Skip to content

fix: create per cluster api server dns zone to avoid circular dependency#8673

Merged
awesomenix merged 1 commit into
mainfrom
nishp/hubspoke/vnet
Jun 10, 2026
Merged

fix: create per cluster api server dns zone to avoid circular dependency#8673
awesomenix merged 1 commit into
mainfrom
nishp/hubspoke/vnet

Conversation

@awesomenix

@awesomenix awesomenix commented Jun 9, 2026

Copy link
Copy Markdown
Contributor

There was a circular dependency because we were trying to be smart to use single private zone, create one per cluster

Copilot AI review requested due to automatic review settings June 9, 2026 23:04
Copilot AI reviewed Jun 9, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the e2e provisioning flow to avoid a circular dependency by switching from a single shared API server private DNS zone to creating/using a dedicated private DNS zone per cluster (keyed by the cluster API server FQDN).

Changes:

  • Removed shared API server private DNS zone creation from shared infra provisioning.
  • Updated cluster preparation to set up private DNS for the API server using the cluster VNet and node resource group.
  • Changed the private DNS approach to use a per-FQDN private zone with an apex ("@") A record.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File Description
e2e/shared_infra.go Removes shared API server DNS zone helper + shared zone creation during shared infra setup.
e2e/cluster.go Creates/updates a per-cluster private DNS zone (named after the API server FQDN) and links it to the cluster VNet; wires this into the cluster prep DAG.

Comment thread e2e/cluster.go
Comment on lines 695 to 696
// setupPrivateDNSForAPIServer adds an A record for the cluster's API server FQDN
// to the shared private DNS zone. The zone and VNet link are created once by ensureSharedInfra.
Comment thread e2e/cluster.go
Comment on lines +736 to 739
if allMatch {
toolkit.Logf(ctx, "private DNS zone %q already up to date", fqdn)
return nil
}
@awesomenix awesomenix force-pushed the nishp/hubspoke/vnet branch from c859d9b to a96fc6f Compare June 9, 2026 23:57
Copilot AI review requested due to automatic review settings June 10, 2026 00:36
@awesomenix awesomenix force-pushed the nishp/hubspoke/vnet branch from a96fc6f to d320471 Compare June 10, 2026 00:36
Copilot AI reviewed Jun 10, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

Comment thread e2e/cluster.go
Comment on lines +736 to 739
if allMatch {
toolkit.Logf(ctx, "private DNS zone %q already up to date", fqdn)
return nil
}
Comment thread e2e/aks_model.go
Comment on lines 923 to +934
func createPrivateZone(ctx context.Context, nodeResourceGroup, privateZoneName string) (*armprivatedns.PrivateZone, error) {
pzResp, err := config.Azure.PrivateZonesClient.Get(
ctx,
nodeResourceGroup,
privateZoneName,
nil,
)
if err == nil {
return &pzResp.PrivateZone, nil
}
return createPrivateZoneWithRetry(ctx, nodeResourceGroup, privateZoneName)
}
Comment thread e2e/aks_model.go
Comment on lines 985 to 995
_, err := config.Azure.VirutalNetworkLinksClient.Get(
ctx,
resourceGroup,
privateZoneName,
networkLinkName,
nil,
)

if err == nil {
// private dns link already created
return nil
}

@awesomenix awesomenix force-pushed the nishp/hubspoke/vnet branch from d320471 to 71a2ab7 Compare June 10, 2026 00:43
@awesomenix awesomenix merged commit 4623763 into main Jun 10, 2026
19 of 22 checks passed
@awesomenix awesomenix deleted the nishp/hubspoke/vnet branch June 10, 2026 00:44
@awesomenix awesomenix restored the nishp/hubspoke/vnet branch June 10, 2026 00:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@timmy-wright timmy-wright timmy-wright approved these changes

@cameronmeissner cameronmeissner cameronmeissner approved these changes

@ganeshkumarashok ganeshkumarashok Awaiting requested review from ganeshkumarashok ganeshkumarashok is a code owner

@Devinwong Devinwong Awaiting requested review from Devinwong Devinwong is a code owner

@lilypan26 lilypan26 Awaiting requested review from lilypan26 lilypan26 is a code owner

@AbelHu AbelHu Awaiting requested review from AbelHu AbelHu is a code owner

@djsly djsly Awaiting requested review from djsly djsly is a code owner

@phealy phealy Awaiting requested review from phealy phealy is a code owner

@r2k1 r2k1 Awaiting requested review from r2k1 r2k1 is a code owner

@zachary-bailey zachary-bailey Awaiting requested review from zachary-bailey zachary-bailey is a code owner

@mxj220 mxj220 Awaiting requested review from mxj220 mxj220 is a code owner

@pdamianov-dev pdamianov-dev Awaiting requested review from pdamianov-dev pdamianov-dev is a code owner

@calvin197 calvin197 Awaiting requested review from calvin197 calvin197 is a code owner

@sulixu sulixu Awaiting requested review from sulixu sulixu is a code owner

@surajssd surajssd Awaiting requested review from surajssd surajssd is a code owner

@SriHarsha001 SriHarsha001 Awaiting requested review from SriHarsha001 SriHarsha001 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@awesomenix @timmy-wright @cameronmeissner