This DNS provider allows you to create and manage DNS entries in AWS Route 53.
You need to provide an access key (access key ID and secret access key) for AWS to allow the dns-controller-manager to authenticate to AWS Route 53.
For details see https://docs.aws.amazon.com/general/latest/gr/managing-aws-access-keys.html
The user needs permissions on the hosted zone to list and change DNS records. For details on creating an access policy for a user see https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create.html
In this example, the placeholder for the hosted zone is Z2XXXXXXXXXXXX
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "route53:ListResourceRecordSets",
"Resource": "arn:aws:route53:::hostedzone/*"
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "route53:GetHostedZone",
"Resource": "arn:aws:route53:::hostedzone/Z2XXXXXXXXXXXX"
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": "route53:ListHostedZones",
"Resource": "*"
},
{
"Sid": "VisualEditor3",
"Effect": "Allow",
"Action": "route53:ChangeResourceRecordSets",
"Resource": "arn:aws:route53:::hostedzone/Z2XXXXXXXXXXXX"
}
]
}Create a Secret resource with the data fields AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY.
The values are the base64 encoded access key ID and secret access key respectively.
apiVersion: v1
kind: Secret
metadata:
name: aws-credentials
namespace: default
type: Opaque
data:
# replace '...' with values encoded as base64
# see https://docs.aws.amazon.com/general/latest/gr/managing-aws-access-keys.html
AWS_ACCESS_KEY_ID: ...
AWS_SECRET_ACCESS_KEY: ...
# optionally specify the region
#AWS_REGION: ...
# optionally specify the token
#AWS_SESSION_TOKEN: ...
# Alternatively use Gardener cloud provider credentials convention
#accessKeyID: ...
#secretAccessKey: ...Alternatively the credentials can be provided externally, i.e. by using the chain of credential providers to search for credentials in environment variables, shared credential file, and EC2 Instance Roles.
In this case create a Secret with the data field AWS_USE_CREDENTIALS_CHAIN and set the value to
true (encoded as base64). Typical examples are usage of an AWS Web Identity provider or
IAM role assigned to the service account.
apiVersion: v1
kind: Secret
metadata:
name: aws-credentials
namespace: default
type: Opaque
data:
AWS_USE_CREDENTIALS_CHAIN: dHJ1ZQ==
# optionally specify the region
#AWS_REGION: ...You may need to mount an additional volume as the AWS client expects environment variable with token path and volume mount with the token file.
See Helm chart values custom.volumes and custom.volumeMounts.
The AWS Route53 provider currently supports these routing policies types:
weightedWeighted Routing PolicylatencyLatency Routing PolicygeolocationGeolocation Routing Policyip-basedIP-Based Routing PolicyfailoverFailover Routing Policy
This supports the weighted routing policy as described here.
Each weighted record set is defined by a separate DNSEntry. In this way it is possible to use different dns-controller-manager deployments
acting on the same domain names. Every record set needs a SetIdentifier which must be unique for all used identifier of the domain name.
Weighted routing policy is supported for all record types, i.e. A, AAAA, CNAME, and TXT.
All entries of the same domain name must have the same record type and TTL.
Routing policy parameters:
| Name | Required | Description |
|---|---|---|
weight |
Yes | The value must be an integer >= 0. |
healthCheckID |
No | The ID of the health check as defined in AWS Route53 account. It must already be existing and is not managed by the dns-controller-manager |
You want to perform an A/B testing for a service using the domain name my.service.example.com.
You want that 90% goes to instance A and 10% to instance B.
You can create these two DNSEntries using the same domain name, but different set identifiers
apiVersion: dns.gardener.cloud/v1alpha1
kind: DNSEntry
metadata:
annotations:
# If you are delegating the DNS management to Gardener Shoot DNS Service, uncomment the following line
#dns.gardener.cloud/class: garden
name: instance-a
namespace: default
spec:
dnsName: "my.service.example.com"
ttl: 120
targets:
- instance-a.service.example.com
routingPolicy:
type: weighted
setIdentifier: instance-a
parameters:
weight: "90"apiVersion: dns.gardener.cloud/v1alpha1
kind: DNSEntry
metadata:
annotations:
# If you are delegating the DNS management to Gardener Shoot DNS Service, uncomment the following line
#dns.gardener.cloud/class: garden
name: instance-a
namespace: default
spec:
dnsName: "my.service.example.com"
ttl: 120
targets:
- instance-b.service.example.com
routingPolicy:
type: weighted
setIdentifier: instance-b
parameters:
weight: "10"You want to use a blue/green deployment for your service.
