bindy/constants.rs
1// Copyright (c) 2025 Erick Bourgeois, firestoned
2// SPDX-License-Identifier: MIT
3
4//! Global constants for the Bindy operator.
5//!
6//! This module contains all numeric and string constants used throughout the codebase.
7//! Constants are organized by category for easy maintenance.
8
9// ============================================================================
10// API Constants
11// ============================================================================
12
13/// API group for all Bindy DNS CRDs
14pub const API_GROUP: &str = "bindy.firestoned.io";
15
16/// API version for all Bindy DNS CRDs
17pub const API_VERSION: &str = "v1beta1";
18
19/// Fully qualified API version (group/version)
20pub const API_GROUP_VERSION: &str = "bindy.firestoned.io/v1beta1";
21
22/// Kind name for `DNSZone` resource
23pub const KIND_DNS_ZONE: &str = "DNSZone";
24
25/// Kind name for `ARecord` resource
26pub const KIND_A_RECORD: &str = "ARecord";
27
28/// Kind name for `AAAARecord` resource
29pub const KIND_AAAA_RECORD: &str = "AAAARecord";
30
31/// Kind name for `TXTRecord` resource
32pub const KIND_TXT_RECORD: &str = "TXTRecord";
33
34/// Kind name for `CNAMERecord` resource
35pub const KIND_CNAME_RECORD: &str = "CNAMERecord";
36
37/// Kind name for `MXRecord` resource
38pub const KIND_MX_RECORD: &str = "MXRecord";
39
40/// Kind name for `NSRecord` resource
41pub const KIND_NS_RECORD: &str = "NSRecord";
42
43/// Kind name for `SRVRecord` resource
44pub const KIND_SRV_RECORD: &str = "SRVRecord";
45
46/// Kind name for `CAARecord` resource
47pub const KIND_CAA_RECORD: &str = "CAARecord";
48
49/// Kind name for `Bind9Cluster` resource
50pub const KIND_BIND9_CLUSTER: &str = "Bind9Cluster";
51
52/// Kind name for `ClusterBind9Provider` resource
53pub const KIND_CLUSTER_BIND9_PROVIDER: &str = "ClusterBind9Provider";
54
55/// Kind name for `Bind9Instance` resource
56pub const KIND_BIND9_INSTANCE: &str = "Bind9Instance";
57
58// ============================================================================
59// DNS Protocol Constants
60// ============================================================================
61
62/// Standard DNS port for queries and zone transfers
63pub const DNS_PORT: u16 = 53;
64
65/// Standard RNDC control port
66pub const RNDC_PORT: u16 = 953;
67
68/// Default bindcar HTTP API port
69pub const BINDCAR_API_PORT: u16 = 8080;
70
71/// Default TTL for DNS records (5 minutes)
72pub const DEFAULT_DNS_RECORD_TTL_SECS: i32 = 300;
73
74/// Default TTL for zone files (1 hour)
75pub const DEFAULT_ZONE_TTL_SECS: u32 = 3600;
76
77/// Default SOA refresh interval (1 hour)
78pub const DEFAULT_SOA_REFRESH_SECS: u32 = 3600;
79
80/// Default SOA retry interval (10 minutes)
81pub const DEFAULT_SOA_RETRY_SECS: u32 = 600;
82
83/// Default SOA expire time (7 days)
84pub const DEFAULT_SOA_EXPIRE_SECS: u32 = 604_800;
85
86/// Default SOA negative TTL (1 day)
87pub const DEFAULT_SOA_NEGATIVE_TTL_SECS: u32 = 86400;
88
89/// TSIG fudge time in seconds (allows for clock skew)
90pub const TSIG_FUDGE_TIME_SECS: u64 = 300;
91
92// ============================================================================
93// Kubernetes Health Check Constants
94// ============================================================================
95
96/// Liveness probe initial delay (wait for BIND9 to start)
97pub const LIVENESS_INITIAL_DELAY_SECS: i32 = 30;
98
99/// Liveness probe period (how often to check)
100pub const LIVENESS_PERIOD_SECS: i32 = 10;
101
102/// Liveness probe timeout
103pub const LIVENESS_TIMEOUT_SECS: i32 = 5;
104
105/// Liveness probe failure threshold
106pub const LIVENESS_FAILURE_THRESHOLD: i32 = 3;
107
108/// Readiness probe initial delay
109pub const READINESS_INITIAL_DELAY_SECS: i32 = 10;
110
111/// Readiness probe period
112pub const READINESS_PERIOD_SECS: i32 = 5;
113
114/// Readiness probe timeout
115pub const READINESS_TIMEOUT_SECS: i32 = 3;
116
117/// Readiness probe failure threshold
118pub const READINESS_FAILURE_THRESHOLD: i32 = 3;
119
120// ============================================================================
121// Controller Error Handling Constants
122// ============================================================================
123
124/// Requeue duration for controller errors (30 seconds)
125pub const ERROR_REQUEUE_DURATION_SECS: u64 = 30;
126
127// ============================================================================
128// Leader Election Constants
129// ============================================================================
130
131/// Default leader election lease duration (15 seconds)
132pub const DEFAULT_LEASE_DURATION_SECS: u64 = 15;
133
134/// Default leader election renew deadline (10 seconds)
135pub const DEFAULT_LEASE_RENEW_DEADLINE_SECS: u64 = 10;
136
137/// Default leader election retry period (2 seconds)
138pub const DEFAULT_LEASE_RETRY_PERIOD_SECS: u64 = 2;
139
140// ============================================================================
141// BIND9 Version Constants
142// ============================================================================
143
144/// Default BIND9 version tag
145pub const DEFAULT_BIND9_VERSION: &str = "9.18";
146
147/// `ServiceAccount` name for BIND9 pods
148pub const BIND9_SERVICE_ACCOUNT: &str = "bind9";
149
150// ============================================================================
151// Bindcar Container Constants
152// ============================================================================
153
154/// Default bindcar sidecar container image
155///
156/// This is the default image used for the bindcar HTTP API sidecar container
157/// when no image is specified in the `BindcarConfig` of a `Bind9Instance`,
158/// `Bind9Cluster`, or `ClusterBind9Provider`.
159pub const DEFAULT_BINDCAR_IMAGE: &str = "ghcr.io/firestoned/bindcar:v0.3.0";
160
161// ============================================================================
162// Runtime Constants
163// ============================================================================
164
165/// Number of worker threads for Tokio runtime
166pub const TOKIO_WORKER_THREADS: usize = 4;
167
168// ============================================================================
169// Replica Count Constants
170// ============================================================================
171
172/// Minimum number of replicas for testing
173pub const MIN_TEST_REPLICAS: i32 = 2;
174
175/// Maximum reasonable number of replicas for testing
176pub const MAX_TEST_REPLICAS: i32 = 10;
177
178// ============================================================================
179// Metrics Server Constants
180// ============================================================================
181
182/// Port for Prometheus metrics HTTP server
183pub const METRICS_SERVER_PORT: u16 = 8080;
184
185/// Path for Prometheus metrics endpoint
186pub const METRICS_SERVER_PATH: &str = "/metrics";
187
188/// Bind address for metrics HTTP server
189pub const METRICS_SERVER_BIND_ADDRESS: &str = "0.0.0.0";
190
191// ============================================================================
192// DNSZone Record Ownership Constants
193// ============================================================================
194
195/// Annotation key for marking which zone owns a DNS record
196///
197/// When a `DNSZone`'s label selector matches a DNS record, the `DNSZone` controller
198/// sets this annotation on the record with the value being the zone's FQDN.
199/// Record reconcilers read this annotation to determine which zone to update.
200pub const ANNOTATION_ZONE_OWNER: &str = "bindy.firestoned.io/zone";
201
202/// Annotation key for marking which zone previously owned a record
203///
204/// When a record stops matching a zone's selector, the `DNSZone` controller sets
205/// this annotation before removing the zone ownership. This helps track orphaned
206/// records and enables cleanup workflows.
207pub const ANNOTATION_ZONE_PREVIOUS_OWNER: &str = "bindy.firestoned.io/previous-zone";