Bonus points for rfc 2136, works easily with [external-dns](https://github.com/kubernetes-sigs/external-dns). I've been using k8s+external-dns on-prem with a selfhosted minimal BIND server on a public host for years now.
Back again, "works easily" was a bit of an understatement :D at least when securiting the zones with TSIG sha256 and moving keys around in a secure maner (I had previously used md5 because of compability with fortigate) there is full support now to the extent that I can test with rfc 2136, there is a guide and docs available at https://dynip.dev/docs#integration-external-dns and https://dynip.dev/guides/external-dns and a complete snippet generator. Read the notes as there are a few considerations on policy and depending on mode.
Please have a go if you can and report back if you feel like it
Thanks — external-dns + RFC 2136 is a great call. Honestly that's a
guide we should write; we already have one for fleet operations and the
k8s pattern is the natural extension.
Please have a go if you can and report back if you feel like it
Thanks!