Initially you want to activate the blue deployment.
Blue and green deployment are located on different clusters, maybe even using different dns-controller-managers (seeds in case of Gardener)
On the blue cluster create a DNSEntry with weight 1:
apiVersion: dns.gardener.cloud/v1alpha1
kind: DNSEntry
metadata:
annotations:
# If you are delegating the DNS management to Gardener Shoot DNS Service, uncomment the following line
#dns.gardener.cloud/class: garden
name: blue
namespace: default
spec:
dnsName: "ha.service.example.com"
ttl: 60
targets:
- 1.2.3.4
routingPolicy:
type: weighted
setIdentifier: blue
parameters:
weight: "1"On the green cluster create a DNSEntry with weight 0:
apiVersion: dns.gardener.cloud/v1alpha1
kind: DNSEntry
metadata:
annotations:
# If you are delegating the DNS management to Gardener Shoot DNS Service, uncomment the following line
#dns.gardener.cloud/class: garden
name: green
namespace: default
spec:
dnsName: "ha.service.example.com"
ttl: 60
targets:
- 6.7.8.9
routingPolicy:
type: weighted
setIdentifier: green
parameters:
weight: "0"The DNS resolution will return the IP address of the blue deployment with this configuration.
To switch the service from blue to green, first change the weight of the green DNSEntry to "1".
Wait for DNS propagation according to the TTL (here 60 seconds), then change the weight of the blue DNSEntry to "0".
After a second wait round for DNS propagation, all DNS resolution should now only return the IP address of the green deployment.
To specify the routing policy, add an annotation dns.gardener.cloud/routing-policy
containing the routing policy section in JSON format to the Ingress or Service resource.
E.g. for an ingress resource:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
dns.gardener.cloud/dnsnames: '*'
# If you are delegating the DNS management to Gardener, uncomment the following line (see https://gardener.cloud/documentation/guides/administer_shoots/dns_names/)
#dns.gardener.cloud/class: garden
# If you are delegating the certificate management to Gardener, uncomment the following line (see https://gardener.cloud/documentation/guides/administer_shoots/x509_certificates/)
#cert.gardener.cloud/purpose: managed
# routing-policy annotation provides the `.spec.routingPolicy` section as JSON
# Note: Currently only supported for aws-route53 or google-clouddns (see https://github.com/gardener/external-dns-management/tree/master/docs/aws-route53#weighted-routing-policy)
dns.gardener.cloud/routing-policy: '{"type": "weighted", "setIdentifier": "my-id", "parameters": {"weight": "10"}}'
name: test-ingress-weighted-routing-policy
namespace: default
spec:
rules:
- host: test.ingress.my-dns-domain.com
http:
paths:
- backend:
service:
name: my-service
port:
number: 9000
path: /
pathType: Prefix
tls:
- hosts:
- test.ingress.my-dns-domain.com
#secretName: my-cert-secret-nameThis supports the latency routing policy as described here.
Each latency record set is defined by a separate DNSEntry. In this way it is possible to use different dns-controller-manager deployments
acting on the same domain names. Every record set needs a SetIdentifier which must be unique for all used identifier of the domain name.
Latency routing policy is supported for all record types, i.e. A, AAAA, CNAME, and TXT.
All entries of the same domain name must have the same record type and TTL.
Routing policy parameters:
| Name | Required | Description |
|---|---|---|
region |
Yes | The value must be a valid AWS region name (like eu-west-1, us-east-2, etc.) |
healthCheckID |
No | The ID of the health check as defined in AWS Route53 account. It must already be existing and is not managed by the dns-controller-manager |
Example:
apiVersion: dns.gardener.cloud/v1alpha1
kind: DNSEntry
metadata:
annotations:
# If you are delegating the DNS management to Gardener Shoot DNS Service, uncomment the following line
#dns.gardener.cloud/class: garden
name: latency-eu-west-1
namespace: default
spec:
dnsName: "my.third-service.example.com"
ttl: 120
targets:
- instance1.third-service.example.com
routingPolicy:
type: latency # only supported for AWS Route 53
setIdentifier: eu
parameters:
region: "eu-west-1" # AWS region nameCreating this routing policy using annotations please adjust the details according to the examples for the weighted routing policy: Annotating Ingress or Service Resources with Routing Policy
This supports the geolocation routing policy as described here.
