Limit number of dns entries by external dns

Hello,

I am using external dns app on rancher 2.2.7 to resolve pods and services. I have set it up to sync dns entries to cloudflare to route traffic to correct pod corresponding to the queried domain.
However, I can’t seem to figure out how to limit the dns entries on cloudflare to one or two node ip address as A record. Right now, it populates the as many A records as there are worker nodes. So, if there are 7 worker nodes, I have 7 dns entries on cloudflare. Which is pretty redundant, specially when you’re using subdomain for each services, and cloudflare only allow 1000 entries per domain max.

Is there a way to specify a certain IP address as entrypoint that can be reflected on cloudflare, instead of having indefinite number of dns entries corresponding to the number of worker nodes?

Why not use your external dns to point to a external load balancer using a wildcard A record and then handle all the routing via the IngressController and ingress objects within the cluster ?

Sorry, I am not sure what you mean.
Do you have any resources that I can refer to?
Thank you very much.

What type is your service? If it’s a NodePort, then you also have to set externalTrafficPolicy: Local, otherwise each node will receive an A record regardless of pod location (which IMHO is stupid). But then make sure you understand the potential consequences of using this policy, depending on your cloud provider.

Here is the code fragment:

I did set externalTrafficPolicy to local. But it didn’t do anything.

Is there anything else I am missing? @adampl

Edit: I figured out that we can set the target IP address using the annotation in load balancer. But it is not feasible if nodes are dynamic.
external-dns.alpha.kubernetes.io/target: "IP Address"

I am still looking for more elegant solution.

The screenshot you posted shows External DNS config, but the externalTrafficPolicy should be set in the Service object.

You mean, I should put service.externalTrafficPolicy instead?

No, I mean put it in each Service in your cluster that you want to be resolved by External DNS - the same objects that you annotate with external-dns.alpha.kubernetes.io/..., but this field should be set in the spec section instead, just like type: LoadBalancer.

Can you tell me in respect to the rancher UI?
Thank you. I really appreciate this.

Workloads > Service discovery > Edit (selected service) > Show advanced options > External Traffic Policy

But really, you better master the k8s basics and learn to do this with kubectl, because some things cannot be done in the UI.

Do you know if we can specify a specific IP address for all cloudflare dns entries?

Yes, I know. I am learning and doing my best. I am not just afraid to ask questions.

You can do this with a Service of type LoadBalancer but I don’t know if CloudFlare respects the loadBalancerIP field: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer