{"id":9316,"date":"2022-01-04T13:07:15","date_gmt":"2022-01-04T07:37:15","guid":{"rendered":"https:\/\/opstree.com\/blog\/\/?p=9316"},"modified":"2022-01-04T20:31:48","modified_gmt":"2022-01-04T15:01:48","slug":"records-creation-in-azure-dns-from-aks-externaldns","status":"publish","type":"post","link":"https:\/\/opstree.com\/blog\/2022\/01\/04\/records-creation-in-azure-dns-from-aks-externaldns\/","title":{"rendered":"Records Creation in Azure DNS from AKS ExternalDNS"},"content":{"rendered":"\n<figure class=\"wp-block-image is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.incredibuild.com\/wp-content\/uploads\/2021\/07\/kubernetes_CI_logo_heptagon_blue.jpg\" alt=\"Using Kubernetes for CI Build Jobs and Generic Processing Tasks - Part 2 -  Incredibuild\" width=\"767\" height=\"430\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p class=\"has-text-align-justify\">Have you ever thought to create the DNS records automatically (like: A record, AAAA record and TXT record etc.) in the DNS Zones of Azure cloud from the kubernetes cluster&#8217;s yaml manifests (to be specific the External DNS) ?<\/p>\n\n\n\n<p>NO ?<\/p>\n\n\n\n<p class=\"has-text-align-justify\">So don&#8217;t worry guys because i have done it and i thought i should share this experience with you guys. This is not limited to Azure cloud DNS Zones, It will work with AWS Route 53, Google cloud DNS, AWS cloud map and many more to mention here.<\/p>\n\n\n\n<p class=\"has-text-align-justify\">Now let me introduce you guys to the particular objects of this setup then next we will move forward to know How to setup these objects. <\/p>\n\n\n\n<p>So let&#8217;s go&#8230;&#8230;&#8230;&#8230;.<\/p>\n\n\n\n<!--more-->\n\n\n\n<h3 class=\"wp-block-heading\" id=\"context\">Context: <\/h3>\n\n\n\n<p>So basically the story behind writing this blog is that there were more than one pods resulting in more than one IP addresses and here the requirement takes place because manual mapping of domain names with the pod&#8217;s IP addresses is not okay.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"particular-objects-section\"><strong>Particular Objects Section<\/strong>:<\/h2>\n\n\n\n<p class=\"has-text-align-justify has-normal-font-size\"><strong>DNS Zones<\/strong>:  A DNS zone is used to host the DNS records for a particular domain. To start hosting your domain in Azure DNS, you need to create a DNS zone for that domain name. Each DNS record for your domain is then created inside this DNS zone.<\/p>\n\n\n\n<p class=\"has-text-align-justify has-normal-font-size\">For example, the domain &#8216;devopstool.ml&#8217; may contain several DNS records, such as &#8216;mail.devopstool.ml&#8217; (for a mail server) and &#8216;www.devopstool.ml&#8217; (for a web site).<\/p>\n\n\n\n<p class=\"has-text-align-justify\" id=\"externaldns-externaldns-synchronizes-exposed-kubernetes-services-and-ingresses-with-dns-providers-externaldns-makes-kubernetes-resources-discoverable-via-public-dns-servers-like-kubedns-it-retrieves-a-list-of-resources-services-ingresses-etc-from-the-kubernetes-api-to-determine-a-desired-list-of-dns-records-in-a-broader-sense-externaldns-allows-you-to-control-dns-records-dynamically-via-kubernetes-resources-in-a-dns-provider-agnostic-way\"><strong>ExternalDNS<\/strong>: ExternalDNS synchronizes exposed Kubernetes Services and Ingresses with DNS providers. ExternalDNS makes Kubernetes resources discoverable via public DNS servers. Like KubeDNS, it retrieves a list of resources (Services, Ingresses, etc.) from the Kubernetes API&nbsp;to determine a desired list of DNS records.