kubernetes: add multicluster support (#7266)

* kubernetes: add multicluster support Add multicluster support via Multi-Cluster Services API (MCS-API) via a new option `multiclusterZones` in the kubernetes plugin. When some multicluster zones are passed to the kubernetes plugin, it will start watching the ServiceImport objects and its associated EndpointSlices. Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr> * kubernetes: implement xfr support for multicluster zones Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr> --------- Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
2025-10-28 00:34:24 -04:00 · 2025-05-19 07:58:16 +02:00
parent 76b199f829
commit 5c71bd0b87
23 changed files with 1634 additions and 298 deletions
--- a/plugin/kubernetes/xfr_test.go
+++ b/plugin/kubernetes/xfr_test.go
@@ -38,7 +38,24 @@ func TestKubernetesAXFR(t *testing.T) {
 	if err != nil {
 		t.Error(err)
 	}
-	validateAXFR(t, ch)
+	validateAXFR(t, ch, false)
+}
+
+func TestKubernetesMultiClusterAXFR(t *testing.T) {
+	k := New([]string{"cluster.local.", "clusterset.local."})
+	k.opts.multiclusterZones = []string{"clusterset.local."}
+	k.APIConn = &APIConnServeTest{}
+	k.Namespaces = map[string]struct{}{"testns": {}, "kube-system": {}}
+	k.localIPs = []net.IP{net.ParseIP("10.0.0.10")}
+
+	dnsmsg := &dns.Msg{}
+	dnsmsg.SetAxfr("clusterset.local.")
+
+	ch, err := k.Transfer("clusterset.local.", 0)
+	if err != nil {
+		t.Error(err)
+	}
+	validateAXFR(t, ch, true)
 }

 func TestKubernetesIXFRFallback(t *testing.T) {
@@ -54,7 +71,7 @@ func TestKubernetesIXFRFallback(t *testing.T) {
 	if err != nil {
 		t.Error(err)
 	}
-	validateAXFR(t, ch)
+	validateAXFR(t, ch, false)
 }

 func TestKubernetesIXFRCurrent(t *testing.T) {
@@ -87,7 +104,7 @@ func TestKubernetesIXFRCurrent(t *testing.T) {
 	}
 }

-func validateAXFR(t *testing.T, ch <-chan []dns.RR) {
+func validateAXFR(t *testing.T, ch <-chan []dns.RR, multicluster bool) {
 	xfr := []dns.RR{}
 	for rrs := range ch {
 		xfr = append(xfr, rrs...)
@@ -96,7 +113,11 @@ func validateAXFR(t *testing.T, ch <-chan []dns.RR) {
 		t.Error("Invalid transfer response, does not start with SOA record")
 	}

