community
community copied to clipboard
aws-controllers-k8s
route53-controller unable to find recordset upon adoption
Describe the bug
When using an AdoptedResource to adopt a route53 RecordSet, e.g. a CNAME, route53-controller is unable to adopt the record, throwing a resource not found error. Using version 0.0.17.
Stack trace:
{"level":"error","ts":"2024-10-08T16:23:39.266Z","msg":"Reconciler error","controller":"adoptedresource","controllerGroup":"services.k8s.aws","controllerKind":"AdoptedResource","AdoptedResource":{"name":"adopt-test-cname","namespace":"ack-system"},"namespace":"ack-system","name":"adopt-test-cname","reconcileID":"0245fc92-4704-4d0c-9e2b-de1721e9ce90","error":"resource not found","stacktrace":"[sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler](http://sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler)
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:324
[sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem](http://sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem)
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:261
[sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2](http://sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2)
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:222"}
Steps to reproduce Create a route53 record, say via the AWS console. Create an adopted resource (using it's name, zoneID, recordType to specify it):
apiVersion: services.k8s.aws/v1alpha1
kind: AdoptedResource
metadata:
name: test-adopted-recordset
spec:
aws:
nameOrID: <record name, e.g. test-record.organization.tld.>
additionalKeys:
hostedZoneID: <Zone ID, e.g Z00000000000>
recordType: <type, e.g. CNAME>
kubernetes:
group: route53.services.k8s.aws
kind: RecordSet
metadata:
name: <name, e.g. test-record.organization.tld.>
Expected outcome The resource is adopted, and an ack-controlled resource is created.
Environment
- Kubernetes version 1.30
- Using EKS (yes/no), if so version? yes, 1.30
- AWS service targeted (S3, RDS, etc.) Route53
Hello @michalschott @mqhenning Is this do you still have this issue? We also have a new way of adopting resources if you'd like to try that one https://aws-controllers-k8s.github.io/community/docs/user-docs/features/#resourceadoption
Hello @michalschott @mqhenning Is this do you still have this issue? We also have a new way of adopting resources if you'd like to try that one https://aws-controllers-k8s.github.io/community/docs/user-docs/features/#resourceadoption
Thanks for following up! I'm curious, how would I use this to adopt a resource? The docs currently say it's only available for the s3 controller. Is that no longer the case?
@mqhenning The docs are outdated, there's a PR that will update it soon! The feature is supported across all controllers
That's good to know. So to adopt (say) a CNAME in zone Z00111222333 for a zone named example.cloud and a record for foo.example.cloud would I do something like:
apiVersion: route53.services.k8s.aws/v1alpha1
kind: RecordSet
metadata:
name: my-recordset
annotations:
services.k8s.aws/adoption-policy: "adopt"
services.k8s.aws/adoption-fields: |
{
"name": "foo",
"recordType": "CNAME",
"hostedZoneID": "Z00111222333"
}
It looks correct, except you'd need the recordSet ID instead of name.
apiVersion: route53.services.k8s.aws/v1alpha1
kind: RecordSet
metadata:
name: my-recordset
annotations:
services.k8s.aws/adoption-policy: "adopt"
services.k8s.aws/adoption-fields: |
{
"id": "foo",
"recordType": "CNAME",
"hostedZoneID": "Z00111222333"
}
I just updated our controller and tried this on a test record. I'm getting an error:
RecordSet in version "v1alpha1" cannot be handled as a RecordSet: strict decoding error: unknown field "metadata.services.k8s.aws/adoption-fields", unknown field "metadata.services.k8s.aws/adoption-policy"
The issue might be the feature flags not being enabled? Here's an updated doc: https://aws-controllers-k8s.github.io/community/docs/user-docs/features/
Can you share the manifest you used?
Edit: From the error message, it seems like you're not setting the two fields as annotations..
oh, oops. You're right.
