You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I haven't tried this plugin yet, but if I understand correctly, it observes external Kubernetes resources and creates DNS records in CoreDNS based on them. It eliminates the need for a setup like CoreDNS + etcd + ExternalDNS (writing to etcd) since all the data is already available in Kubernetes resources. This is awesome 🔥 !
However, I'd also like to have HTTPS for my applications, which requires certificates. The most straightforward approach is using cert-manager, Let's Encrypt, and solving the ACME DNS-01 challenge. Cert-manager supports implementing custom solvers, so I'm wondering—would it be possible to implement a custom solver that adds a TXT record to CoreDNS via this plugin (maybe by creating a k8s resource)? Could this plugin support such a use case? It would be amazing to handle everything without introducing additional components.
Currently, one way to solve this is by using the coredns-crd-plugin, a CRD-based DNSEndpoint, and cert-manager-webhook-externaldns (possibly also ExternalDNS, though I’m not sure it's required). This adds at least three components just to solve the ACME challenge, which feels overly complex.
I'd love to hear how others are tackling this problem 🙏 .
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
I haven't tried this plugin yet, but if I understand correctly, it observes external Kubernetes resources and creates DNS records in CoreDNS based on them. It eliminates the need for a setup like CoreDNS + etcd + ExternalDNS (writing to etcd) since all the data is already available in Kubernetes resources. This is awesome 🔥 !
However, I'd also like to have HTTPS for my applications, which requires certificates. The most straightforward approach is using cert-manager, Let's Encrypt, and solving the ACME DNS-01 challenge. Cert-manager supports implementing custom solvers, so I'm wondering—would it be possible to implement a custom solver that adds a TXT record to CoreDNS via this plugin (maybe by creating a k8s resource)? Could this plugin support such a use case? It would be amazing to handle everything without introducing additional components.
Currently, one way to solve this is by using the coredns-crd-plugin, a CRD-based DNSEndpoint, and cert-manager-webhook-externaldns (possibly also ExternalDNS, though I’m not sure it's required). This adds at least three components just to solve the ACME challenge, which feels overly complex.
I'd love to hear how others are tackling this problem 🙏 .
Beta Was this translation helpful? Give feedback.
All reactions