Skip to content

OPNET-678: Add internalDNSRecords field #2460

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
openshift-merge-bot merged 11 commits into from
Nov 17, 2025
Merged

OPNET-678: Add internalDNSRecords field #2460

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
387147c
Add dnsRecordsType field
cybertron Aug 5, 2025
d01cc12
Apply dnsRecordsType to all on-prem platforms
cybertron Oct 3, 2025
e2a2880
Add infrastructure integration tests
cybertron Oct 22, 2025
1a8e202
Add controllerconfigs integration test
cybertron Oct 22, 2025
6200636
Add XValidation rules for dnsRecordsType cross-field constraint
cybertron Oct 22, 2025
275d49c
Fix XValidation placement and add integration tests for dnsRecordsType
cybertron Oct 23, 2025
da3d1a4
Regenerate CRDs
cybertron Oct 23, 2025
17af866
Fix Nutanix test definitions with required prismCentral and prismElem…
cybertron Oct 23, 2025
4723a27
Make dnsRecordsType XValidation rules feature gate aware
cybertron Oct 24, 2025
7aa746c
Move validation to type and explicitly reference loadBalancer field
cybertron Nov 3, 2025
c72fe4d
Update godoc to clarify user requirements
cybertron Nov 12, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
464 changes: 464 additions & 0 deletions config/v1/tests/infrastructures.config.openshift.io/OnPremDNSRecords.yaml
View file
Open in desktop

Large diffs are not rendered by default.

96 changes: 96 additions & 0 deletions config/v1/types_infrastructure.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -183,6 +183,17 @@ const (
LoadBalancerTypeOpenShiftManagedDefault PlatformLoadBalancerType = "OpenShiftManagedDefault"
)

// DNSRecordsType defines whether api, api-int, and ingress records are provided by
// the internal DNS infrastructure or must be configured external to the cluster.
// +kubebuilder:validation:Enum=Internal;External
Copy link
Copy Markdown
Contributor

@JoelSpeed JoelSpeed Nov 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add this one too to help with accurate openapi schema generation

Suggested change
// +kubebuilder:validation:Enum=Internal;External
// +kubebuilder:validation:Enum=Internal;External
// +enum

// +enum
type DNSRecordsType string

const (
DNSRecordsTypeExternal DNSRecordsType = "External"
DNSRecordsTypeInternal DNSRecordsType = "Internal"
)

// PlatformType is a specific supported infrastructure provider.
// +kubebuilder:validation:Enum="";AWS;Azure;BareMetal;GCP;Libvirt;OpenStack;None;VSphere;oVirt;IBMCloud;KubeVirt;EquinixMetal;PowerVS;AlibabaCloud;Nutanix;External
type PlatformType string
Expand Down Expand Up @@ -1022,6 +1033,7 @@ type BareMetalPlatformSpec struct {
// BareMetalPlatformStatus holds the current status of the BareMetal infrastructure provider.
// For more information about the network architecture used with the BareMetal platform type, see:
// https://github.com/openshift/installer/blob/master/docs/design/baremetal/networking-infrastructure.md
// +openshift:validation:FeatureGateAwareXValidation:featureGate=OnPremDNSRecords,rule="!has(self.dnsRecordsType) || self.dnsRecordsType == 'Internal' || (has(self.loadBalancer) && self.loadBalancer.type == 'UserManaged')",message="dnsRecordsType may only be set to External when loadBalancer.type is UserManaged"
type BareMetalPlatformStatus struct {
// apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used
// by components inside the cluster, like kubelets using the infrastructure rather
Expand Down Expand Up @@ -1074,6 +1086,22 @@ type BareMetalPlatformStatus struct {
// +optional
LoadBalancer *BareMetalPlatformLoadBalancer `json:"loadBalancer,omitempty"`

// dnsRecordsType determines whether records for api, api-int, and ingress
// are provided by the internal DNS service or externally.
// Allowed values are `Internal`, `External`, and omitted.
// When set to `Internal`, records are provided by the internal infrastructure and
// no additional user configuration is required for the cluster to function.
// When set to `External`, records are not provided by the internal infrastructure
Comment thread
cybertron marked this conversation as resolved.
// and must be configured by the user on a DNS server outside the cluster.
// Cluster nodes must use this external server for their upstream DNS requests.
// This value may only be set when loadBalancer.type is set to UserManaged.
// When omitted, this means the user has no opinion and the platform is left
// to choose reasonable defaults. These defaults are subject to change over time.
// The current default is `Internal`.
// +openshift:enable:FeatureGate=OnPremDNSRecords
// +optional
DNSRecordsType DNSRecordsType `json:"dnsRecordsType,omitempty"`

// machineNetworks are IP networks used to connect all the OpenShift cluster nodes.
// +listType=atomic
// +kubebuilder:validation:MaxItems=32
Expand Down Expand Up @@ -1150,6 +1178,7 @@ type OpenStackPlatformSpec struct {
}

// OpenStackPlatformStatus holds the current status of the OpenStack infrastructure provider.
// +openshift:validation:FeatureGateAwareXValidation:featureGate=OnPremDNSRecords,rule="!has(self.dnsRecordsType) || self.dnsRecordsType == 'Internal' || (has(self.loadBalancer) && self.loadBalancer.type == 'UserManaged')",message="dnsRecordsType may only be set to External when loadBalancer.type is UserManaged"
type OpenStackPlatformStatus struct {
// apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used
// by components inside the cluster, like kubelets using the infrastructure rather
Expand Down Expand Up @@ -1206,6 +1235,22 @@ type OpenStackPlatformStatus struct {
// +optional
LoadBalancer *OpenStackPlatformLoadBalancer `json:"loadBalancer,omitempty"`

// dnsRecordsType determines whether records for api, api-int, and ingress
// are provided by the internal DNS service or externally.
// Allowed values are `Internal`, `External`, and omitted.
// When set to `Internal`, records are provided by the internal infrastructure and
// no additional user configuration is required for the cluster to function.
// When set to `External`, records are not provided by the internal infrastructure
// and must be configured by the user on a DNS server outside the cluster.
// Cluster nodes must use this external server for their upstream DNS requests.
// This value may only be set when loadBalancer.type is set to UserManaged.
// When omitted, this means the user has no opinion and the platform is left
// to choose reasonable defaults. These defaults are subject to change over time.
// The current default is `Internal`.
// +openshift:enable:FeatureGate=OnPremDNSRecords
// +optional
DNSRecordsType DNSRecordsType `json:"dnsRecordsType,omitempty"`

// machineNetworks are IP networks used to connect all the OpenShift cluster nodes.
// +listType=atomic
// +kubebuilder:validation:MaxItems=32
Expand Down Expand Up @@ -1240,6 +1285,7 @@ type OvirtPlatformLoadBalancer struct {
type OvirtPlatformSpec struct{}

// OvirtPlatformStatus holds the current status of the oVirt infrastructure provider.
// +openshift:validation:FeatureGateAwareXValidation:featureGate=OnPremDNSRecords,rule="!has(self.dnsRecordsType) || self.dnsRecordsType == 'Internal' || (has(self.loadBalancer) && self.loadBalancer.type == 'UserManaged')",message="dnsRecordsType may only be set to External when loadBalancer.type is UserManaged"
type OvirtPlatformStatus struct {
// apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used
// by components inside the cluster, like kubelets using the infrastructure rather
Expand Down Expand Up @@ -1286,6 +1332,22 @@ type OvirtPlatformStatus struct {
// +kubebuilder:default={"type": "OpenShiftManagedDefault"}
// +optional
LoadBalancer *OvirtPlatformLoadBalancer `json:"loadBalancer,omitempty"`

// dnsRecordsType determines whether records for api, api-int, and ingress
// are provided by the internal DNS service or externally.
// Allowed values are `Internal`, `External`, and omitted.
// When set to `Internal`, records are provided by the internal infrastructure and
// no additional user configuration is required for the cluster to function.
// When set to `External`, records are not provided by the internal infrastructure
// and must be configured by the user on a DNS server outside the cluster.
// Cluster nodes must use this external server for their upstream DNS requests.
// This value may only be set when loadBalancer.type is set to UserManaged.
// When omitted, this means the user has no opinion and the platform is left
// to choose reasonable defaults. These defaults are subject to change over time.
// The current default is `Internal`.
// +openshift:enable:FeatureGate=OnPremDNSRecords
// +optional
DNSRecordsType DNSRecordsType `json:"dnsRecordsType,omitempty"`
}