Ok, it created the resource, but isn't adopting it. Here's from the logs:
{"level":"error","ts":"2025-05-05T23:04:57.068Z","msg":"Reconciler error","controller":"recordset","controllerGroup":"route53.services.k8s.aws","controllerKind":"RecordSet","RecordSet":{"name":"testingadoption-cname","namespace":"route53"},"namespace":"route53","name":"testingadoption-cname","reconcileID":"662cb548-e839-4eb9-bd4f-c7216a9ca324","error":"resource reference wrapper or ID required: HostedZoneID,HostedZoneRef","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:347
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:294
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.2
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:255"}
Is it possible the adoption fields have different spelling or capitalization?
The syntax seems correct to me..also it seems like you're using an older controller..can you update to v0.0.26 and share the output of the kubectl get {resource} -oyaml?
I'm using v0.0.26, consumed via the helm chart. Specifically:
image: container-public-ecr-aws-remote.registry.lab.egencia.cloud/aws-controllers-k8s/route53-controller:0.0.26
imageID: container-public-ecr-aws-remote.registry.lab.egencia.cloud/aws-controllers-k8s/route53-controller@sha256:2599c505d20ed1bb95698579ebb3f1442b80a302c2739d241b29a558c75adf7d
and the resource:
apiVersion: route53.services.k8s.aws/v1alpha1
kind: RecordSet
metadata:
annotations:
services.k8s.aws/adoption-fields: |
{
"id": "test",
"recordType": "CNAME",
"hostedZoneID": "Z002091630VFOHFVW8ST6"
}
services.k8s.aws/adoption-policy: adopt
creationTimestamp: "2025-05-05T23:03:34Z"
generation: 1
name: testingadoption-cname
namespace: route53
resourceVersion: "3638368216"
uid: 972d8a9b-5ed1-4ed3-b4ba-267cc8a8a9aa
status:
conditions:
- lastTransitionTime: "2025-05-06T14:19:17Z"
message: Reference resolution failed
reason: 'resource reference wrapper or ID required: HostedZoneID,HostedZoneRef'
status: Unknown
type: ACK.ReferencesResolved
Is the featureGate enabled? https://github.com/aws-controllers-k8s/route53-controller/blob/2a0ffc1cd663367dccd7287a4d6669a45a7355e6/helm/values.yaml#L172
That could be the only other issue i can think of..
Oh, you're right, I forgot to re-enable that. Sorry for the confusion; I'll test tomorrow and update here.
Ok, back to an error from the controller about not finding the resource:
{"level":"error","ts":"2025-05-07T14:07:45.058Z","msg":"Reconciler error","controller":"recordset","controllerGroup":"route53.services.k8s.aws","controllerKind":"RecordSet","RecordSet":{"name":"testingadoption-cname","namespace":"route53"},"namespace":"route53","name":"testingadoption-cname","reconcileID":"42351e6e-7c4d-45b0-9111-ec39490f2236","error":"adopted resource not found","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:347
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:294
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.2
/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:255"}
That's weird. I just attempted to replicate it and I was able to adopt a recordSet with NS type, but not CNAME. I'll look further into this..
Fix incoming! you would just need to add one more field :) (recordSetName)!
ohhhh, I see! Glad you figured this out~ But do all records have both an id and a recordSetName?
No, I've mostly use a placeholder for ID, since i couldn't retrieve it from the console. The controller deems it required during adoption but it does not really use it to find the resource. It instead uses the recordSetName. https://github.com/aws-controllers-k8s/route53-controller/blob/2a0ffc1cd663367dccd7287a4d6669a45a7355e6/pkg/resource/record_set/resource.go#L110-L113
https://github.com/aws-controllers-k8s/route53-controller/blob/2a0ffc1cd663367dccd7287a4d6669a45a7355e6/pkg/resource/record_set/sdk.go#L122-L129
We should probably change this! cc: @a-hilaly @rushmash91
@michaelhtm: Closing this issue.
In response to this:
Closing as resolved /close
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
![ack-prow[bot] avatar](https://avatars.githubusercontent.com/in/260409?v=4 "Published by a pub.dev verified publisher"){kind=small}