- EKS-Cluster Setup
- Application Load Balancer
Create policy for External-DNS using below JSON content:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"route53:ChangeResourceRecordSets"
],
"Resource": [
"arn:aws:route53:::hostedzone/*"
]
},
{
"Effect": "Allow",
"Action": [
"route53:ListHostedZones",
"route53:ListResourceRecordSets"
],
"Resource": [
"*"
]
}
]
}
eksctl create iamserviceaccount \
--name external-dns \
--region us-east-1 \
--namespace default \
--cluster eksdemo \
--attach-policy-arn arn:aws:iam::136962450893:policy/external-DNS \
--approve \
--override-existing-serviceaccounts
kubectl get sa external-dns
Search eks-addonrole in IAM and check if that role has external-DNS access policy.
if so choose and update the same in external-dns.yml file
(arn:aws:iam::136962450893:role/eksctl-eksdemo-addon-iamserviceaccount-defau-Role1-XXXX)
Open Deploy-ExternalDNS.yml file replce external-dns role arn:
annotations: eks.amazonaws.com/role-arn: arn:aws:iam::136962450893:role/eksctl-eksdemo-addon-iamserviceaccount-defau-Role1-13NJMLQ2DIXII
kubectl get sa external-dns
kubectl apply -f external-dns.yml
REmove record A in Route53 and refresh:
Now delete ingress1.yml and apply ,