Domains
A domain is not just a string stored in a database. It is a four-plane reconciliation problem:
backend ownership → route attachment → DNS resolution → TLS / HTTP healthA domain is complete only when all four agree.
Current state
Section titled “Current state”| Plane | Current reality |
|---|---|
| Backend metadata | Legacy ingress-domain model and newer richer alias/domain model both exist. |
| Routing | Generated domains use Gateway API HTTPRoute; custom domains, aliases, and redirects still use legacy Ingress. |
| DNS | Platform domains are automated; custom domains depend on user-owned DNS or delegated automation. |
| TLS | cert-manager provisions certificates, but mutation success does not yet guarantee full reconciliation success. |
Desired model
Section titled “Desired model”default generated hostname = platform routecustom domains = aliases attached to the workload routeDNS + TLS + redirects = reconciled from one canonical domain modelThe platform should converge on one durable domain object model and one route primitive.
Why domains own certificates
Section titled “Why domains own certificates”TLS is part of whether a hostname works. For ordinary users, certificate status belongs under the domain workflow rather than under a separate public cert noun. A distinct certificate surface becomes justified only if Satusky intentionally supports advanced user-operated certificate workflows.
Current architecture gaps
Section titled “Current architecture gaps”| Gap | Why it matters |
|---|---|
| Explicit custom-domain updates can be discarded on existing apps. | The common post-deploy attach flow can lie to users. |
| Backend metadata and live route hostnames can drift. | The CLI may print a URL that does not actually route. |
| Some mutations can return success after downstream reconciliation failures. | Users cannot distinguish “stored” from “working.” |
| Two domain models coexist. | Different callers can give one concept two meanings. |
| Custom domains still depend on legacy Ingress. | Routing architecture remains split. |
Target diagnostics
Section titled “Target diagnostics”A mature domains check should answer:
| Check | Example output |
|---|---|
| Ownership | attached to my-api |
| Route | attached / missing / mismatched |
| DNS | resolves / wrong target / not found |
| TLS | ready / pending / failed |
| HTTP | reachable / status / redirect behavior |
Relationship to deployment lifecycle
Section titled “Relationship to deployment lifecycle”Domain readiness should be reported separately from workload readiness. A healthy pod with a broken domain is not a successful public deployment.
Migration principle
Section titled “Migration principle”Treat legacy Ingress support as a bridge. The future architecture is one canonical domain model reconciled into Gateway API resources, with the CLI exposing precise diagnostics rather than implementation leakage.