strimzi-kafka-operator: External Dns is not working with private Load-balancer with AWS [question]

Describe the bug I have used my helm chart to deploy strimzi kafka with external load balancer and also using DNS anotations to get a route53 domain name. My chart extternal dns part is as below,

Now it is creating automatically a domain name with specified internal domain value in “hostname” ttl value is also taken propeller. But though I have provided “access” as private it is still creating a LB with type external in AWS , Hence this LB is directly accessible from internet rather than only within my vpc.

 external:
           type: loadbalancer
           tls: true
           authentication:
             type: tls
           overrides:
             bootstrap:
               dnsAnnotations:
                 external-dns.alpha.kubernetes.io/hostname: kafka-bootstrap-internal.com
                 external-dns.alpha.kubernetes.io/ttl: "60"
                 external-dns.alpha.kubernetes.io/access: private

Expected behavior It should create LB only within type as internal and have access only within the vpc (i.e LB of type “internal” and not “internet-facing”)

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Comments: 17 (9 by maintainers)

Most upvoted comments

Ahh, sorry, I misunderstood that. I think that in general you should not need the DNS names per-broker as they are not configured anywhere. The clients will be configured with the bootstrap server -> the client connects there and gets the metadata from the broker. So it you normally don’t care if these are some random AWS names or your own domain name.

+1
scholzj on Nov 19, 2020
Read more comments on GitHub
← strimzi-kafka-operator: Error on consumer
strimzi-kafka-operator: [Failed to parse default container image configuration for Kafka from environment variable "STRIMZI_KAFKA_IMAGES"] →