Each geolocation record set is defined by a separate DNSEntry. In this way it is possible to use different dns-controller-manager deployments
acting on the same domain names. Every record set needs a SetIdentifier which must be unique for all used identifier of the domain name.
Geolocation routing policy is supported for all record types, i.e. A, AAAA, CNAME, and TXT.
All entries of the same domain name must have the same record type and TTL.
Routing policy parameters:
| Name | Required | Description |
|---|---|---|
location |
Yes | The value is either a name as used when creating such a record in the AWS console. Alternatively, you can use value using codes for the continent or country. E.g. continent=AF is an alias for the value Africa, and country=FR is an alias for the value France. The country codes are from ISO 3166. |
healthCheckID |
No | The ID of the health check as defined in AWS Route53 account. It must already be existing and is not managed by the dns-controller-manager |
Click here to see a complete list of possible values for `location`
| Name | Alternative name | Continent | Country | Subdivision |
|---|---|---|---|---|
| Afghanistan | country=AF | AF | ||
| Africa | continent=AF | AF | ||
| Alabama | country=US,subdivision=AL | US | AL | |
| Alaska | country=US,subdivision=AK | US | AK | |
| Albania | country=AL | AL | ||
| Algeria | country=DZ | DZ | ||
| American Samoa | country=AS | AS | ||
| Andorra | country=AD | AD | ||
| Angola | country=AO | AO | ||
| Anguilla | country=AI | AI | ||
| Antarctica | continent=AN | AN | ||
| Antigua and Barbuda | country=AG | AG | ||
| Argentina | country=AR | AR | ||
| Arizona | country=US,subdivision=AZ | US | AZ | |
| Arkansas | country=US,subdivision=AR | US | AR | |
| Armenia | country=AM | AM | ||
| Aruba | country=AW | AW | ||
| Asia | continent=AS | AS | ||
| Australia | country=AU | AU | ||
| Austria | country=AT | AT | ||
| Azerbaijan | country=AZ | AZ | ||
| Bahamas | country=BS | BS | ||
| Bahrain | country=BH | BH | ||
| Bangladesh | country=BD | BD | ||
| Barbados | country=BB | BB | ||
| Belarus | country=BY | BY | ||
| Belgium | country=BE | BE | ||
| Belize | country=BZ | BZ | ||
| Benin | country=BJ | BJ | ||
| Bermuda | country=BM | BM | ||
| Bhutan | country=BT | BT | ||
| Bolivia | country=BO | BO | ||
| Bonaire | country=BQ | BQ | ||
| Bosnia and Herzegovina | country=BA | BA | ||
| Botswana | country=BW | BW | ||
| Brazil | country=BR | BR | ||
| British Indian Ocean Territory | country=IO | IO | ||
| British Virgin Islands | country=VG | VG | ||
| Brunei | country=BN | BN | ||
| Bulgaria | country=BG | BG | ||
| Burkina Faso | country=BF | BF | ||
| Burundi | country=BI | BI | ||
| California | country=US,subdivision=CA | US | CA | |
| Cambodia | country=KH | KH | ||
| Cameroon | country=CM | CM | ||
| Canada | country=CA | CA | ||
| Cape Verde | country=CV | CV | ||
| Cayman Islands | country=KY | KY | ||
| Central African Republic | country=CF | CF | ||
| Chad | country=TD | TD | ||
| Cherkaska oblast | country=UA,subdivision=71 | UA | 71 | |
| Chernihivska oblast | country=UA,subdivision=74 | UA | 74 | |
| Chernivetska oblast | country=UA,subdivision=77 | UA | 77 | |
| Chile | country=CL | CL | ||
| China | country=CN | CN | ||
| Cocos [Keeling] Islands | country=CC | CC | ||
| Colombia | country=CO | CO | ||
| Colorado | country=US,subdivision=CO | US | CO | |
| Comoros | country=KM | KM | ||
