Description
The DNSRecordSet resource currently supports healthCheckedTargets.internalLoadBalancers for routing policies (WRR, GEO, primaryBackup), but does not support healthCheckedTargets.externalEndpoints. This means users cannot configure Cloud DNS health-checked routing policies that target external endpoints, including GCP external load balancers.
The internalLoadBalancers field only covers GCP internal load balancers (internal Application LBs, internal passthrough Network LBs, internal proxy Network LBs) used in private zones. The externalEndpoints field is needed for health checking publicly reachable endpoints in public zones, which includes:
- GCP external load balancers (regional/global external Application LBs, global external proxy Network LBs)
- On-premises endpoints
- Any other publicly reachable IP address
The underlying Cloud DNS API supports both fields, and the Terraform google provider already supports this via the external_endpoints field within health_checked_targets.
Current behavior
The healthCheckedTargets block only exposes internalLoadBalancers:
spec:
routingPolicy:
geo:
- location: us-west1
healthCheckedTargets:
internalLoadBalancers: # only option available
- ipAddressRef: ...
ipProtocol: tcp
loadBalancerType: regionalL4ilb
networkRef: ...
port: "80"There is no way to specify external endpoints for health checking.
Expected behavior
Support externalEndpoints in healthCheckedTargets across all routing policy types (WRR, GEO, primaryBackup):
spec:
routingPolicy:
geo:
- location: us-west1
healthCheckedTargets:
externalEndpoints:
- "203.0.113.1"
- "198.51.100.1"Use case
Any scenario requiring DNS health-checked routing with external endpoints, including:
- Failover across GCP external load balancers
- Hybrid/multi-cloud DNS failover to on-premises or other cloud endpoints
- Health-checked geo routing to publicly reachable services
References
Description
The
DNSRecordSetresource currently supportshealthCheckedTargets.internalLoadBalancersfor routing policies (WRR, GEO, primaryBackup), but does not supporthealthCheckedTargets.externalEndpoints. This means users cannot configure Cloud DNS health-checked routing policies that target external endpoints, including GCP external load balancers.The
internalLoadBalancersfield only covers GCP internal load balancers (internal Application LBs, internal passthrough Network LBs, internal proxy Network LBs) used in private zones. TheexternalEndpointsfield is needed for health checking publicly reachable endpoints in public zones, which includes:The underlying Cloud DNS API supports both fields, and the Terraform google provider already supports this via the
external_endpointsfield withinhealth_checked_targets.Current behavior
The
healthCheckedTargetsblock only exposesinternalLoadBalancers:There is no way to specify external endpoints for health checking.
Expected behavior
Support
externalEndpointsinhealthCheckedTargetsacross all routing policy types (WRR, GEO, primaryBackup):Use case
Any scenario requiring DNS health-checked routing with external endpoints, including:
References
externalEndpointsinhealthCheckedTargetsexternal_endpointsinhealth_checked_targets