Need to resolve this issue:
"level=error msg="records retrieval failed: failed to list hosted zones: NoCredentialProviders: no valid providers in chain. Deprecated.\n\tFor verbose messaging see aws.Config.CredentialsChainVerboseErrors"
Here is my external-dns.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: external-dns
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: external-dns
labels:
app.kubernetes.io/name: external-dns
rules:
- apiGroups: [""]
resources: ["services", "endpoints", "pods", "nodes"]
verbs: ["get","watch","list"]
- apiGroups: ["extensions", "networking.k8s.io"]
resources: ["ingresses"]
verbs: ["get","watch","list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: external-dns-viewer
labels:
app.kubernetes.io/name: external-dns
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: external-dns
subjects:
- kind: ServiceAccount
name: external-dns
namespace: kube-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: external-dns
namespace: kube-system
labels:
app.kubernetes.io/name: external-dns
spec:
selector:
matchLabels:
app.kubernetes.io/name: external-dns
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/name: external-dns
spec:
serviceAccountName: external-dns
securityContext:
fsGroup: 65534
containers:
- name: external-dns
#image: bitnami/external-dns:0.13.1
#image: registry.k8s.io/external-dns/external-dns:v0.13.5
image: registry.opensource.zalan.do/teapot/external-dns:latest
# must specify env AWS_REGION in AWS china regions
env:
- name: AWS_REGION
value: us-east-1
args:
- --source=service
- --source=ingress
- --domain-filter=kubernetes.somedomain.com # will make ExternalDNS see only the hosted zones matching provided domain, omit to process all available hosted zones
- --provider=aws
- --policy=upsert-only # would prevent ExternalDNS from deleting any records, omit to enable full synchronization
- --aws-zone-type=public # only look at public hosted zones (valid values are public, private or no value for both)
- --registry=txt
kubectl describe pod external-dns-7bd76f8798-hd9hz -n kube-system
Name: external-dns-7bd76f8798-hd9hz
Namespace: kube-system
Priority: 0
Service Account: external-dns
Node: i-0f8bxxxxxx/10.x.x.xx
Start Time: Tue, 18 Jul 2023 18:40:20 +0000
Labels: app.kubernetes.io/name=external-dns
pod-template-hash=7bd76f8798
Annotations: cni.projectcalico.org/containerID: fabc6cada0cb1a35a711f80e87a6d8dbaf46d48716a554782c8aedf31cd53c6b
cni.projectcalico.org/podIP: 100.xxx.xxx.xxx/32
cni.projectcalico.org/podIPs: 100.xxx.xxx.xxx/32
Status: Running
IP: 100.101.146.197
IPs:
IP: 100.xxx.xxx.xxx
Controlled By: ReplicaSet/external-dns-7bd76f8798
Containers:
external-dns:
Container ID: containerd://e3ef60cb63ada03272519cab19024e8d10e9d3fd24cd0ab44767b8ffb272d3aa
Image: registry.opensource.zalan.do/teapot/external-dns:latest
Image ID: registry.opensource.zalan.do/teapot/external-dns@sha256:9e315f35e1a33e8e138ef498246c32ec8bf3134719b398d5a7b080c51856dc72
Port: <none>
Host Port: <none>
Args:
--source=service
--source=ingress
--domain-filter=kubernetes.somedomain.com
--provider=aws
--policy=upsert-only
--aws-zone-type=public
--registry=txt
--txt-owner-id=kubernetes.somedomain.com
State: Running
Started: Tue, 18 Jul 2023 18:40:28 +0000
Ready: True
Restart Count: 0
Environment:
AWS_REGION: us-east-1
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-b7n8w (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
kube-api-access-b7n8w:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
