How to Adapt External-DNS for Huawei Cloud: A Step‑by‑Step Guide

Huawei's Open‑Source Developer Program offers exclusive incentive resources to encourage developers to contribute to open‑source projects, especially for the "Open‑source for Huawei" initiative.

Participating in Open‑Source Projects

External‑DNS is a Kubernetes community project that synchronizes Kubernetes resources such as Services and Ingresses with external DNS providers, simplifying domain management for cloud applications.

Understanding and Analyzing the Project

After selecting a project, download its source code (e.g., from GitHub) and study the README. The "Getting Started" or "Example" sections help you quickly grasp basic usage, while the "Contributing" section explains how to adapt the project and submit code.

Development Process

Fork the External‑DNS repository, clone it locally, and add Huawei Cloud DNS's Go SDK as a dependency. Implement the Providers interface—specifically the Records and ApplyChanges methods—using the SDK to enable automatic A‑Record updates in CI/CD pipelines.

Secure Authentication

Instead of using permanent or temporary AK/SK credentials, adopt Workload Identity. Create an OIDC identity provider in Huawei Cloud IAM, establish trust with the CCE cluster’s Service Account token, and allow pods to obtain short‑lived credentials without exposing secret keys.

Deploying via Webhook

External‑DNS introduces a webhook provider model: each DNS provider runs as a sidecar container exposing an HTTP API, while the webhook component communicates via localhost, eliminating the need to embed provider code in the main repository and improving maintainability.

Submitting Contributions

After thorough testing, submit your changes as a Pull Request following the project's Contributing guide. Include a README that links to your repository, and be prepared to sign the EasyCLA (Contributor License Agreement) if required.