Welcome to k8gb Discussions! #364

ytsarev · 2021-03-13T19:37:35Z

ytsarev
Mar 13, 2021
Maintainer

👋 Welcome!

We’re using Discussions as a place to connect with other members of k8gb community. We hope that you:

Ask questions about k8gb
Get help with k8gb
Share ideas around k8gb
Share your experience with k8gb

Let's build some great open-source GSLB stuff together 💪

AlekseyGorodetsky · 2023-04-18T19:32:44Z

AlekseyGorodetsky
Apr 18, 2023

Hello!
Thanks for the interesting solution!
But I have a question about some limitations that may be important in production.

Your CustomResourceDefinition Gslb can only create Ingress services that are proxy nodes, and in most cases accept protocols HTTP, HTTPS.
Maybe I didn’t find it, but in what way can I directly issue external IPs to services LoadBalancer of types, which can accept any protocols and without proxy nodes.

Let me know if this is possible now or in the future.
Thanks again for your solution.

0 replies

ytsarev · 2023-04-18T21:38:42Z

ytsarev
Apr 18, 2023
Maintainer Author

Hey @AlekseyGorodetsky ,

Thanks a lot for you interest in k8gb and the great question.

We have relevant Issues in the backlog for a while

#147

and #954

but it still needs to be implemented.

I would be keen to learn about your use case more so we can possibly drive the implementation with the real user context.

Thanks,
Yury

0 replies

AlekseyGorodetsky · 2023-04-19T00:19:09Z

AlekseyGorodetsky
Apr 19, 2023

Thanks for the quick response!

Your choice #147 is fine!
Service enabled spec might look like:

apiVersion: k8gb.absa.oss/v1beta1
kind: Gslb
metadata:
name: test-gslb
namespace: test-gslb
spec:
loadBalancer:
host: app1.cloud.example.com
serviceName: app # Service with type: LoadBalancer
strategy:
type: roundRobin

It's simple and logical!
Good luck in development!

I put a star on your chart on the site - https://artifacthub.io/packages/helm/k8gb/k8gb

0 replies

kkpatel · 2023-06-29T14:26:38Z

kkpatel
Jun 29, 2023

In our clusters we typically use Traefik2 for our ingress controllers and consequently create IngressRoute resources. Though for some cases we still define Ingress resources. Can k8sgb be modified to also support Traefik IngressRoute resources?

1 reply

ytsarev Jun 29, 2023
Maintainer Author

Hi @kkpatel , to use some additional/special CRD we will need to adjust k8gb logic, theoretically possible in future.

During yesterday community meeting @kuritka presented the concept of k8gb-lite with ability to create addition CRD support. You can find the presentation here https://www.youtube.com/watch?v=KiWeMdlaIdo

kkpatel · 2023-06-30T14:16:07Z

kkpatel
Jun 30, 2023

Thanks for the quick response. Would K8gb work for a usecase where we had multiple ingress controllers on a single cluster? In our scenario, we have multiple ingress controllers per cluster, each servicing a subset of all the applications. Thanks in advance.

…

________________________________ From: Yury Tsarev ***@***.***> Sent: Thursday, June 29, 2023 10:56:59 AM To: k8gb-io/k8gb Cc: Patel, Kavita K.; Mention Subject: EXTERNAL: Re: [k8gb-io/k8gb] Welcome to k8gb Discussions! (Discussion #364) Hi @kkpatel<https://github.com/kkpatel> , to use some additional/special CRD we will need to adjust k8gb logic, theoretically possible in future. During yesterday community meeting @kuritka<https://github.com/kuritka> presented the concept of k8gb-lite with ability to create addition CRD support. You can find the presentation here https://www.youtube.com/watch?v=KiWeMdlaIdo — Reply to this email directly, view it on GitHub<#364 (reply in thread)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ABEYOYBQQVTUZXLDF6R46NTXNWJTXANCNFSM4ZEEKCUA>. You are receiving this because you were mentioned.Message ID: ***@***.***>

________________________________ This message is intended only for the use of the individual or entity to which it is addressed and may contain ZETA Associates confidential or proprietary information. If you are not the intended recipient, any use, dissemination, or distribution of this communication is prohibited. If you have received this communication in error, please notify the sender and delete all copies.

