Clean up DNS handling #8199
Clean up DNS handling #8199
Conversation
`IncludeZones` and `ExcludeZones` are a leftover when Gardenlet created `DNSEntries` instead of `DNSRecords`.
`IncludeDomains` and `ExcludeDomains` are obsolete and not supported by `DNSRecord`s.
Earlier, we used `!useSNI` which was later replaced by `!useDNS` (v1.73) but at those places a 1:1 replacement is not possible. We don't support non-SNI and thus won't deploy Kube-Apiserver Services of Type `LoadBalancer`. Now we can always deploy the service, also when the cluster is hibernated.
Support for `nip.io` is obsolete: - It's been broken for a long time (shoot fails with `Could not initialize a new operation for Shoot cluster: unable to figure out which secret should be used for dns`) - It's not documented at all
gardener-prow
bot
added
area/open-source
pkg/apis/core/types_shoot.go
Outdated
| // Note: This struct is not used by Gardener anymore. However, providers might still be synced by the DNS extension which | ||
| // is mainly why we can't deprecate or remove it, see https://github.com/gardener/gardener-extension-shoot-dns-service/blob/f599bec786ab6e27e6fd41d423d4e73dd4952f4f/pkg/admission/mutator/shoot_mutator.go#L110. |
There was a problem hiding this comment.
What is the plan forward to drop it? Probably this DNS extension should adapt to use its provider config? cc @MartinWeindel
Is there an issue which we can track and link here?
There was a problem hiding this comment.
The extension already uses its provider config. Due to compatibility reasons there is a provider sync functionality that copies dns.providers to the extension's provider config.
I wondered as well if we plan to drop this functionality. OTHO, we probably won't remove the domains and zones field anytime soon as it's part of the shoot API and would rather consider removing it when we promote the API to v1? 😄
We can however already add an deprecation note now?!
There was a problem hiding this comment.
What is the plan forward to drop it? Probably this DNS extension should adapt to use its provider config? cc @MartinWeindel Is there an issue which we can track and link here?
Thanks @timuthy for your comments. I have not much to add to that. I see the Gardener core team in the driver seat for further planning to define what fields to drop with API v1 as they are partially used by the DNSRecord controller, too.
There was a problem hiding this comment.
We can also drop fields in v1beta1 after a proper deprecation period so that users have time to adopt. We already did so many times in the past.
Hence, I suggest to deprecate it know with the plan to finally remove after v1.87 has been released (first release in 2024).
Then people have enough time to switch to providerConfig only.
There was a problem hiding this comment.
Fair enough, I adjusted the doc strings and release notes.
There was a problem hiding this comment.
timuthy
force-pushed
the
cleanup.dns-handling
branch
from
7c58e8a to
1450ff7
Compare
gardener-prow
bot
added
cla: no
timuthy
force-pushed
the
cleanup.dns-handling
branch
from
f023093 to
3bc1627
Compare
|
@timuthy: The following test failed, say
Full PR test history. Your PR dashboard. Command help for this repository. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
LGTM label has been added. Git tree hash: 32f66d1aa5c21f860d358f317daae84545806651
|
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: rfranzke The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
gardener-prow
bot
added
the
approved
* Drop `IncludeZones` and `ExcludeZones` `IncludeZones` and `ExcludeZones` are a leftover when Gardenlet created `DNSEntries` instead of `DNSRecords`. * Drop `IncludeDomains` and `ExcludeDomains` `IncludeDomains` and `ExcludeDomains` are obsolete and not supported by `DNSRecord`s. * Drop irrelevant condition in shoot flow Earlier, we used `!useSNI` which was later replaced by `!useDNS` (v1.73) but at those places a 1:1 replacement is not possible. We don't support non-SNI and thus won't deploy Kube-Apiserver Services of Type `LoadBalancer`. Now we can always deploy the service, also when the cluster is hibernated. * Drop `nip.io` support Support for `nip.io` is obsolete: - It's been broken for a long time (shoot fails with `Could not initialize a new operation for Shoot cluster: unable to figure out which secret should be used for dns`) - It's not documented at all * [make generate] * Address review comment * Address review comments * Deprecate 'Domains' and 'Zones'
* Drop `IncludeZones` and `ExcludeZones` `IncludeZones` and `ExcludeZones` are a leftover when Gardenlet created `DNSEntries` instead of `DNSRecords`. * Drop `IncludeDomains` and `ExcludeDomains` `IncludeDomains` and `ExcludeDomains` are obsolete and not supported by `DNSRecord`s. * Drop irrelevant condition in shoot flow Earlier, we used `!useSNI` which was later replaced by `!useDNS` (v1.73) but at those places a 1:1 replacement is not possible. We don't support non-SNI and thus won't deploy Kube-Apiserver Services of Type `LoadBalancer`. Now we can always deploy the service, also when the cluster is hibernated. * Drop `nip.io` support Support for `nip.io` is obsolete: - It's been broken for a long time (shoot fails with `Could not initialize a new operation for Shoot cluster: unable to figure out which secret should be used for dns`) - It's not documented at all * [make generate] * Address review comment * Address review comments * Deprecate 'Domains' and 'Zones'
How to categorize this PR?
/area open-source
/kind cleanup
What this PR does / why we need it:
This PR cleans up some leftovers regarding DNS handling, please see individual commits.
It mainly drops support for the
nip.iodomains - A functionality that's been broken for a long time, is untested and likely not used by the community.Special notes for your reviewer:
/cc @rfranzke
Release note: