external-dns: AWS provider doesn't support multiple IPs for ingress

I’m using the nginx ingress controller on bare metal, but the domain I want to update is hosted on Route53. When attempting an update in --once mode, I get the following output:

time="2017-07-11T09:39:31-04:00" level=info msg="config: &{Master: KubeConfig: Sources:[ingress] Namespace: FQDNTemplate: Compatibility: Provider:aws GoogleProject: DomainFilter:[k.oneill.net.] AzureConfigFile:/etc/kubernetes/azure.json AzureResourceGroup: Policy:sync Registry:txt TXTOwnerID:default TXTPrefix: Interval:1m0s Once:true DryRun:false LogFormat:text MetricsAddress::7979 Debug:true}" 
time="2017-07-11T09:39:31-04:00" level=info msg="Connected to cluster at https://k1:6443" 
time="2017-07-11T09:39:31-04:00" level=debug msg="Endpoints generated from ingress: default/plexpy: [plexpy.k.oneill.net -> 172.19.74.134 (type "") plexpy.k.oneill.net -> 172.19.74.135 (type "") plexpy.k.oneill.net -> 172.19.74.147 (type "")]" 
time="2017-07-11T09:39:31-04:00" level=info msg="Changing records: CREATE {
  Action: "CREATE",
  ResourceRecordSet: {
    Name: "plexpy.k.oneill.net",
    ResourceRecords: [{
        Value: "172.19.74.134"
      }],
    TTL: 300,
    Type: "A"
  }
} ..." 
time="2017-07-11T09:39:31-04:00" level=info msg="Changing records: CREATE {
  Action: "CREATE",
  ResourceRecordSet: {
    Name: "plexpy.k.oneill.net",
    ResourceRecords: [{
        Value: "172.19.74.135"
      }],
    TTL: 300,
    Type: "A"
  }
} ..." 
time="2017-07-11T09:39:31-04:00" level=info msg="Changing records: CREATE {
  Action: "CREATE",
  ResourceRecordSet: {
    Name: "plexpy.k.oneill.net",
    ResourceRecords: [{
        Value: "172.19.74.147"
      }],
    TTL: 300,
    Type: "A"
  }
} ..." 
time="2017-07-11T09:39:31-04:00" level=info msg="Changing records: CREATE {
  Action: "CREATE",
  ResourceRecordSet: {
    Name: "plexpy.k.oneill.net",
    ResourceRecords: [{
        Value: "\"heritage=external-dns,external-dns/owner=default\""
      }],
    TTL: 300,
    Type: "TXT"
  }
} ..." 
time="2017-07-11T09:39:31-04:00" level=info msg="Changing records: CREATE {
  Action: "CREATE",
  ResourceRecordSet: {
    Name: "plexpy.k.oneill.net",
    ResourceRecords: [{
        Value: "\"heritage=external-dns,external-dns/owner=default\""
      }],
    TTL: 300,
    Type: "TXT"
  }
} ..." 
time="2017-07-11T09:39:31-04:00" level=info msg="Changing records: CREATE {
  Action: "CREATE",
  ResourceRecordSet: {
    Name: "plexpy.k.oneill.net",
    ResourceRecords: [{
        Value: "\"heritage=external-dns,external-dns/owner=default\""
      }],
    TTL: 300,
    Type: "TXT"
  }
} ..." 
time="2017-07-11T09:39:31-04:00" level=error msg="InvalidChangeBatch: The request contains an invalid set of changes for a resource record set 'A plexpy.k.oneill.net.'
	status code: 400, request id: 5e5c4473-663e-11e7-ab1e-73be49546003"

I believe this is occurring because the Route53 API doesn’t allow creating multiple A records for a single name, but instead expects you to create a single A record with multiple ResourceRecordSet entries.

I think that the AWS provider needs to be changed to combine these A and probably TXT record entries before submitting the change set. I’d be glad to do this work if that fix seems acceptable. I tend to think that the easiest way to do this is to add a filter func that would coalesce records under the same name and RR type.

I’ve tested this against 0.3 and against master and had the same problem.

About this issue

  • Original URL
  • State: closed
  • Created 7 years ago
  • Comments: 20 (9 by maintainers)

Most upvoted comments

This is added on 0.5.0 and working wonders for now. I think you can close this.

+2
kallaikoi on Apr 24, 2018

This issue would be fixed by https://github.com/kubernetes-incubator/external-dns/pull/347

+1
Promaethius on Nov 2, 2017

A good example would probably be the kops dns controller: https://github.com/kubernetes/kops/tree/master/dns-controller

However, I’m not familiar enough with this project to advise. I’ll try to read the code this week to be some help.

The Route53 API requires that all changes for a record are submitted at once.

Provider interface allows for a list of endpoints to be inserted one at a time. We’re looking for a group of endpoints associated with a record. Based on the nature of this issue with an error about multiple A records, it looks like appending an A record list would work. https://github.com/kubernetes-incubator/external-dns/blob/master/docs/contributing/sources-and-providers.md

Here is the provider interface for the list of changes. https://github.com/kubernetes-incubator/external-dns/blob/master/provider/aws.go#L208

It all seems to point to https://github.com/kubernetes-incubator/external-dns/blob/master/provider/aws.go#L302

+1
Promaethius on Nov 2, 2017
Read more comments on GitHub
← external-dns: aws duplicate zones
external-dns: AWS provider triggers lots of "Throttling: Rate exceeded\n\tstatus code: 400" →