Skip to content

DNS entries for NodePort service with externalTrafficPolicy: Cluster includes unready/unschedulable nodes #5669

New issue
New issue
Open
#5707
Open
DNS entries for NodePort service with externalTrafficPolicy: Cluster includes unready/unschedulable nodes#5669
#5707
Assignees
ivankatliarchuk
Labels
kind/bugCategorizes issue or PR as related to a bug.kind/featureCategorizes issue or PR as related to a new feature.
@marvin-roesch

Description

@marvin-roesch
marvin-roesch
opened on Jul 21, 2025

What happened:
When a cluster node goes down—either due to scheduled maintenance or due to an outage—any service of type NodePort with its externalTrafficPolicy set to Cluster will generate a DNS record with IPs from all nodes regardless of their readiness status, i.e. including the one that is down.

What you expected to happen:
Any node that is not (yet) ready should not contribute to the DNS record for such a service. It is likely not ready to receive traffic for various reasons.

How to reproduce it (as minimally and precisely as possible):

  1. Create a NodePort service with external DNS and externalTrafficPolicy: Cluster
  2. Take down any node in the cluster such that it becomes unready
  3. Observe the DNS record for the service still listing that node's IP

Anything else we need to know?:
The relevant piece of code is this, so (optional) filtering should probably be introduced there:

external-dns/source/service.go

Lines 718 to 740 in 663d10c

if svc.Spec.ExternalTrafficPolicy == v1.ServiceExternalTrafficPolicyTypeLocal {
nodes = sc.nodesExternalTrafficPolicyTypeLocal(svc)
} else {
var err error
nodes, err = sc.nodeInformer.Lister().List(labels.Everything())
if err != nil {
return nil, err
}
}
for _, node := range nodes {
for _, address := range node.Status.Addresses {
switch address.Type {
case v1.NodeExternalIP:
externalIPs = append(externalIPs, address.Address)
case v1.NodeInternalIP:
internalIPs = append(internalIPs, address.Address)
if suitableType(address.Address) == endpoint.RecordTypeAAAA {
ipv6IPs = append(ipv6IPs, address.Address)
}
}
}
}

Environment:

  • External-DNS version (use external-dns --version): 0.18.0
  • DNS provider: Route53
  • Others:

Metadata

Metadata

Assignees

Labels

kind/bugCategorizes issue or PR as related to a bug.kind/featureCategorizes issue or PR as related to a new feature.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions