[improvement] add override so users can set full dns name for controlplane endpoint (#442)

* add override so users can set full dns name for controlplane endpoint

Author: amold1

api/v1alpha1/zz_generated.conversion.go

@@ -128,6 +128,10 @@ type NetworkSpec struct {
 	// If not set, defaults to 30
 	// +optional
 	DNSTTLSec int `json:"dnsTTLsec,omitempty"`
+	// DNSSubDomainOverride is used to override CAPL's construction of the controlplane endpoint
+	// If set, this will override the DNS subdomain from <clustername>-<uniqueid>.<rootdomain> to <overridevalue>.<rootdomain>
+	// +optional
+	DNSSubDomainOverride string `json:"dnsSubDomainOverride,omitempty"`
 	// apiserverLoadBalancerPort used by the api server. It must be valid ports range (1-65535).
 	// If omitted, default value is 6443.
 	// +kubebuilder:validation:Minimum=1

api/v1alpha2/linodecluster_types.go

@@ -104,12 +104,6 @@ func (r *LinodeCluster) validateLinodeClusterSpec(ctx context.Context, client Li
 				Type:  field.ErrorTypeRequired,
 			})
 		}
-		if r.Spec.Network.DNSUniqueIdentifier == "" {
-			errs = append(errs, &field.Error{
-				Field: "dnsUniqueIdentifier needs to be set when LoadBalancer Type is DNS",
-				Type:  field.ErrorTypeRequired,
-			})
-		}
 	}
 
 	if len(errs) == 0 {

api/v1alpha2/linodecluster_webhook.go

@@ -130,31 +130,15 @@ func TestValidateDNSLinodeCluster(t *testing.T) {
 				},
 			},
 		}
-		noRootDomainCluster = LinodeCluster{
+		inValidCluster = LinodeCluster{
 			ObjectMeta: metav1.ObjectMeta{
 				Name:      "example",
 				Namespace: "example",
 			},
 			Spec: LinodeClusterSpec{
 				Region: "us-ord",
 				Network: NetworkSpec{
-					LoadBalancerType:    "dns",
-					DNSRootDomain:       "",
-					DNSUniqueIdentifier: "abc123",
-				},
-			},
-		}
-		noUniqueIDCluster = LinodeCluster{
-			ObjectMeta: metav1.ObjectMeta{
-				Name:      "example",
-				Namespace: "example",
-			},
-			Spec: LinodeClusterSpec{
-				Region: "us-ord",
-				Network: NetworkSpec{
-					LoadBalancerType:    "dns",
-					DNSRootDomain:       "test.net",
-					DNSUniqueIdentifier: "",
+					LoadBalancerType: "dns",
 				},
 			},
 		}
@@ -172,13 +156,12 @@ func TestValidateDNSLinodeCluster(t *testing.T) {
 			),
 		),
 		OneOf(
-			Path(Call("no domain and unique id set", func(ctx context.Context, mck Mock) {
+			Path(Call("no root domain set", func(ctx context.Context, mck Mock) {
 				mck.LinodeClient.EXPECT().GetRegion(gomock.Any(), gomock.Any()).Return(nil, nil).AnyTimes()
 			})),
 		),
 		Result("error", func(ctx context.Context, mck Mock) {
-			require.ErrorContains(t, noRootDomainCluster.validateLinodeCluster(ctx, mck.LinodeClient), "dnsRootDomain")
-			require.ErrorContains(t, noUniqueIDCluster.validateLinodeCluster(ctx, mck.LinodeClient), "dnsUniqueIdentifier")
+			require.ErrorContains(t, inValidCluster.validateLinodeCluster(ctx, mck.LinodeClient), "dnsRootDomain")
 		}),
 	)
 }

api/v1alpha2/linodecluster_webhook_test.go

@@ -79,8 +79,8 @@ func EnsureAkamaiDNSEntries(ctx context.Context, mscope *scope.MachineScope, ope
 	linodeCluster := mscope.LinodeCluster
 	linodeClusterNetworkSpec := linodeCluster.Spec.Network
 	rootDomain := linodeClusterNetworkSpec.DNSRootDomain
-	fqdn := linodeCluster.Name + "-" + linodeClusterNetworkSpec.DNSUniqueIdentifier + "." + rootDomain
 	akaDNSClient := mscope.AkamaiDomainsClient
+	fqdn := getSubDomain(mscope) + "." + rootDomain
 
 	for _, dnsEntry := range dnsEntries {
 		recordBody, err := akaDNSClient.GetRecord(ctx, rootDomain, fqdn, string(dnsEntry.DNSRecordType))
@@ -150,7 +150,7 @@ func (d *DNSEntries) getDNSEntriesToEnsure(mscope *scope.MachineScope) ([]DNSOpt
 	if mscope.LinodeMachine.Status.Addresses == nil {
 		return nil, fmt.Errorf("no addresses available on the LinodeMachine resource")
 	}
-	domainHostname := mscope.LinodeCluster.ObjectMeta.Name + "-" + mscope.LinodeCluster.Spec.Network.DNSUniqueIdentifier
+	subDomain := getSubDomain(mscope)
 
