I got the following setup:
Ingress-Nginx-Controller (serviceType "NodePort")
AWS-Load-Balancer-Controller
External-DNS
I am exposing the Ingress-Nginx-Controller via an Ingress, backed by the AWS Load Balancer Controller both public and private. I chose this route, since it was pretty easy to limit the inbound CIDRs. And nginx ingress cannot create an ALB but only Classic LB or NLB.
kubectl -n ingress-nginx get ing
NAME CLASS HOSTS ADDRESS PORTS AGE
alb-ingress-connect-nginx alb * xxxx.region.elb.amazonaws.com 80 2d8h
This ingress forwards all traffic to my nginx controller.
The service looks like
kubectl -n ingress-nginx get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller NodePort a.b.c.d
I am trying to automatically setup dns records for my deployment via External-DNS. Therefore, I am creating an ingress for my deployment with ingress-class nginx and specified hostname.
Creating the records works, however it uses the IP of my ingress-nginx-controller service (a.b.c.d) instead of the loadbalancer's address.
Now my question: Is it possible to for external-dns to lookup the address of the nginx ingress or does this work only if the Nginx is exposed as service of type "LoadBalancer"?
Thanks for any help
I am able to figure this out by using
--publish-status-addressin nginx controller to point to ALB. If you are using 2 ALBs (public and private), you need to create 2 nginx controllers with--publish-status-addresspoints to each ALB. Also, remember to disable--publish-serviceparameter. And use differentelectionIDfor each controller if you have installed nginx controllers using Helm