Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prototype of external-dns + coredns based configuration #14

Merged
merged 2 commits into from
Dec 27, 2019
Merged

Prototype of external-dns + coredns based configuration #14

merged 2 commits into from
Dec 27, 2019

Conversation

ytsarev
Copy link
Member

@ytsarev ytsarev commented Dec 23, 2019

Visible limitaitons:

  • coreDNS etcd plugin can support only single authoritative zone
  • Annotation status is global to Ingress, so all host entries affected
    It might imply single host entry per Gslb requirement

Runtime example:

  • External-dns logs
time="2019-12-23T14:50:29Z" level=debug msg="Endpoints generated from ingress: default/example-gslb: [app.cloud.absa.internal 0 IN A 172.17.0.2 [] app1.cloud.absa.external 0 IN A 172.17.0.2 [] app2.cloud.absa.external 0 IN A 172.17.0.2 []
  • Query test
dnstools# dig @gslb-coredns-coredns app1.cloud.absa.external +short
172.17.0.2

dnstools# dig @gslb-coredns-coredns SOA app1.cloud.absa.external +short
ns.dns.absa.external. hostmaster.absa.external. 1577113239 7200 1800 86400 30

So coredns etcd plugin(skyDNS) can serve single authoritative zone

Apart from above mentioned limitations this setup has advantages of
being very dynamic and decoupled from ohmyglb controller implementation.

On ohmyglb side we can control dns record population through annotations
instead of direct writes to coreDNS configmap

@ytsarev
Prototype of external-dns + coredns based configuration
581777f 
* Use external-dns to populate coreDNS conf with etcd backend
  Based on https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/coredns.md
* Use `--annotation-filter` to figure out health status

Visible limitaitons:
* coreDNS etcd plugin can support only single authoritative zone
* Annotation status is global to Ingress, so all `host` entries affected
  It might imply single `host` entry per Gslb requirement

Runtime example:

* External-dns logs
```
time="2019-12-23T14:50:29Z" level=debug msg="Endpoints generated from ingress: default/example-gslb: [app.cloud.absa.internal 0 IN A 172.17.0.2 [] app1.cloud.absa.external 0 IN A 172.17.0.2 [] app2.cloud.absa.external 0 IN A 172.17.0.2 []
```
* Query test
```
dnstools# dig @gslb-coredns-coredns app1.cloud.absa.external +short
172.17.0.2
```
```
dnstools# dig @gslb-coredns-coredns SOA app1.cloud.absa.external +short
ns.dns.absa.external. hostmaster.absa.external. 1577113239 7200 1800 86400 30
```
So coredns etcd plugin(skyDNS) can serve single authoritative zone

Apart from above mentioned limitations this setup has advantages of
being very dynamic and decoupled from ohmyglb controller implementation.

On ohmyglb side we can control dns record population through annotations
instead of direct writes to coreDNS configmap
@ytsarev
Copy link
Member Author

ytsarev commented Dec 23, 2019

Most probably I will redo the external-dns source to be the CRD - https://github.com/kubernetes-sigs/external-dns/blob/master/docs/contributing/crd-source.md . Looks very flexible

@donovanmuller
Copy link
Contributor

donovanmuller commented Dec 24, 2019
edited
Loading

Annotation status is global to Ingress, so all host entries affected
It might imply single host entry per Gslb requirement

A single host entry per Gslb resource IMHO is fine for the initial implementation.

@donovanmuller
Copy link
Contributor

@ytsarev Given #14 (comment), I'll leave this review as is and wait for the refactored PR?

@ytsarev
Copy link
Member Author

ytsarev commented Dec 27, 2019

@donovanmuller yes, exactly, going to amend the PR soon

@ytsarev
Copy link
Member Author

ytsarev commented Dec 27, 2019 

 kubectl describe dnsendpoints.externaldns.k8s.io
Name:         examplednsrecord
Namespace:    default
Labels:       <none>
Annotations:  kubectl.kubernetes.io/last-applied-configuration:
                {"apiVersion":"externaldns.k8s.io/v1alpha1","kind":"DNSEndpoint","metadata":{"annotations":{},"name":"examplednsrecord","namespace":"defau...
API Version:  externaldns.k8s.io/v1alpha1
Kind:         DNSEndpoint
Metadata:
  Creation Timestamp:  2019-12-27T12:58:59Z
  Generation:          2
  Resource Version:    24976
  Self Link:           /apis/externaldns.k8s.io/v1alpha1/namespaces/default/dnsendpoints/examplednsrecord
  UID:                 fa9c716a-4b0a-4232-adae-41d36df84359
Spec:
  Endpoints:
    Dns Name:     foo.absa.external
    Record TTL:   180
    Record Type:  A
    Targets:
      10.1.1.1
Status:
  Observed Generation:  2
Events:                 <none>

dnstools# dig @gslb-coredns-coredns foo.absa.external +short
10.1.1.1

@donovanmuller PR amended, CRD stuff works! Let's merge it in and I will continue on ohmyglb operator control code update

@ytsarev ytsarev merged commit 85e7fb9 into master Dec 27, 2019
@ytsarev ytsarev deleted the external_dns branch December 27, 2019 13:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@donovanmuller donovanmuller donovanmuller approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ytsarev @donovanmuller