Skip to content

K8SPSMDB-1608: add externaldns anotation to create dns for created loadbalancer#2280

Open
myJamong wants to merge 8 commits intopercona:mainfrom
myJamong:NO-TICKET-YET-add-externaldns-anotation
Open

K8SPSMDB-1608: add externaldns anotation to create dns for created loadbalancer#2280
myJamong wants to merge 8 commits intopercona:mainfrom
myJamong:NO-TICKET-YET-add-externaldns-anotation

Conversation

@myJamong
Copy link
Copy Markdown

@myJamong myJamong commented Mar 9, 2026

CHANGE DESCRIPTION

Problem:
When expose.enabled: true with type: LoadBalancer, each per-pod Service gets an auto-assigned LB hostname (e.g., a1b2c3d4e5.elb.amazonaws.com). These hostnames are not human-readable, long, and unpredictable. The existing expose.annotations field applies the same annotations to every per-pod Service, making it impossible to assign a unique external-dns.alpha.kubernetes.io/hostname per pod.

This is the issue I made: #2267

Cause:
There was no built-in mechanism to generate unique, per-pod DNS hostname annotations. Users had to manually manage DNS records for each pod's LoadBalancer endpoint.

Solution:
Add an optional externalDNS field under expose that automatically generates unique external-dns.alpha.kubernetes.io/hostname annotations for each per-pod Service, enabling ExternalDNS to create human-readable DNS records in any supported DNS provider (Route53, Cloud DNS, Azure DNS, etc.).

Configuration

replsets:
  - name: rs0
    size: 3
    expose:
      enabled: true
      type: LoadBalancer
      externalDNS:
        prefix: "service-name"                    # required
        domain: "mongo.example.com"       # required
        ttl: 300                          # optional

Generated Annotations

Each per-pod Service gets a unique hostname annotation:

Service Annotation
my-cluster-rs0-0 external-dns.alpha.kubernetes.io/hostname: service-name-rs0-0.mongo.example.com
my-cluster-rs0-1 external-dns.alpha.kubernetes.io/hostname: service-name-rs0-1.mongo.example.com
my-cluster-rs0-2 external-dns.alpha.kubernetes.io/hostname: service-name-rs0-2.mongo.example.com

If ttl is set, the external-dns.alpha.kubernetes.io/ttl annotation is also added.

Supported Components

Component Hostname Format
Replica sets {prefix}-{replsetName}-{podIndex}.{domain}
Config servers Same path as replica sets, fully supported
Mongos (ServicePerPod=true) {prefix}-mongos-{podIndex}.{domain}
Mongos (ServicePerPod=false) {prefix}-mongos.{domain}

Note on serviceAnnotations overlap

If serviceAnnotations contains external-dns.alpha.kubernetes.io/hostname, the externalDNS config takes precedence and overwrites it. This is by design — when externalDNS is configured, it owns the hostname annotation.

CHECKLIST

Jira

  • Is the Jira ticket created and referenced properly?
  • Does the Jira ticket have the proper statuses for documentation (Needs Doc) and QA (Needs QA)?
  • Does the Jira ticket link to the proper milestone (Fix Version field)?

Tests

  • Is an E2E test/test case added for the new feature/change?
  • Are unit tests added where appropriate?
  • Are OpenShift compare files changed for E2E tests (compare/*-oc.yml)?

Config/Logging/Testability

  • Are all needed new/changed options added to default YAML files?
  • Are all needed new/changed options added to the Helm Chart?
  • Did we add proper logging messages for operator actions?
  • Did we ensure compatibility with the previous version or cluster upgrade process?
  • Does the change support oldest and newest supported MongoDB version?
  • Does the change support oldest and newest supported Kubernetes version?

@pull-request-size pull-request-size bot added the size/L 100-499 lines label Mar 9, 2026
@myJamong myJamong changed the title No ticket yet add externaldns anotation add externaldns anotation to create dns for created loadbalancer Mar 9, 2026
@egegunes egegunes changed the title add externaldns anotation to create dns for created loadbalancer K8SPSMDB-1608: add externaldns anotation to create dns for created loadbalancer Mar 10, 2026
egegunes
egegunes requested changes Mar 10, 2026
View reviewed changes
pkg/apis/psmdb/v1/psmdb_types.go Outdated
Comment on lines +1466 to +1467
// +kubebuilder:validation:Required
Prefix string `json:"prefix"`
Copy link
Copy Markdown
Contributor

@egegunes egegunes Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe prefix shouldn't be required and operator should use the cluster name by default

Copy link
Copy Markdown
Author

@myJamong myJamong Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think its a great idea. I changed it to have default cr name - ee194e4

pkg/controller/perconaservermongodb/service.go Outdated
Comment on lines +36 to +38
if dns.Prefix == "" || dns.Domain == "" {
return errors.Errorf("externalDNS requires both prefix and domain for replset %s", rs.Name)
}
Copy link
Copy Markdown
Contributor

@egegunes egegunes Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

even though this will be handled on CRD level, I think we should do this check in CheckNSetDefaults

Copy link
Copy Markdown
Author

@myJamong myJamong Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I moved the validation logic - 19a85b2

Thanks for the review!