1 reply

ytsarev Jun 30, 2023
Maintainer Author

k8gb works with the Ingress object and is generally ingress controller agnostic, so I do not see architectural blockers for it to handle multpiple ingress controllers scenario. It requires some testing, though.

kkpatel · 2023-07-06T14:11:12Z

kkpatel
Jul 6, 2023

Hi Yury, Thanks again for the response. I have another question, is there a way to disable the K8gb controller from creating the DNSEndpoint objects based on an annotation in the Gslb CRD object? The reason being, we use traefik2 and though we generate Ingress objects, most of our applications create IngressRoute objects. We found a Kubernetes github project (https://github.com/borchero/switchboard) that can create DNSEndpoint objects from IngressRoute objects which looks appealing to us. Integrating this with the K8gb controller functionality would be great. Thanks again, Kavita Patel

…

________________________________ From: Yury Tsarev ***@***.***> Sent: Friday, June 30, 2023 10:31:17 AM To: k8gb-io/k8gb Cc: Patel, Kavita K.; Mention Subject: EXTERNAL: Re: [k8gb-io/k8gb] Welcome to k8gb Discussions! (Discussion #364) k8gb works with the Ingress object and is generally ingress controller agnostic, so I do not see architectural blockers for it to handle multpiple ingress controllers scenario. It requires some testing, though. — Reply to this email directly, view it on GitHub<#364 (reply in thread)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ABEYOYGLXW5YTLSP7BNBG2DXN3PLLANCNFSM4ZEEKCUA>. You are receiving this because you were mentioned.Message ID: ***@***.***>

________________________________ This message is intended only for the use of the individual or entity to which it is addressed and may contain ZETA Associates confidential or proprietary information. If you are not the intended recipient, any use, dissemination, or distribution of this communication is prohibited. If you have received this communication in error, please notify the sender and delete all copies.

1 reply

ytsarev Jul 11, 2023
Maintainer Author

Hi Kavita,

Currently DNSEndpoint creation is part of the core logic and cannot be disabled. Feel free to create an issue with the possible flow and integration description you would like to see, we will be happy to evaluate the options here.

Cheers,
Yury

hyoungdong-choi · 2024-05-03T08:35:50Z

hyoungdong-choi
May 3, 2024

Hi,
We are currently using RKE, with our DNS handled by our own Bind9 server. We want to create an additional cluster to utilize K8GB across two clusters. I'm curious if ExternalDNS would function properly using Bind9 instead of Route53 or Infoblox

Thank you

5 replies

ytsarev May 14, 2024
Maintainer Author

Hi @hyoungdong-choi , thanks a lot for your interest in k8gb!

k8gb supports https://github.com/k8gb-io/k8gb/blob/master/docs/provider_rfc2136.md and our local reference deployment work with Bind9 so everything should work! Please also see associated helm chart values https://github.com/k8gb-io/k8gb/blob/master/chart/k8gb/values.yaml#L133

Cheers,
Yury

hyoungdong-choi May 16, 2024

Thank you Yury.

I have more questions about k8gb helm install value about the section of externalDNS.
Is that section for Cloud DNS Service?
So basically i wanna ask if i need to use the section of Global, K8gb, CoreDNS, rfc2136 for the bind9 that i use DNS Server rn

Thanks again

ytsarev May 16, 2024
Maintainer Author

If you follow https://www.k8gb.io/#quick-start , you will get a working local reference setup with the bind server :) Then, you can reuse the helm values from this working setup.

hyoungdong-choi May 17, 2024

Thank you again :)
I check the files the set-up and files on the quick-start
On the bind9 Server zone file, the ip of nginx-ingress-controller was there but i thought the external IP of K8gb-coredns should be there
what is the right set up for it?
except that, i can make it :)

Thanks, again

ytsarev Jun 25, 2024
Maintainer Author

What is getting configured for Zone delegation depends on the coredns exposure type.