&nbsp;In a broader sense, ExternalDNS allows you to control DNS records dynamically via Kubernetes resources in a DNS provider-agnostic way.<\/p>\n\n\n\n<p class=\"has-text-align-justify\"><strong>Managed Identity<\/strong>: Managed Identity adds a role for the role of contributor to the DNS-RG then we add this Managed Identity with the VMSS(virtual machine scale set) to access the DNS Zone.<\/p>\n\n\n\n<figure class=\"wp-block-image is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.stacksimplify.com\/course-images\/azure-aks-ingress-external-dns.png\" alt=\"External DNS for Azure Kubernetes Service - Azure Kubernetes Service\" width=\"800\" height=\"510\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"prerequisites\">Prerequisites<\/h2>\n\n\n\n<ul><li>Azure Account<\/li><li>Kubernetes Cluster<\/li><li>Domain Name<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"setup-steps\">Setup Steps<\/h2>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"step-1-dns-zone-creation\"><strong>Step 1<\/strong>: <strong>DNS Zone Creation<\/strong><\/h5>\n\n\n\n<ul><li>First of all we should have the domain name for which we want to create the DNS Zone.<\/li><li>Then we can create the DNS Zone with the name of the domain name.<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2021\/12\/screenshot-from-2021-12-20-01-23-38.png?w=1024\" alt=\"\" class=\"wp-image-9398\" width=\"800\" height=\"481\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"step-2-managed-identity-creation\"><strong>Step 2: Managed Identity Creation<\/strong><\/h5>\n\n\n\n<ul><li>Create Managed service Identity.<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2021\/12\/screenshot-from-2021-12-20-01-33-40.png?w=1024\" alt=\"\" class=\"wp-image-9400\" width=\"800\" height=\"451\" \/><\/figure>\n\n\n\n<ul><li>After creating MSI, add azure role assignment in MSI<ul><li>Open MSI<\/li><li>Click on <strong>Azure Role Assignment -&gt; Add role assignment1<\/strong><\/li><li>Scope: Resource group<\/li><li>Subscription: use your own subscription<\/li><li>Resource group: use concerned resource group<\/li><li>Role: contributor<\/li><\/ul><\/li><li>Make&nbsp; a note of client id and update in azure.json<ul><li>Go to <strong>Overview<\/strong> -&gt; Make a note of <strong>\u201cClient ID\u201d<\/strong><\/li><li>Update it in <strong>azure.json<\/strong> value for <strong>userAssignedIdentityID<\/strong><\/li><\/ul><\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2021\/12\/screenshot-from-2021-12-20-01-47-52.png?w=1024\" alt=\"\" class=\"wp-image-9404\" width=\"800\" height=\"300\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"step-3-create-azure-json-file\"><strong>Step 3.<\/strong> Create azure.json file&nbsp;<\/h5>\n\n\n\n<p>For template we can use this<\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<pre class=\"wp-block-syntaxhighlighter-code\">{\n  \"tenantId\": \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\",\n  \"subscriptionId\": \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\",\n  \"resourceGroup\": \"dns-zones\", \n  \"useManagedIdentityExtension\": true,\n  \"userAssignedIdentityID\": \"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"  \n}<\/pre>\n\n\n\n<p><\/p>\n<\/div><\/div>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"to-get-azure-tenant-id\"># To get Azure Tenant ID<\/h5>\n\n\n\n<pre class=\"wp-block-preformatted\">az account show --query \"tenantId\"<\/pre>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"to-get-azure-subscription-id\"># To get Azure Subscription ID<\/h5>\n\n\n\n<pre class=\"wp-block-preformatted\">az account show --query \"id\"<\/pre>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"use-your-own-resource-group\"># Use your own resource group<\/h5>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"update-userassignedidentityid\"># Update <strong>userAssignedIdentityID<\/strong><\/h5>\n\n\n\n<p><\/p>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"step-4-associate-msi-in-aks-cluster-vmss\"><strong>Step 4.<\/strong>  Associate MSI in AKS cluster VMSS<\/h5>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<ul><li>Go to all services -&gt; VMSS -&gt; open your VMSS&nbsp;<\/li><li>Go to Settings -&gt; Identity -&gt; User assigned -&gt; Add -&gt; select your subscription -&gt; Add the MSI which we have created earlier<\/li><\/ul>\n<\/div><\/div>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2021\/12\/screenshot-from-2021-12-20-23-34-33.png?w=1024\" alt=\"\" class=\"wp-image-9414\" width=\"800\" height=\"535\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"step-5-create-kubernetes-secret\">Step 5. Create kubernetes secret<\/h5>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"create-secret\"># Create Secret<\/h5>\n\n\n\n<pre class=\"wp-block-preformatted\">kubectl create secret generic azure-config-file --from-file=azure.json<\/pre>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"list-secrets\"># List Secrets<\/h5>\n\n\n\n<pre class=\"wp-block-preformatted\">kubectl get secrets<\/pre>\n\n\n\n<p><\/p>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"step-6-create-external-dns-yaml-manifest-and-deploy-it\"><strong>Step 6.<\/strong> Create external-dns.yaml manifest and deploy it.<\/h5>\n\n\n\n<pre class=\"wp-block-code\"><code>apiVersion: v1\nkind: ServiceAccount\nmetadata:\n  name: external-dns\n---\napiVersion: rbac.authorization.k8s.io\/v1beta1\nkind: ClusterRole\nmetadata:\n  name: external-dns\nrules:\n- apiGroups: &#091;\"\"]\n  resources: &#091;\"services\",\"endpoints\",\"pods\"]\n  verbs: &#091;\"get\",\"watch\",\"list\"]\n- apiGroups: &#091;\"extensions\",\"networking.k8s.io\"]\n  resources: &#091;\"ingresses\"] \n  verbs: &#091;\"get\",\"watch\",\"list\"]\n- apiGroups: &#091;\"\"]\n  resources: &#091;\"nodes\"]\n  verbs: &#091;\"list\"]\n---\napiVersion: rbac.authorization.k8s.io\/v1beta1\nkind: ClusterRoleBinding\nmetadata:\n  name: external-dns-viewer\nroleRef:\n  apiGroup: rbac.authorization.k8s.io\n  kind: ClusterRole\n  name: external-dns\nsubjects:\n- kind: ServiceAccount\n  name: external-dns\n  namespace: default\n---\napiVersion: apps\/v1\nkind: Deployment\nmetadata:\n  name: external-dns\nspec:\n  strategy:\n    type: Recreate\n  selector:\n    matchLabels:\n      app: external-dns\n  template:\n    metadata:\n      labels:\n        app: external-dns\n    spec:\n      serviceAccountName: external-dns\n      containers:\n      - name: external-dns\n        image: registry.opensource.zalan.do\/teapot\/external-dns:latest\n        args:\n        - --source=service\n        - --source=ingress\n        #- --domain-filter=example.com # (optional) limit to only example.com domains; change to match the zone created above.