manifest: set the public and private zones for AWS #1233
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
openshift-ci-robot
added
the
size/L
|
/wip |
openshift-ci-robot
added
the
approved
abhinavdahiya
force-pushed
the
dns_zones
branch
from
6379aa2
to
ab39fc1
Compare
openshift-ci-robot
added
size/XL
|
openshift/api#202 merged. So this is ready for review. /cc @wking @staebler @ironcladlou Need this so that ingress can make progress which is blocking #1169 |
|
This lgtm |
staebler
reviewed
Feb 13, 2019
The `DNS` object [2] was expanded to include the pointers to the public and private hosted zones to allow operators to create DNS records inthe correct zone in PR openshift#202 [4]. The public zone is fetched from the `basedomain` while since installer creates the private zone at later stage, tags are used to specify the private dns zone. The ID returned by `get-hosted-zone` [1] is of the form `/hostedzone/<id>`. For example, ```console $ AWS_PROFILE=openshift-dev aws route53 get-hosted-zone --id XXX { "HostedZone": { "Id": "/hostedzone/XXX", ... } ``` This creates the `DNS` [2] object like: ```yaml apiVersion: config.openshift.io/v1 kind: DNS metadata: name: cluster spec: baseDomain: yyy.openshift.com privateZone: tags: Name: adahiya-1_int kubernetes.io/cluster/adahiya-1: owned openshiftClusterID: 25375c13-3c0a-4102-a8f9-7ecb60757c62 publicZone: id: "/hostedzone/XXX" status: {} ``` But you can actually use both `/hostedzone/XXX` or `XXX` to get a zone. ```console $ AWS_PROFILE=openshift-dev aws route53 get-hosted-zone --id "/hostedzone/XXX" { "HostedZone": { "Id": "/hostedzone/XXX", ... } ``` The change trims the `zoneID` to not include the prefix when creating the `DNS` object as just the ID has cleaner semantics when stored in the object. The terraform-provider-aws also cleans the zone-id for better UX [3] by trimming the prefix `/hostedzone/`. [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#synopsis [2]: https://github.com/openshift/api/blob/8c839bc7ff62e38ad7656bf920e11e2664a44f6b/config/v1/types_dns.go#L11 [3]: https://github.com/terraform-providers/terraform-provider-aws/blob/75a9ebb7bfc7fd61b4454589155cc6b958ebebe4/aws/resource_aws_route53_zone.go#L461-L464
To get openshift/api#202 ```console $ dep ensure -update github.com/openshift/api github.com/openshift/client-go ``` ```console $ dep version dep: version : v0.5.0 build date : 2018-07-26 git hash : 224a564 go version : go1.10.3 go compiler : gc platform : linux/amd64 features : ImportDuringSolve=false ```
abhinavdahiya
force-pushed
the
dns_zones
branch
from
ab39fc1
to
b65b613
Compare
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: abhinavdahiya, staebler The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
1 similar comment
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest |
1 similar comment
|
/retest |
|
e2e flaking /retest |
|
/retest |
1 similar comment
|
/retest |
wking
reviewed
Feb 14, 2019
| }} | ||
| case libvirttypes.Name, openstacktypes.Name, nonetypes.Name: | ||
| default: | ||
| return errors.New("invalid Platform") |
There was a problem hiding this comment.
Isn't our current plan to ignore invalid platforms in most places? See here and here. I guess your current whitelist approach makes sense if we expect new platforms to require cluster-managed DNS configuration and that we feel a more permissive approach in this block would make it easier to forget to add it?
/retest |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The
DNSobject 2 was expanded to include the pointers to the public and private hosted zones to allow operators to create DNS records inthe correct zone in[PR #202]4.The public zone is fetched from the
basedomainwhile since installer creates the private zone at later stage, tags are used to specify the private dns zone.The ID returned by
get-hosted-zone1 is of the form/hostedzone/<id>. For example,This creates the
DNS2 object like:But you can actually use both
/hostedzone/XXXorXXXto get a zone.The change trims the
zoneIDto not include the prefix when creating theDNSobject as just the ID has cleaner semantics when stored in the object. The terraform-provider-aws also cleans the zone-id for better UX 3 by trimming the prefix/hostedzone/./cc @ironcladlou