| Congo | country=CD | CD | ||
| Connecticut | country=US,subdivision=CT | US | CT | |
| Cook Islands | country=CK | CK | ||
| Costa Rica | country=CR | CR | ||
| Crimea | country=UA,subdivision=11 | UA | 11 | |
| Croatia | country=HR | HR | ||
| Cuba | country=CU | CU | ||
| Curaçao | country=CW | CW | ||
| Cyprus | country=CY | CY | ||
| Czech Republic | country=CZ | CZ | ||
| Default | country=* | * | ||
| Delaware | country=US,subdivision=DE | US | DE | |
| Denmark | country=DK | DK | ||
| District of Columbia | country=US,subdivision=DC | US | DC | |
| Djibouti | country=DJ | DJ | ||
| Dnipropetrovska oblast | country=UA,subdivision=12 | UA | 12 | |
| Dominica | country=DM | DM | ||
| Dominican Republic | country=DO | DO | ||
| Donetska oblast | country=UA,subdivision=14 | UA | 14 | |
| East Timor | country=TL | TL | ||
| Ecuador | country=EC | EC | ||
| Egypt | country=EG | EG | ||
| El Salvador | country=SV | SV | ||
| Equatorial Guinea | country=GQ | GQ | ||
| Eritrea | country=ER | ER | ||
| Estonia | country=EE | EE | ||
| Ethiopia | country=ET | ET | ||
| Europe | continent=EU | EU | ||
| Falkland Islands | country=FK | FK | ||
| Faroe Islands | country=FO | FO | ||
| Federated States of Micronesia | country=FM | FM | ||
| Fiji | country=FJ | FJ | ||
| Finland | country=FI | FI | ||
| Florida | country=US,subdivision=FL | US | FL | |
| France | country=FR | FR | ||
| French Guiana | country=GF | GF | ||
| French Polynesia | country=PF | PF | ||
| French Southern Territories | country=TF | TF | ||
| Gabon | country=GA | GA | ||
| Gambia | country=GM | GM | ||
| Georgia | country=US,subdivision=GA | US | GA | |
| Germany | country=DE | DE | ||
| Ghana | country=GH | GH | ||
| Gibraltar | country | |||
| Greece | country=GR | GR | ||
| Greenland | country=GL | GL | ||
| Grenada | country=GD | GD | ||
| Guadeloupe | country=GP | GP | ||
| Guam | country=GU | GU | ||
| Guatemala | country=GT | GT | ||
| Guernsey | country=GG | GG | ||
| Guinea | country=GN | GN | ||
| Guinea-Bissau | country=GW | GW | ||
| Guyana | country=GY | GY | ||
| Haiti | country=HT | HT | ||
| Hashemite Kingdom of Jordan | country=JO | JO | ||
| Hawaii | country=US,subdivision=HI | US | HI | |
| Honduras | country=HN | HN | ||
| Hong Kong | country=HK | HK | ||
| Hungary | country=HU | HU | ||
| Iceland | country=IS | IS | ||
| Idaho | country=US,subdivision=ID | US | ID | |
| Illinois | country=US,subdivision=IL | US | IL | |
| India | country=IN | IN | ||
| Indiana | country=US,subdivision=IN | US | IN | |
| Indonesia | country=ID | ID | ||
| Iowa | country=US,subdivision=IA | US | IA | |
| Iran | country=IR | IR | ||
| Iraq | country=IQ | IQ | ||
| Ireland | country=IE | IE | ||
| Isle of Man | country=IM | IM | ||
| Israel | country=IL | IL | ||
| Italy | country=IT | IT | ||
| Ivano-Frankivska oblast | country=UA,subdivision=26 | UA | 26 | |
| Ivory Coast | country=CI | CI | ||
| Jamaica | country=JM | JM | ||
| Japan | country=JP | JP | ||
| Jersey | country=JE | JE | ||
| Kansas | country=US,subdivision=KS | US | KS | |
| Kazakhstan | country=KZ | KZ | ||
| Kentucky | country=US,subdivision=KY | US | KY | |
| Kenya | country=KE | KE | ||
| Kharkivska oblast | country=UA,subdivision=63 | UA | 63 | |
| Khersonska oblast | country=UA,subdivision=65 | UA | 65 | |
| Khmelnytska oblast | country=UA,subdivision=68 | UA | 68 | |
| Kiribati | country=KI | KI | ||