 	for _, IPs := range mscope.LinodeMachine.Status.Addresses {
 		recordType := linodego.RecordTypeA
@@ -164,9 +164,9 @@ func (d *DNSEntries) getDNSEntriesToEnsure(mscope *scope.MachineScope) ([]DNSOpt
 		if !addr.Is4() {
 			recordType = linodego.RecordTypeAAAA
 		}
-		d.options = append(d.options, DNSOptions{domainHostname, IPs.Address, recordType, dnsTTLSec})
+		d.options = append(d.options, DNSOptions{subDomain, IPs.Address, recordType, dnsTTLSec})
 	}
-	d.options = append(d.options, DNSOptions{domainHostname, mscope.LinodeMachine.Name, linodego.RecordTypeTXT, dnsTTLSec})
+	d.options = append(d.options, DNSOptions{subDomain, mscope.LinodeMachine.Name, linodego.RecordTypeTXT, dnsTTLSec})
 
 	return d.options, nil
 }
@@ -273,3 +273,16 @@ func IsDomainRecordOwner(ctx context.Context, mscope *scope.MachineScope, hostna
 
 	return true, nil
 }
+
+func getSubDomain(mscope *scope.MachineScope) (subDomain string) {
+	if mscope.LinodeCluster.Spec.Network.DNSSubDomainOverride != "" {
+		subDomain = mscope.LinodeCluster.Spec.Network.DNSSubDomainOverride
+	} else {
+		uniqueID := ""
+		if mscope.LinodeCluster.Spec.Network.DNSUniqueIdentifier != "" {
+			uniqueID = "-" + mscope.LinodeCluster.Spec.Network.DNSUniqueIdentifier
+		}
+		subDomain = mscope.LinodeCluster.Name + uniqueID
+	}
+	return subDomain
+}

cloud/services/domains.go

@@ -373,6 +373,11 @@ spec:
                       DNSRootDomain is the root domain used to create a DNS entry for the control-plane endpoint
                       Ignored if the LoadBalancerType is set to anything other than dns
                     type: string
+                  dnsSubDomainOverride:
+                    description: |-
+                      DNSSubDomainOverride is used to override CAPL's construction of the controlplane endpoint
+                      If set, this will override the DNS subdomain from <clustername>-<uniqueid>.<rootdomain> to <overridevalue>.<rootdomain>
+                    type: string
                   dnsTTLsec:
                     description: |-
                       DNSTTLSec is the TTL for the domain record

config/crd/bases/infrastructure.cluster.x-k8s.io_linodeclusters.yaml

@@ -301,6 +301,11 @@ spec:
                               DNSRootDomain is the root domain used to create a DNS entry for the control-plane endpoint
                               Ignored if the LoadBalancerType is set to anything other than dns
                             type: string
+                          dnsSubDomainOverride:
+                            description: |-
+                              DNSSubDomainOverride is used to override CAPL's construction of the controlplane endpoint
+                              If set, this will override the DNS subdomain from <clustername>-<uniqueid>.<rootdomain> to <overridevalue>.<rootdomain>
+                            type: string
                           dnsTTLsec:
                             description: |-
                               DNSTTLSec is the TTL for the domain record

config/crd/bases/infrastructure.cluster.x-k8s.io_linodeclustertemplates.yaml

@@ -232,13 +232,24 @@ func (r *LinodeClusterReconciler) handleNBCreate(ctx context.Context, logger log
 }
 
 func (r *LinodeClusterReconciler) handleDNS(clusterScope *scope.ClusterScope) {
-	domainName := clusterScope.LinodeCluster.ObjectMeta.Name + "-" + clusterScope.LinodeCluster.Spec.Network.DNSUniqueIdentifier + "." + clusterScope.LinodeCluster.Spec.Network.DNSRootDomain
+	clusterSpec := clusterScope.LinodeCluster.Spec
+	clusterMetadata := clusterScope.LinodeCluster.ObjectMeta
+	uniqueID := ""
+	if clusterSpec.Network.DNSUniqueIdentifier != "" {
+		uniqueID = "-" + clusterSpec.Network.DNSUniqueIdentifier
+	}
+	subDomain := clusterMetadata.Name + uniqueID
+
+	if clusterScope.LinodeCluster.Spec.Network.DNSSubDomainOverride != "" {
+		subDomain = clusterScope.LinodeCluster.Spec.Network.DNSSubDomainOverride
+	}
+	dnsHost := subDomain + "." + clusterSpec.Network.DNSRootDomain
 	apiLBPort := services.DefaultApiserverLBPort
 	if clusterScope.LinodeCluster.Spec.Network.ApiserverLoadBalancerPort != 0 {
 		apiLBPort = clusterScope.LinodeCluster.Spec.Network.ApiserverLoadBalancerPort
 	}
 	clusterScope.LinodeCluster.Spec.ControlPlaneEndpoint = clusterv1.APIEndpoint{
-		Host: domainName,
+		Host: dnsHost,
 		Port: int32(apiLBPort),
 	}
 }

