Skip to content

feat(gateway): configure DNS records for Gateway API resources#1427

Open
wenyingd wants to merge 4 commits into
vmware-tanzu:mainfrom
wenyingd:dns-networkinfo-gateway
Open

feat(gateway): configure DNS records for Gateway API resources#1427
wenyingd wants to merge 4 commits into
vmware-tanzu:mainfrom
wenyingd:dns-networkinfo-gateway

Conversation

@wenyingd
Copy link
Copy Markdown
Contributor

@wenyingd wenyingd commented May 6, 2026

  1. Add Gateway reconciler, route DNS sub-reconcilers, GC, and Gateway API scheme registration.
  2. Support using annotation to claim DNS record for a K8s Gateway resource
  3. Support configuring DNS record for the HTTPRoute/GRPCRoute/TLSRoute by identifying the FQDN from spec.hostnames and from annotation
  4. Align the DNS record configuration with external-dns behaviors
  5. Introduce gatewayIPCache to maintain the supported Gateway and its listeners
  6. DNS records for xxRoute are configured only when 1) the route is accepted by a parent Gateway which is supported, and 2) the claimed hostname is validated by both the parent listeners and any of the allowed DNS zones in the Namespace.

@codecov-commenter
Copy link
Copy Markdown

codecov-commenter commented May 6, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 76.99639% with 700 lines in your changes missing coverage. Please review.
✅ Project coverage is 77.02%. Comparing base (6ae0434) to head (441a69a).
⚠️ Report is 1 commits behind head on main.

Files with missing lines Patch % Lines
pkg/controllers/gateway/route_subreconciler.go 73.17% 53 Missing and 28 partials ⚠️
pkg/controllers/gateway/gateway_controller.go 75.30% 64 Missing and 16 partials ⚠️
pkg/controllers/gateway/handlers.go 76.26% 41 Missing and 20 partials ⚠️
pkg/controllers/service/service_lb_dns.go 65.62% 39 Missing and 16 partials ⚠️
pkg/nsx/services/dns/recordservice.go 79.62% 34 Missing and 20 partials ⚠️
pkg/controllers/service/service_lb_controller.go 39.28% 36 Missing and 15 partials ⚠️
...rd_party/externaldns/source/admission_hostnames.go 58.53% 39 Missing and 12 partials ⚠️
pkg/controllers/gateway/gateway_ip_cache.go 75.20% 22 Missing and 9 partials ⚠️
pkg/controllers/gateway/gc.go 60.25% 21 Missing and 10 partials ⚠️
...party/externaldns/source/route_parent_admission.go 73.00% 16 Missing and 11 partials ⚠️
... and 25 more
Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #1427      +/-   ##
==========================================
- Coverage   77.03%   77.02%   -0.01%     
==========================================
  Files         155      189      +34     
  Lines       22043    25052    +3009     
==========================================
+ Hits        16980    19297    +2317     
- Misses       3858     4339     +481     
- Partials     1205     1416     +211
Flag Coverage Δ
unit-tests 77.02% <76.99%> (-0.01%) ⬇️
Files with missing lines Coverage Δ
pkg/controllers/common/types.go 100.00% <ø> (ø)
pkg/nsx/client.go 93.42% <100.00%> (+0.11%) ⬆️
pkg/nsx/services/common/policy_tree.go 86.48% <100.00%> (+0.24%) ⬆️
pkg/nsx/services/common/types.go 100.00% <ø> (ø)
pkg/nsx/services/dns/errors.go 100.00% <100.00%> (ø)
pkg/nsx/services/dns/types.go 100.00% <100.00%> (ø)
pkg/third_party/externaldns/endpoint/endpoint.go 100.00% <100.00%> (ø)
pkg/third_party/externaldns/source/hostnames.go 100.00% <100.00%> (ø)
..._party/externaldns/source/route_parent_accepted.go 100.00% <100.00%> (ø)
pkg/util/utils.go 87.12% <100.00%> (+0.12%) ⬆️
... and 35 more

... and 2 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@wenyingd wenyingd force-pushed the dns-networkinfo-gateway branch 8 times, most recently from 02694b7 to 4c3e411 Compare May 12, 2026 03:51
@wenyingd wenyingd force-pushed the dns-networkinfo-gateway branch 13 times, most recently from 441a69a to 24fcda5 Compare May 15, 2026 07:25
wenyingd and others added 3 commits May 15, 2026 15:29
@wenyingd @cursoragent
feat(dns): implement NSX Project DNS record service
c882eb5 
- Implement DNSRecordService for NSX ProjectDnsRecord CRUD operations
- Validate hostnames against VPCNetworkConfiguration allowed DNS zones
- Wrap hostname-mismatch error as DNSZoneValidationError for accurate
  DNSRecordReady condition reporting

Co-authored-by: Cursor <cursoragent@cursor.com>
@wenyingd
feat(networkinfo): AllowedDNSDomains from VPC DNS zones
8c68706 
Wire NetworkInfo reconciler to DNSRecordService for per-namespace allowed
DNS domains derived from VPC DNS zone configuration. Register DNS record
service initialization in cmd when VPC networking is enabled.
@wenyingd @cursoragent
feat(service): reconcile DNS records for LoadBalancer Services
4cfcb3a 
- Reconcile DNS records based on the hostname annotation on LoadBalancer
  Services using VPCNetworkConfiguration allowed DNS zones
- Report DNSRecordReady condition for DNS zone validation errors and
  generic DNS build errors

Co-authored-by: Cursor <cursoragent@cursor.com>
@wenyingd wenyingd force-pushed the dns-networkinfo-gateway branch from 24fcda5 to 8b62ff7 Compare May 15, 2026 07:55
@wenyingd @cursoragent
feat(gateway): configure DNS records for Gateway API Route resources
541a1f8 
- Reconcile DNS records for HTTPRoute/TLSRoute resources via the Gateway
  controller using VPCNetworkConfiguration allowed DNS zones
- Implement missing controller-runtime v0.23.3 interface methods in mock
  implementations for cache.Informer and manager.Manager

Co-authored-by: Cursor <cursoragent@cursor.com>
@wenyingd wenyingd force-pushed the dns-networkinfo-gateway branch from 8b62ff7 to 541a1f8 Compare May 15, 2026 10:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@wenyingd @codecov-commenter