Add Gateway/ListenerSet controller and DNS service scaffold

- Add GatewayReconciler for K8s Gateway API: handles create/update/delete of
  DNS records via DNSRecordService for Gateways and ListenerSets
- Add ListenerSet event handler to trigger Gateway reconciliation
- Wire GatewayReconciler and DNSRecordService initialization in cmd/main.go
- Add DNSRecordService public API: CreateOrUpdateDNSRecords (stub; DNS zone
  validation and NSX record creation deferred to follow-up),
  DeleteDNSRecordsByOwner, DeleteAllDNSRecordsInGateway,
  DeleteOrphanedDNSRecordsInGateway, ListGatewayNamespacedName
- Add DNSRecordStore with indexers for owner UID and gateway namespaced name
- Add unit tests for controller flow and DNS service/store components
- DNS zone configuration (ZoneConfig, permitted zones) is deferred to
  the follow-up change

AI-Tool-Used: Cursor
AI-Tool-Use-Level: Medium
AI-Code-Category: Production

Author: wenyingd

cmd/main.go

@@ -23,10 +23,12 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/manager"
 	metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
+	gatewayv1 "sigs.k8s.io/gateway-api/apis/v1"
 
 	"github.com/vmware-tanzu/nsx-operator/pkg/apis/legacy/v1alpha1"
 	crdv1alpha1 "github.com/vmware-tanzu/nsx-operator/pkg/apis/vpc/v1alpha1"
 	"github.com/vmware-tanzu/nsx-operator/pkg/config"
+	"github.com/vmware-tanzu/nsx-operator/pkg/controllers/gateway"
 	"github.com/vmware-tanzu/nsx-operator/pkg/controllers/inventory"
 	"github.com/vmware-tanzu/nsx-operator/pkg/controllers/ipaddressallocation"
 	namespacecontroller "github.com/vmware-tanzu/nsx-operator/pkg/controllers/namespace"
@@ -42,6 +44,7 @@ import (
 	subnetipreservationcontroller "github.com/vmware-tanzu/nsx-operator/pkg/controllers/subnetipreservation"
 	"github.com/vmware-tanzu/nsx-operator/pkg/controllers/subnetport"
 	"github.com/vmware-tanzu/nsx-operator/pkg/controllers/subnetset"
+	"github.com/vmware-tanzu/nsx-operator/pkg/nsx/services/dns"
 	"github.com/vmware-tanzu/nsx-operator/pkg/nsx/services/health"
 	inventoryservice "github.com/vmware-tanzu/nsx-operator/pkg/nsx/services/inventory"
 	"github.com/vmware-tanzu/nsx-operator/pkg/nsx/services/ipblocksinfo"
@@ -81,6 +84,7 @@ func init() {
 	utilruntime.Must(crdv1alpha1.AddToScheme(scheme))
 	utilruntime.Must(v1alpha1.AddToScheme(scheme))
 	utilruntime.Must(vmv1alpha1.AddToScheme(scheme))
+	utilruntime.Must(gatewayv1.Install(scheme))
 	config.AddFlags()
 
 	cf, err = config.NewNSXOperatorConfigFromFile()
@@ -191,6 +195,11 @@ func startServiceController(mgr manager.Manager, nsxClient *nsx.Client) {
 			log.Error(err, "Failed to initialize staticroute commonService", "controller", "StaticRoute")
 			os.Exit(1)
 		}
+		dnsRecordService, err := dns.InitializeDNSRecordService(commonService, vpcService)
+		if err != nil {
+			log.Error(err, "Failed to initialize DNS record service", "controller", "DNS")
+			os.Exit(1)
+		}
 		ipblocksInfoService := ipblocksinfo.InitializeIPBlocksInfoService(commonService, subnetService)
 
 		subnetBindingService, err := subnetbindingservice.InitializeService(commonService)
@@ -241,6 +250,7 @@ func startServiceController(mgr manager.Manager, nsxClient *nsx.Client) {
 			pod.NewPodReconciler(mgr, subnetPortService, subnetService, vpcService, nodeService),
 			networkpolicycontroller.NewNetworkPolicyReconciler(mgr, commonService, vpcService),
 			service.NewServiceLbReconciler(mgr, commonService),
+			gateway.NewGatewayReconciler(mgr, dnsRecordService),
 			subnetbindingcontroller.NewReconciler(mgr, subnetService, subnetBindingService),
 			subnetipreservationcontroller.NewReconciler(mgr, subnetIPReservationService, subnetService),
 		)

pkg/controllers/common/types.go

@@ -24,6 +24,7 @@ const (
 	MetricResTypePod                        = "pod"
 	MetricResTypeNode                       = "node"
 	MetricResTypeServiceLb                  = "servicelb"
+	MetricResTypeGateway                    = "gateway"
 	MaxConcurrentReconciles                 = 8
 	NSXOperatorError                        = "nsx-op/error"
 	//sync the error with NCP side
@@ -34,6 +35,8 @@ const (
 
 	LabelK8sMasterRole  = "node-role.kubernetes.io/master"
 	LabelK8sControlRole = "node-role.kubernetes.io/control-plane"
+
+	ManagedK8sGatewayClassIstio = "istio"
 )
 
 var (