwunderer/external-dns-cloudns-webhook
deSEC https://github.com/michelangelomo/external-dns-desec-provider
DigitalOcean https://github.com/amoniacou/external-dns-digitalocean-webhook
Dreamhost https://github.com/asymingt/external-dns-dreamhost-webhook
Efficient IP https://github.com/EfficientIP-Labs/external-dns-efficientip-webhook
Gcore https://github.com/G-Core/external-dns-gcore-webhook
GleSYS https://github.com/glesys/external-dns-glesys
Hetzner https://github.com/mconfalonieri/external-dns-hetzner-webhook
Huawei Cloud https://github.com/setoru/external-dns-huaweicloud-webhook
IONOS https://github.com/ionos-cloud/external-dns-ionos-webhook
Infoblox https://github.com/AbsaOSS/external-dns-infoblox-webhook
Infomaniak https://github.com/M0NsTeRRR/external-dns-webhook-infomaniak
Mikrotik https://github.com/mirceanton/external-dns-provider-mikrotik
Myra Security https://github.com/Myra-Security-GmbH/external-dns-myrasec-webhook
Netcup https://github.com/mrueg/external-dns-netcup-webhook
Netic https://github.com/neticdk/external-dns-tidydns-webhook
OpenStack Designate https://github.com/inovex/external-dns-designate-webhook
OpenWRT https://github.com/renanqts/external-dns-openwrt-webhook
PS Cloud Services https://github.com/supervillain3000/external-dns-pscloud-webhook
SAKURA Cloud https://github.com/sacloud/external-dns-sacloud-webhook
Simply https://github.com/uozalp/external-dns-simply-webhook
STACKIT https://github.com/stackitcloud/external-dns-stackit-webhook
Unbound https://github.com/guillomep/external-dns-unbound-webhook
Unifi https://github.com/kashalls/external-dns-unifi-webhook
UniFi https://github.com/lexfrei/external-dns-unifios-webhook
Volcengine Cloud https://github.com/volcengine/external-dns-volcengine-webhook
Vultr https://github.com/vultr/external-dns-vultr-webhook
Yandex Cloud https://github.com/ismailbaskin/external-dns-yandex-webhook/

Status of in-tree providers

ExternalDNS supports multiple DNS providers which have been implemented by the ExternalDNS contributors. Maintaining all of those in a central repository is a challenge, which introduces lots of toil and potential risks.

This mean that external-dns has begun the process to move providers out of tree. See #4347 for more details. Those who are interested can create a webhook provider based on an in-tree provider and after submit a PR to reference it here.

We define the following stability levels for providers:

  • Stable: Used for smoke tests before a release, used in production and maintainers are active.
  • Beta: Community supported, well tested, but maintainers have no access to resources to execute integration tests on the real platform and/or are not using it in production.
  • Alpha: Community provided with no support from the maintainers apart from reviewing PRs.

The following table clarifies the current status of the providers according to the aforementioned stability levels:

Provider Status Maintainers
Google Cloud DNS Stable
AWS Route 53 Stable
AWS Cloud Map Beta
Akamai Edge DNS Beta
AzureDNS Stable
Civo Alpha @alejandrojnm
CloudFlare Beta
DNSimple Alpha
PowerDNS Alpha
CoreDNS Alpha
Exoscale Alpha
Oracle Cloud Infrastructure DNS Alpha
Linode DNS Alpha
RFC2136 Alpha
NS1 Alpha
TransIP Alpha
OVHcloud Beta @rbeuque74
Scaleway DNS Alpha @Sh4d1
GoDaddy Alpha
Gandi Alpha @packi
Plural Alpha @michaeljguarino
Pi-hole Alpha @tinyzimmer
Alibaba Cloud DNS Alpha

Kubernetes version compatibility

Breaking changes were introduced in external-dns in the following versions:

  • v0.10.0: use of networking.k8s.io/ingresses instead of extensions/ingresses (see #2281)
  • v0.18.0: use of discovery.k8s.io/endpointslices instead of endpoints (see #5493)
  • v0.19.0: don't expose internal ipv6 by default (see #5575) and disable legacy listeners on traefik.containo.us API Group (see #5565)
ExternalDNS ≤ 0.9.x ≥ 0.10.x and ≤ 0.17.x ≥ 0.18.x
Kubernetes ≤ 1.18 :white_check_mark: :x: :x:
Kubernetes 1.19 and 1.20 :white_check_mark: :white_check_mark: :x:
Kubernetes 1.21 :white_check_mark: :white_check_mark: :white_check_mark:
Kubernetes ≥ 1.22 and ≤ 1.32 :x: :white_check_mark: :white_check_mark:
Kubernetes ≥ 1.33 :x: :x: :white_check_mark:

Running ExternalDNS

There are two ways of running ExternalDNS:

  • Deploying to a Cluster
  • Running Locally

Deploying to a Cluster

The following tutorials are provided:

Extension points exported contracts — how you extend this code

Source (Interface)
Source defines the interface Endpoint sources should implement. [28 implementers]
source/source.go
Provider (Interface)
Provider defines the interface DNS providers should implement. [10 implementers]
provider/provider.go
EgoscaleClientI (Interface)
EgoscaleClientI for replaceable implementation [5 implementers]
provider/exoscale/exoscale.go
Registry (Interface)
Registry tracks ownership of DNS records managed by external-dns. [4 implementers]
registry/registry.go
IMetric (Interface)
(no doc) [12 implementers]
pkg/metrics/models.go
DomainFilterInterface (Interface)
(no doc) [6 implementers]
endpoint/domain_filter.go
AnnotatedObject (Interface)
AnnotatedObject represents any Kubernetes object with annotations [4 implementers]
source/annotations/filter.go
NS1DomainClient (Interface)
NS1DomainClient is a subset of the NS1 API the provider uses, to ease testing [4 implementers]
provider/ns1/ns1.go

Core symbols most depended-on inside this repo

String
called by 645
provider/ovh/ovh.go
NewEndpoint
called by 555
endpoint/endpoint.go
Error
called by 428
provider/godaddy/client.go
Run
called by 387
controller/controller.go
NewEndpointWithTTL
called by 343
endpoint/endpoint.go
Len
called by 241
endpoint/endpoint.go
Create
called by 222
provider/google/google.go
Run
called by 214
pkg/events/controller.go

Shape

Function 1,977
Method 1,372
Struct 434
Interface 59
TypeAlias 23
FuncType 14
Class 2

Languages

Go100%
Python1%

Modules by API surface

provider/aws/aws_test.go71 symbols
provider/cloudflare/cloudflare_test.go69 symbols
provider/aws/aws.go62 symbols
provider/alibabacloud/alibaba_cloud.go59 symbols
source/traefik_proxy.go55 symbols
endpoint/endpoint.go54 symbols
provider/cloudflare/cloudflare.go52 symbols
source/gateway.go51 symbols
provider/google/google_test.go48 symbols
provider/exoscale/exoscale_test.go47 symbols
registry/txt/registry_test.go43 symbols
plan/plan_test.go43 symbols

Dependencies from manifests, versioned

cloud.google.com/go/auth/oauth2adaptv0.2.8 · 1×
cloud.google.com/go/compute/metadatav0.9.0 · 1×
github.com/Azure/azure-sdk-for-go/sdk/azcorev1.21.0 · 1×
github.com/Azure/azure-sdk-for-go/sdk/azidentityv1.13.1 · 1×
github.com/Azure/azure-sdk-for-go/sdk/internalv1.11.2 · 1×
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dns/armdnsv1.2.0 · 1×
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatednsv1.3.0 · 1×
github.com/AzureAD/microsoft-authentication-library-for-gov1.6.0 · 1×
github.com/F5Networks/k8s-bigip-ctlr/v2v2.20.2 · 1×
github.com/Yamashou/gqlgencv0.33.0 · 1×

For agents

$ claude mcp add external-dns \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact