external-dns
external-dns copied to clipboard
kubernetes-sigs
Support multiple namespaces for Service sources
We would like to have an ability to watch for resources (annotated Services in our case) only in selected namespaces.
We have a multi-tenant cluster, where each tenant has a set of namespaces identified by a custom label.
Each tenant has its own DNS zone. What we need to achieve that a tenant can only specifiy hostnames belonging to its own zone.
For example, lets have two tenants, each tenant has a DNS zone - tenant1.example.com, tenant2.example.com. We need for the tenant to be able to specify a hostname belonging only to its own zone, e.g. tenant1 can only annotate a service with myservice.tenant1.example.com. If the tenant1 uses annotation like myservice.tenant2.example.com, it should be ignored.
One way to achieve this is to have multiple ExternalDNS operators, each watching a set of namespaces identified by a label and handling a zone for each tenant.
However, it seems not to be possible with current implementation. ExternalDNS can only watch all namespaces, or we can do multiple instances but each can watch only a single namespace.
