Add ability to disable creation of dns zone for unmanaged installs

sadasu · sadasu · commit b660d6da4012 · 2025-07-08T11:35:29.000-04:00
Similar to managed installs, add ability to optionally create
DNS zones for unmanged installs.
diff --git a/api/v1beta1/types_class.go b/api/v1beta1/types_class.go
@@ -459,6 +459,10 @@ type NetworkClassSpec struct {
 	// +optional
 	PrivateDNSZoneName string `json:"privateDNSZoneName,omitempty"`
 
+	// PrivateDNSZone enables private dns zone creation modes for private cluster.
+	// +optional
+	PrivateDNSZone *string `json:"privateDNSZone,omitempty"`
+
 	// PrivateDNSZoneResourceGroup defines the resource group to be used for Azure Private DNS Zone.
 	// If not specified, the resource group of the cluster will be used to create the Azure Private DNS Zone.
 	// +optional
diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go
diff --git a/azure/scope/cluster.go b/azure/scope/cluster.go
@@ -559,7 +559,7 @@ func (s *ClusterScope) VNetSpec() azure.ASOResourceSpecGetter[*asonetworkv1api20
 
 // PrivateDNSSpec returns the private dns zone spec.
 func (s *ClusterScope) PrivateDNSSpec() (zoneSpec azure.ResourceSpecGetter, linkSpec, recordSpec []azure.ResourceSpecGetter) {
-	if s.IsAPIServerPrivate() {
+	if s.IsAPIServerPrivate() && s.AzureCluster.Spec.NetworkSpec.PrivateDNSZone != ptr.To(infrav1.PrivateDNSZoneModeNone) {
 		resourceGroup := s.ResourceGroup()
 		if s.AzureCluster.Spec.NetworkSpec.PrivateDNSZoneResourceGroup != "" {
 			resourceGroup = s.AzureCluster.Spec.NetworkSpec.PrivateDNSZoneResourceGroup
diff --git a/azure/scope/cluster_test.go b/azure/scope/cluster_test.go
@@ -216,6 +216,58 @@ func TestAPIServerHost(t *testing.T) {
 			},
 			want: "apiserver.example.private",
 		},
+		{
+			name: "private apiserver without private dns zone",
+			azureCluster: infrav1.AzureCluster{
+				Spec: infrav1.AzureClusterSpec{
+					AzureClusterClassSpec: infrav1.AzureClusterClassSpec{
+						SubscriptionID: fakeSubscriptionID,
+						IdentityRef: &corev1.ObjectReference{
+							Kind: infrav1.AzureClusterIdentityKind,
+						},
+					},
+					ControlPlaneEnabled: true,
+					NetworkSpec: infrav1.NetworkSpec{
+						NetworkClassSpec: infrav1.NetworkClassSpec{
+							PrivateDNSZoneName: "",
+							PrivateDNSZone:     ptr.To(infrav1.PrivateDNSZoneModeNone),
+						},
+						APIServerLB: &infrav1.LoadBalancerSpec{
+							LoadBalancerClassSpec: infrav1.LoadBalancerClassSpec{
+								Type: infrav1.Internal,
+							},
+						},
+					},
+				},
+			},
+			want: "apiserver.my-cluster.capz.io",
+		},
+		{
+			name: "private apiserver with private dns zone",
+			azureCluster: infrav1.AzureCluster{
+				Spec: infrav1.AzureClusterSpec{
+					AzureClusterClassSpec: infrav1.AzureClusterClassSpec{
+						SubscriptionID: fakeSubscriptionID,
+						IdentityRef: &corev1.ObjectReference{
+							Kind: infrav1.AzureClusterIdentityKind,
+						},
+					},
+					ControlPlaneEnabled: true,
+					NetworkSpec: infrav1.NetworkSpec{
+						NetworkClassSpec: infrav1.NetworkClassSpec{
+							PrivateDNSZoneName: "",
+							PrivateDNSZone:     ptr.To(infrav1.PrivateDNSZoneModeSystem),
+						},
+						APIServerLB: &infrav1.LoadBalancerSpec{
+							LoadBalancerClassSpec: infrav1.LoadBalancerClassSpec{
+								Type: infrav1.Internal,
+							},
+						},
+					},
+				},
+			},
+			want: "apiserver.my-cluster.capz.io",
+		},
 	}
 
 	for _, tc := range tests {
diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclusters.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclusters.yaml
@@ -926,6 +926,10 @@ spec:
                         description: LBType defines an Azure load balancer Type.
                         type: string
                     type: object
+                  privateDNSZone:
+                    description: PrivateDNSZone enables private dns zone creation
+                      modes for private cluster.
+                    type: string
                   privateDNSZoneName:
                     description: PrivateDNSZoneName defines the zone name for the
                       Azure Private DNS.
diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclustertemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclustertemplates.yaml
@@ -593,6 +593,10 @@ spec:
                                   Type.
                                 type: string
                             type: object
+                          privateDNSZone:
+                            description: PrivateDNSZone enables private dns zone creation
+                              modes for private cluster.
+                            type: string
                           privateDNSZoneName:
                             description: PrivateDNSZoneName defines the zone name
                               for the Azure Private DNS.
