From 3885ff70f7305b4fc48cfd17fd400ac9f2ca25e8 Mon Sep 17 00:00:00 2001
From: natemollica-dev <57850649+natemollica-nm@users.noreply.github.com>
Date: Thu, 1 Feb 2024 09:54:53 -0800
Subject: [PATCH 1/4] Resolve Consul DNS in OpenShift

This updates our Consul DNS forwarding documentation to include methods for updating the DNS Operator on OpenShift clusters to include Consul's DNS service.
---
 website/content/docs/k8s/dns.mdx | 62 ++++++++++++++++++++++++++++++++
 1 file changed, 62 insertions(+)

diff --git a/website/content/docs/k8s/dns.mdx b/website/content/docs/k8s/dns.mdx
index 0f34dd250783..78b4bb81b1cd 100644
--- a/website/content/docs/k8s/dns.mdx
+++ b/website/content/docs/k8s/dns.mdx
@@ -134,6 +134,68 @@ in full cluster rebuilds.
 
 -> **Note:** If using a different zone than `.consul`, change the key accordingly.
 
+## OpenShift DNS Operator
+
+You can use DNS forwarding to override the default forwarding configuration in the `/etc/resolv.conf` file by specifying
+the `consul-dns` service for the `consul` subdomain (zone).
+
+Find `consul-dns` service clusterIP:
+
+```shell-session
+$ oc get svc consul-dns --namespace consul --output jsonpath='{.spec.clusterIP}'
+172.30.186.254
+```
+
+Edit the `default` DNS Operator:
+
+```shell-session
+$ oc edit edit dns.operator/default
+```
+
+Append the following `servers` section entry to the `spec` section of the DNS Operator configuration:
+
+```yaml
+spec:
+  servers:
+  - name: consul-server
+    zones:
+    - consul
+    forwardPlugin:
+      policy: Random
+      upstreams:
+      - 172.30.186.254 # Set to clusterIP of consul-dns service
+```
+
+Save the configuration changes and verify the `dns-default` configmap has been updated:
+
+```shell-session
+$ oc get configmap/dns-default -n openshift-dns -o yaml
+```
+
+Example output with updated `consul` forwarding zone:
+
+```yaml
+...
+data:
+  Corefile: |
+    # consul-server
+    consul:5353 {
+        prometheus 127.0.0.1:9153
+        forward . 172.30.186.254 {
+            policy random
+        }
+        errors
+        log . {
+            class error
+        }
+        bufsize 1232
+        cache 900 {
+            denial 9984 30
+        }
+    }
+...
+```
+
 ## Verifying DNS Works
 
 To verify DNS works, run a simple job to query DNS. Save the following

From 97501c9185235d67ceb17e5bdad60f41dc26794c Mon Sep 17 00:00:00 2001
From: natemollica-dev <57850649+natemollica-nm@users.noreply.github.com>
Date: Thu, 1 Feb 2024 10:44:42 -0800
Subject: [PATCH 2/4] Include note on oc (vs kubeclt)

Co-authored-by: David Yu <dyu@hashicorp.com>
---
 website/content/docs/k8s/dns.mdx | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/website/content/docs/k8s/dns.mdx b/website/content/docs/k8s/dns.mdx
index 78b4bb81b1cd..3fd4746a8e78 100644
--- a/website/content/docs/k8s/dns.mdx
+++ b/website/content/docs/k8s/dns.mdx
@@ -136,6 +136,10 @@ in full cluster rebuilds.
 
 ## OpenShift DNS Operator
 
+<Note>
+OpenShift CLI `oc` is utilized below complete the following steps. You can find more details on how to install OpenShift CLI from [Getting started with OpenShift CLI](https://docs.openshift.com/container-platform/latest/cli_reference/openshift_cli/getting-started-cli.html).
+</Note>
+
 You can use DNS forwarding to override the default forwarding configuration in the `/etc/resolv.conf` file by specifying
 the `consul-dns` service for the `consul` subdomain (zone).
 

From 5330e755973906cc065038a783afedf544f7dd29 Mon Sep 17 00:00:00 2001
From: natemollica-dev <nathan.mollica@hashicorp.com>
Date: Thu, 1 Feb 2024 13:14:25 -0800
Subject: [PATCH 3/4] changelog update

---
 .changelog/20439.txt | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 .changelog/20439.txt

diff --git a/.changelog/20439.txt b/.changelog/20439.txt
new file mode 100644
index 000000000000..1dd027d3d10b
--- /dev/null
+++ b/.changelog/20439.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+docs: Consul DNS Forwarding configuration for OpenShift update for [Resolve Consul DNS Requests in Kubernetes](https://developer.hashicorp.com/consul/docs/k8s/dns)
+```

From 1ff82ed228aafff04be06d6fddea75284fa2aa60 Mon Sep 17 00:00:00 2001
From: natemollica-dev <nathan.mollica@hashicorp.com>
Date: Thu, 1 Feb 2024 13:16:44 -0800
Subject: [PATCH 4/4] note formatting update to match other notes

---
 website/content/docs/k8s/dns.mdx | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/website/content/docs/k8s/dns.mdx b/website/content/docs/k8s/dns.mdx
index 3fd4746a8e78..8e713a86e183 100644
--- a/website/content/docs/k8s/dns.mdx
+++ b/website/content/docs/k8s/dns.mdx
@@ -136,9 +136,7 @@ in full cluster rebuilds.
 
 ## OpenShift DNS Operator
 
-<Note>
-OpenShift CLI `oc` is utilized below complete the following steps. You can find more details on how to install OpenShift CLI from [Getting started with OpenShift CLI](https://docs.openshift.com/container-platform/latest/cli_reference/openshift_cli/getting-started-cli.html).
-</Note>
+-> **Note:** OpenShift CLI `oc` is utilized below complete the following steps. You can find more details on how to install OpenShift CLI from [Getting started with OpenShift CLI](https://docs.openshift.com/container-platform/latest/cli_reference/openshift_cli/getting-started-cli.html).
 
 You can use DNS forwarding to override the default forwarding configuration in the `/etc/resolv.conf` file by specifying
 the `consul-dns` service for the `consul` subdomain (zone).