\n        - --provider=azure\n        #- --azure-resource-group=externaldns # (optional) use the DNS zones from the specific resource group\n        volumeMounts:\n        - name: azure-config-file\n          mountPath: \/etc\/kubernetes\n          readOnly: true\n      volumes:\n      - name: azure-config-file\n        secret:\n          secretName: azure-config-file\n<\/code><\/pre>\n\n\n\n<ul><li>In <strong>&#8211;domain-filter<\/strong> we used the domain name<\/li><li>In &#8211;azure-resource-group we used the resource group in which DNS Zone is created<\/li><\/ul>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"deploy-externaldns\"># Deploy ExternalDNS&nbsp;<\/h5>\n\n\n\n<pre class=\"wp-block-preformatted\">kubectl apply -f external-dns.yml<\/pre>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"verify-externaldns-logs\"># Verify ExternalDNS Logs<\/h5>\n\n\n\n<pre class=\"wp-block-preformatted\">kubectl logs -f $(kubectl get po | egrep -o 'external-dns[A-Za-z0-9-]+')<\/pre>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"error-type-400\"># Error Type: 400<\/h5>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<pre class=\"wp-block-verse\">time=\"2020-08-24T11:25:04Z\" level=error msg=\"azure.BearerAuthorizer#WithAuthorization: Failed to refresh the Token for request to https:\/\/management.azure.com\/subscriptions\/82808767-144c-4c66-a320-b30791668b0a\/resourceGroups\/dns-zones\/providers\/Microsoft.Network\/dnsZones?api-version=2018-05-01: StatusCode=400 -- Original Error: adal: Refresh request failed. Status Code = '400'. Response body: {\\\"error\\\":\\\"invalid_request\\\",\\\"error_description\\\":\\\"Identity not found\\\"}\"<\/pre>\n<\/div><\/div>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"error-type-403\"># Error Type: 403<\/h5>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<pre class=\"wp-block-verse\">Notes: Error 403 will come when our Managed Service Identity dont have access to respective destination resource&nbsp;<\/pre>\n<\/div><\/div>\n<\/div><\/div>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"when-all-good-we-should-get-log-as-below\"># When all good, we should get log as below<\/h5>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<pre class=\"wp-block-verse\">time=\"2020-08-24T11:27:59Z\" level=info msg=\"Resolving to user assigned identity, client id is 404b0cc1-ba04-4933-bcea-7d002d184436.\"<\/pre>\n<\/div><\/div>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"step-7-deploy-a-demo-application-and-test-it\">Step 7: Deploy a demo application and test it<\/h5>\n\n\n\n<p><strong>deployment.yaml:<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-syntaxhighlighter-code\">apiVersion: apps\/v1\nkind: Deployment\nmetadata:\n  name: app1-nginx-deployment\n  labels:\n    app: app1-nginx\nspec:\n  replicas: 1\n  selector:\n    matchLabels:\n      app: app1-nginx\n  template:\n    metadata:\n      labels:\n        app: app1-nginx\n    spec:\n      containers:\n        - name: app1-nginx\n          image: stacksimplify\/kube-nginxapp1:1.0.0\n          ports:\n            - containerPort: 80<\/pre>\n\n\n\n<p><strong>clusterip-service.yaml<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-syntaxhighlighter-code\">apiVersion: v1\nkind: Service\nmetadata:\n  name: app1-nginx-clusterip-service\n  labels:\n    app: app1-nginx\nspec:\n  type: ClusterIP\n  selector:\n    app: app1-nginx\n  ports:\n    - port: 80\n      targetPort: 80<\/pre>\n\n\n\n<p><strong>ingress-with-externaldns.yaml<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-syntaxhighlighter-code\">apiVersion: networking.k8s.io\/v1beta1\nkind: Ingress\nmetadata:\n  name: nginxapp1-ingress-service\n  annotations:\n    kubernetes.io\/ingress.class: \"nginx\"\nspec:\n  rules:\n  - host: eapp1.devcsp.ml\n    http:\n      paths:\n      - path: \/\n        backend:\n          serviceName: app1-nginx-clusterip-service\n          servicePort: 80<\/pre>\n\n\n\n<ul><li>Deploy these  kubernetes objects.