Gateway sources¶
The gateway-grpcroute, gateway-httproute, gateway-tcproute, gateway-tlsroute, and gateway-udproute
sources create DNS entries based on their respective gateway.networking.k8s.io resources.
Filtering the Routes considered¶
These sources support the --label-filter flag, which filters *Route resources
by a set of labels.
Domain names¶
To calculate the Domain names created from a *Route, this source first collects a set
of domain names from the *Route.
It then iterates over each of the status.parents with
a matching Gateway and at least one matching listener.
For each matching listener, if the
listener has a hostname, it narrows the set of domain names from the *Route to the portion
that overlaps the hostname. If a matching listener does not have a hostname, it uses
the un-narrowed set of domain names.
Domain names from Route¶
The set of domain names from a *Route is sourced from the following places:
- If the *Route is a GRPCRoute, HTTPRoute, or TLSRoute, adds each of the
spec.hostnames.
- Adds the hostnames from any
external-dns.alpha.kubernetes.io/hostnameannotation on the *Route.
This behavior is suppressed if the--ignore-hostname-annotationflag was specified.
- If no endpoints were produced by the previous steps
or the--combine-fqdn-annotationflag was specified, then adds hostnames
generated from any--fqdn-templateflag.
- If no endpoints were produced by the previous steps, each
attached Gateway listener will use itshostname, if present.
Matching Gateways¶
Matching Gateways are discovered by iterating over the *Route’s status.parents:
- Ignores parents with a
parentRef.groupother than
gateway.networking.k8s.ioor aparentRef.kindother thanGateway.
-
If the
--gateway-nameflag was specified, ignores parents with aparentRef.nameother than the
specified value.For example, given the following HTTPRoute:
apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: name: echo spec: hostnames: - echoserver.example.org parentRefs: - group: networking.k8s.io kind: Gateway name: internal --- apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: name: echo2 spec: hostnames: - echoserver2.example.org parentRefs: - group: networking.k8s.io kind: Gateway name: externalAnd using the
--gateway-name=externalflag, only theecho2HTTPRoute will be considered for DNS entries.
- If the
--gateway-namespaceflag was specified, ignores parents with aparentRef.namespaceother
than the specified value.
- If the
--gateway-label-filterflag was specified, ignores parents whose Gateway does not match the
specified label filter.
- Ignores parents whose Gateway either does not exist or has not accepted the route.
Matching listeners¶
Iterates over all listeners for the parent’s parentRef.sectionName:
- Ignores listeners whose
protocolfield does not match the kind of the *Route per the following table:
| kind | protocols |
|---|---|
| GRPCRoute | HTTP, HTTPS |
| HTTPRoute | HTTP, HTTPS |
| TCPRoute | TCP |
| TLSRoute | TLS |
| UDPRoute | UDP |
- If the parent’s
parentRef.portport is specified, ignores listeners without a matchingport.
- Ignores listeners which specify an
allowedRouteswhich does not allow the route.
Targets¶
The targets of the DNS entries created from a *Route are sourced from the following places:
-
If a matching parent Gateway has an
external-dns.alpha.kubernetes.io/targetannotation, uses
the values from that. -
Otherwise, iterates over that parent Gateway’s
status.addresses,
adding each address’svalue.
The targets from each parent Gateway matching the *Route are then combined and de-duplicated.
Dualstack Routes¶
Gateway resources may be served from an external-loadbalancer which may support
both IPv4 and “dualstack” (both IPv4 and IPv6) interfaces. When using the AWS
Route53 provider, External DNS Controller will always create both A and AAAA
alias DNS records by default, regardless of whether the load balancer is dual
stack or not.