ExternalDNS Patching Example

This document covers a high level patching example for ExternalDNS. Please see Patching AKS Apps for a lower level example with more information.

How We Use ExternalDNS

ExternalDNS synchronizes exposed Kubernetes Services and Ingresses with DNS providers, in our case Azure DNS.

We use ExternalDNS in the dev and preview environments to automatically set up domains for PR-related ad-hoc environments. When an application team raises a PR, an ephemeral environment is spun up and ExternalDNS creates the DNS records needed to reach it, then cleans them up when the PR environment is torn down.

It is therefore only installed on the following AKS clusters:

• SDS dev: ss-dev-00-aks
• CFT preview: cft-preview-00-aks

The DNS zones used for these ad-hoc environments are:

• dev.platform.hmcts.net
• preview.platform.hmcts.net

Patching

Review the ExternalDNS Releases and the Helm chart releases pages to check for breaking changes before updating.

As ExternalDNS is only deployed to dev and preview, you can patch one environment at a time. Patch and test in dev first, then move on to preview.

SDS

Create a PR in sds-flux-config to patch ExternalDNS in SDS: example PR.

CFT

Create a PR in cnp-flux-config to patch ExternalDNS in CFT: example PR.

Post Patching Checks

ExternalDNS is deployed into the admin namespace (the Helm release is named external-dns and the deployment is external-dns-external-dns-chart).

First confirm the Helm release has updated to the new version:

kubectl get hr external-dns -n admin

Check the ExternalDNS pods are running and healthy:

kubectl get pods -n admin -l app.kubernetes.io/name=external-dns-chart

Tail the logs to confirm the sync loop is reconciling without errors:

kubectl logs -n admin deploy/external-dns-external-dns-chart -f

You should see the sync loop running on its interval and reporting that records are up to date (or creating/updating records as needed) with no authentication or permission errors.

Once you are happy that ExternalDNS is working in dev, repeat the patch and the checks for preview.

Related Documentation

• Patching AKS Apps
• ExternalDNS is also referenced in Rebuilding AKS Clusters when cleaning up DNS records.

This page was last reviewed on 3 June 2026. It needs to be reviewed again on 3 June 2027 by the page owner platops-build-notices .

This page was set to be reviewed before 3 June 2027 by the page owner platops-build-notices. This might mean the content is out of date.