ExternalDNS webhook to manage Mirkotik DNS Records.
APACHE-2.0 License
[!IMPORTANT] While this software has reached version
v1.0.0
, it has not yet undergone extensive testing in large-scale, real-world environments. As such, it may still have bugs and may not yet be fully suitable for production use.I encourage users to report any issues or suggest improvements, as this project remains under active development. Thank you for contributing!
ExternalDNS is a Kubernetes add-on for automatically managing DNS records for Kubernetes ingresses and services by using different DNS providers. This webhook provider allows you to automate DNS records from your Kubernetes clusters into your MikroTik router.
Supported DNS record types:
DNSEndpoints
with multiple targets
are technically not supported. Only one record will be created with the first target from the list, but eDNS will keep trying to update your DNS record in RouterOS, constantly sending PUT
requests.Disabled
option on DNS records is currently ignoredproviderSpecific
annotations on Ingress
objects is not yet supported.Environment Variable | Description | Default Value |
---|---|---|
MIKROTIK_BASEURL |
URL at which the RouterOS API is available. (ex. https://192.168.88.1:443 ) |
N/A |
MIKROTIK_USERNAME |
Username for the RouterOS API authentication. | N/A |
MIKROTIK_PASSWORD |
Password for the RouterOS API authentication. | N/A |
MIKROTIK_SKIP_TLS_VERIFY |
Whether to skip TLS verification (true or false). | false |
LOG_FORMAT |
The format in which logs will be printed. (text or json ) |
json |
LOG_LEVEL |
The verbosity at which logs are printed logs. (debug , info , warn or error ) |
info |
Environment Variable | Description | Default Value |
---|---|---|
SERVER_HOST |
The host address where the server listens. | localhost |
SERVER_PORT |
The port where the server listens. | 8888 |
SERVER_READ_TIMEOUT |
Duration the server waits before timing out on read operations. | N/A |
SERVER_WRITE_TIMEOUT |
Duration the server waits before timing out on write operations. | N/A |
DOMAIN_FILTER |
List of domains to include in the filter. | Empty |
EXCLUDE_DOMAIN_FILTER |
List of domains to exclude from filtering. | Empty |
REGEXP_DOMAIN_FILTER |
Regular expression for filtering domains. | Empty |
REGEXP_DOMAIN_FILTER_EXCLUSION |
Regular expression for excluding domains from the filter. | Empty |
Create a service account in RouterOS. This local user needs read and write access to manage static DNS.
Create a Kubernetes namespace for your External DNS deployment
---
apiVersion: v1
kind: Namespace
metadata:
name: external-dns
Create a Kubernetes secret with the connection details for your RouterOS instance:
---
apiVersion: v1
kind: Secret
metadata:
name: mikrotik-credentials
namespace: external-dns
stringData:
MIKROTIK_BASEURL: "https://192.168.88.1:443"
MIKROTIK_USERNAME: "external-dns"
MIKROTIK_PASSWORD: "external-dns"
MIKROTIK_SKIP_TLS_VERIFY: "true"
Add the External DNS helm repository and update your local cache
helm repo add external-dns https://kubernetes-sigs.github.io/external-dns/
helm repo update
Configure your helm values. Take a look at the example values.yaml
Install the External DNS helm chart
helm upgrade --install --namespace external-dns external-dns external-dns/external-dns -f values.yaml
[!TIP] By default, support for MX, NS and SRV records is disabled and needs to be enabled via the
--managed-record-types
argument. Make sure to set--managed-record-types=SRV
if you want to enable SRV records, and so on.
Thanks to all the people who donate their time to the Home Operations Discord community.