controller/linodecluster_controller.go

@@ -47,7 +47,6 @@ var _ = Describe("cluster-lifecycle", Ordered, Label("cluster", "cluster-lifecyc
 	controlPlaneEndpointHost := "10.0.0.1"
 	controlPlaneEndpointPort := 6443
 	clusterName := "cluster-lifecycle"
-	clusterNameSpace := "default"
 	ownerRef := metav1.OwnerReference{
 		Name:       clusterName,
 		APIVersion: "cluster.x-k8s.io/v1beta1",
@@ -57,7 +56,7 @@ var _ = Describe("cluster-lifecycle", Ordered, Label("cluster", "cluster-lifecyc
 	ownerRefs := []metav1.OwnerReference{ownerRef}
 	metadata := metav1.ObjectMeta{
 		Name:            clusterName,
-		Namespace:       clusterNameSpace,
+		Namespace:       defaultNamespace,
 		OwnerReferences: ownerRefs,
 	}
 	linodeCluster := infrav1alpha2.LinodeCluster{
@@ -258,7 +257,6 @@ var _ = Describe("cluster-lifecycle-dns", Ordered, Label("cluster", "cluster-lif
 	controlPlaneEndpointHost := "cluster-lifecycle-dns-abc123.lkedevs.net"
 	controlPlaneEndpointPort := 1000
 	clusterName := "cluster-lifecycle-dns"
-	clusterNameSpace := "default"
 	ownerRef := metav1.OwnerReference{
 		Name:       clusterName,
 		APIVersion: "cluster.x-k8s.io/v1beta1",
@@ -268,7 +266,7 @@ var _ = Describe("cluster-lifecycle-dns", Ordered, Label("cluster", "cluster-lif
 	ownerRefs := []metav1.OwnerReference{ownerRef}
 	metadata := metav1.ObjectMeta{
 		Name:            clusterName,
-		Namespace:       clusterNameSpace,
+		Namespace:       defaultNamespace,
 		OwnerReferences: ownerRefs,
 	}
 
@@ -338,7 +336,6 @@ var _ = Describe("cluster-lifecycle-dns", Ordered, Label("cluster", "cluster-lif
 var _ = Describe("cluster-delete", Ordered, Label("cluster", "cluster-delete"), func() {
 	nodebalancerID := 1
 	clusterName := "cluster-delete"
-	clusterNameSpace := "default"
 	ownerRef := metav1.OwnerReference{
 		Name:       clusterName,
 		APIVersion: "cluster.x-k8s.io/v1beta1",
@@ -348,7 +345,7 @@ var _ = Describe("cluster-delete", Ordered, Label("cluster", "cluster-delete"),
 	ownerRefs := []metav1.OwnerReference{ownerRef}
 	metadata := metav1.ObjectMeta{
 		Name:            clusterName,
-		Namespace:       clusterNameSpace,
+		Namespace:       defaultNamespace,
 		OwnerReferences: ownerRefs,
 	}
 
