Skip to content

Trouble setting up k8gb proof of concept #2381

Description

@cargotrucker

No external targets found when deploying GSLB

Hi,

I'm trying to build a K8GB proof of concept and have run into an issue where no A records are being created for my application hostname.

Environment

  • 2 Kubernetes clusters (dcr1 and dcr2)
  • K8GB v0.19.0
  • Infoblox as edge DNS
  • CoreDNS exposed through LoadBalancer services
  • DNS delegation from Infoblox to the K8GB CoreDNS instances is working
  • Connectivity between clusters on UDP/53 has been verified

Setup

Each cluster has a shared ingress controller configured with wildcard certificates:

  • *.apps.dc1.mycorp.com
  • *.apps.dc2.mycorp.com

My goal is to expose an application through K8GB using:

  • podinfo.gl.k8gb.mycorp.com

The application is reachable through the ingress, but K8GB never creates any A records in CoreDNS.

Observed behavior

A DNSEndpoint resource is created, but both A records remain empty:

spec:
  endpoints:
  - dnsName: localtargets-podinfo.gl.k8gb.mycorp.com
    recordTTL: 30
    recordType: A

  - dnsName: podinfo.gl.k8gb.mycorp.com
    labels:
      strategy: failover
    recordTTL: 30
    recordType: A

The K8GB controller logs consistently show:

No external targets have been found for host host=podinfo.gl.k8gb.mycorp.com

Full relevant log excerpt:

2026-06-10T16:16:14Z INF Reconciling {"Gslb":"k8gb/podinfo"}
2026-06-10T16:16:14Z DBG Resolved strategy gslb=podinfo namespace=k8gb strategy=failover
2026-06-10T16:16:14Z INF Found Ingress Name=podinfo
2026-06-10T16:16:14Z DBG Resolved LoadBalancer and Server configuration referenced by Ingress gslb=podinfo
2026-06-10T16:16:14Z INF Adding external Gslb targets from cluster cluster=gslb-ns-dcr2-gl.k8gb.mycorp.com
2026-06-10T16:16:14Z INF Resolved glue A record for NS edgeDNSServers=10.56.76.200:53,10.56.76.192:53,10.56.140.190:53 glueARecord=[{"A":"10.56.140.190"}] nameserver=gslb-ns-dcr2-gl.k8gb.mycorp.com
2026-06-10T16:16:14Z INF No external targets have been found for host host=podinfo.gl.k8gb.mycorp.com

GSLB resource

apiVersion: k8gb.io/v1beta1
kind: Gslb
metadata:
  name: podinfo
  namespace: k8gb
spec:
  ingress: {}
  resourceRef:
    apiVersion: networking.k8s.io/v1
    kind: Ingress
    matchLabels:
      app: podinfo
  serviceHealthPolicy: Any
  strategy:
    dnsTtlSeconds: 30
    type: failover

status:
  hosts: podinfo.gl.k8gb.mycorp.com
  serviceHealth:
    podinfo.gl.k8gb.mycorp.com: Healthy

CoreDNS configuration

gl.k8gb.mycorp.com:5353 {
    import k8gbplugins
}

K8GB values

The following K8GB values are configured on the cluster:

dnsZones:
  - parentZone: "k8gb.mycorp.com"
    loadBalancedZone: "gl.k8gb.mycorp.com"
    dnsZoneNegTTL: 30
    extraPlugins: []
    extraServerBlocks: ""
    geoDataFilePath: ""
    geoDataField: ""

edgeDNSServers:
  - "10.56.76.200" # Infoblox
  - "10.56.76.192" # CoreDNS dcr1
  - "10.56.140.190" # CoreDNS dcr2

clusterGeoTag: "dcr1"
extGslbClustersGeoTags: "dcr1,dcr2"

Question

Could the shared ingress-controller setup be preventing K8GB from discovering external targets?

My expectation is that K8GB would resolve the ingress controller's external IP(s) and create A records for:

podinfo.gl.k8gb.mycorp.com

However, the controller reports that no external targets can be found.

Has anyone successfully deployed K8GB with a shared ingress controller and wildcard certificates, or is there something obvious I'm missing in my configuration?

Any pointers would be appreciated.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    Status
    To do

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions