Skip to content

CORS-4155: Add Feature gate and update Infrastructure CR for Azure Cluster Hosted DNS #2404

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Jul 30, 2025
Merged

CORS-4155: Add Feature gate and update Infrastructure CR for Azure Cluster Hosted DNS #2404

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
586b3d1
Add AzureClusterHostedDNSInstall feature gate
sadasu Jul 25, 2025
5acefda
Add CloudLoadBalancerConfig to Azure Platform Status
sadasu Jul 25, 2025
ba094a0
Fix comment within test files
sadasu Jul 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
247 changes: 247 additions & 0 deletions config/v1/tests/infrastructures.config.openshift.io/AzureClusterHostedDNSInstall.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,247 @@
apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this
name: "Infrastructure"
crdName: infrastructures.config.openshift.io
featureGates:
- AzureClusterHostedDNSInstall
tests:
onCreate:
- name: Should be able to create a minimal Infrastructure
initial: |
apiVersion: config.openshift.io/v1
kind: Infrastructure
spec: {} # No spec is required for a Infrastructure
expected: |
apiVersion: config.openshift.io/v1
kind: Infrastructure
spec: {}
onUpdate:
- name: dnsType should default to `PlatformDefault` when not specified
initial: |
apiVersion: config.openshift.io/v1
kind: Infrastructure
spec:
platformSpec:
azure: {}
type: Azure
status:
controlPlaneTopology: HighlyAvailable
infrastructureTopology: HighlyAvailable
platform: Azure
platformStatus:
azure: {}
type: Azure
updated: |
apiVersion: config.openshift.io/v1
kind: Infrastructure
spec:
platformSpec:
type: Azure
azure: {}
status:
controlPlaneTopology: HighlyAvailable
infrastructureTopology: HighlyAvailable
platform: Azure
platformStatus:
azure: {}
type: Azure
expected: |
apiVersion: config.openshift.io/v1
kind: Infrastructure
spec:
platformSpec:
type: Azure
azure: {}
status:
controlPlaneTopology: HighlyAvailable
cpuPartitioning: None
infrastructureTopology: HighlyAvailable
platform: Azure
platformStatus:
azure:
cloudLoadBalancerConfig:
dnsType: PlatformDefault
type: Azure
- name: should be able to set dnsType to non-default value of `ClusterHosted`
initial: |
apiVersion: config.openshift.io/v1
kind: Infrastructure
spec:
platformSpec:
azure: {}
type: Azure
updated: |
apiVersion: config.openshift.io/v1
kind: Infrastructure
spec:
platformSpec:
type: Azure
azure: {}
status:
controlPlaneTopology: HighlyAvailable
infrastructureTopology: HighlyAvailable
platform: Azure
platformStatus:
azure:
cloudLoadBalancerConfig:
dnsType: ClusterHosted
type: Azure
expected: |
apiVersion: config.openshift.io/v1
kind: Infrastructure
spec:
platformSpec:
type: Azure
azure: {}
status:
controlPlaneTopology: HighlyAvailable
cpuPartitioning: None
infrastructureTopology: HighlyAvailable
platform: Azure
platformStatus:
azure:
cloudLoadBalancerConfig:
dnsType: ClusterHosted
type: Azure
- name: Should not allow changing the immutable dnsType field
initial: |
apiVersion: config.openshift.io/v1
kind: Infrastructure
spec:
platformSpec:
azure: {}
type: Azure
status:
controlPlaneTopology: HighlyAvailable
infrastructureTopology: HighlyAvailable
platform: Azure
platformStatus:
azure:
cloudLoadBalancerConfig:
dnsType: ClusterHosted
clusterHosted:
