feat: Add support to configure dnsPolicy on the Helm chart deployment

[michelzanini]

Description

Add support to configure dnsPolicy on the Helm chart deployment.
This allows us to set the dnsPolicy to Default and skip in-cluster DNS to improve performance.

[k8s-ci-robot]

Welcome @michelzanini!

It looks like this is your first PR to kubernetes-sigs/external-dns 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes-sigs/external-dns has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

[michelzanini]

/assign @stevehipwell

[stevehipwell]

Thanks for the PR @michelzanini, I've added a couple of suggested changes. Out of interest did you open an issue to discuss the issues you were having which led to this PR?

[michelzanini]

Code changes have being implemented.
I have not open an issue as its a simple config change.
The issues we have that will make this help is to decrease the load on CoreDns. This config is supported on most add-ons we use like AWS load balancer, cluster autoscaler, etc...

[stevehipwell]

@michelzanini it's not a hard and fast rule but I'd recommend opening an issue before opening a PR, the maintainers may have a wider view and be able to validate an approach before anyone writes any code or has to review it. From the Helm chart perspective I'm fine with this change but I can't tell you if there is an edge case which relies on using the cluster DNS.

Have you checked that this change works at least for your use case?

[michelzanini]

Have you checked that this change works at least for your use case?

Yes it does. All this does is allow the pod to go directly to AWS for DNS resolution skipping CoreDNS. CoreDNS is useful if you need to reference a service within the cluster by using the service name. External DNS does not call other pods and works independently so it will only do DNS resolution to external domains such as AWS APIs it needs to call etc.
This avoid problems such as https://pracucci.com/kubernetes-dns-resolution-ndots-options-and-why-it-may-affect-application-performances.html.

Also recommended in some other places like https://aws.github.io/aws-eks-best-practices/security/docs/pods/#disable-service-discovery.

This setting is available to be configured on other Helm charts that use Cloud/AWS APIs such as Cluster Autoscaler and AWS load balancer controller etc.

it's not a hard and fast rule but I'd recommend opening an issue before opening a PR

I can create one if you think its required. Let me know.

[stevehipwell]

@Raffo @seanmalloy @njuettner could you approve the workflow for first time contribution?

[seanmalloy]

@Raffo @seanmalloy @njuettner could you approve the workflow for first time contribution?

GitHub Actions CI check are running now.

[stevehipwell]

/lgtm

[stevehipwell]

/assign @seanmalloy

[Raffo]

/approve

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: michelzanini, Raffo

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• charts/OWNERS [Raffo]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment