PrimaryConfig

bindy::crd

Struct PrimaryConfig 

Source 
pub struct PrimaryConfig {
    pub replicas: Option<i32>,
    pub labels: Option<BTreeMap<String, String>>,
    pub service: Option<ServiceConfig>,
    pub allow_transfer: Option<Vec<String>>,
    pub rndc_secret_ref: Option<RndcSecretRef>,
    pub rndc_key: Option<RndcKeyConfig>,
}
Expand description

Primary instance configuration

Groups all configuration specific to primary (authoritative) DNS instances.

Fields§

§replicas: Option<i32>

Number of primary instance replicas (default: 1)

This controls how many replicas each primary instance in this cluster should have. Can be overridden at the instance level.

§labels: Option<BTreeMap<String, String>>

Additional labels to apply to primary Bind9Instance resources

These labels are propagated from the cluster/provider to all primary instances. They are merged with standard labels (app.kubernetes.io/*) and can be used for:

  • Instance selection via DNSZone.spec.bind9InstancesFrom label selectors
  • Pod selectors in network policies
  • Monitoring and alerting label filters
  • Custom organizational taxonomy

Example:

primary:
  labels:
    environment: production
    tier: frontend
    region: us-east-1

These labels will appear on the Bind9Instance metadata and can be referenced by DNSZone resources using bind9InstancesFrom.selector.matchLabels.

§service: Option<ServiceConfig>

Custom Kubernetes Service configuration for primary instances

Allows full customization of the Kubernetes Service created for primary DNS servers, including both Service spec fields and metadata annotations.

Annotations are commonly used for:

  • MetalLB address pool selection
  • Cloud provider load balancer configuration
  • External DNS integration
  • Linkerd service mesh annotations

Fields specified here are merged with defaults. Unspecified fields use safe defaults:

  • type: ClusterIP (if not specified)
  • Ports 53/TCP and 53/UDP (always set)
  • Selector matching the instance labels (always set)
§allow_transfer: Option<Vec<String>>

Allow-transfer ACL for primary instances

Overrides the default auto-detected Pod CIDR allow-transfer configuration for all primary instances in this cluster. Use this to restrict or expand which IP addresses can perform zone transfers from primary servers.

If not specified, defaults to cluster Pod CIDRs (auto-detected from Kubernetes Nodes).

Examples:

  • ["10.0.0.0/8"] - Allow transfers from entire 10.x network
  • ["any"] - Allow transfers from any IP (public internet)
  • [] - Deny all zone transfers (empty list means “none”)

Can be overridden at the instance level via spec.config.allowTransfer.

§rndc_secret_ref: Option<RndcSecretRef>
👎Deprecated since 0.6.0: Use rndc_key instead. This field will be removed in v1.0.0

Reference to an existing Kubernetes Secret containing RNDC key for all primary instances.

If specified, all primary instances in this cluster will use this existing Secret instead of auto-generating individual secrets. This allows sharing the same RNDC key across all primary instances.

Can be overridden at the instance level via spec.rndcSecretRef.

§rndc_key: Option<RndcKeyConfig>

RNDC key configuration for all primary instances with lifecycle management.

Supports automatic key rotation, Secret references, and inline Secret specifications. Overrides global RNDC configuration for primary instances.

Precedence order:

  1. Instance level (spec.rndcKey)
  2. Role level (spec.primary.rndcKey or spec.secondary.rndcKey)
  3. Global level (cluster-wide RNDC configuration)
  4. Auto-generated (default)

Can be overridden at the instance level via spec.rndcKey.

Backward compatibility: If both rndc_key and rndc_secret_ref are specified, rndc_key takes precedence. For smooth migration, rndc_secret_ref will continue to work but is deprecated.

§Example

primary:
  replicas: 1
  rndcKey:
    autoRotate: true
    rotateAfter: 720h  # 30 days
    algorithm: hmac-sha256

Trait Implementations§

Source§

impl Clone for PrimaryConfig

Source§

fn clone(&self) -> PrimaryConfig

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for PrimaryConfig

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for PrimaryConfig

Source§

fn default() -> PrimaryConfig

Returns the “default value” for a type. Read more
Source§

impl<'de> Deserialize<'de> for PrimaryConfig

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl JsonSchema for PrimaryConfig

Source§

fn schema_name() -> Cow<'static, str>

The name of the generated JSON Schema. Read more
Source§

fn schema_id() -> Cow<'static, str>

Returns a string that uniquely identifies the schema produced by this type. Read more
Source§

fn json_schema(generator: &mut SchemaGenerator) -> Schema

Generates a JSON Schema for this type. Read more
Source§

fn inline_schema() -> bool

Whether JSON Schemas generated for this type should be included directly in parent schemas, rather than being re-used where possible using the $ref keyword. Read more
Source§

impl PartialEq for PrimaryConfig

Source§

fn eq(&self, other: &PrimaryConfig) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Serialize for PrimaryConfig

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl StructuralPartialEq for PrimaryConfig

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> DynClone for T
where T: Clone,

Source§

fn __clone_box(&self, _: Private) -> *mut ()

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> FromRef<T> for T
where T: Clone,

§

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.
§

impl<T> Instrument for T

§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided [Span], returning an Instrumented wrapper. Read more
§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
§

impl<T> IntoRequest<T> for T

§

fn into_request(self) -> Request<T>

Wrap the input message T in a tonic::Request
§

impl<L> LayerExt<L> for L

§

fn named_layer<S>(&self, service: S) -> Layered<<L as Layer<S>>::Service, S>
where L: Layer<S>,

Applies the layer to a service and wraps it in [Layered].
§

impl<T> PolicyExt for T
where T: ?Sized,

§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns [Action::Follow] only if self and other return Action::Follow. Read more
§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns [Action::Follow] if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
§

impl<T> ServiceExt for T

§

fn map_response_body<F>(self, f: F) -> MapResponseBody<Self, F>
where Self: Sized,

Apply a transformation to the response body. Read more
§

fn trace_for_http(self) -> Trace<Self, SharedClassifier<ServerErrorsAsFailures>>
where Self: Sized,

High level tracing that classifies responses using HTTP status codes. Read more
§

fn trace_for_grpc(self) -> Trace<Self, SharedClassifier<GrpcErrorsAsFailures>>
where Self: Sized,

High level tracing that classifies responses using gRPC headers. Read more
§

fn follow_redirects(self) -> FollowRedirect<Self>
where Self: Sized,

Follow redirect resposes using the Standard policy. Read more
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> WithSubscriber for T

§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a [WithDispatch] wrapper. Read more
§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a [WithDispatch] wrapper. Read more
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,