@egegunes egegunes added this to the v1.23.0 milestone Mar 10, 2026
egegunes
egegunes previously approved these changes Mar 10, 2026
View reviewed changes
@egegunes
Copy link
Copy Markdown
Contributor

egegunes commented Mar 10, 2026

@myJamong please fix manifests by running make generate manifests VERSION=main

@JNKPercona
Copy link
Copy Markdown
Collaborator

JNKPercona commented Mar 11, 2026

Test Name Result Time
arbiter passed 00:00:00
balancer passed 00:00:00
cross-site-sharded passed 00:00:00
custom-replset-name passed 00:00:00
custom-tls passed 00:00:00
custom-users-roles passed 00:00:00
custom-users-roles-sharded passed 00:11:22
data-at-rest-encryption passed 00:00:00
data-sharded passed 00:00:00
demand-backup passed 00:00:00
demand-backup-eks-credentials-irsa passed 00:00:00
demand-backup-fs passed 00:00:00
demand-backup-if-unhealthy passed 00:00:00
demand-backup-incremental-aws passed 00:00:00
demand-backup-incremental-azure passed 00:00:00
demand-backup-incremental-gcp-native passed 00:11:30
demand-backup-incremental-gcp-s3 passed 00:00:00
demand-backup-incremental-minio passed 00:26:55
demand-backup-incremental-sharded-aws passed 00:00:00
demand-backup-incremental-sharded-azure passed 00:00:00
demand-backup-incremental-sharded-gcp-native passed 00:00:00
demand-backup-incremental-sharded-gcp-s3 passed 00:00:00
demand-backup-incremental-sharded-minio passed 00:00:00
demand-backup-physical-parallel passed 00:00:00
demand-backup-physical-aws passed 00:00:00
demand-backup-physical-azure passed 00:00:00
demand-backup-physical-gcp-s3 passed 00:00:00
demand-backup-physical-gcp-native passed 00:00:00
demand-backup-physical-minio passed 00:00:00
demand-backup-physical-minio-native passed 00:00:00
demand-backup-physical-minio-native-tls passed 00:00:00
demand-backup-physical-sharded-parallel passed 00:00:00
demand-backup-physical-sharded-aws passed 00:00:00
demand-backup-physical-sharded-azure passed 00:00:00
demand-backup-physical-sharded-gcp-native passed 00:00:00
demand-backup-physical-sharded-minio passed 00:00:00
demand-backup-physical-sharded-minio-native passed 00:00:00
demand-backup-sharded passed 00:00:00
disabled-auth passed 00:00:00
expose-sharded passed 00:00:00
finalizer passed 00:00:00
ignore-labels-annotations passed 00:00:00
init-deploy passed 00:00:00
ldap passed 00:00:00
ldap-tls passed 00:00:00
limits passed 00:00:00
liveness passed 00:00:00
mongod-major-upgrade passed 00:00:00
mongod-major-upgrade-sharded passed 00:00:00
monitoring-2-0 passed 00:00:00
monitoring-pmm3 passed 00:00:00
multi-cluster-service passed 00:00:00
multi-storage passed 00:19:17
non-voting-and-hidden passed 00:00:00
one-pod passed 00:00:00
operator-self-healing-chaos passed 00:00:00
pitr failure 00:10:51
pitr-physical passed 00:00:00
pitr-sharded passed 00:00:00
pitr-to-new-cluster passed 00:00:00
pitr-physical-backup-source passed 00:00:00
preinit-updates passed 00:00:00
pvc-auto-resize passed 00:00:00
pvc-resize passed 00:00:00
recover-no-primary passed 00:00:00
replset-overrides passed 00:00:00
replset-remapping passed 00:00:00
replset-remapping-sharded passed 00:00:00
rs-shard-migration passed 00:00:00
scaling passed 00:12:17
scheduled-backup passed 00:00:00
security-context passed 00:00:00
self-healing-chaos passed 00:00:00
service-per-pod passed 00:00:00
serviceless-external-nodes passed 00:00:00
smart-update passed 00:00:00
split-horizon passed 00:00:00
stable-resource-version passed 00:00:00
storage passed 00:00:00
tls-issue-cert-manager passed 00:00:00
unsafe-psa passed 00:00:00
upgrade passed 00:00:00
upgrade-consistency passed 00:00:00
upgrade-consistency-sharded-tls passed 00:55:14
upgrade-sharded passed 00:00:00
upgrade-partial-backup passed 00:00:00
users passed 00:00:00
users-vault passed 00:00:00
version-service passed 00:00:00
Summary Value
Tests Run 89/89
Job Duration 01:21:24
Total Test Time 02:27:30

commit: ff70a0b
image: perconalab/percona-server-mongodb-operator:PR-2280-ff70a0bf

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@egegunes egegunes egegunes approved these changes

@hors hors Awaiting requested review from hors hors is a code owner

@pooknull pooknull Awaiting requested review from pooknull pooknull is a code owner

@nmarukovich nmarukovich Awaiting requested review from nmarukovich nmarukovich is a code owner

@gkech gkech Awaiting requested review from gkech gkech is a code owner

@mayankshah1607 mayankshah1607 Awaiting requested review from mayankshah1607 mayankshah1607 is a code owner

@oksana-grishchenko oksana-grishchenko Awaiting requested review from oksana-grishchenko oksana-grishchenko is a code owner

@jvpasinatto jvpasinatto Awaiting requested review from jvpasinatto jvpasinatto is a code owner

@eleo007 eleo007 Awaiting requested review from eleo007 eleo007 is a code owner

@valmiranogueira valmiranogueira Awaiting requested review from valmiranogueira valmiranogueira is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

community size/L 100-499 lines

Projects

None yet

Milestone

v1.23.0

Development

Successfully merging this pull request may close these issues.

3 participants

@myJamong @egegunes @JNKPercona