| Kirovohradska oblast | country=UA,subdivision=35 | UA | 35 | |
| Kosovo | country=XK | XK | ||
| Kuwait | country=KW | KW | ||
| Kyiv | country=UA,subdivision=30 | UA | 30 | |
| Kyivska oblast | country=UA,subdivision=32 | UA | 32 | |
| Kyrgyzstan | country=KG | KG | ||
| Laos | country=LA | LA | ||
| Latvia | country=LV | LV | ||
| Lebanon | country=LB | LB | ||
| Lesotho | country=LS | LS | ||
| Liberia | country=LR | LR | ||
| Libya | country=LY | LY | ||
| Liechtenstein | country=LI | LI | ||
| Lithuania | country=LT | LT | ||
| Louisiana | country=US,subdivision=LA | US | LA | |
| Luhanska oblast | country=UA,subdivision=09 | UA | 09 | |
| Luxembourg | country=LU | LU | ||
| Lvivska oblast | country=UA,subdivision=46 | UA | 46 | |
| Macao | country=MO | MO | ||
| Macedonia | country=MK | MK | ||
| Madagascar | country=MG | MG | ||
| Maine | country=US,subdivision=ME | US | ME | |
| Malawi | country=MW | MW | ||
| Malaysia | country=MY | MY | ||
| Maldives | country=MV | MV | ||
| Mali | country=ML | ML | ||
| Malta | country=MT | MT | ||
| Marshall Islands | country=MH | MH | ||
| Martinique | country=MQ | MQ | ||
| Maryland | country=US,subdivision=MD | US | MD | |
| Massachusetts | country=US,subdivision=MA | US | MA | |
| Mauritania | country=MR | MR | ||
| Mauritius | country=MU | MU | ||
| Mayotte | country=YT | YT | ||
| Mexico | country=MX | MX | ||
| Michigan | country=US,subdivision=MI | US | MI | |
| Minnesota | country=US,subdivision=MN | US | MN | |
| Mississippi | country=US,subdivision=MS | US | MS | |
| Missouri | country=US,subdivision=MO | US | MO | |
| Monaco | country=MC | MC | ||
| Mongolia | country=MN | MN | ||
| Montana | country=US,subdivision=MT | US | MT | |
| Montenegro | country=ME | ME | ||
| Montserrat | country=MS | MS | ||
| Morocco | country=MA | MA | ||
| Mozambique | country=MZ | MZ | ||
| Myanmar [Burma] | country=MM | MM | ||
| Mykolaivska oblast | country=UA,subdivision=48 | UA | 48 | |
| Namibia | country=NA | NA | ||
| Nauru | country=NR | NR | ||
| Nebraska | country=US,subdivision=NE | US | NE | |
| Nepal | country=NP | NP | ||
| Netherlands | country=NL | NL | ||
| Nevada | country=US,subdivision=NV | US | NV | |
| New Caledonia | country=NC | NC | ||
| New Hampshire | country=US,subdivision=NH | US | NH | |
| New Jersey | country=US,subdivision=NJ | US | NJ | |
| New Mexico | country=US,subdivision=NM | US | NM | |
| New York | country=US,subdivision=NY | US | NY | |
| New Zealand | country=NZ | NZ | ||
| Nicaragua | country=NI | NI | ||
| Niger | country=NE | NE | ||
| Nigeria | country=NG | NG | ||
| Niue | country=NU | NU | ||
| Norfolk Island | country=NF | NF | ||
| North America | continent=NA | NA | ||
| North Carolina | country=US,subdivision=NC | US | NC | |
| North Dakota | country=US,subdivision=ND | US | ND | |
| North Korea | country=KP | KP | ||
| Northern Mariana Islands | country=MP | MP | ||
| Norway | country=NO | NO | ||
| Oceania | continent=OC | OC | ||
| Odeska oblast | country=UA,subdivision=51 | UA | 51 | |
| Ohio | country=US,subdivision=OH | US | OH | |
| Oklahoma | country=US,subdivision=OK | US | OK | |
| Oman | country=OM | OM | ||
| Oregon | country=US,subdivision=OR | US | OR | |
| Pakistan | country=PK | PK | ||
| Palau | country=PW | PW | ||
| Palestine | country=PS | PS | ||
| Panama | country=PA | PA | ||
| Papua New Guinea | country=PG | PG | ||
| Paraguay | country=PY | PY | ||
