Add --zone-name-filter option for azure provider

[titilambert]

Use case

• We have ONE Azure DNS domain (k8s.example.com)
• We have multiple Kubernetes clusters with one ExternalDNS per cluster.
• Each Kubernetes cluster manages its own subdomain
  • DEV cluster: dev.k8s.example.com
  • QA cluster: qa.k8s.example.com
• We need to protect all the subdomains
  Example: the cluster handling dev.k8s.example.com can NOT CREATE (and edit/delete) entry in the subdmain qa.k8s.example.com

With the latest externalDNS, we can not handle this use case.

The patch

Summary

This patch add a new parameter --zone-name-filter.
This parameter is used only by the azure provider (for now).
When it used, the --domain-filter behavior changes: --domain-filter filter ingress domains and NOT Azure DNS zone domain.
There is no breaking change for current users of the Azure provider.

How to run to handle the use case

With this patch:

• we can run externalDNS in the DEV cluster with the following parameter:

external-dns \
  --source=service \
  --source=ingress \
  --zone-name-filter=k8s.example.com \
  --domain-filter=dev.k8s.example.com \
  --provider=azure \
  --azure-resource-group=externaldns \
  --azure-config-file=azure.json

• we can run externalDNS in the DEV cluster with the following parameter:

external-dns \
  --source=service \
  --source=ingress \
  --zone-name-filter=k8s.example.com \
  --domain-filter=qa.k8s.example.com \
  --provider=azure \
  --azure-resource-group=externaldns \
  --azure-config-file=azure.json

[k8s-ci-robot]

Welcome @titilambert!

It looks like this is your first PR to kubernetes-incubator/external-dns 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes-incubator/external-dns has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

[alfredkrohmer]

Why not just use two zones? If you / external-dns has access to create records in k8s.example.com, I would guess you also have access to create an NS record for dev.k8s.example and qa.k8s.example.com and delegate to these two zones?

[djsly]

@devkid , we already had a discussion on slack #external-dns , with @stromming. While your approach can work for small amount of subnets. we have many zones and subnet to manage (one per cluster)

I will let @titilambert share the discussion we had in Slack in this PR

[titilambert]

@devkid here the first comment of this PR: https://kubernetes.slack.com/archives/C771MKDKQ/p1559914092057000

[njuettner]

@titilambert Do you mind rebasing from master again and resolve the conflicts? I think we can merge it.

[titilambert]

@njuettner rebased !!! Thanks !

[titilambert]

And rebased !

[djsly]

is this good to be merged @njuettner ?

[njuettner]

@titilambert ^^

[njuettner]

@titilambert Could you please take a look on my last comment?

[djsly]

Nick. titilambert is on paternity leave and will be back online on October 1st.

…

On Sep 10, 2019, at 6:07 AM, Nick Jüttner ***@***.***> wrote: @titilambert Could you please take a look on my last comment? — You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.

[titilambert]

@njuettner sorry for the delay, I'm now back, and I just fixed the last issue

[njuettner]

@titilambert thank you again, do you mind fix one last nit and solve the conflicting files? Then I'm happy to merge your PR 😄.

[titilambert]

@njuettner the tests are working on my laptop :/ and I'm not sure to understand the issue on travis. Could you help me with that ? Thanks

[djsly]

@njuettner we would like to start using the official release, can you se if you can help @titilambert with the travis error ?

[titilambert]

@njuettner any news on this PR ?

[njuettner]

added some comments, PTAL

[titilambert]

@vinny-sabatini I just rebase this PR ! Hopefully it will be merged quickly :)
Thanks !

[seanmalloy]

/assign

[vinny-sabatini]

Thanks for updating the PR @titilambert . I think the code looks good to me, but would you be able to add some tests for the code changes made in azure.go?

[titilambert]

@vinny-sabatini I just added the tests. It should cover all the new lines

[vinny-sabatini]

Thanks for adding those tests, this looks good to me.

@njuettner / @Raffo could one of you take a look at this when you have a chance?

[vinny-sabatini]

/assign @Raffo @njuettner

[djsly]

@vinny-sabatini are we missing something ?

[seanmalloy]

/unassign

[vinny-sabatini]

Hi @djsly, I am not a maintainer of the org so I don't have approve/merge access. At this point we just need to give the maintainers some time to review the code. I will reach out to them to try to get it reviewed and hopefully merged soon. Thanks for your patience.

/lgtm

[Raffo]

Sorry for the delay with this PR! The life of a OSS maintainer is hard 😬

[Raffo]

/approve
/lgtm

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Raffo, titilambert

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [Raffo]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[titilambert]

Yeah ! Thanks !