// VSpherePlatformLoadBalancer defines the load balancer used by the cluster on VSphere platform.
Expand Down Expand Up @@ -1683,6 +1745,7 @@ type VSpherePlatformSpec struct {
}

// VSpherePlatformStatus holds the current status of the vSphere infrastructure provider.
// +openshift:validation:FeatureGateAwareXValidation:featureGate=OnPremDNSRecords,rule="!has(self.dnsRecordsType) || self.dnsRecordsType == 'Internal' || (has(self.loadBalancer) && self.loadBalancer.type == 'UserManaged')",message="dnsRecordsType may only be set to External when loadBalancer.type is UserManaged"
type VSpherePlatformStatus struct {
// apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used
// by components inside the cluster, like kubelets using the infrastructure rather
Expand Down Expand Up @@ -1735,6 +1798,22 @@ type VSpherePlatformStatus struct {
// +optional
LoadBalancer *VSpherePlatformLoadBalancer `json:"loadBalancer,omitempty"`

// dnsRecordsType determines whether records for api, api-int, and ingress
// are provided by the internal DNS service or externally.
// Allowed values are `Internal`, `External`, and omitted.
// When set to `Internal`, records are provided by the internal infrastructure and
// no additional user configuration is required for the cluster to function.
// When set to `External`, records are not provided by the internal infrastructure
// and must be configured by the user on a DNS server outside the cluster.
// Cluster nodes must use this external server for their upstream DNS requests.
// This value may only be set when loadBalancer.type is set to UserManaged.
// When omitted, this means the user has no opinion and the platform is left
// to choose reasonable defaults. These defaults are subject to change over time.
// The current default is `Internal`.
// +openshift:enable:FeatureGate=OnPremDNSRecords
// +optional
DNSRecordsType DNSRecordsType `json:"dnsRecordsType,omitempty"`

// machineNetworks are IP networks used to connect all the OpenShift cluster nodes.
// +listType=atomic
// +kubebuilder:validation:MaxItems=32
Expand Down Expand Up @@ -2108,6 +2187,7 @@ type NutanixPrismElementEndpoint struct {
}

// NutanixPlatformStatus holds the current status of the Nutanix infrastructure provider.
// +openshift:validation:FeatureGateAwareXValidation:featureGate=OnPremDNSRecords,rule="!has(self.dnsRecordsType) || self.dnsRecordsType == 'Internal' || (has(self.loadBalancer) && self.loadBalancer.type == 'UserManaged')",message="dnsRecordsType may only be set to External when loadBalancer.type is UserManaged"
type NutanixPlatformStatus struct {
// apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used
// by components inside the cluster, like kubelets using the infrastructure rather
Expand Down Expand Up @@ -2151,6 +2231,22 @@ type NutanixPlatformStatus struct {
// +kubebuilder:default={"type": "OpenShiftManagedDefault"}
// +optional
LoadBalancer *NutanixPlatformLoadBalancer `json:"loadBalancer,omitempty"`

// dnsRecordsType determines whether records for api, api-int, and ingress
// are provided by the internal DNS service or externally.
// Allowed values are `Internal`, `External`, and omitted.
// When set to `Internal`, records are provided by the internal infrastructure and
// no additional user configuration is required for the cluster to function.
// When set to `External`, records are not provided by the internal infrastructure
// and must be configured by the user on a DNS server outside the cluster.
// Cluster nodes must use this external server for their upstream DNS requests.
// This value may only be set when loadBalancer.type is set to UserManaged.
// When omitted, this means the user has no opinion and the platform is left
// to choose reasonable defaults. These defaults are subject to change over time.
// The current default is `Internal`.
// +openshift:enable:FeatureGate=OnPremDNSRecords
// +optional
DNSRecordsType DNSRecordsType `json:"dnsRecordsType,omitempty"`
}

// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
Expand Down
Loading