external-dns icon indicating copy to clipboard operation
external-dns copied to clipboard

Published 20 hours ago verified publisher icon kubernetes-sigs

exclude-domains is not filtered for target annotation

Open slawekww opened this issue 7 months ago • 2 comments
trafficstars

What happened:

Example of config external-dns config:

        - --domain-filter=dev.example.com
        - --domain-filter=we.dev.example.com
        - --exclude-domains=abc.dev.example.com

Example of CR VirtualService with annotation and many hosts:

apiVersion: networking.istio.io/v1
kind: VirtualService
metadata:
  annotations:
    external-dns.alpha.kubernetes.io/target: cname.dev.example.com,cname.we.dev.example.com,cname.abc.dev.example.com
  name: example
  namespace: example
spec:
  gateways:
  - istio-system/gateway
  hosts:
  - docs.dev.example.com
  - docs.we.dev.example.com
  - docs.abc.dev.example.com

In this case external-dns processing all hosts and wants to update CNAME into DNS provider once the last domain is on excluded list.

What you expected to happen:

External-dns should skip update/insert DNS for the last host docs.abc.dev.example.com as it is on excluded-filter list. DNS records like abc.dev.example.com could be managed by different providers / external-dns and external-dns should not be owner of it.

How to reproduce it (as minimally and precisely as possible):

Please set above config for extenal-dns and example CR VirtualService.

Anything else we need to know?: N/A

Environment: AKS 1.32.0 helm chart external-dns: 1.15.2

  • External-DNS version (use external-dns --version): v0.15.1
  • DNS provider: Cloudflare
  • Others: n/a

slawekww avatar Mar 27 '25 10:03 slawekww