@@ -421,3 +418,83 @@ var _ = Describe("cluster-delete", Ordered, Label("cluster", "cluster-delete"),
 		}),
 	)
 })
+
+var _ = Describe("dns-override-endpoint", Ordered, Label("cluster", "dns-override-endpoint"), func() {
+	subDomainOverRide := "dns-override-endpoint"
+	controlPlaneEndpointHost := "dns-override-endpoint.lkedevs.net"
+	controlPlaneEndpointPort := 1000
+	clusterName := "dns-override-endpoint"
+	ownerRef := metav1.OwnerReference{
+		Name:       clusterName,
+		APIVersion: "cluster.x-k8s.io/v1beta1",
+		Kind:       "Cluster",
+		UID:        "00000000-000-0000-0000-000000000000",
+	}
+	ownerRefs := []metav1.OwnerReference{ownerRef}
+	metadata := metav1.ObjectMeta{
+		Name:            clusterName,
+		Namespace:       defaultNamespace,
+		OwnerReferences: ownerRefs,
+	}
+
+	linodeCluster := infrav1alpha2.LinodeCluster{
+		ObjectMeta: metadata,
+		Spec: infrav1alpha2.LinodeClusterSpec{
+			Region: "us-ord",
+			Network: infrav1alpha2.NetworkSpec{
+				ApiserverLoadBalancerPort: controlPlaneEndpointPort,
+				LoadBalancerType:          "dns",
+				DNSSubDomainOverride:      subDomainOverRide,
+				DNSRootDomain:             "lkedevs.net",
+			},
+		},
+	}
+
+	ctlrSuite := NewControllerSuite(GinkgoT(), mock.MockLinodeClient{})
+	reconciler := LinodeClusterReconciler{}
+	cScope := &scope.ClusterScope{}
+	clusterKey := client.ObjectKeyFromObject(&linodeCluster)
+
+	BeforeAll(func(ctx SpecContext) {
+		cScope.Client = k8sClient
+		Expect(k8sClient.Create(ctx, &linodeCluster)).To(Succeed())
+	})
+
+	ctlrSuite.BeforeEach(func(ctx context.Context, mck Mock) {
+		reconciler.Recorder = mck.Recorder()
+
+		Expect(k8sClient.Get(ctx, clusterKey, &linodeCluster)).To(Succeed())
+		cScope.LinodeCluster = &linodeCluster
+
+		// Create patch helper with latest state of resource.
+		// This is only needed when relying on envtest's k8sClient.
+		patchHelper, err := patch.NewHelper(&linodeCluster, k8sClient)
+		Expect(err).NotTo(HaveOccurred())
+		cScope.PatchHelper = patchHelper
+	})
+
+	ctlrSuite.Run(
+		OneOf(
+			Path(
+				Call("cluster with dns loadbalancing is created", func(ctx context.Context, mck Mock) {
+					cScope.LinodeClient = mck.LinodeClient
+				}),
+				Result("cluster created", func(ctx context.Context, mck Mock) {
+					_, err := reconciler.reconcile(ctx, cScope, logr.Logger{})
+					Expect(err).NotTo(HaveOccurred())
+
+					By("checking ready conditions")
+					clusterKey := client.ObjectKeyFromObject(&linodeCluster)
+					Expect(k8sClient.Get(ctx, clusterKey, &linodeCluster)).To(Succeed())
+					Expect(linodeCluster.Status.Ready).To(BeTrue())
+					Expect(linodeCluster.Status.Conditions).To(HaveLen(1))
+					Expect(linodeCluster.Status.Conditions[0].Type).To(Equal(clusterv1.ReadyCondition))
+
+					By("checking controlPlaneEndpoint/NB host and port")
+					Expect(linodeCluster.Spec.ControlPlaneEndpoint.Host).To(Equal(controlPlaneEndpointHost))
+					Expect(linodeCluster.Spec.ControlPlaneEndpoint.Port).To(Equal(int32(controlPlaneEndpointPort)))
+				}),
+			),
+		),
+	)
+})

controller/linodecluster_controller_test.go

@@ -4,6 +4,8 @@ This flavor configures DNS records that resolve to the public (ipv4 and/or IPv6)
 The following need to be set in the `LinodeCluster` spec under `network`
 ```bash
 kind: LinodeCluster
+metadata:
+    name: test-cluster
 spec:
     network:
         loadBalancerType: dns
@@ -14,6 +16,8 @@ We support DNS management with both, [Linode Cloud Manager](https://cloud.linode
 We default to the linode provider but to use akamai, you'll need
 ```bash
 kind: LinodeCluster
+metadata:
+    name: test-cluster
 spec:
     network:
         loadBalancerType: dns
@@ -22,10 +26,24 @@ spec:
         dnsProvider: akamai
 ```
 Along with this, the `test.net` domain needs to be registered and also be pre-configured as a domain on Linode or zone on Akamai.
-With these changes, the controlPlaneEndpoint is set to `<domain-name>-<uniqueid>.<root-domain>`. This will set as the server in the KUBECONFIG as well.
+With these changes, the controlPlaneEndpoint is set to `test-cluster-abc123.test.net`. This will be set as the server in the KUBECONFIG as well.
+If users wish to override the subdomain format with something custom, they can pass in the override using the env var `DNS_SUBDOMAIN_OVERRIDE`.
+```bash
+kind: LinodeCluster
+metadata:
+    name: test-cluster
+spec:
+    network:
+        loadBalancerType: dns
+        dnsRootDomain: test.net
+        dnsProvider: akamai
+        dnsSubDomainOverride: my-special-overide
+```
+This will replace the subdomain creation from `test-cluster-abc123.test.net` to make the url `my-special-overide.test.net`.
+
 The controller will create A/AAAA and TXT records under [the Domains tab in the Linode Cloud Manager.](https://cloud.linode.com/domains) or Akamai Edge DNS depending on the provider.
 
- ### Linode Domains:
+### Linode Domains:
 Using the `LINODE_DNS_TOKEN` env var, you can pass the [API token of a different account](https://cloud.linode.com/profile/tokens) if the Domain has been created in another acount under Linode CM:
 
 ```bash