Phase 1: Add ExternalDNS setup option for interdomain examples

[denis-tingaikin]

Problem statement

Currently NSM is using 3-5 exposed services for interdomain/floating interdomain and interdomain/floating + vl3control plane scenarios

sequenceDiagram
    nsc-->>nsmgr1: Request(...)
    nsmgr1-->>registry1: registry.Find(...)
    participant forwarder1
    registry1-->>nsmgr-proxy1: registry.Find(...)
    nsmgr-proxy1-->>registry-proxy-dns1:  registry.Find(...)
    registry-proxy-dns1-->>DNS Server1: DNS request
    DNS Server1-->>DNS Server2: DNS request
    note right of DNS Server1: DNS Server2 is exposed
    DNS Server2-->>DNS Server1: DNS response
    DNS Server1-->>registry-proxy-dns1: DNS response
    registry-proxy-dns1-->>registry2: registry.Find(...) 
    note right of registry-proxy-dns1: registry2 is exposed
    registry2-->>registry-proxy-dns1: registry.Find(...) Response
    registry-proxy-dns1-->>nsmgr-proxy1: registry.Find(...) Response
    nsmgr-proxy1-->>registry1: registry.Find(...) Response
    registry1-->>nsmgr1: registry.Find(...) Response
    nsmgr1-->>forwarder1: Request(...)
    forwarder1-->>nsmgr-proxy1: Request(...)
    nsmgr-proxy1-->>nsmgr-proxy2: Request(...)
    note right of  nsmgr-proxy1: nsmgr-proxy2 is exposed
    nsmgr-proxy2-->>nsmgr2: Request(...)
    nsmgr2->>forwarder2: Request(...)
    forwarder2->>nse: Request(...)
    nse->>forwarder2: Connection
    forwarder2->>nsmgr2: Connection
    nsmgr2->>nsmgr-proxy2: Connection
    nsmgr-proxy2->>nsmgr-proxy1: Connection
    nsmgr-proxy1->>forwarder1: Connection
    forwarder1->>nsmgr1: Connection
    nsmgr1->>nsc: Connection

NSM is using 2 exposed services for interdomain control plane scenario

sequenceDiagram
    nsc-->>nsmgr1: Request(...)
    nsmgr1-->>registry1: registry.Find(...)
    participant forwarder1
    registry1-->>nsmgr-proxy1: registry.Find(...)
    nsmgr-proxy1-->>registry-proxy-dns1:  registry.Find(...)
    registry-proxy-dns1-->>DNS Server1: DNS request
    DNS Server1-->>DNS Server2: DNS request
    note right of DNS Server1: DNS Server2 is exposed
    DNS Server2-->>DNS Server1: DNS response
    DNS Server1-->>registry-proxy-dns1: DNS response
    registry-proxy-dns1-->>floating reigstry: registry.Find(...) 
    note right of registry-proxy-dns1: floating reigstry is exposed
    floating reigstry-->>registry-proxy-dns1: registry.Find(...) Response
    registry-proxy-dns1-->>nsmgr-proxy1: registry.Find(...) Response
    nsmgr-proxy1-->>registry1: registry.Find(...) Response
    registry1-->>nsmgr1: registry.Find(...) Response
    nsmgr1-->>forwarder1: Request(...)
    forwarder1-->>nsmgr-proxy1: Request(...)
    nsmgr-proxy1-->>nsmgr-proxy2: Request(...)
    note right of  nsmgr-proxy1: nsmgr-proxy2 is exposed
    nsmgr-proxy2-->>nsmgr2: Request(...)
    nsmgr2->>forwarder2: Request(...)
    forwarder2->>nse: Request(...)
    nse->>forwarder2: Connection
    forwarder2->>nsmgr2: Connection
    nsmgr2->>nsmgr-proxy2: Connection
    nsmgr-proxy2->>nsmgr-proxy1: Connection
    nsmgr-proxy1->>forwarder1: Connection
    forwarder1->>nsmgr1: Connection
    nsmgr1->>nsc: Connection

Note: if the user wants to use floating and interdomain scenario in one time then he needs 4 exposed services (nsmgr-proxy, registry, floating-registry, dns server). if the user wants to use floating and interdomain scenario + vl3 in one time then he needs 5 exposed services (nsmgr-proxy, registry, floating-registry, dns server, vl3 ipam server).

Solution

1. Integrate https://github.com/kubernetes-sigs/external-dns. In this case for all scenarious we'll need maximum 2 exposed services.
2. Consider scheme of interaction with only one expsoed thing. Means that only dns server and some single proxy gateway application will be exposed. The exposed application will know how to touch the next thing on the cluster.

Estimation

• [X] Test ExternalDNS + NSM AWS ~ 4h
• [X] Test ExternalDNS + NSM AKS ~ 4h
• [X] Test ExternalDNS + NSM GKE ~ 4h
• [X] Test ExternalDNS + NSM Packet ~ 4h
• [X] Test ExternalDNS + NSM Kind ~ 4h
• [X] Migrate ExternalDNS from Helm to default deployments ~4h
• [X] Add example to deployments-k8s ~4h
• [X] Extend gotestmd and add support for OR ~4h
• [ ] Pass code review ~2h
• [X] Risks ~4h

Total: 40h

[edwarnicke]

Could we also look at doing this for the Monolith case?

[denis-tingaikin]

Currently, we blocked this topic for release v1.10.0 because we want to simplify our interdomain scenarios, that could super improve UX with externalDNS for our customers.