Skip to content

Commit fd7adf3

Browse files
sreejithgssreejithgs
authored
Merge pull request #557 from citrix/cic-release-1.27.15
doc changes for CIC release 1.27.15
2 parents 97730cd + cc3a21d commit fd7adf3

4 files changed

Lines changed: 203 additions & 0 deletions

File tree

crd/wildcard-dns/wildcarddnsentry.yaml

Lines changed: 119 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,119 @@
1+
apiVersion: apiextensions.k8s.io/v1
2+
kind: CustomResourceDefinition
3+
metadata:
4+
name: wildcarddnsentries.citrix.com
5+
spec:
6+
group: citrix.com
7+
names:
8+
kind: wildcarddnsentry
9+
plural: wildcarddnsentries
10+
singular: wildcarddnsentry
11+
scope: Namespaced
12+
versions:
13+
- name: v1
14+
served: true
15+
storage: true
16+
subresources:
17+
status: {}
18+
additionalPrinterColumns:
19+
- name: Status
20+
type: string
21+
description: Current Status of the CRD
22+
jsonPath: .status.state
23+
- name: Message
24+
type: string
25+
description: Status Message
26+
jsonPath: .status.status_message
27+
schema:
28+
openAPIV3Schema:
29+
type: object
30+
properties:
31+
status:
32+
type: object
33+
properties:
34+
state:
35+
type: string
36+
status_message:
37+
type: string
38+
spec:
39+
type: object
40+
properties:
41+
zone:
42+
type: object
43+
description: DNS configuration for a zone
44+
properties:
45+
domain:
46+
type: string
47+
description: Domain name
48+
dnsaddrec:
49+
type: object
50+
description: DNS Address record
51+
properties:
52+
domain-ip:
53+
type: string
54+
description: IPv4 addresses to assign to the domain name
55+
ttl:
56+
type: integer
57+
description: >-
58+
TTL is the time for which the record must be cached
59+
by DNS proxies
60+
dnsaaaarec:
61+
type: object
62+
description: DNS AAAA record
63+
properties:
64+
domain-ip:
65+
type: string
66+
description: IPv6 addresses to assign to the domain name
67+
ttl:
68+
type: integer
69+
description: >-
70+
TTL is the time for which the record must be cached
71+
by DNS proxies
72+
soarec:
73+
type: object
74+
description: SOA record
75+
properties:
76+
origin-server:
77+
type: string
78+
description: Origin server domain
79+
contact:
80+
type: string
81+
description: Admin contact
82+
serial:
83+
type: integer
84+
description: >-
85+
The secondary server uses this parameter to
86+
determine whether it requires a zone transfer from
87+
the primary server.
88+
refresh:
89+
type: integer
90+
description: >-
91+
Time, in seconds, for which a secondary server must
92+
wait between successive checks on the value of the
93+
serial number.
94+
retry:
95+
type: integer
96+
description: >-
97+
Time, in seconds, between retries if a secondary server's
98+
attempt to contact the primary server for a zone refresh fails.
99+
expire:
100+
type: integer
101+
description: >-
102+
Time, in seconds, after which the zone data on a secondary
103+
nameserver can no longer be considered authoritative because
104+
all refresh and retry attempts made during the period have failed."
105+
nsrec:
106+
type: object
107+
description: Name server record
108+
properties:
109+
nameserver:
110+
type: string
111+
description: Host name of the name server to add to the domain.
112+
ttl:
113+
type: integer
114+
description: >-
115+
Time to Live (TTL), in seconds, for the record. TTL
116+
is the time for which the record must be cached by
117+
DNS proxies. The specified TTL is applied to all the
118+
resource records that are of the same record type
119+
and belong to the specified domain name

deployment/baremetal/README.md

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -218,6 +218,13 @@ Perform the following steps to deploy the Citrix ingress controller as a stand-a
218218
<summary>NS_SVC_LB_DNS_REC</summary>
219219
Enables adding DNS records on Citrix ADC for services of type LoadBalancer. Possible values are true or false. This variable is configured at the boot time and cannot be changed at runtime. The default value is `false` and you need to set it as `true` to enable the DNS server configuration.
220220
</details>
221+
222+
<details>
223+
<summary> OPTIMIZE_ENDPOINT_BINDING</summary>
224+
225+
Enables or disables binding of back-end endpoints to a service group in a single API call. This variable is recommended when there are a large number of endpoints (pods) per application. Acceptable values are `True` and `False`. This environment variable is applicable only for Citrix ADC release 13.0–45.7 and higher versions.
226+
</details>
227+
221228
222229
1. Deploy the Citrix ingress controller using the `kubectl create` command.
223230

docs/configure/config-map.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,8 @@ The values for the following environment variables in the Citrix ingress control
3434

3535
- JSONLOG: Set this argument to true if log messages are required in JSON format.
3636

37+
- NS_ADNS_IPS: Enables configuring Citrix ADC as a DNS server.
38+
3739
For more information about profile environment variables (FRONTEND_HTTP_PROFILE, FRONTEND_TCP_PROFILE, and FRONTEND_SSL_PROFILE), see [Configure HTTP, TCP, or SSL profiles on Citrix ADC](https://developer-docs.citrix.com/projects/citrix-k8s-ingress-controller/en/latest/configure/profiles/).
3840

3941
**Note:**

docs/crds/wildcarddns.md

Lines changed: 75 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,75 @@
1+
2+
# Configuring wildcard DNS domains through Citrix ADC ingress controller
3+
4+
Wildcard DNS domains are used to handle requests for non-existent domains and subdomains. In a DNS zone, you can use wildcard domains to redirect queries for all non-existent domains or subdomains to a particular server, instead of creating a separate Resource Record (RR) for each domain. The most common use of a wildcard DNS domain is to create a zone that can be used to forward mail from the internet to some other mail system.
5+
6+
For more information on wildcard DNS domains, see the [Citrix ADC documentation](https://docs.citrix.com/en-us/citrix-adc/current-release/dns/supporting-wildcard-dns-domains.html).
7+
8+
Now, you can configure wildcard DNS domains on a Citrix ADC with Citrix ingress controller. Custom Resource Definitions (CRDs) are the primary way of configuring policies in cloud native deployments. Using the Wildcard DNS CRD provided by Citrix, you can configure wildcard DNS domains on Citrix ADC with the Citrix ingress controller. The Wildcard DNS CRD enables communication between Citrix ingress controller and Citrix ADC for supporting wild card domains.
9+
10+
## Usage guidelines and restrictions
11+
12+
- For fully qualified domain names (FQDNs), there are multiple ways to add DNS records. You can either enable the `NS_CONFIG_DNS_REC` variable for Citrix ingress controller for the Ingress resource or use the wildcard DNS CRD. However, you should make sure that they are configured through either CRD or ingress in order to avoid multiple IP mappings to the same domain.
13+
- It is recommended to use the Wildcard DNS CRD for the wildcard DNS configurations.
14+
- You cannot configure wildcard DNS entries in the DNS address record through ingress if the `NS_CONFIG_DNS_REC` is enabled for Citrix ingress controller.
15+
16+
## Wildcard DNS CRD definition
17+
18+
The Wildcard DNS CRD is available in the Citrix ingress controller GitHub repo at [wildcarddnsentry.yaml](https://github.com/citrix/citrix-k8s-ingress-controller/blob/master/crd/wildcard-dns/wildcarddnsentry.yaml). The **Wildcard DNS CRD provides** attributes for the various options that are required to configure wildcard DNS entries on Citrix ADC.
19+
20+
The following are the attributes provided in the Wildcard DNS CRD:
21+
22+
| Attribute | Description |
23+
| --------- | ----------- |
24+
| `domain` | Specifies the wild card domain name configured for the zone.|
25+
| `dnsaddrec` | Specifies the DNS Address record with the IPv4 address of the wildcard domain.|
26+
|`dnsaaaarec`| Specifies the DNS AAAA record with the IPV6 address of the wildcard domain.|
27+
| `soarec`| Specifies the SOA record configuration details.|
28+
| `nsrec` |Specifies the name server configuration details.|
29+
30+
## Deploy the Wildcard DNS CRD
31+
32+
Perform the following to deploy the Wildcard DNS CRD:
33+
34+
1. Download the Wildcard DNS CRD.
35+
36+
1. Deploy the Wildcard DNS CD using the following command:
37+
38+
kubectl create -f wildcarddnsentry.yaml
39+
40+
## How to write a Wildcard DNS configuration policy
41+
42+
After you have deployed the Wildcard DNS CRD provided by Citrix in the Kubernetes cluster, you can define the wildcard DNS related configuration in a `yaml` file. In the `.yaml` file, use `wildcarddnsentry` in the kind field and in the `spec` section add the Wildcard DNS CRD attributes based on your requirement for the policy configuration.
43+
44+
The following is a sample YAML file definition that configures a SOA record, NS record, DNS zone, and address and AAAA Records on Citrix ADC.
45+
46+
```
47+
apiVersion:
48+
citrix.com/v1
49+
kind: wildcarddnsentry
50+
metadata:
51+
name: sample-config
52+
spec:
53+
zone:
54+
domain: configexample
55+
dnsaddrec:
56+
domain-ip: 1.1.1.1
57+
ttl: 3600
58+
dnsaaaarec:
59+
domain-ip: '2001::.1'
60+
ttl: 3600
61+
soarec:
62+
origin-server: n2.configexample.com
63+
contact: admin.configexample.com
64+
serial: 100
65+
refresh: 3600
66+
retry: 3
67+
expire: 3600
68+
nsrec:
69+
nameserver: n1.configexample.com
70+
ttl: 3600
71+
```
72+
73+
After you have defined the DNS configuration, deploy the `wildcarddns-example.yaml` file using the following command.
74+
75+
$ kubectl create -f wildcarddns-example.yaml

0 commit comments

Comments
 (0)