Depending on your DNS back-end provider, prepare your back end and the metadata model of your MCP cluster before setting up ExternalDNS. If you do not have an active DNS back-end provider yet, you can use CoreDNS that functions as an on-premises open-source alternative to cloud DNS services.
To prepare a DNS back end
Select from the following options depending on your DNS back end:
For AWS Route 53:
Log in to your AWS Route 53 console.
Navigate to the AWS Services page.
In the search field, type “Route 53” to find the corresponding service page.
On the Route 53 page, find the DNS management icon and click Get started now.
On the DNS management page, click Create hosted zone.
On the right side of the Create hosted zone window:
Add <your_mcp_domain.>.local
name.
Select the Public Hosted Zone type.
Click Create.
You will be redirected to the previous page with two records of NS
and SOA
type. Keep the link of this page for verification
after the ExernalDNS deployment.
Click Back to Hosted zones.
Locate and copy the Hosted Zone ID in the corresponding column of your recently created hosted zone.
Add this ID to the following template:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"route53:ChangeResourceRecordSets",
"route53:ListResourceRecordSets",
"route53:GetHostedZone
],
"Resource": [
"arn:aws:route53:::hostedzone/<YOUR_ZONE_ID>"
]
},
{
"Effect" : "Allow",
"Action" : [
"route53:GetChange"
],
"Resource" : [
"arn:aws:route53:::change/*"
]
},
{
"Effect" : "Allow",
"Action" " [
"route53:ListHostedZones"
],
"Resource" : [
"*"
]
}
]
}
Navigate to Services > IAM > Customer Managed Policies.
Click Create Policy > Create your own policy.
Fill in the required fields:
Policy Name field: externaldns
Policy Document field: use the JSON template provided in step 9
Click Validate Policy.
Click Create Policy. You will be redirected to the policy view page.
Navigate to Users.
Click Add user:
Add a user name: extenaldns
.
Select the Programmatic access check box.
Click Next: Permissions.
Select the Attach existing policy directly option.
Select the Customer managed policy type in the Filter drop-down menu.
Select the externaldns check box.
Click Next: Review.
Click Create user.
Copy the Access key ID and Secret access key.
For Google CloudDNS:
Log in to your Google Cloud Platform web console.
Navigate to IAM & Admin > Service accounts > Create service account.
In the Create service account window, configure your new ExernalDNS service account:
Add a service account name.
Assign the DNS Administrator role to the account.
Select the Furnish a new private key check box and the JSON key type radio button.
The private key is automatically saved on your computer.
Navigate to NETWORKING > Network services > Cloud DNS.
Click CREATE ZONE to create a DNS zone that will be managed by ExternalDNS.
In the Create a DNS zone window, fill in the following fields:
Zone name
DNS name that must contain your MCP domain address
in the <your_mcp_domain>.local
format.
Click Create.
You will be redirected to the Zone details page
with two DNS names of the NS
and SOA
type. Keep this page for
verification after the ExernalDNS deployment.
For Designate:
Log in to the Horizon web UI of your OpenStack environment with Designate.
Create a project with the required admin role as well as generate the access credentials for the project.
Create a hosted DNS zone in this project.
For CoreDNS, proceed to Configure cluster model for ExternalDNS.
Now, proceed to Configure cluster model for ExternalDNS.