No DNS recrods created in Cloudflare with kind ingress , only kind service is working. #5776
Description
What happened:
When I use External DNS annotation with ingress (with Traefik) using the cloudflare provider, no DNS records are created.
When I use external DNS annotations on a service using the cloudflare provider, I can see the DNS record created successfully.
What you expected to happen:
DNS records created in Cloudflare when defined in ingress
How to reproduce it (as minimally and precisely as possible):
- service config that works
---
apiVersion: v1
kind: Service
metadata:
name: nginx-test
annotations:
external-dns.alpha.kubernetes.io/hostname: test.example.com # this works
external-dns.alpha.kubernetes.io/ttl: "120" #optional
spec:
selector:
app: nginx-test
type: LoadBalancer
ports:
- protocol: TCP
port: 80
targetPort: 80- ingress config that doesn't work
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nginx-test-ingress
annotations:
external-dns.alpha.kubernetes.io/hostname: test.example.com # no records created !
external-dns.alpha.kubernetes.io/ttl: "120" #optional
spec:
ingressClassName: traefik
rules:
- host: test.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: nginx-test
port:
number: 80
tls:
- hosts:
- test.example.com
secretName: nginx-test-cert$ kubectl -n external-dns logs -l app.kubernetes.io/name=external-dns
time="2025-08-28T14:05:37Z" level=info msg="All records are already up to date"Anything else we need to know?:
Environment:
- External-DNS version (use
external-dns --version):
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: "2025-08-20T15:03:42Z"
generateName: external-dns-65cb8964f7-
generation: 1
labels:
app.kubernetes.io/instance: external-dns
app.kubernetes.io/name: external-dns
pod-template-hash: 65cb8964f7
name: external-dns-65cb8964f7-ncs5n
namespace: external-dns
ownerReferences:
- apiVersion: apps/v1
blockOwnerDeletion: true
controller: true
kind: ReplicaSet
name: external-dns-65cb8964f7
uid: 5d93fe10-1c48-424c-a1e7-77d5648b8343
resourceVersion: "6341637"
uid: 62c729cd-2bd3-4292-bd72-41eeddb54703
spec:
automountServiceAccountToken: true
containers:
- args:
- --log-level=info
- --log-format=text
- --interval=1m
- --source=service
- --source=ingress
- --policy=upsert-only
- --registry=txt
- --provider=cloudflare
env:
- name: CF_API_TOKEN
valueFrom:
secretKeyRef:
key: apiKey
name: cloudflare-api-key
image: registry.k8s.io/external-dns/external-dns:v0.18.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 2
httpGet:
path: /healthz
port: http
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
name: external-dns
ports:
- containerPort: 7979
name: http
protocol: TCP
readinessProbe:
failureThreshold: 6
httpGet:
path: /healthz
port: http
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsGroup: 65532
runAsNonRoot: true
runAsUser: 65532
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-z69s4
readOnly: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
nodeName: rpi001-ath
preemptionPolicy: PreemptLowerPriority
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
fsGroup: 65534
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
serviceAccount: external-dns
serviceAccountName: external-dns
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: kube-api-access-z69s4
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 3607
path: token
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt
- downwardAPI:
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
path: namespace
status:
conditions:
- lastProbeTime: null
lastTransitionTime: "2025-08-27T18:07:08Z"
status: "True"
type: PodReadyToStartContainers
- lastProbeTime: null
lastTransitionTime: "2025-08-20T15:03:42Z"
status: "True"
type: Initialized
- lastProbeTime: null
lastTransitionTime: "2025-08-27T18:07:29Z"
status: "True"
type: Ready
- lastProbeTime: null
lastTransitionTime: "2025-08-27T18:07:29Z"
status: "True"
type: ContainersReady
- lastProbeTime: null
lastTransitionTime: "2025-08-20T15:03:42Z"
status: "True"
type: PodScheduled
containerStatuses:
- containerID: containerd://84b3ae35bd4b75a5f57e2b68d878201ac38e41ea20e0c83675c079e86b641012
image: registry.k8s.io/external-dns/external-dns:v0.18.0
imageID: registry.k8s.io/external-dns/external-dns@sha256:f90738b35be265d50141d5c21e6f6049c3da7cd761682c40214117a2951b80bc
lastState:
terminated:
containerID: containerd://98474413960d9b2b3ff1a210615efa97e99765e78e1d5cf9c3d79758545d27ca
exitCode: 255
finishedAt: "2025-08-27T18:06:44Z"
reason: Unknown
startedAt: "2025-08-22T04:18:32Z"
name: external-dns
ready: true
resources: {}
restartCount: 7
started: true
state:
running:
startedAt: "2025-08-27T18:07:07Z"
user:
linux:
gid: 65532
supplementalGroups:
- 65532
- 65534
uid: 65532
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-z69s4
readOnly: true
recursiveReadOnly: Disabled
hostIP: 192.168.86.20
hostIPs:
- ip: 192.168.86.20
phase: Running
podIP: 10.42.0.88
podIPs:
- ip: 10.42.0.88
qosClass: BestEffort
startTime: "2025-08-20T15:03:42Z"- DNS provider: cloudflare
- Others:
Client Version: v1.33.1
Kustomize Version: v5.6.0
Server Version: v1.33.3+k3s1helm ls -n external-dns
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
external-dns external-dns 1 2025-08-20 18:03:41.818419 +0300 EEST deployed external-dns-1.18.0 0.18.0 helm -n external-dns get values external-dns
USER-SUPPLIED VALUES:
env:
- name: CF_API_TOKEN
valueFrom:
secretKeyRef:
key: apiKey
name: cloudflare-api-key
provider:
name: cloudflare