Add Kubernetes CustomResourceDefinition Source

[linki]

Add a source that lists/watches for a specific CustomResourceDefinition objects.

We could make a CRD the central source for DNS entries. And then just create those objects as needed. This would allow other components to declare DNS entries as well.

[ideahitme]

what is the need for that?

[linki]

Would just be an alternative way of defining DNS records from inside Kubernetes in a provider independent way.

[ideahitme]

I would postpone this till we get some simple version running :)

[munnerz]

We're interested in this, or similar, in cert-manager.

Right now we bake in support for various DNS providers into cert-manager itself in order to update TXT records in order to solve ACME challenges. If we could somehow define a TXT record without directly calling out to DNS provider APIs ourself, it'd be a great addition and simplify our codebase considerably.

Generally speaking, a 'DNS controller' that is not bound to services or ingress would also be very useful.

We have a simple model for managing a similar problem in cert-manager:

A user can define a Certificate resource (our own CRD), which allows for advanced customisation of certificates (e.g. explicit CN or special types of subject alt name). We also allow a user to add a simple annotation (kubernetes.io/tls-acme: "true") on ingress resources. We have a component that watches for Ingress resources with this label, and automatically creates and manages a corresponding Certificate resource in order to fulfil the Certificate. This solves the code duplication problem, and gives user a consistent way to debug validation problems.

This same model could be used to provide a migration/transition path from the current external-dns design to something powered by CRDs/custom resources.

More info on how we do this in cert-manager here: https://github.com/jetstack/cert-manager/tree/master/cmd/ingress-shim

[2rs2ts]

It would also be nice to be able to use kubectl get dns or something like that to look at the DNS records that external-dns created :)

[fejta-bot]

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

[fejta-bot]

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle rotten

[fejta-bot]

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/close

[k8s-ci-robot]

@fejta-bot: Closing this issue.

In response to this:

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.