| Pennsylvania | country=US,subdivision=PA | US | PA | |
| Peru | country=PE | PE | ||
| Philippines | country=PH | PH | ||
| Pitcairn Islands | country=PN | PN | ||
| Poland | country=PL | PL | ||
| Poltavska oblast | country=UA,subdivision=53 | UA | 53 | |
| Portugal | country=PT | PT | ||
| Puerto Rico | country=PR | PR | ||
| Qatar | country=QA | QA | ||
| Republic of Korea | country=KR | KR | ||
| Republic of Moldova | country=MD | MD | ||
| Republic of the Congo | country=CG | CG | ||
| Rhode Island | country=US,subdivision=RI | US | RI | |
| Rivnenska oblast | country=UA,subdivision=56 | UA | 56 | |
| Romania | country=RO | RO | ||
| Russia | country=RU | RU | ||
| Rwanda | country=RW | RW | ||
| Réunion | country=RE | RE | ||
| Saint Barthélemy | country=BL | BL | ||
| Saint Helena | country=SH | SH | ||
| Saint Kitts and Nevis | country=KN | KN | ||
| Saint Lucia | country=LC | LC | ||
| Saint Martin | country=MF | MF | ||
| Saint Pierre and Miquelon | country=PM | PM | ||
| Saint Vincent and the Grenadines | country=VC | VC | ||
| Samoa | country=WS | WS | ||
| San Marino | country=SM | SM | ||
| Saudi Arabia | country=SA | SA | ||
| Senegal | country=SN | SN | ||
| Serbia | country=RS | RS | ||
| Sevastopol | country=UA,subdivision=20 | UA | 20 | |
| Seychelles | country=SC | SC | ||
| Sierra Leone | country=SL | SL | ||
| Singapore | country=SG | SG | ||
| Sint Maarten | country=SX | SX | ||
| Slovakia | country=SK | SK | ||
| Slovenia | country=SI | SI | ||
| Solomon Islands | country=SB | SB | ||
| Somalia | country=SO | SO | ||
| South Africa | country=ZA | ZA | ||
| South America | continent=SA | SA | ||
| South Carolina | country=US,subdivision=SC | US | SC | |
| South Dakota | country=US,subdivision=SD | US | SD | |
| South Georgia and the South Sandwich Islands | country=GS | GS | ||
| South Sudan | country=SS | SS | ||
| Spain | country=ES | ES | ||
| Sri Lanka | country=LK | LK | ||
| Sudan | country=SD | SD | ||
| Sumska oblast | country=UA,subdivision=59 | UA | 59 | |
| Suriname | country=SR | SR | ||
| Svalbard and Jan Mayen | country=SJ | SJ | ||
| Swaziland | country=SZ | SZ | ||
| Sweden | country=SE | SE | ||
| Switzerland | country=CH | CH | ||
| Syria | country=SY | SY | ||
| São Tomé and Príncipe | country=ST | ST | ||
| Taiwan | country=TW | TW | ||
| Tajikistan | country=TJ | TJ | ||
| Tanzania | country=TZ | TZ | ||
| Tennessee | country=US,subdivision=TN | US | TN | |
| Ternopilska oblast | country=UA,subdivision=61 | UA | 61 | |
| Texas | country=US,subdivision=TX | US | TX | |
| Thailand | country=TH | TH | ||
| Togo | country=TG | TG | ||
| Tokelau | country=TK | TK | ||
| Tonga | country=TO | TO | ||
| Trinidad and Tobago | country=TT | TT | ||
| Tunisia | country=TN | TN | ||
| Turkey | country=TR | TR | ||
| Turkmenistan | country=TM | TM | ||
| Turks and Caicos Islands | country=TC | TC | ||
| Tuvalu | country=TV | TV | ||
| U.S. Minor Outlying Islands | country=UM | UM | ||
| U.S. Virgin Islands | country=VI | VI | ||
| Uganda | country=UG | UG | ||
| Ukraine | country=UA | UA | ||
| United Arab Emirates | country=AE | AE | ||
| United Kingdom | country=GB | GB | ||
| United States | country=US | US | ||
| Uruguay | country=UY | UY | ||
| Utah | country=US,subdivision=UT | US | UT | |
| Uzbekistan | country=UZ | UZ | ||
| Vanuatu | country=VU | VU | ||
| Vatican City | country=VA | VA | ||
| Venezuela | country=VE | VE | ||