Please check this code https://github.com/k8gb-io/k8gb/blob/master/controllers/providers/dns/external.go#L66-L73

	if p.config.CoreDNSExposed {
		NSServerIPs, err = p.assistant.CoreDNSExposedIPs()
	} else {
		NSServerIPs, err = p.assistant.GslbIngressExposedIPs(gslb)
	}
	if err != nil {
		return err
	}

If the coredns service is exposed aka is of type LoadBalancer https://github.com/k8gb-io/k8gb/blob/master/chart/k8gb/templates/deployment.yaml#L105-L108, then it's going to get the IP from CoreDNS Service.
Example configuration https://github.com/k8gb-io/k8gb/blob/master/docs/examples/route53/k8gb/k8gb-cluster-eu-west-1.yaml#L14

Otherwise, it will get the IPs from Ingress. The assumption in this case is that Ingress is using hostNetwork: true https://github.com/k8gb-io/k8gb/blob/master/deploy/ingress/nginx-ingress-values.yaml#L9 so effectively it is equal to k8s nodes IP addresses.

You can always check the construction of the resulting DnsEndpoint CR

 k get dnsendpoints.externaldns.k8s.io -n k8gb k8gb-ns-extdns -o yaml
apiVersion: externaldns.k8s.io/v1alpha1
kind: DNSEndpoint
metadata:
  annotations:
    k8gb.absa.oss/dnstype: extdns
  creationTimestamp: "2024-06-24T20:41:18Z"
  generation: 1
  name: k8gb-ns-extdns
  namespace: k8gb
  resourceVersion: "5136"
  uid: 3a5becdb-76bd-4760-8828-f0127ead77cb
spec:
  endpoints:
  - dnsName: cloud.example.com
    recordTTL: 5
    recordType: NS
    targets:
    - gslb-ns-eu-cloud.example.com
    - gslb-ns-us-cloud.example.com
  - dnsName: gslb-ns-us-cloud.example.com
    recordTTL: 5
    recordType: A
    targets:
    - 172.20.0.10
    - 172.20.0.11
status:
  observedGeneration: 1

Hope it helps! Please let me know if anything is unclear :)

kkpatel · 2025-05-20T16:30:52Z

kkpatel
May 20, 2025

Hi, In the past we configured K8gb to communicate with our bind server to update/delete/add CNAME records. To give you a little perspective, we have multiple ingress controller instances on a give Kubernetes cluster. An application on a given cluster can sit behind any of one those ingress controllers in that cluster. At the time we had configured K8gb externalDNS deployment to write CNAME records into the bind server. This all worked very well and we were able to successfully use the K8gb yo loadbalance and failover for our services running on multiple GSLB clusters. However, since then, we have switched to using InfoBlox as our edgeDNS. Even though externalDNS says it supports InfoBlox, we noticed that the template for external-dns template in the K8gb helm chart (v.0.14.0) is configured to deploy an instance of externalDNS only when using one of a handful of dns providers, InfoBlox not listed in the if condition as being one of them. {{- if or .Values.ns1.enabled .Values.route53.enabled .Values.rfc2136.enabled .Values.azuredns.enabled .Values.cloudflare.enabled }} So I believe the K8gb controller is managing the API interaction itself to Infoblox. In this scenario, what we see is the K8gb controller writing a NS record for the DNS to delegate to for our configured zone (K8gb CoreDNS), and then writing/updating a single A record in InfoBlox. The A record in InfoBlox specifies the IP address for the DNS (K8gb CoreDNS) that it is delegating to for the zone we've defined. This all would be fine, however, we notice that each time we configure an application in the cluster to be globally loadbalanced, the K8gb controller tries to update that same A record to then reflect the ingress controller IP associated with the ingress-class defined in the corresponding Ingress resource for that gslb application. This is obviously not desirable. There are a couple of options which we have been pondering but not sure exactly how to configure K8gb to do this: 1. K8gb controller to add CNAME entries in InfoBlox for every app configured to be globally load balanced and not update and use the same A record for each gslb app. I would assume that externalDNS, if it were deployed, would do exactly this. 2. Not have K8gb update Infoblox at all and we would manually add a NS record and an A record in Infblox for the K8gb CoreDNS to delegate to. The K8gb CoreDNS would then return the correct ingress controller IP associated with the health service for the app. Keep in mind that we have several clusters that we would globaly load balance, thus we would have K8gb instance running on each one of those clustrers. Assuming our understanding is all correct, the above are a few thoughts we had but we would really appreciate your input and guidance on how best we can approach this problem. Please let me know if we can provide you any additional information to clarify anything. Also, I should add that our clusters are running on an isolated network (not connected to the public internet). Thanks, Kavita Patel

