rfc: Cluster Aware DNSRecord Delegation#127
Merged
Conversation
Signed-off-by: Michael Nairn <mnairn@redhat.com>
philbrookes
reviewed
Jul 1, 2025
philbrookes
reviewed
Jul 1, 2025
philbrookes
reviewed
Jul 1, 2025
maleck13
reviewed
Jul 2, 2025
maleck13
reviewed
Jul 2, 2025
maleck13
reviewed
Jul 2, 2025
maleck13
reviewed
Jul 2, 2025
maleck13
reviewed
Jul 2, 2025
maleck13
reviewed
Jul 2, 2025
maleck13
reviewed
Jul 2, 2025
Collaborator
There was a problem hiding this comment.
I think the bones of it is here. I think we should call out in a bit more detail
- how conflicts from a secondary DNSRecord would be handled
- how deletion and clean up is handled
- The minimum perms the primary needs to make this work
- What a CRD provider looks like
I also wondered if it would make things easier to reason about if the DNS Operator/Kuadrant had a flag set from a configmap that would put it into "secondary or primary" mode. You could then have the kuadrant resource accept configuration of
dns:
mode: secondary
that would trigger it to update the configmap mounted into the dns operator. This leaves an open question around providers though
Update to use controller modes instead of the policy spec. Signed-off-by: Michael Nairn <mnairn@redhat.com>
Add more detail about the CRD Provider implementation. Signed-off-by: Michael Nairn <mnairn@redhat.com>
mikenairn
commented
Jul 8, 2025
maleck13
reviewed
Jul 9, 2025
Collaborator
There was a problem hiding this comment.
This is really good. I think we can implement based on this. Only thing I really call out here is that health checks would still be the domain of each individual controller and not be delegated to the primary. One other thought is on the Core DNS plugin. Is there any work required for that or will it remain the same?
Add default provider secret concept Update primary/remote example diagram Update some reference level details, needs more still Rename crd provider to dnsrecord Signed-off-by: Michael Nairn <mnairn@redhat.com>
maleck13
reviewed
Jul 10, 2025
maleck13
reviewed
Jul 10, 2025
maleck13
reviewed
Jul 10, 2025
mikenairn
changed the title
Update diagrams crd -> dnsrecord provider Update name requirements of authoritative zone record Update default secret error requirement Update role requirements of cluster aware controller for primary/remote comms. Signed-off-by: Michael Nairn <mnairn@redhat.com>
Rename rfc to cluster_aware_dnsrecord_delegation Signed-off-by: Michael Nairn <mnairn@redhat.com>
* Add Namespace requirements for multi cluster * Update CoreDNS provider changes * Updated default provider secret changes Signed-off-by: Michael Nairn <mnairn@redhat.com>
* Update label requirements. Signed-off-by: Michael Nairn <mnairn@redhat.com>
* Add details of loading dns operator options form a configMap. Signed-off-by: Michael Nairn <mnairn@redhat.com>
Signed-off-by: Michael Nairn <mnairn@redhat.com>
maleck13
approved these changes
Jul 15, 2025
Collaborator
maleck13
left a comment
maleck13
left a comment
There was a problem hiding this comment.
This is in line with what was discussed 👍
Signed-off-by: Michael Nairn <mnairn@redhat.com>
Signed-off-by: Michael Nairn <mnairn@redhat.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Proposal to add functionality to delegate the processing of a DNSRecord to a designated cluster or clusters in a multi cluster environment.
The concepts being proposed can be applied to any of our currently supported DNS providers, but will be a requirement for the multi cluster CoreDNS solution.