eliferjunior/external-dns
.claude/skills/ts-external-dns/SKILL.md
ExternalDNS for automatic DNS record management in Kubernetes. Use when the user needs to synchronize Kubernetes Ingress and Service resources with DNS providers like Route 53, CloudDNS, or Cloudflare automatically.
devops
Updated Apr 16, 2026
$ install --global
skillsauthnpx skillsauth add eliferjunior/Claude external-dnsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 17, 2026, 1:37 AM10.3s1 file scanned
SKILL.md
- name:
- external-dns
- description:
- >-
- license:
- Apache-2.0
- compatibility:
- linux, macos
- author:
- terminal-skills
- version:
- 1.0.0
- category:
- devops
ExternalDNS
ExternalDNS synchronizes Kubernetes Services and Ingresses with DNS providers, automatically creating and updating DNS records.
Installation with Helm
# Install ExternalDNS via Helm
helm repo add external-dns https://kubernetes-sigs.github.io/external-dns/
helm repo update
helm install external-dns external-dns/external-dns \
--namespace external-dns \
--create-namespace \
--values values.yaml
AWS Route 53 Configuration
# values-aws.yaml — Helm values for AWS Route 53 provider
provider:
name: aws
env:
- name: AWS_DEFAULT_REGION
value: us-east-1
extraArgs:
- --source=service
- --source=ingress
- --domain-filter=example.com
- --aws-zone-type=public
- --policy=upsert-only
- --registry=txt
- --txt-owner-id=my-cluster
serviceAccount:
annotations:
eks.amazonaws.com/role-arn: arn:aws:iam::123456789012:role/external-dns
// iam-policy.json — IAM policy for ExternalDNS Route 53 access
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["route53:ChangeResourceRecordSets"],
"Resource": ["arn:aws:route53:::hostedzone/Z1234567890"]
},
{
"Effect": "Allow",
"Action": ["route53:ListHostedZones", "route53:ListResourceRecordSets", "route53:ListTagsForResource"],
"Resource": ["*"]
}
]
}
Google Cloud DNS Configuration
# values-gcp.yaml — Helm values for Google Cloud DNS provider
provider:
name: google
extraArgs:
- --source=service
- --source=ingress
- --domain-filter=example.com
- --google-project=my-gcp-project
- --google-zone-visibility=public
- --policy=sync
- --registry=txt
- --txt-owner-id=my-cluster
Cloudflare Configuration
# values-cloudflare.yaml — Helm values for Cloudflare provider
provider:
name: cloudflare
env:
- name: CF_API_TOKEN
valueFrom:
secretKeyRef:
name: cloudflare-api-token
key: api-token
extraArgs:
- --source=service
- --source=ingress
- --domain-filter=example.com
- --cloudflare-proxied
- --policy=sync
# cloudflare-secret.yaml — Cloudflare API token secret
apiVersion: v1
kind: Secret
metadata:
name: cloudflare-api-token
namespace: external-dns
type: Opaque
stringData:
api-token: "your-cloudflare-api-token"
Service Annotations
# service-lb.yaml — LoadBalancer service with DNS annotations
apiVersion: v1
kind: Service
metadata:
name: web-app
annotations:
external-dns.alpha.kubernetes.io/hostname: app.example.com
external-dns.alpha.kubernetes.io/ttl: "300"
spec:
type: LoadBalancer
selector:
app: web-app
ports:
- port: 80
targetPort: 8080
# service-multi.yaml — Service with multiple DNS hostnames
apiVersion: v1
kind: Service
metadata:
name: api-service
annotations:
external-dns.alpha.kubernetes.io/hostname: "api.example.com,api-v2.example.com"
external-dns.alpha.kubernetes.io/ttl: "60"
external-dns.alpha.kubernetes.io/cloudflare-proxied: "true"
spec:
type: LoadBalancer
selector:
app: api
ports:
- port: 443
targetPort: 8443
Ingress Annotations
# ingress-dns.yaml — Ingress with ExternalDNS auto-registration
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: web-app
annotations:
external-dns.alpha.kubernetes.io/ttl: "120"
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
ingressClassName: nginx
tls:
- hosts:
- app.example.com
secretName: app-tls
rules:
- host: app.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: web-app
port:
number: 80
Istio Gateway Source
# values-istio.yaml — ExternalDNS with Istio Gateway source
extraArgs:
- --source=istio-gateway
- --source=istio-virtualservice
- --domain-filter=example.com
- --policy=sync
Full Deployment Manifest
# external-dns-deploy.yaml — ExternalDNS deployment without Helm
apiVersion: apps/v1
kind: Deployment
metadata:
name: external-dns
namespace: external-dns
spec:
replicas: 1
selector:
matchLabels:
app: external-dns
template:
metadata:
labels:
app: external-dns
spec:
serviceAccountName: external-dns
containers:
- name: external-dns
image: registry.k8s.io/external-dns/external-dns:v0.14.0
args:
- --source=service
- --source=ingress
- --domain-filter=example.com
- --provider=aws
- --policy=sync
- --registry=txt
- --txt-owner-id=my-cluster
- --interval=1m
- --log-level=info
env:
- name: AWS_DEFAULT_REGION
value: us-east-1
Common Commands
# Check ExternalDNS logs
kubectl logs -n external-dns deploy/external-dns -f
# Verify DNS records were created
dig app.example.com
nslookup app.example.com
# Check TXT ownership records
dig TXT app.example.com
# Dry-run mode (add to args)
# --dry-run — logs changes without applying
Related Skills
eliferjunior/fireworks-ai
development
VerifiedTrustedCommunity
Expert guidance for Fireworks AI, the platform for running open-source LLMs (Llama, Mixtral, Qwen, etc.) with enterprise-grade speed and reliability. Helps developers integrate Fireworks' inference API, fine-tune models, and deploy custom model endpoints with function calling and structured output support.
SKILL.mdUpdated Apr 17, 2026
eliferjunior/firecrawl
development
VerifiedTrustedCommunity
Convert any website into clean, structured data with Firecrawl — API-first web scraping service. Use when someone asks to "turn a website into markdown", "scrape website for LLM", "Firecrawl", "extract website content as clean text", "crawl and convert to structured data", or "scrape website for RAG". Covers single-page scraping, full-site crawling, structured extraction, and LLM-ready output.
SKILL.mdUpdated Apr 16, 2026
eliferjunior/firebase
tools
VerifiedTrustedCommunity
Expert guidance for Firebase, Google's platform for building and scaling web and mobile applications. Helps developers set up authentication, Firestore/Realtime Database, Cloud Functions, hosting, storage, and analytics using Firebase's SDK and CLI.
SKILL.mdUpdated Apr 16, 2026
eliferjunior/file-upload-processor
development
VerifiedTrustedCommunity
When the user needs to build file upload functionality for a web application. Use when the user mentions "file upload," "image upload," "upload endpoint," "multipart upload," "presigned URL," "S3 upload," "file validation," "upload to cloud storage," or "accept user files." Handles upload endpoints, file validation (type, size, magic bytes), cloud storage integration, and upload status tracking. For image/video processing after upload, see media-transcoder.
SKILL.mdUpdated Apr 16, 2026