…

________________________________ From: Yury Tsarev ***@***.***> Sent: Friday, June 30, 2023 10:31 AM To: k8gb-io/k8gb Cc: Patel, Kavita K.; Mention Subject: EXTERNAL: Re: [k8gb-io/k8gb] Welcome to k8gb Discussions! (Discussion #364) k8gb works with the Ingress object and is generally ingress controller agnostic, so I do not see architectural blockers for it to handle multpiple ingress controllers scenario. It requires some testing, though. — Reply to this email directly, view it on GitHub<#364 (reply in thread)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ABEYOYGLXW5YTLSP7BNBG2DXN3PLLANCNFSM4ZEEKCUA>. You are receiving this because you were mentioned.Message ID: ***@***.***>

________________________________ This message is intended only for the use of the intended recipient(s) If you are not an intended recipient, you are hereby notified that any use, dissemination, disclosure or copying of this communication is strictly prohibited. If you have received this communication in error please destroy all copies of this message and its attachments and notify the sender immediately.

0 replies

chetanrp-camunda · 2025-05-26T13:50:38Z

chetanrp-camunda
May 26, 2025

I have a question related to documetation.
I am using https://www.k8gb.io/docs/deploy_route53.html to deploy the sample on my AWS EKS clusters.
However, the newest version of the chart give me an error

Error: values don't meet the specifications of the schema(s) in the following chart(s):
k8gb:
- k8gb: Additional property dnsZones is not allowed
- k8gb: Additional property edgeDNSServer is not allowed

Can you point me to the correct documentaiton to make the sample work ?

3 replies

chetanrp-camunda May 26, 2025

It is not clear from the documentation whether it is possible to use an AWS Private Hosted Zone with K8gb.

abaguas May 28, 2025
Collaborator

Hi @chetanrp-camunda, yes it is possible to use AWS Private Hosted Zones with k8gb.
Sorry, we don't have versioned documentation yet. It seems you are using the latest configuration on chart v0.14.0.
Can you try to use the chart version v0.15.0-rc1?

k0da May 28, 2025
Maintainer

@abaguas actually you can't. NS records are ignored by Private zones. There is a workaround, but it doesn't out of the box.

kkpatel · 2025-07-11T16:37:53Z

kkpatel
Jul 11, 2025

Hi,
Just checking if anyone has any input or thoughts on my question from May 20th regarding K8gb with Infoblox in a multi-cluster, multi IngressController per cluster scenario.

Currently using k8fb v0.14

Any input or help would be appreciated.

1 reply

ytsarev Jul 13, 2025
Maintainer Author

Hi @kkpatel , can you please open a separate issue or discussion? It's very hard to maintain everything in the same big thread

Welcome to k8gb Discussions! #364

Uh oh!

ytsarev Mar 13, 2021 Maintainer

👋 Welcome!

Replies: 10 comments · 12 replies

Uh oh!

Uh oh!

Uh oh!

ytsarev Apr 18, 2023 Maintainer Author

Uh oh!

Uh oh!

Uh oh!

Uh oh!

ytsarev Jun 29, 2023 Maintainer Author

Uh oh!

Uh oh!

ytsarev Jun 30, 2023 Maintainer Author

Uh oh!

Uh oh!

ytsarev Jul 11, 2023 Maintainer Author

Uh oh!

Uh oh!

ytsarev May 14, 2024 Maintainer Author

Uh oh!

Uh oh!

ytsarev May 16, 2024 Maintainer Author

Uh oh!

Uh oh!

ytsarev Jun 25, 2024 Maintainer Author

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

abaguas May 28, 2025 Collaborator

Uh oh!

k0da May 28, 2025 Maintainer

Uh oh!

Uh oh!

Uh oh!

ytsarev Jul 13, 2025 Maintainer Author

ytsarev
Mar 13, 2021
Maintainer

Replies: 10 comments 12 replies

ytsarev
Apr 18, 2023
Maintainer Author

ytsarev Jun 29, 2023
Maintainer Author

ytsarev Jun 30, 2023
Maintainer Author

ytsarev Jul 11, 2023
Maintainer Author

ytsarev May 14, 2024
Maintainer Author

ytsarev May 16, 2024
Maintainer Author

ytsarev Jun 25, 2024
Maintainer Author

abaguas May 28, 2025
Collaborator

k0da May 28, 2025
Maintainer

ytsarev Jul 13, 2025
Maintainer Author