external-dns: One invalid record in ChangeBatch stops all others from updating

What happened:

time="2020-04-13T22:23:40Z" level=info msg="Desired change: CREATE demo.example.io A [Id: /hostedzone/ZVEABCZXYZ123]"
time="2020-04-13T22:23:40Z" level=info msg="Desired change: CREATE demo-us-west-1.example.io A [Id: /hostedzone/ZVEABCZXYZ123]"
time="2020-04-13T22:23:40Z" level=info msg="Desired change: CREATE demo-host-il.example.io A [Id: /hostedzone/ZVEABCZXYZ123]"
time="2020-04-13T22:23:40Z" level=info msg="Desired change: CREATE demo.example.io TXT [Id: /hostedzone/ZVEABCZXYZ123]"
time="2020-04-13T22:23:40Z" level=info msg="Desired change: CREATE demo-us-west-1.example.io TXT [Id: /hostedzone/ZVEABCZXYZ123]"
time="2020-04-13T22:23:40Z" level=info msg="Desired change: CREATE demo-host-il.example.io TXT [Id: /hostedzone/ZVEABCZXYZ123]"
time="2020-04-13T22:23:40Z" level=error msg="Failure in zone example.io. [Id: /hostedzone/ZVEABCZXYZ123]"
time="2020-04-13T22:23:40Z" level=error msg="InvalidChangeBatch: [RRSet of type A with DNS name demo.example.io. is not permitted because a conflicting RRSet of type  CNAME with the same DNS name already exists in zone example.io., RRSet of type TXT with DNS name demo.example.io. is not permitted because a conflicting RRSet of type  CNAME with the same DNS name already exists in zone example.io.]\n\tstatus code: 400, request id: ca31ed28-2fef-4429-b769-ae04d297da51"
time="2020-04-13T22:23:40Z" level=error msg="Failed to submit all changes for the following zones: [/hostedzone/ZVEABCZXYZ123]"

What you expected to happen: Ignore the invalid record, process the others

The use case here is the record demo.example.io is created outside of the K8s cluster. But the K8s ingress still needs to be able to handle traffic for this host, since the CNAME is set up to failover between two K8s clusters.

In previous versions of external-dns (<= v0.5.17) everything worked, since it just ignored any records that already exist. Now its batching changes and failing everything, even when only one of the records is “invalid”.

Perhaps we need an “ignore” configuration option that would tell external-dns to continue on failure of N records instead of trying to do bulk, atomic submissions?

Environment: external-dns: v0.7.1 K8s v1.16.2

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Reactions: 9
  • Comments: 37 (18 by maintainers)

Most upvoted comments

@jegeland how is that different than the workaround suggested in https://github.com/kubernetes-sigs/external-dns/issues/1517#issuecomment-613497305?

I must stress that this is a workaround and does not resolve the issue.

+1
dudicoco on Sep 18, 2022
Read more comments on GitHub
← external-dns: OCI provider: failed to add record for private zone in oracle cloud
external-dns: OpenStack Designate provider: failure to update existing recordset →