Skip to content

Overview

Architecture

architecture

The PowerDNS Operator extends Kubernetes with Custom Resource Definitions (CRDs) to manage PowerDNS zones and records declaratively. The operator watches for changes to these resources and reconciles them with the PowerDNS API.

Resource Model

example

The operator supports four main resource types:

1. ClusterZone (Cluster-wide)

Platform teams create cluster-wide zones that are available across all namespaces.

---
apiVersion: dns.cav.enablers.ob/v1alpha2
kind: ClusterZone
metadata:
  name: example.org
spec:
  nameservers:
    - ns1.example.org
    - ns2.example.org
  kind: Native

2. ClusterRRset (Cluster-wide)

Platform teams create cluster-wide records for infrastructure services.

---
apiVersion: dns.cav.enablers.ob/v1alpha2
kind: ClusterRRset
metadata:
  name: soa.example.org
spec:
  name: example.org.
  records:
  - ns1.example.org. admin.example.org. 1 10800 3600 604800 3600
  ttl: 3600
  type: SOA
  zoneRef:
    name: example.org
    kind: ClusterZone
---
apiVersion: dns.cav.enablers.ob/v1alpha2
kind: ClusterRRset
metadata:
  name: mx.example.org
spec:
  type: MX
  name: "example.org."
  ttl: 300
  records:
    - "10 mx1.example.org."
    - "20 mx2.example.org."
  zoneRef:
    name: example.org
    kind: ClusterZone
---
apiVersion: dns.cav.enablers.ob/v1alpha2
kind: ClusterRRset
metadata:
  name: ns1.example.org
spec:
  type: A
  name: ns1
  ttl: 300
  records:
    - "10.25.32.1"
  zoneRef:
    name: example.org
    kind: ClusterZone
---
apiVersion: dns.cav.enablers.ob/v1alpha2
kind: ClusterRRset
metadata:
  name: ns2.example.org
spec:
  type: A
  name: ns2
  ttl: 300
  records:
    - "10.25.32.2"
  zoneRef:
    name: example.org
    kind: ClusterZone

3. Zone (Namespace-scoped)

Application teams create namespace-scoped zones for their applications.

---
apiVersion: dns.cav.enablers.ob/v1alpha2
kind: Zone
metadata:
  name: myapp1.example.org
  namespace: myapp1
spec:
  nameservers:
    - ns1.example.org
    - ns2.example.org
  kind: Native

4. RRset (Namespace-scoped)

Application teams create records for their application services.

---
apiVersion: dns.cav.enablers.ob/v1alpha2
kind: RRset
metadata:
  name: soa.myapp1.example.org
  namespace: myapp1
spec:
  name: myapp1.example.org.
  records:
  - ns1.example.org. admin.example.org. 1 10800 3600 604800 3600
  ttl: 3600
  type: SOA
  zoneRef:
    name: myapp1.example.org
    kind: Zone
---
apiVersion: dns.cav.enablers.ob/v1alpha2
kind: RRset
metadata:
  name: front.myapp1.example.org
  namespace: myapp1
spec:
  type: A
  name: front
  ttl: 300
  records:
    - "1.2.3.4"
  zoneRef:
    name: myapp1.example.org
    kind: Zone