| Vermont | country=US,subdivision=VT | US | VT | |
| Vietnam | country=VN | VN | ||
| Vinnytska oblast | country=UA,subdivision=05 | UA | 05 | |
| Virginia | country=US,subdivision=VA | US | VA | |
| Volynska oblast | country=UA,subdivision=07 | UA | 07 | |
| Wallis and Futuna | country=WF | WF | ||
| Washington | country=US,subdivision=WA | US | WA | |
| West Virginia | country=US,subdivision=WV | US | WV | |
| Wisconsin | country=US,subdivision=WI | US | WI | |
| Wyoming | country=US,subdivision=WY | US | WY | |
| Yemen | country=YE | YE | ||
| Zakarpatska oblast | country=UA,subdivision=21 | UA | 21 | |
| Zambia | country=ZM | ZM | ||
| Zaporizka oblast | country=UA,subdivision=23 | UA | 23 | |
| Zhytomyrska oblast | country=UA,subdivision=18 | UA | 18 | |
| Zimbabwe | country=ZW | ZW |
Note: Value may be changed. These are the valid set as read from AWS Route 53 in January, 2023.
It is recommended to have a DNSEntry with the default location named Default.
apiVersion: dns.gardener.cloud/v1alpha1
kind: DNSEntry
metadata:
annotations:
# If you are delegating the DNS management to Gardener Shoot DNS Service, uncomment the following line
#dns.gardener.cloud/class: garden
name: geolocation-default
namespace: default
spec:
dnsName: "my.second-service.example.com"
ttl: 120
targets:
- instance1.second-service.example.com
# routingPolicy is current only supported for AWS Route53 or Google CloudDNS
routingPolicy:
type: geolocation # AWS Route 53 specific example
setIdentifier: default
parameters:
location: Default # default location covers geographic locations that you haven't created records for
---
apiVersion: dns.gardener.cloud/v1alpha1
kind: DNSEntry
metadata:
annotations:
# If you are delegating the DNS management to Gardener Shoot DNS Service, uncomment the following line
#dns.gardener.cloud/class: garden
name: geolocation-europe
namespace: default
spec:
dnsName: "my.second-service.example.com"
ttl: 120
targets:
- instance-eu.second-service.example.com
# routingPolicy is current only supported for AWS Route53 or Google CloudDNS
routingPolicy:
type: geolocation # AWS Route 53 specific example
setIdentifier: eu
parameters:
location: "Europe" # either continent, country or subdivision name (only allowed for countries United States or Ukraine), possible names see docs/aws-route53/README.md
#location: "continent=EU" # alternatively, use continent or country code as described here: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values-geo.html#rrsets-values-geo-location
#location: "country=FR"Creating this routing policy using annotations please adjust the details according to the examples for the weighted routing policy: Annotating Ingress or Service Resources with Routing Policy
This supports the IP-based routing policy as described here.
Each IP-based record set is defined by a separate DNSEntry. In this way it is possible to use different dns-controller-manager deployments
acting on the same domain names. Every record set needs a SetIdentifier which must be unique for all used identifier of the domain name.
IP-Based routing policy is supported for all record types, i.e. A, AAAA, CNAME, and TXT.
All entries of the same domain name must have the same record type and TTL.
Before the IP-based routing policy can be used, the CIDR collection and blocks have already to been set up in AWS Route 53. For details please see Creating a CIDR collection with CIDR locations and blocks.
