How do I integrate Kubernetes with Cloudflare using ExternalDNS?
In this guide, we will demonstrate how to integrate Kubernetes with Cloudflare for DNS management using ExternalDNS. ExternalDNS is a Kubernetes add-on that automatically manages DNS records for Kubernetes resources in various DNS providers, including Cloudflare.
We will:
- Set up a Kubernetes cluster.
- Deploy ExternalDNS in the cluster.
- Configure ExternalDNS to use Cloudflare as the DNS provider.
import * as pulumi from "@pulumi/pulumi";
import * as k8s from "@pulumi/kubernetes";
import * as cloudflare from "@pulumi/cloudflare";
// Create a Kubernetes cluster (assuming you have a provider configured)
const cluster = new k8s.core.v1.Namespace("externaldns-ns", {
metadata: {
name: "externaldns"
}
});
// Define the ExternalDNS deployment
const externalDns = new k8s.apps.v1.Deployment("externaldns", {
metadata: {
namespace: cluster.metadata.name,
name: "externaldns"
},
spec: {
selector: {
matchLabels: {
app: "externaldns"
}
},
template: {
metadata: {
labels: {
app: "externaldns"
}
},
spec: {
containers: [{
name: "externaldns",
image: "k8s.gcr.io/external-dns/external-dns:v0.7.6",
args: [
"--source=service",
"--source=ingress",
"--domain-filter=<your-domain>", // Replace with your domain
"--provider=cloudflare",
"--cloudflare-proxied",
"--cloudflare-api-token=$(CF_API_TOKEN)"
],
env: [{
name: "CF_API_TOKEN",
valueFrom: {
secretKeyRef: {
name: "cloudflare-api-token",
key: "api-token"
}
}
}]
}]
}
}
}
});
// Create a secret for the Cloudflare API token
const cloudflareApiToken = new k8s.core.v1.Secret("cloudflare-api-token", {
metadata: {
namespace: cluster.metadata.name,
name: "cloudflare-api-token"
},
stringData: {
"api-token": "<your-cloudflare-api-token>" // Replace with your Cloudflare API token
}
});
// Export the Kubernetes cluster information
export const kubeconfig = cluster.metadata.name;
Key Points:
- We created a Kubernetes namespace for ExternalDNS.
- We deployed ExternalDNS with the necessary arguments to integrate with Cloudflare.
- We configured a Kubernetes secret to securely store the Cloudflare API token.
Summary:
This setup allows Kubernetes services and ingresses to automatically create and manage DNS records in Cloudflare using ExternalDNS. Make sure to replace placeholders with your actual domain and Cloudflare API token.
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.