apiIntLoadBalancerIPs:
- 10.10.10.20
type: Azure
updated: |
apiVersion: config.openshift.io/v1
kind: Infrastructure
spec:
platformSpec:
type: Azure
azure: {}
status:
controlPlaneTopology: HighlyAvailable
infrastructureTopology: HighlyAvailable
platform: Azure
platformStatus:
azure:
cloudLoadBalancerConfig:
dnsType: PlatformDefault
type: Azure
expectedStatusError: "status.platformStatus.azure.cloudLoadBalancerConfig.dnsType: Invalid value: \"string\": dnsType is immutable"
- name: Should not accept non-IP address values for Load Balancer IPs
initial: |
apiVersion: config.openshift.io/v1
kind: Infrastructure
spec:
platformSpec:
azure: {}
type: Azure
status:
controlPlaneTopology: HighlyAvailable
infrastructureTopology: HighlyAvailable
platform: Azure
platformStatus:
azure:
cloudLoadBalancerConfig:
dnsType: ClusterHosted
clusterHosted:
apiIntLoadBalancerIPs:
- 10.10.10.20
type: Azure
updated: |
apiVersion: config.openshift.io/v1
kind: Infrastructure
spec:
platformSpec:
type: Azure
azure: {}
status:
controlPlaneTopology: HighlyAvailable
infrastructureTopology: HighlyAvailable
platform: Azure
platformStatus:
azure:
cloudLoadBalancerConfig:
dnsType: ClusterHosted
clusterHosted:
apiIntLoadBalancerIPs:
- 10.10.10.20
- not-an-ip-address
type: Azure
expectedStatusError: "status.platformStatus.azure.cloudLoadBalancerConfig.clusterHosted.apiIntLoadBalancerIPs[1]: Invalid value: \"string\": value must be a valid IP address"
- name: Should not accept update when `clusterHosted` is specified with DNSType `PlatformDefault`
initial: |
apiVersion: config.openshift.io/v1
kind: Infrastructure
spec:
platformSpec:
azure: {}
type: Azure
status:
controlPlaneTopology: HighlyAvailable
infrastructureTopology: HighlyAvailable
platform: Azure
platformStatus:
azure: {}
type: Azure
updated: |
apiVersion: config.openshift.io/v1
kind: Infrastructure
spec:
platformSpec:
type: Azure
azure: {}
status:
controlPlaneTopology: HighlyAvailable
infrastructureTopology: HighlyAvailable
platform: Azure
platformStatus:
azure:
cloudLoadBalancerConfig:
dnsType: PlatformDefault
clusterHosted:
apiIntLoadBalancerIPs:
- 10.10.10.20
type: Azure
expectedStatusError: "status.platformStatus.azure.cloudLoadBalancerConfig: Invalid value: \"object\": clusterHosted is permitted only when dnsType is ClusterHosted"
- name: Should not accept duplicate IP addresses for any of the Load Balancer IPs
initial: |
apiVersion: config.openshift.io/v1
kind: Infrastructure
spec:
platformSpec:
azure: {}
type: Azure
updated: |
apiVersion: config.openshift.io/v1
kind: Infrastructure
spec:
platformSpec:
type: Azure
azure: {}
status:
controlPlaneTopology: HighlyAvailable
infrastructureTopology: HighlyAvailable
platform: Azure
platformStatus:
azure:
cloudLoadBalancerConfig:
dnsType: ClusterHosted
clusterHosted:
apiIntLoadBalancerIPs:
- 10.10.10.20
- 10.10.20.20
- 10.10.10.20
type: Azure
expectedStatusError: "status.platformStatus.azure.cloudLoadBalancerConfig.clusterHosted.apiIntLoadBalancerIPs[2]: Duplicate value: \"10.10.10.20\""
13 changes: 13 additions & 0 deletions config/v1/types_infrastructure.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -594,6 +594,19 @@ type AzurePlatformStatus struct {
// +listType=atomic
// +optional
ResourceTags []AzureResourceTag `json:"resourceTags,omitempty"`