<\/li><li>Wait for 3 to 5 minutes for record set update in DNS Zone.<\/li><li>Verify external dns pod&#8217;s logs, should look like this.<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-preformatted\">time=\"2020-08-24T11:30:54Z\" level=info msg=\"Updating A record named 'eapp1' to '20.37.141.33' for Azure DNS zone 'devcsp.ml'.\"\n\ntime=\"2020-08-24T11:30:55Z\" level=info msg=\"Updating TXT record named 'eapp1' to '\\\"heritage=external-dns,external-dns\/owner=default,external-dns\/resource=ingress\/default\/nginxapp1-ingress-service\\\"' for Azure DNS zone 'devcsp.ml'.\"<\/pre>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"important-note-if-external-dns-pod-logs-are-not-the-same-as-expected-then-check-for-the-ingress-controller-it-must-be-available-and-if-it-is-not-then-deploy-it\">Important Note: If external-dns pod logs are not the same as expected then check for the ingress controller, it must be available and if it is not then deploy it&#8230;&#8230;.<\/h5>\n\n\n\n<pre class=\"wp-block-preformatted\">helm repo add nginx-stable https:\/\/helm.nginx.com\/stable\nhelm repo update\nhelm install ingress-nginx nginx-stable\/nginx-ingress\nhelm install ingress-nginx nginx-stable\/nginx-ingress --set rbac.create=true<\/pre>\n\n\n\n<ul><li>Now verify the external-dns pod logs it will be the same as expected<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2021\/12\/screenshot-from-2021-12-22-11-30-54.png?w=1024\" alt=\"\" class=\"wp-image-9442\" width=\"800\" height=\"447\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2021\/12\/screenshot-from-2021-12-22-20-27-50.png?w=1024\" alt=\"\" class=\"wp-image-9450\" width=\"800\" height=\"304\" \/><\/figure>\n\n\n\n<p>Hurraaaah \ud83d\ude42<\/p>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2022\/01\/2af3b-0awkga9zlgxfxwklv.gif\" alt=\"\" width=\"1029\" height=\"579\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<div class=\"wp-block-jetpack-markdown\"><p>THANK ME LATER&#8230;&#8230;&#8230;.<\/p>\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"conclusion\">Conclusion:<\/h2>\n\n\n\n<p class=\"has-text-align-justify\">Time to conclude the blog:&gt;&gt;  I wrote this blog because There was a requirement of this kind of setup and i couldn&#8217;t find the expected results on web  so it took more than enough time to make it happen so i thought there should be a proper documentation\/blog for this setup.  <\/p>\n\n\n\n<p>References &#8211; <strong><a rel=\"noreferrer noopener\" href=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2022\/01\/2af3b-0awkga9zlgxfxwklv.gif\" target=\"_blank\">GIF <\/a><\/strong>, <strong><a rel=\"noreferrer noopener\" href=\"https:\/\/www.incredibuild.com\/wp-content\/uploads\/2021\/07\/kubernetes_CI_logo_heptagon_blue.jpg\" target=\"_blank\">Image 1 <\/a><\/strong>,<strong> <a rel=\"noreferrer noopener\" href=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2022\/01\/2af3b-0awkga9zlgxfxwklv.gif\" target=\"_blank\">Image 2<\/a><\/strong><\/p>\n\n\n\n<p><strong style=\"font-weight:bold;\">Blog Pundit: <\/strong><a href=\"https:\/\/opstree.com\/blog\/\/author\/bhupendersinghb5dca0b393\/\"><strong>Bhupender rawat<\/strong><\/a> and <strong>Sanjeev