kubernetes: Federated service IP out of sync between AWS LB and CloudDNS records

Is this a request for help? No

What keywords did you search in Kubernetes issues before filing this one? federation dns federation aws federation aws cname

---

Is this a BUG REPORT or FEATURE REQUEST? (choose one): BUG REPORT

Kubernetes version (use kubectl version): v1.4.4

Environment:

• Cloud provider or hardware configuration: GCE for federation control plane AWS for cluster1 (federated) GCE for cluster2 (federated)
• OS (e.g. from /etc/os-release): NAME=“Debian GNU/Linux” VERSION_ID=“7” VERSION=“7 (wheezy)”
• Kernel (e.g. uname -a): 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt25-2 (2016-04-08) x86_64 GNU/Linux
• Install tools:
• Others:

What happened: Federation controller creates the appropriate A entries for all federated services on Google CloudDNS, including resolving AWS load balancer DNS name to IPs. But as IP changes for AWS LBs, the A records get outdated, causing service disruption as they become out of sync.

What you expected to happen: I expected the federation controller to either add a CNAME pointing to AWS LB, or to keep the IPs for AWS in sync overtime.

How to reproduce it (as minimally and precisely as possible):

• Deploy a federation control plane at GCE
• Create cluster at AWS
• Add AWS cluster to federation
• create a federated service
• wait 24h (or until AWS Load Balancer IPs change)
• Cloud DNS will be pointing to different IPs than AWS LB.

Anything else do we need to know: AWS recommends:

• Because the set of IP addresses associated with a LoadBalancer can change over time, you should never create an “A” record with any specific IP address.