Make the DNS view customizable by the user (#83)

Author: no-fy

README.md

@@ -57,6 +57,7 @@ spec:
   disableTLSVerification: true      # disable TLSVerification
   customCAPath: "/some/path/ca.crt" # path to a file which contians list of custom Certificate Authorities that can be used to verify SSL certifcates if 'disableTLSVerification' is set to 'false'. Host's default authorities will be used if not specified.
   defaultNetworkView: "some-view"   # default network view
+  defaultDNSView: "some-dns-view"   # default DNS view
   wapiVersion: "2.12"               # Web API Version of the Infoblox server
 ```
 
@@ -74,6 +75,7 @@ spec:
   instance:
     name: "production"              # name of the InfobloxInstance
   networkView: "datacenter-network" # Infoblox network view that will be used
+  dnsView: "some-dns-view"          # DNS view for this pool (optional)
   subnets:                          # list of the subnets in the network view we want to get IP addresses from
     - cidr: "10.0.0.0/24"           # subnet CIDR
       gateway: "10.0.0.1"           # gateway that should ba assigned to the IP Address claim
@@ -98,7 +100,14 @@ We've currently only implemented one strategy for identifying the hostname of a
 
 Our strategy uses the name of the CAPI `Machine` as the hostname. To determine the Machine name the provider follows the owner chain from the `IPAddressClaim` via the infrastructure provider resources to the `Machine`. This is used by searching through the owner references up to a depth of five.
 
-To enable setting DNS entries, set the `spec.dnsZone` parameter on the `InfobloxIPPool` to your desired zone. The resulting DNS entries will then be `<machine name>.<dnsZone>`. The DNS view will be set to `default.<dnsZone>`.
+To enable setting DNS entries, set the `spec.dnsZone` parameter on the `InfobloxIPPool` to your desired zone. The resulting DNS entries will then be `<machine name>.<dnsZone>`. 
+
+The DNS view is determined in the following priority order:
+1. **Pool.spec.dnsView** - if explicitly set on the pool
+2. **Instance.spec.defaultDNSView** - if not set on pool but set on the instance  
+3. **Derived from networkView** - if neither is set, follows the pattern:
+   - If `networkView` is `"default"` or empty → DNS view is `"default"`
+   - Otherwise → DNS view is `"default.<networkView>"` (e.g., `networkView: "production"` → DNS view `"default.production"`)
 
 ## Running Tests
 

api/v1alpha1/condition_consts.go

@@ -21,6 +21,8 @@ const (
 	AuthenticationFailedReason = "AuthenticationFailed"
 	// NetworkViewNotFoundReason indicates that the specified network view could not be found on the Infoblox instance.
 	NetworkViewNotFoundReason = "NetworkViewNotFound"
+	// DNSViewNotFoundReason indicates that the specified DNS view could not be found on the Infoblox instance.
+	DNSViewNotFoundReason = "DNSViewNotFound"
 	// NetworkNotFoundReason indicates that the specified network could not be found on the Infoblox instance.
 	NetworkNotFoundReason = "NetworkNotFound"
 )

api/v1alpha1/infobloxinstance_types.go

@@ -40,6 +40,10 @@ type InfobloxInstanceSpec struct {
 	// InfobloxIPPools will inherit this value when not explicitly specifying a network view.
 	// +optional
 	DefaultNetworkView string `json:"defaultNetworkView,omitempty"`
+	// DefaultDNSView is the default DNS view used when interacting with Infoblox.
+	// InfobloxIPPools will inherit this value when not explicitly specifying a DNS view.
+	// +optional
+	DefaultDNSView string `json:"defaultDNSView,omitempty"`
 	// DisableTLSVerification if set 'true', certificates for SSL commuunication with Infoblox instance will be not verified
 	DisableTLSVerification bool `json:"disableTLSVerification,omitempty"`
 	// CustomCAPath can be used to point Infoblox client to a file with a list of accepted certificate authorities. Only used if DisableTLSVerification is set to 'false'.

api/v1alpha1/infobloxippool_types.go

@@ -16,6 +16,9 @@ type InfobloxIPPoolSpec struct {
 	// NetworkView defines Infoblox netwok view to be used with pool.
 	// +optional
 	NetworkView string `json:"networkView,omitempty"`
+	// DNSView defines Infoblox DNS view to be used with pool.
+	// +optional
+	DNSView string `json:"dnsView,omitempty"`
 	// DNSZone is the DNS zone within which hostnames will be allocated.
 	// +optional
 	DNSZone string `json:"dnsZone,omitempty"`

config/crd/bases/ipam.cluster.x-k8s.io_infobloxinstances.yaml

@@ -73,6 +73,11 @@ spec:
                   a file with a list of accepted certificate authorities. Only used
                   if DisableTLSVerification is set to 'false'.
                 type: string
+              defaultDNSView:
+                description: |-
+                  DefaultDNSView is the default DNS view used when interacting with Infoblox.
+                  InfobloxIPPools will inherit this value when not explicitly specifying a DNS view.
+                type: string
               defaultNetworkView:
                 description: |-
                   DefaultNetworkView is the default network view used when interacting with Infoblox.

config/crd/bases/ipam.cluster.x-k8s.io_infobloxippools.yaml

@@ -48,6 +48,9 @@ spec:
           spec:
             description: InfobloxIPPoolSpec defines the desired state of InfobloxIPPool.
             properties:
+              dnsView:
+                description: DNSView defines Infoblox DNS view to be used with pool.
+                type: string
               dnsZone:
                 description: DNSZone is the DNS zone within which hostnames will be
                   allocated.

config/samples/infobloxippool.yaml

@@ -10,4 +10,5 @@ spec:
     - cidr: "10.0.0.0/24"
       gateway: "10.0.0.1"
   networkView: "some-view"
+  dnsView: "some-dns-view"
   dnsZone: ""

internal/controllers/infobloxinstance.go

@@ -112,6 +112,7 @@ func (r *InfobloxInstanceReconciler) reconcile(ctx context.Context, instance *v1
 		DisableTLSVerification: instance.Spec.DisableTLSVerification,
 		CustomCAPath:           instance.Spec.CustomCAPath,
 		DefaultNetworkView:     instance.Spec.DefaultNetworkView,
+		DefaultDNSView:         instance.Spec.DefaultDNSView,
 	}
 
 	ibcl, err := r.NewInfobloxClientFunc(infoblox.Config{HostConfig: hc, AuthConfig: authConfig})
@@ -135,6 +136,19 @@ func (r *InfobloxInstanceReconciler) reconcile(ctx context.Context, instance *v1
 		return ctrl.Result{}, nil
 	}
 
+	// Check DNS view if specified
+	if instance.Spec.DefaultDNSView != "" {
+		if ok, err := ibcl.CheckDNSViewExists(instance.Spec.DefaultDNSView); err != nil || !ok {
+			logger.Error(err, "could not find default DNS view", "dnsView", instance.Spec.DefaultDNSView)
+			conditions.MarkFalse(instance,
+				clusterv1.ReadyCondition,
+				v1alpha1.DNSViewNotFoundReason,
+				clusterv1.ConditionSeverityError,
+				"could not find default DNS view: %s", err)
+			return ctrl.Result{}, nil
+		}
+	}
+
 	conditions.MarkTrue(instance,
 		clusterv1.ReadyCondition)
 

internal/controllers/infobloxippool.go

@@ -137,6 +137,8 @@ func (r *InfobloxIPPoolReconciler) reconcile(ctx context.Context, pool *v1alpha1
 		pool.Spec.NetworkView = ibclient.GetHostConfig().DefaultNetworkView
 	}
 
+	dnsView := determineDNSView(pool.Spec.DNSView, ibclient.GetHostConfig().DefaultDNSView, pool.Spec.NetworkView)
+
 	// TODO: handle this in a better way
 	if ok, err := ibclient.CheckNetworkViewExists(pool.Spec.NetworkView); err != nil || !ok {
 		logger.Error(err, "could not find network view", "networkView", pool.Spec.NetworkView)
@@ -148,6 +150,19 @@ func (r *InfobloxIPPoolReconciler) reconcile(ctx context.Context, pool *v1alpha1
 		return nil
 	}
 
+	// Check DNS view if specified
+	if dnsView != "" {
+		if ok, err := ibclient.CheckDNSViewExists(dnsView); err != nil || !ok {
+			logger.Error(err, "could not find DNS view", "dnsView", dnsView)
+			conditions.MarkFalse(pool,
+				clusterv1.ReadyCondition,
+				v1alpha1.DNSViewNotFoundReason,
+				clusterv1.ConditionSeverityError,
+				"could not find DNS view: %s", err)
+			return nil
+		}
+	}
+
 	for _, sub := range pool.Spec.Subnets {
 		subnet, err := netip.ParsePrefix(sub.CIDR)
 		if err != nil {
@@ -169,3 +184,21 @@ func (r *InfobloxIPPoolReconciler) reconcile(ctx context.Context, pool *v1alpha1
 
 	return nil
 }
+
+// determineDNSView determines the DNS view to use based on the priority order:
+// 1. Pool.spec.dnsView (if set)
+// 2. Instance.spec.defaultDnsView (if not set on pool but set on instance)
+// 3. Derived from networkView (if neither is set)
+func determineDNSView(poolDNSView, instanceDefaultDNSView, networkView string) string {
+	if poolDNSView != "" {
+		return poolDNSView
+	}
+	if instanceDefaultDNSView != "" {
+		return instanceDefaultDNSView
+	}
+	// fallback to old behavior: derive DNS view from networkView
+	if networkView == "" || networkView == "default" {
+		return "default"
+	}
+	return "default." + networkView
+}

internal/controllers/ipaddressclaim.go

@@ -178,7 +178,8 @@ func (h *InfobloxClaimHandler) EnsureAddress(ctx context.Context, address *ipamv
 		}
 
 		var ipaddr netip.Addr
-		ipaddr, err = h.ibclient.GetOrAllocateAddress(h.pool.Spec.NetworkView, subnet, hostName, h.pool.Spec.DNSZone, logger)
+		dnsView := determineDNSView(h.pool.Spec.DNSView, h.ibclient.GetHostConfig().DefaultDNSView, h.pool.Spec.NetworkView)
+		ipaddr, err = h.ibclient.GetOrAllocateAddress(h.pool.Spec.NetworkView, dnsView, subnet, hostName, h.pool.Spec.DNSZone, logger)
 		if err != nil {
 			continue
 		}
@@ -233,7 +234,8 @@ func (h *InfobloxClaimHandler) ReleaseAddress(ctx context.Context) (*ctrl.Result
 			continue
 		}
 
-		err = h.ibclient.ReleaseAddress(h.pool.Spec.NetworkView, subnet, hostName, logger)
+		dnsView := determineDNSView(h.pool.Spec.DNSView, h.ibclient.GetHostConfig().DefaultDNSView, h.pool.Spec.NetworkView)
+		err = h.ibclient.ReleaseAddress(h.pool.Spec.NetworkView, dnsView, subnet, hostName, logger)
 		if err != nil {
 			// since ibclient.NotFoundError has a pointer receiver on it's Error() method, we can't use errors.As() here.
 			if _, ok := err.(*ibclient.NotFoundError); !ok {