Pandey<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.opstree.com\/contact-us?utm_source=blog&amp;utm_medium=wordpress+&amp;utm_campaign=Records+Creation+in+Azure+DNS+from+AKS+ExternalDNS\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>Opstree<\/strong><\/a><a href=\"https:\/\/www.opstree.com\/contact-us?utm_source=Blog&amp;utm_medium=Wordpress&amp;utm_campaign=AWS_SECRET_MANAGER\"> <\/a>is an End to End DevOps solution provider<\/p>\n\n\n\n<div class=\"wp-block-buttons is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button is-style-fill\"><a class=\"wp-block-button__link\" href=\"https:\/\/www.opstree.com\/contact-us\" target=\"_blank\" rel=\"noreferrer noopener\">CONTACT US<\/a><\/div>\n<\/div>\n\n\n\n<p class=\"has-text-align-center\"><strong>Connect Us <\/strong><\/p>\n\n\n\n<ul class=\"wp-block-social-links aligncenter is-content-justification-right is-layout-flex wp-container-core-social-links-is-layout-1 wp-block-social-links-is-layout-flex\"><li class=\"wp-social-link wp-social-link-linkedin  wp-block-social-link\"><a href=\"https:\/\/www.linkedin.com\/company\/opstree-solutions\" class=\"wp-block-social-link-anchor\" target=\"_blank\" rel=\"noopener\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M19.7,3H4.3C3.582,3,3,3.582,3,4.3v15.4C3,20.418,3.582,21,4.3,21h15.4c0.718,0,1.3-0.582,1.3-1.3V4.3 C21,3.582,20.418,3,19.7,3z M8.339,18.338H5.667v-8.59h2.672V18.338z M7.004,8.574c-0.857,0-1.549-0.694-1.549-1.548 c0-0.855,0.691-1.548,1.549-1.548c0.854,0,1.547,0.694,1.547,1.548C8.551,7.881,7.858,8.574,7.004,8.574z M18.339,18.338h-2.669 v-4.177c0-0.996-0.017-2.278-1.387-2.278c-1.389,0-1.601,1.086-1.601,2.206v4.249h-2.667v-8.59h2.559v1.174h0.037 c0.356-0.675,1.227-1.387,2.526-1.387c2.703,0,3.203,1.779,3.203,4.092V18.338z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">LinkedIn<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-youtube  wp-block-social-link\"><a href=\"https:\/\/www.youtube.com\/channel\/UCeLma6SpNYH7jjYKSBNSexw\" class=\"wp-block-social-link-anchor\" target=\"_blank\" rel=\"noopener\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M21.8,8.001c0,0-0.195-1.378-0.795-1.985c-0.76-0.797-1.613-0.801-2.004-0.847c-2.799-0.202-6.997-0.202-6.997-0.202 h-0.009c0,0-4.198,0-6.997,0.202C4.608,5.216,3.756,5.22,2.995,6.016C2.395,6.623,2.2,8.001,2.2,8.001S2,9.62,2,11.238v1.517 c0,1.618,0.2,3.237,0.2,3.237s0.195,1.378,0.795,1.985c0.761,0.797,1.76,0.771,2.205,0.855c1.6,0.153,6.8,0.201,6.8,0.201 s4.203-0.006,7.001-0.209c0.391-0.047,1.243-0.051,2.004-0.847c0.6-0.607,0.795-1.985,0.795-1.985s0.2-1.618,0.2-3.237v-1.517 C22,9.62,21.8,8.001,21.8,8.001z M9.935,14.594l-0.001-5.62l5.404,2.82L9.935,14.594z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">YouTube<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-github  wp-block-social-link\"><a href=\"https:\/\/github.com\/OpsTree\" class=\"wp-block-social-link-anchor\" target=\"_blank\" rel=\"noopener\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M12,2C6.477,2,2,6.477,2,12c0,4.419,2.865,8.166,6.839,9.489c0.5,0.09,0.682-0.218,0.682-0.484 c0-0.236-0.009-0.866-0.014-1.699c-2.782,0.602-3.369-1.34-3.369-1.34c-0.455-1.157-1.11-1.465-1.11-1.465 c-0.909-0.62,0.069-0.608,0.069-0.608c1.004,0.071,1.532,1.03,1.532,1.03c0.891,1.529,2.341,1.089,2.91,0.833 c0.091-0.647,0.349-1.086,0.635-1.337c-2.22-0.251-4.555-1.111-4.555-4.943c0-1.091,0.39-1.984,1.03-2.682 C6.546,8.54,6.202,7.524,6.746,6.148c0,0,0.84-0.269,2.75,1.025C10.295,6.95,11.15,6.84,12,6.836 c0.85,0.004,1.705,0.114,2.504,0.336c1.909-1.294,2.748-1.025,2.748-1.025c0.546,1.376,0.202,2.394,0.1,2.646 