federated istio for env wg

The FederatedServiceEntry will allow egress to the global scope httpbin DNS names.

apiVersion: primitives.federation.k8s.io/v1alpha1
kind: FederatedServiceEntry
metadata:
  name: httpbin-ext
spec:
  template:
    spec:
      hosts:
      - "httpbin.external.daneyon.com"
      - "istio-ingressgateway.istio-system.external.svc.external.daneyon.com"
      - "istio-ingressgateway.istio-system.external.svc.us-west1.external.daneyon.com"
      ports:
      - number: 80
        name: http
        protocol: HTTP
      resolution: DNS
      location: MESH_EXTERNAL
---
apiVersion: primitives.federation.k8s.io/v1alpha1
kind: FederatedServiceEntryPlacement
metadata:
  name: httpbin-ext
spec:
  clusterNames:
  - cluster2
  - cluster1

Public DNS records created by the federated istio external-dns controller:

$ gcloud dns record-sets list --zone="external-daneyon"
NAME                                                                                           TYPE   TTL    DATA
external.daneyon.com.                                                                          NS     21600  ns-cloud-c1.googledomains.com.,ns-cloud-c2.googledomains.com.,ns-cloud-c3.googledomains.com.,ns-cloud-c4.googledomains.com.
external.daneyon.com.                                                                          SOA    21600  ns-cloud-c1.googledomains.com. cloud-dns-hostmaster.google.com. 1 21600 3600 259200 300
cnamehttpbin.external.daneyon.com.                                                             TXT    300    "heritage=external-dns,external-dns/owner=change_me"
httpbin.external.daneyon.com.                                                                  CNAME  300    istio-ingressgateway.istio-system.external.svc.external.daneyon.com.
cnameistio-ingressgateway.istio-system.external.svc.external.daneyon.com.                      TXT    300    "heritage=external-dns,external-dns/owner=change_me"
istio-ingressgateway.istio-system.external.svc.external.daneyon.com.                           A      300    35.197.53.32,35.230.95.120
cnameistio-ingressgateway.istio-system.external.svc.us-west1.external.daneyon.com.             TXT    300    "heritage=external-dns,external-dns/owner=change_me"
istio-ingressgateway.istio-system.external.svc.us-west1.external.daneyon.com.                  A      300    35.197.53.32,35.230.95.120
cnameistio-ingressgateway.istio-system.external.svc.us-west1-a.us-west1.external.daneyon.com.  TXT    300    "heritage=external-dns,external-dns/owner=change_me"
istio-ingressgateway.istio-system.external.svc.us-west1-a.us-west1.external.daneyon.com.       A      300    35.230.95.120
cnameistio-ingressgateway.istio-system.external.svc.us-west1-b.us-west1.external.daneyon.com.  TXT    300    "heritage=external-dns,external-dns/owner=change_me"
istio-ingressgateway.istio-system.external.svc.us-west1-b.us-west1.external.daneyon.com.       A      300    35.197.53.32

danehans/traffic-split.md