-	zp := dns.NewZoneParser(strings.NewReader(expectedZone), "", "")
+	expected := expectedZone
+	if multicluster {
+		expected = expectedMultiClusterZone
+	}
+	zp := dns.NewZoneParser(strings.NewReader(expected), "", "")
 	i := 0
 	for rr, ok := zp.Next(); ok; rr, ok = zp.Next() {
 		if !dns.IsDuplicate(rr, xfr[i]) {
@@ -154,3 +175,46 @@ svcempty.testns.svc.cluster.local.	5	IN	SRV	0 100 80 svcempty.testns.svc.cluster
 _http._tcp.svcempty.testns.svc.cluster.local.	5	IN	SRV	0 100 80 svcempty.testns.svc.cluster.local.
 cluster.local.	5	IN	SOA	ns.dns.cluster.local. hostmaster.cluster.local. 3 7200 1800 86400 5
 `
+
+const expectedMultiClusterZone = `
+clusterset.local.	5	IN	SOA	ns.dns.clusterset.local. hostmaster.clusterset.local. 3 7200 1800 86400 5
+clusterset.local.	5	IN	NS	ns.dns.clusterset.local.
+ns.dns.clusterset.local.	5	IN	A	10.0.0.10
+hdls1.testns.svc.clusterset.local.	5	IN	A	172.0.0.2
+172-0-0-2.hdls1.testns.svc.clusterset.local.	5	IN	A	172.0.0.2
+_http._tcp.hdls1.testns.svc.clusterset.local.	5	IN	SRV	0 16 80 172-0-0-2.hdls1.testns.svc.clusterset.local.
+hdls1.testns.svc.clusterset.local.	5	IN	A	172.0.0.3
+172-0-0-3.hdls1.testns.svc.clusterset.local.	5	IN	A	172.0.0.3
+_http._tcp.hdls1.testns.svc.clusterset.local.	5	IN	SRV	0 16 80 172-0-0-3.hdls1.testns.svc.clusterset.local.
+hdls1.testns.svc.clusterset.local.	5	IN	A	172.0.0.4
+dup-name.hdls1.testns.svc.clusterset.local.	5	IN	A	172.0.0.4
+_http._tcp.hdls1.testns.svc.clusterset.local.	5	IN	SRV	0 16 80 dup-name.hdls1.testns.svc.clusterset.local.
+hdls1.testns.svc.clusterset.local.	5	IN	A	172.0.0.5
+dup-name.hdls1.testns.svc.clusterset.local.	5	IN	A	172.0.0.5
+_http._tcp.hdls1.testns.svc.clusterset.local.	5	IN	SRV	0 16 80 dup-name.hdls1.testns.svc.clusterset.local.
+hdls1.testns.svc.clusterset.local.	5	IN	AAAA	5678:abcd::1
+5678-abcd--1.hdls1.testns.svc.clusterset.local.	5	IN	AAAA	5678:abcd::1
+_http._tcp.hdls1.testns.svc.clusterset.local.	5	IN	SRV	0 16 80 5678-abcd--1.hdls1.testns.svc.clusterset.local.
+hdls1.testns.svc.clusterset.local.	5	IN	AAAA	5678:abcd::2
+5678-abcd--2.hdls1.testns.svc.clusterset.local.	5	IN	AAAA	5678:abcd::2
+_http._tcp.hdls1.testns.svc.clusterset.local.	5	IN	SRV	0 16 80 5678-abcd--2.hdls1.testns.svc.clusterset.local.
+hdlsprtls.testns.svc.clusterset.local.	5	IN	A	172.0.0.20
+172-0-0-20.hdlsprtls.testns.svc.clusterset.local.	5	IN	A	172.0.0.20
+kubedns.kube-system.svc.clusterset.local.	5	IN	A	10.0.0.10
+kubedns.kube-system.svc.clusterset.local.	5	IN	SRV	0 100 53 kubedns.kube-system.svc.clusterset.local.
+_dns._udp.kubedns.kube-system.svc.clusterset.local.	5	IN	SRV	0 100 53 kubedns.kube-system.svc.clusterset.local.
+svc-dual-stack.testns.svc.clusterset.local.	5	IN	A	10.0.0.3
+svc-dual-stack.testns.svc.clusterset.local.	5	IN	AAAA	10::3
+svc-dual-stack.testns.svc.clusterset.local.	5	IN	SRV	0 100 80 svc-dual-stack.testns.svc.clusterset.local.
+_http._tcp.svc-dual-stack.testns.svc.clusterset.local.	5	IN	SRV	0 100 80 svc-dual-stack.testns.svc.clusterset.local.
+svc1.testns.svc.clusterset.local.	5	IN	A	10.0.0.1
+svc1.testns.svc.clusterset.local.	5	IN	SRV	0 100 80 svc1.testns.svc.clusterset.local.
+_http._tcp.svc1.testns.svc.clusterset.local.	5	IN	SRV	0 100 80 svc1.testns.svc.clusterset.local.
+svc6.testns.svc.clusterset.local.	5	IN	AAAA	1234:abcd::1
+svc6.testns.svc.clusterset.local.	5	IN	SRV	0 100 80 svc6.testns.svc.clusterset.local.
+_http._tcp.svc6.testns.svc.clusterset.local.	5	IN	SRV	0 100 80 svc6.testns.svc.clusterset.local.
+svcempty.testns.svc.clusterset.local.	5	IN	A	10.0.0.1
+svcempty.testns.svc.clusterset.local.	5	IN	SRV	0 100 80 svcempty.testns.svc.clusterset.local.
+_http._tcp.svcempty.testns.svc.clusterset.local.	5	IN	SRV	0 100 80 svcempty.testns.svc.clusterset.local.
+clusterset.local.	5	IN	SOA	ns.dns.clusterset.local. hostmaster.clusterset.local. 3 7200 1800 86400 5
+`