Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to Create a TXT Record for Apex/Root Domain #5010

Open
Whooly27 opened this issue Jan 17, 2025 · 0 comments
Open

Unable to Create a TXT Record for Apex/Root Domain #5010

Whooly27 opened this issue Jan 17, 2025 · 0 comments
Labels
kind/bug Categorizes issue or PR as related to a bug.

Comments

@Whooly27
Copy link

Name and Version

Bitnami/external-dns 8.5.1 is packaged by Bitnami, but the issue lies with the external-dns package itself.

What architecture are you using?

amd64

What steps will reproduce the bug?

  1. Set up external DNS with AWS provider
  2. Attempt to create A and TXT records
  3. Records for subdomains are properly created and tracked properly. Records for the apex domain must be deleted manually as they're not tracked due to the lack of the TXT record.

Are you using any custom parameters or values?

  • '--metrics-address=:7979'
  • '--log-level=debug'
  • '--log-format=text'
  • '--domain-filter=<APEX_DOMAIN>'
  • '--policy=upsert-only'
  • '--provider=aws'
  • '--registry=txt'
  • '--interval=1m'
  • '--txt-owner-id=<HOSTED_ZONE_ID>'
  • '--txt-prefix=externaldns.'
  • '--source=istio-gateway'
  • '--aws-api-retries=3'
  • '--aws-zone-type=public'
  • '--aws-batch-change-size=1000'
  • '--txt-encrypt-enabled'
  • '--txt-encrypt-aes-key=$(TXT_AES_ENCRYPTION_KEY)'

And the following values.yaml values:

valuesObject:
        txtPrefix: externaldns.
        logLevel: debug
        txtEncrypt:
          enabled: true
          secretName: txt-encrypt-secret
        txtOwnerId: {{ .Values.aws_route53_hosted_zone_id }}
        domainFilters:
          - <APEX_DOMAIN>
        provider: aws
        policy: upsert-only
        sources:
          - istio-gateway
        aws:
          zoneType: public
          credentials:
            accessKeyIDSecretRef:
              name: external-dns-secret
              key: access-key
            secretAccessKeySecretRef:
              name: external-dns-secret
              key: access-secret-key
          evaluateTargetHealth: true

What is the expected behavior?

TXT Records are created without the cname- prefix.

What do you see instead?

Skipping record {\n Action: \"CREATE\",\n ResourceRecordSet: {\n Name: \"externaldns.cname-<APEX_DOMAIN>\",\n ResourceRecords: [{\n Value: \"\\\".....\n }],\n TTL: 300,\n Type: \"TXT\"\n }\n} because no hosted zone matching record DNS Name was detected.

What is understandable as cname-APEX_DOMAIN doesn't exist, there's a hosted zone with the name of APEX_DOMAIN.

Meanwhile records for subdomains are added properly:
Adding externaldns.cname-www.APEX_DOMAIN to zone www.APEX_DOMAIN.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Whooly27