Routing policy parameters:
| Name | Required | Description |
|---|---|---|
collection |
Yes | CIDR collection name. It must already be existing in AWS Route53 account. |
location |
Yes | The location name as specified for the IP address block(s) in the CIDR collection. |
healthCheckID |
No | The ID of the health check as defined in AWS Route53 account. It must already be existing and is not managed by the dns-controller-manager |
It is recommended to add a DNSEntry for the default location (value *) to be used for all IP addresses
not matching any defined IP blocks.
Example:
apiVersion: dns.gardener.cloud/v1alpha1
kind: DNSEntry
metadata:
annotations:
# If you are delegating the DNS management to Gardener Shoot DNS Service, uncomment the following line
#dns.gardener.cloud/class: garden
name: ip-based-default
namespace: default
spec:
dnsName: "my.fourth-service.example.com"
ttl: 120
targets:
- instance1.fourth-service.example.com
routingPolicy:
type: ip-based # only supported for AWS Route 53
setIdentifier: default
parameters:
collection: "my-collection" # CIDR collection must be already existing
location: "*" # default
---
apiVersion: dns.gardener.cloud/v1alpha1
kind: DNSEntry
metadata:
annotations:
# If you are delegating the DNS management to Gardener Shoot DNS Service, uncomment the following line
#dns.gardener.cloud/class: garden
name: ip-based-loc1
namespace: default
spec:
dnsName: "my.fourth-service.example.com"
ttl: 120
targets:
- instance2.fourth-service.example.com
routingPolicy:
type: ip-based # only supported for AWS Route 53
setIdentifier: loc1
parameters:
collection: "my-collection" # CIDR collection must already be existing
location: "my-location1" # location name must already be existingCreating this routing policy using annotations please adjust the details according to the examples for the weighted routing policy: Annotating Ingress or Service Resources with Routing Policy
This supports the Failover routing policy as described here.
Each failover record set is defined by a separate DNSEntry. In this way it is possible to use different dns-controller-manager deployments
acting on the same domain names. Every record set needs a SetIdentifier which must be unique for all used identifier of the domain name.
IP-Based routing policy is supported for all record types, i.e. A, AAAA, CNAME, and TXT.
All entries of the same domain name must have the same record type and TTL.
Routing policy parameters:
| Name | Required | Description |
|---|---|---|
failoverRecordType |
Yes | CIDR collection name. It must already be existing in AWS Route53 account. |
healthCheckID |
Yes | The ID of the health check as defined in AWS Route53 account. It must already be existing and is not managed by the dns-controller-manager |
disableEvaluateTargetHealth |
No | Only applies if target is a AWS ELB. In this case use this parameter to disable the target health check optionally. |
Example:
apiVersion: dns.gardener.cloud/v1alpha1
kind: DNSEntry
metadata:
annotations:
# If you are delegating the DNS management to Gardener Shoot DNS Service, uncomment the following line
#dns.gardener.cloud/class: garden
name: aws-failover-primary
namespace: default
spec:
dnsName: "my.fiveth-service.example.com"
ttl: 120
targets:
- instance1.fiveth-service.example.com
routingPolicy:
type: failover # only supported for AWS Route 53
setIdentifier: instance1
parameters:
failoverRecordType: primary
healthCheckID: 66666666-1111-4444-aaaa-25810ea11111
# disableEvaluateTargetHealth: "true" # only used if target is AWS ELB (target health is enabled by default)
---
apiVersion: dns.gardener.cloud/v1alpha1
kind: DNSEntry
metadata:
annotations:
# If you are delegating the DNS management to Gardener Shoot DNS Service, uncomment the following line
#dns.gardener.cloud/class: garden
name: aws-failover-secondary
namespace: default
spec:
dnsName: "my.fiveth-service.example.com"
ttl: 120
targets:
- instance2.fiveth-service.example.com
routingPolicy:
type: failover # only supported for AWS Route 53
setIdentifier: instance2
parameters:
failoverRecordType: secondary
healthCheckID: 66666666-1111-5555-bbbb-25810ea22222
# disableEvaluateTargetHealth: "true" # only used if target is AWS ELB (target health is enabled by default)Creating this routing policy using annotations please adjust the details according to the examples for the weighted routing policy: Annotating Ingress or Service Resources with Routing Policy