c0.64,0.699,1.026,1.591,1.026,2.682c0,3.841-2.337,4.687-4.565,4.935c0.359,0.307,0.679,0.917,0.679,1.852 c0,1.335-0.012,2.415-0.012,2.741c0,0.269,0.18,0.579,0.688,0.481C19.138,20.161,22,16.416,22,12C22,6.477,17.523,2,12,2z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">GitHub<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-facebook  wp-block-social-link\"><a href=\"https:\/\/www.facebook.com\/opstree\" class=\"wp-block-social-link-anchor\" target=\"_blank\" rel=\"noopener\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M12 2C6.5 2 2 6.5 2 12c0 5 3.7 9.1 8.4 9.9v-7H7.9V12h2.5V9.8c0-2.5 1.5-3.9 3.8-3.9 1.1 0 2.2.2 2.2.2v2.5h-1.3c-1.2 0-1.6.8-1.6 1.6V12h2.8l-.4 2.9h-2.3v7C18.3 21.1 22 17 22 12c0-5.5-4.5-10-10-10z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">Facebook<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-medium  wp-block-social-link\"><a href=\"https:\/\/medium.com\/buildpiper\" class=\"wp-block-social-link-anchor\" target=\"_blank\" rel=\"noopener\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M20.962,7.257l-5.457,8.867l-3.923-6.375l3.126-5.08c0.112-0.182,0.319-0.286,0.527-0.286c0.05,0,0.1,0.008,0.149,0.02 c0.039,0.01,0.078,0.023,0.114,0.041l5.43,2.715l0.006,0.003c0.004,0.002,0.007,0.006,0.011,0.008 C20.971,7.191,20.98,7.227,20.962,7.257z M9.86,8.592v5.783l5.14,2.57L9.86,8.592z M15.772,17.331l4.231,2.115 C20.554,19.721,21,19.529,21,19.016V8.835L15.772,17.331z M8.968,7.178L3.665,4.527C3.569,4.479,3.478,4.456,3.395,4.456 C3.163,4.456,3,4.636,3,4.938v11.45c0,0.306,0.224,0.669,0.498,0.806l4.671,2.335c0.12,0.06,0.234,0.088,0.337,0.088 c0.29,0,0.494-0.225,0.494-0.602V7.231C9,7.208,8.988,7.188,8.968,7.178z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">Medium<\/span><\/a><\/li><\/ul>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Have you ever thought to create the DNS records automatically (like: A record, AAAA record and TXT record etc.) in the DNS Zones of Azure cloud from the kubernetes cluster&#8217;s yaml manifests (to be specific the External DNS) ? NO ? So don&#8217;t worry guys because i have done it and i thought i should &hellip; <a href=\"https:\/\/opstree.com\/blog\/2022\/01\/04\/records-creation-in-azure-dns-from-aks-externaldns\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Records Creation in Azure DNS from AKS ExternalDNS&#8221;<\/span><\/a><\/p>\n","protected":false},"author":214816353,"featured_media":29900,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[28070474,46713213],"tags":[460,728405982,728405979,768739309,4996032],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/opstree.com\/blog\/wp-content\/uploads\/2025\/11\/DevSecOps-1.jpg","jetpack_likes_enabled":true,"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pfDBOm-2qg","jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/9316"}],"collection":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/users\/214816353"}],"replies":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/comments?post=9316"}],"version-history":[{"count":24,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/9316\/revisions"}],"predecessor-version":[{"id":9592,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/9316\/revisions\/9592"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/media\/29900"}],"wp:attachment":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/media?parent=9316"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/categories?post=9316"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/tags?post=9316"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}