This section covers the design for how external DNS records are updated.
The following sequence diagram illustrates the approach:
Elements of the DNS update design
DNSendpointCRD
The DNS CRD can be based on the examples here: https://github.com/kubernetes-sigs/external-dns/tree/master/docs/contributing/crd-source
The above can already be used as a DNS source for external-dns. Possible modification is to have external-dns use CRs with matching labels as a source.
DNS Provider Intent API
POST
URL: /v2/project/{project-name}/rb/{rb-name}/{rb-version}/traffic-intent-sets/{traffic-intent-set-name}/dnsproviders POST BODY: { "name": "dnsprovider-intent-name1", // use to label DNSendpointCRDs created "description": "dns provider intent for updating user facing microservice FQDNs to external DNS providers", "dnsProvider": [ { "id": "microservice01", // unique name of the microservice - provides association to other connectivity intents "cluster-selector": "label1, label2, ...", // labels to select which clusters this dns provider is to be used "externalDnsParameters": { // list will be supplied to external-dns as parameters. // for example ... "aws-zone-type": "", When using the AWS provider, filter for zones of this type (optional, options: public, private) "aws-zone-tags": "", When using the AWS provider, filter for zones with these tags "aws-assume-role":"", When using the AWS provider, assume this IAM role. Useful for hosted zones in another AWS account. Specify the full ARN, e.g. `arn:aws:iam::123455567:role/external-dns` (optional) "aws-batch-change-size":"1000", When using the AWS provider, set the maximum number of changes that will be applied in each batch. "aws-batch-change-interval":"1s", When using the AWS provider, set the interval between batch changes. "aws-evaluate-target-health":"enabled", When using the AWS provider, set whether to evaluate the health of a DNS target (default: enabled, disable with --no-aws-evaluate-target-health) "aws-api-retries":"3", When using the AWS provider, set the maximum number of retries for API calls before giving up. "aws-prefer-cname":"disabled" When using the AWS provider, prefer using CNAME instead of ALIAS (default: disabled) etc. } }, ... ] }
Items to resolve:
- How to determine IP address(es) for specific cluster
- How to determine which IP address(es) go with which service
- How to determine which IP address(es) go with which DNS provider (e.g. local, vs public)