// cloudLoadBalancerConfig holds configuration related to DNS and cloud
// load balancers. It allows configuration of in-cluster DNS as an alternative
// to the platform default DNS implementation.
// When using the ClusterHosted DNS type, Load Balancer IP addresses
// must be provided for the API and internal API load balancers as well as the
// ingress load balancer.
//
// +default={"dnsType": "PlatformDefault"}
// +kubebuilder:default={"dnsType": "PlatformDefault"}
// +openshift:enable:FeatureGate=AzureClusterHostedDNSInstall
// +optional
CloudLoadBalancerConfig *CloudLoadBalancerConfig `json:"cloudLoadBalancerConfig,omitempty"`
}

// AzureResourceTag is a tag to apply to Azure resources created for the cluster.
Expand Down
103 changes: 103 additions & 0 deletions ...nerated.crd-manifests/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1440,6 +1440,109 @@ spec:
description: armEndpoint specifies a URL to use for resource
management in non-soverign clouds such as Azure Stack.
type: string
cloudLoadBalancerConfig:
default:
dnsType: PlatformDefault
description: |-
cloudLoadBalancerConfig holds configuration related to DNS and cloud
load balancers. It allows configuration of in-cluster DNS as an alternative
to the platform default DNS implementation.
When using the ClusterHosted DNS type, Load Balancer IP addresses
must be provided for the API and internal API load balancers as well as the
ingress load balancer.
properties:
clusterHosted:
description: |-
clusterHosted holds the IP addresses of API, API-Int and Ingress Load
Balancers on Cloud Platforms. The DNS solution hosted within the cluster
use these IP addresses to provide resolution for API, API-Int and Ingress
services.
properties:
apiIntLoadBalancerIPs:
description: |-
apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service.
These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses.
Entries in the apiIntLoadBalancerIPs must be unique.
A maximum of 16 IP addresses are permitted.
format: ip
items:
description: IP is an IP address (for example, "10.0.0.0"
or "fd00::").
maxLength: 39
minLength: 1
type: string
x-kubernetes-validations:
- message: value must be a valid IP address
rule: isIP(self)
maxItems: 16
type: array
x-kubernetes-list-type: set
apiLoadBalancerIPs:
description: |-
apiLoadBalancerIPs holds Load Balancer IPs for the API service.
These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses.
Could be empty for private clusters.
Entries in the apiLoadBalancerIPs must be unique.
A maximum of 16 IP addresses are permitted.
format: ip
items:
description: IP is an IP address (for example, "10.0.0.0"
or "fd00::").
maxLength: 39
minLength: 1
type: string
x-kubernetes-validations:
- message: value must be a valid IP address
rule: isIP(self)
maxItems: 16
type: array
x-kubernetes-list-type: set
ingressLoadBalancerIPs:
description: |-
ingressLoadBalancerIPs holds IPs for Ingress Load Balancers.
These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses.
Entries in the ingressLoadBalancerIPs must be unique.
A maximum of 16 IP addresses are permitted.
format: ip
items:
description: IP is an IP address (for example, "10.0.0.0"
or "fd00::").
maxLength: 39
minLength: 1
type: string
x-kubernetes-validations:
- message: value must be a valid IP address
rule: isIP(self)
maxItems: 16
type: array
x-kubernetes-list-type: set
type: object
dnsType:
default: PlatformDefault
description: |-
dnsType indicates the type of DNS solution in use within the cluster. Its default value of
`PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform.
It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode,
the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed.
The cluster's use of the cloud's Load Balancers is unaffected by this setting.
The value is immutable after it has been set at install time.
Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS.
Enabling this functionality allows the user to start their own DNS solution outside the cluster after
installation is complete. The customer would be responsible for configuring this custom DNS solution,
and it can be run in addition to the in-cluster DNS solution.
enum:
- ClusterHosted
- PlatformDefault
type: string
x-kubernetes-validations:
- message: dnsType is immutable
rule: oldSelf == '' || self == oldSelf
type: object
x-kubernetes-validations:
- message: clusterHosted is permitted only when dnsType is
ClusterHosted
rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted''
? !has(self.clusterHosted) : true'
cloudName:
description: |-
cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK
Expand Down
Loading