Skip to content

Commit 4a5da13

Browse files
openshift-merge-bot[bot]openshift-merge-bot[bot]
authored
Merge pull request #2404 from sadasu/azure-custom-dns
CORS-4155: Add Feature gate and update Infrastructure CR for Azure Cluster Hosted DNS
2 parents 4c1f9af + ba094a0 commit 4a5da13

File tree

33 files changed

+6835
-5
lines changed

33 files changed

+6835
-5
lines changed

config/v1/tests/infrastructures.config.openshift.io/AzureClusterHostedDNSInstall.yaml

Lines changed: 247 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,247 @@
1+
apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this
2+
name: "Infrastructure"
3+
crdName: infrastructures.config.openshift.io
4+
featureGates:
5+
- AzureClusterHostedDNSInstall
6+
tests:
7+
onCreate:
8+
- name: Should be able to create a minimal Infrastructure
9+
initial: |
10+
apiVersion: config.openshift.io/v1
11+
kind: Infrastructure
12+
spec: {} # No spec is required for a Infrastructure
13+
expected: |
14+
apiVersion: config.openshift.io/v1
15+
kind: Infrastructure
16+
spec: {}
17+
onUpdate:
18+
- name: dnsType should default to `PlatformDefault` when not specified
19+
initial: |
20+
apiVersion: config.openshift.io/v1
21+
kind: Infrastructure
22+
spec:
23+
platformSpec:
24+
azure: {}
25+
type: Azure
26+
status:
27+
controlPlaneTopology: HighlyAvailable
28+
infrastructureTopology: HighlyAvailable
29+
platform: Azure
30+
platformStatus:
31+
azure: {}
32+
type: Azure
33+
updated: |
34+
apiVersion: config.openshift.io/v1
35+
kind: Infrastructure
36+
spec:
37+
platformSpec:
38+
type: Azure
39+
azure: {}
40+
status:
41+
controlPlaneTopology: HighlyAvailable
42+
infrastructureTopology: HighlyAvailable
43+
platform: Azure
44+
platformStatus:
45+
azure: {}
46+
type: Azure
47+
expected: |
48+
apiVersion: config.openshift.io/v1
49+
kind: Infrastructure
50+
spec:
51+
platformSpec:
52+
type: Azure
53+
azure: {}
54+
status:
55+
controlPlaneTopology: HighlyAvailable
56+
cpuPartitioning: None
57+
infrastructureTopology: HighlyAvailable
58+
platform: Azure
59+
platformStatus:
60+
azure:
61+
cloudLoadBalancerConfig:
62+
dnsType: PlatformDefault
63+
type: Azure
64+
- name: should be able to set dnsType to non-default value of `ClusterHosted`
65+
initial: |
66+
apiVersion: config.openshift.io/v1
67+
kind: Infrastructure
68+
spec:
69+
platformSpec:
70+
azure: {}
71+
type: Azure
72+
updated: |
73+
apiVersion: config.openshift.io/v1
74+
kind: Infrastructure
75+
spec:
76+
platformSpec:
77+
type: Azure
78+
azure: {}
79+
status:
80+
controlPlaneTopology: HighlyAvailable
81+
infrastructureTopology: HighlyAvailable
82+
platform: Azure
83+
platformStatus:
84+
azure:
85+
cloudLoadBalancerConfig:
86+
dnsType: ClusterHosted
87+
type: Azure
88+
expected: |
89+
apiVersion: config.openshift.io/v1
90+
kind: Infrastructure
91+
spec:
92+
platformSpec:
93+
type: Azure
94+
azure: {}
95+
status:
96+
controlPlaneTopology: HighlyAvailable
97+
cpuPartitioning: None
98+
infrastructureTopology: HighlyAvailable
99+
platform: Azure
100+
platformStatus:
101+
azure:
102+
cloudLoadBalancerConfig:
103+
dnsType: ClusterHosted
104+
type: Azure
105+
- name: Should not allow changing the immutable dnsType field
106+
initial: |
107+
apiVersion: config.openshift.io/v1
108+
kind: Infrastructure
109+
spec:
110+
platformSpec:
111+
azure: {}
112+
type: Azure
113+
status:
114+
controlPlaneTopology: HighlyAvailable
115+
infrastructureTopology: HighlyAvailable
116+
platform: Azure
117+
platformStatus:
118+
azure:
119+
cloudLoadBalancerConfig:
120+
dnsType: ClusterHosted
121+
clusterHosted:
122+
apiIntLoadBalancerIPs:
123+
- 10.10.10.20
124+
type: Azure
125+
updated: |
126+
apiVersion: config.openshift.io/v1
127+
kind: Infrastructure
128+
spec:
129+
platformSpec:
130+
type: Azure
131+
azure: {}
132+
status:
133+
controlPlaneTopology: HighlyAvailable
134+
infrastructureTopology: HighlyAvailable
135+
platform: Azure
136+
platformStatus:
137+
azure:
138+
cloudLoadBalancerConfig:
139+
dnsType: PlatformDefault
140+
type: Azure
141+
expectedStatusError: "status.platformStatus.azure.cloudLoadBalancerConfig.dnsType: Invalid value: \"string\": dnsType is immutable"
142+
- name: Should not accept non-IP address values for Load Balancer IPs
143+
initial: |
144+
apiVersion: config.openshift.io/v1
145+
kind: Infrastructure
146+
spec:
147+
platformSpec:
148+
azure: {}
149+
type: Azure
150+
status:
151+
controlPlaneTopology: HighlyAvailable
152+
infrastructureTopology: HighlyAvailable
153+
platform: Azure
154+
platformStatus:
155+
azure:
156+
cloudLoadBalancerConfig:
157+
dnsType: ClusterHosted
158+
clusterHosted:
159+
apiIntLoadBalancerIPs:
160+
- 10.10.10.20
161+
type: Azure
162+
updated: |
163+
apiVersion: config.openshift.io/v1
164+
kind: Infrastructure
165+
spec:
166+
platformSpec:
167+
type: Azure
168+
azure: {}
169+
status:
170+
controlPlaneTopology: HighlyAvailable
171+
infrastructureTopology: HighlyAvailable
172+
platform: Azure
173+
platformStatus:
174+
azure:
175+
cloudLoadBalancerConfig:
176+
dnsType: ClusterHosted
177+
clusterHosted:
178+
apiIntLoadBalancerIPs:
179+
- 10.10.10.20
180+
- not-an-ip-address
181+
type: Azure
182+
expectedStatusError: "status.platformStatus.azure.cloudLoadBalancerConfig.clusterHosted.apiIntLoadBalancerIPs[1]: Invalid value: \"string\": value must be a valid IP address"
183+
- name: Should not accept update when `clusterHosted` is specified with DNSType `PlatformDefault`
184+
initial: |
185+
apiVersion: config.openshift.io/v1
186+
kind: Infrastructure
187+
spec:
188+
platformSpec:
189+
azure: {}
190+
type: Azure
191+
status:
192+
controlPlaneTopology: HighlyAvailable
193+
infrastructureTopology: HighlyAvailable
194+
platform: Azure
195+
platformStatus:
196+
azure: {}
197+
type: Azure
198+
updated: |
199+
apiVersion: config.openshift.io/v1
200+
kind: Infrastructure
201+
spec:
202+
platformSpec:
203+
type: Azure
204+
azure: {}
205+
status:
206+
controlPlaneTopology: HighlyAvailable
207+
infrastructureTopology: HighlyAvailable
208+
platform: Azure
209+
platformStatus:
210+
azure:
211+
cloudLoadBalancerConfig:
212+
dnsType: PlatformDefault
213+
clusterHosted:
214+
apiIntLoadBalancerIPs:
215+
- 10.10.10.20
216+
type: Azure
217+
expectedStatusError: "status.platformStatus.azure.cloudLoadBalancerConfig: Invalid value: \"object\": clusterHosted is permitted only when dnsType is ClusterHosted"
218+
- name: Should not accept duplicate IP addresses for any of the Load Balancer IPs
219+
initial: |
220+
apiVersion: config.openshift.io/v1
221+
kind: Infrastructure
222+
spec:
223+
platformSpec:
224+
azure: {}
225+
type: Azure
226+
updated: |
227+
apiVersion: config.openshift.io/v1
228+
kind: Infrastructure
229+
spec:
230+
platformSpec:
231+
type: Azure
232+
azure: {}
233+
status:
234+
controlPlaneTopology: HighlyAvailable
235+
infrastructureTopology: HighlyAvailable
236+
platform: Azure
237+
platformStatus:
238+
azure:
239+
cloudLoadBalancerConfig:
240+
dnsType: ClusterHosted
241+
clusterHosted:
242+
apiIntLoadBalancerIPs:
243+
- 10.10.10.20
244+
- 10.10.20.20
245+
- 10.10.10.20
246+
type: Azure
247+
expectedStatusError: "status.platformStatus.azure.cloudLoadBalancerConfig.clusterHosted.apiIntLoadBalancerIPs[2]: Duplicate value: \"10.10.10.20\""

config/v1/types_infrastructure.go

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -594,6 +594,19 @@ type AzurePlatformStatus struct {
594594
// +listType=atomic
595595
// +optional
596596
ResourceTags []AzureResourceTag `json:"resourceTags,omitempty"`
597+
598+
// cloudLoadBalancerConfig holds configuration related to DNS and cloud
599+
// load balancers. It allows configuration of in-cluster DNS as an alternative
600+
// to the platform default DNS implementation.
601+
// When using the ClusterHosted DNS type, Load Balancer IP addresses
602+
// must be provided for the API and internal API load balancers as well as the
603+
// ingress load balancer.
604+
//
605+
// +default={"dnsType": "PlatformDefault"}
606+
// +kubebuilder:default={"dnsType": "PlatformDefault"}
607+
// +openshift:enable:FeatureGate=AzureClusterHostedDNSInstall
608+
// +optional
609+
CloudLoadBalancerConfig *CloudLoadBalancerConfig `json:"cloudLoadBalancerConfig,omitempty"`
597610
}
598611

599612
// AzureResourceTag is a tag to apply to Azure resources created for the cluster.

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml

Lines changed: 103 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1440,6 +1440,109 @@ spec:
14401440
description: armEndpoint specifies a URL to use for resource
14411441
management in non-soverign clouds such as Azure Stack.
14421442
type: string
1443+
cloudLoadBalancerConfig:
1444+
default:
1445+
dnsType: PlatformDefault
1446+
description: |-
1447+
cloudLoadBalancerConfig holds configuration related to DNS and cloud
1448+
load balancers. It allows configuration of in-cluster DNS as an alternative
1449+
to the platform default DNS implementation.
1450+
When using the ClusterHosted DNS type, Load Balancer IP addresses
1451+
must be provided for the API and internal API load balancers as well as the
1452+
ingress load balancer.
1453+
properties:
1454+
clusterHosted:
1455+
description: |-
1456+
clusterHosted holds the IP addresses of API, API-Int and Ingress Load
1457+
Balancers on Cloud Platforms. The DNS solution hosted within the cluster
1458+
use these IP addresses to provide resolution for API, API-Int and Ingress
1459+
services.
1460+
properties:
1461+
apiIntLoadBalancerIPs:
1462+
description: |-
1463+
apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service.
1464+
These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses.
1465+
Entries in the apiIntLoadBalancerIPs must be unique.
1466+
A maximum of 16 IP addresses are permitted.
1467+
format: ip
1468+
items:
1469+
description: IP is an IP address (for example, "10.0.0.0"
1470+
or "fd00::").
1471+
maxLength: 39
1472+
minLength: 1
1473+
type: string
1474+
x-kubernetes-validations:
1475+
- message: value must be a valid IP address
1476+
rule: isIP(self)
1477+
maxItems: 16
1478+
type: array
1479+
x-kubernetes-list-type: set
1480+
apiLoadBalancerIPs:
1481+
description: |-
1482+
apiLoadBalancerIPs holds Load Balancer IPs for the API service.
1483+
These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses.
1484+
Could be empty for private clusters.
1485+
Entries in the apiLoadBalancerIPs must be unique.
1486+
A maximum of 16 IP addresses are permitted.
1487+
format: ip
1488+
items:
1489+
description: IP is an IP address (for example, "10.0.0.0"
1490+
or "fd00::").
1491+
maxLength: 39
1492+
minLength: 1
1493+
type: string
1494+
x-kubernetes-validations:
1495+
- message: value must be a valid IP address
1496+
rule: isIP(self)
1497+
maxItems: 16
1498+
type: array
1499+
x-kubernetes-list-type: set
1500+
ingressLoadBalancerIPs:
1501+
description: |-
1502+
ingressLoadBalancerIPs holds IPs for Ingress Load Balancers.
1503+
These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses.
1504+
Entries in the ingressLoadBalancerIPs must be unique.
1505+
A maximum of 16 IP addresses are permitted.
1506+
format: ip
1507+
items:
1508+
description: IP is an IP address (for example, "10.0.0.0"
1509+
or "fd00::").
1510+
maxLength: 39
1511+
minLength: 1
1512+
type: string
1513+
x-kubernetes-validations:
1514+
- message: value must be a valid IP address
1515+
rule: isIP(self)
1516+
maxItems: 16
1517+
type: array
1518+
x-kubernetes-list-type: set
1519+
type: object
1520+
dnsType:
1521+
default: PlatformDefault
1522+
description: |-
1523+
dnsType indicates the type of DNS solution in use within the cluster. Its default value of
1524+
`PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform.
1525+
It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode,
1526+
the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed.
1527+
The cluster's use of the cloud's Load Balancers is unaffected by this setting.
1528+
The value is immutable after it has been set at install time.
1529+
Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS.
1530+
Enabling this functionality allows the user to start their own DNS solution outside the cluster after
1531+
installation is complete. The customer would be responsible for configuring this custom DNS solution,
1532+
and it can be run in addition to the in-cluster DNS solution.
1533+
enum:
1534+
- ClusterHosted
1535+
- PlatformDefault
1536+
type: string
1537+
x-kubernetes-validations:
1538+
- message: dnsType is immutable
1539+
rule: oldSelf == '' || self == oldSelf
1540+
type: object
1541+
x-kubernetes-validations:
1542+
- message: clusterHosted is permitted only when dnsType is
1543+
ClusterHosted
1544+
rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted''
1545+
? !has(self.clusterHosted) : true'
14431546
cloudName:
14441547
description: |-
14451548
cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK

0 commit comments

Comments
 (0)