mirror of
https://github.com/tailscale/tailscale.git
synced 2024-12-13 03:34:43 +00:00
9e2f58f846
* cmd/k8s-nameserver,k8s-operator: add a nameserver that can resolve ts.net DNS names in cluster. Adds a simple nameserver that can respond to A record queries for ts.net DNS names. It can respond to queries from in-memory records, populated from a ConfigMap mounted at /config. It dynamically updates its records as the ConfigMap contents changes. It will respond with NXDOMAIN to queries for any other record types (AAAA to be implemented in the future). It can respond to queries over UDP or TCP. It runs a miekg/dns DNS server with a single registered handler for ts.net domain names. Queries for other domain names will be refused. The intended use of this is: 1) to allow non-tailnet cluster workloads to talk to HTTPS tailnet services exposed via Tailscale operator egress over HTTPS 2) to allow non-tailnet cluster workloads to talk to workloads in the same cluster that have been exposed to tailnet over their MagicDNS names but on their cluster IPs. Updates tailscale/tailscale#10499 Signed-off-by: Irbe Krumina <irbe@tailscale.com> * cmd/k8s-operator/deploy/crds,k8s-operator: add DNSConfig CustomResource Definition DNSConfig CRD can be used to configure the operator to deploy kube nameserver (./cmd/k8s-nameserver) to cluster. Signed-off-by: Irbe Krumina <irbe@tailscale.com> * cmd/k8s-operator,k8s-operator: optionally reconcile nameserver resources Adds a new reconciler that reconciles DNSConfig resources. If a DNSConfig is deployed to cluster, the reconciler creates kube nameserver resources. This reconciler is only responsible for creating nameserver resources and not for populating nameserver's records. Signed-off-by: Irbe Krumina <irbe@tailscale.com> * cmd/{k8s-operator,k8s-nameserver}: generate DNSConfig CRD for charts, append to static manifests Signed-off-by: Irbe Krumina <irbe@tailscale.com> --------- Signed-off-by: Irbe Krumina <irbe@tailscale.com>
97 lines
4.0 KiB
YAML
97 lines
4.0 KiB
YAML
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.13.0
|
|
name: dnsconfigs.tailscale.com
|
|
spec:
|
|
group: tailscale.com
|
|
names:
|
|
kind: DNSConfig
|
|
listKind: DNSConfigList
|
|
plural: dnsconfigs
|
|
shortNames:
|
|
- dc
|
|
singular: dnsconfig
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Service IP address of the nameserver
|
|
jsonPath: .status.nameserverStatus.ip
|
|
name: NameserverIP
|
|
type: string
|
|
name: v1alpha1
|
|
schema:
|
|
openAPIV3Schema:
|
|
type: object
|
|
required:
|
|
- spec
|
|
properties:
|
|
apiVersion:
|
|
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
type: string
|
|
kind:
|
|
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
type: object
|
|
required:
|
|
- nameserver
|
|
properties:
|
|
nameserver:
|
|
type: object
|
|
properties:
|
|
image:
|
|
type: object
|
|
properties:
|
|
repo:
|
|
type: string
|
|
tag:
|
|
type: string
|
|
status:
|
|
type: object
|
|
properties:
|
|
conditions:
|
|
type: array
|
|
items:
|
|
description: ConnectorCondition contains condition information for a Connector.
|
|
type: object
|
|
required:
|
|
- status
|
|
- type
|
|
properties:
|
|
lastTransitionTime:
|
|
description: LastTransitionTime is the timestamp corresponding to the last status change of this condition.
|
|
type: string
|
|
format: date-time
|
|
message:
|
|
description: Message is a human readable description of the details of the last transition, complementing reason.
|
|
type: string
|
|
observedGeneration:
|
|
description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Connector.
|
|
type: integer
|
|
format: int64
|
|
reason:
|
|
description: Reason is a brief machine readable explanation for the condition's last transition.
|
|
type: string
|
|
status:
|
|
description: Status of the condition, one of ('True', 'False', 'Unknown').
|
|
type: string
|
|
type:
|
|
description: Type of the condition, known values are (`SubnetRouterReady`).
|
|
type: string
|
|
x-kubernetes-list-map-keys:
|
|
- type
|
|
x-kubernetes-list-type: map
|
|
nameserverStatus:
|
|
type: object
|
|
properties:
|
|
ip:
|
|
type: string
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|