Hi Javier. Javier Palacios have written on Thu, 1 Jun 2017 11:59:29 +0000:
> Hello all,
>
> first suggest the creation of a new list for openshift admins, where
> I feel this question fits much better. And second, the question itself
>
> I would like to convert the skydns built into openshift into a
> delegated zone of our own DNS domain. I've seen that it runs at 8053,
> and as our domain runs on a domain controller, seems that non-
> standard ports are not an option. As a workaround, I've opened the
> dnsmaq port of our master node in the firewall, and this is enough to
> resolve individual names and even the SOA record, but only if I use
> directly the dnsmasq instance. What is the proper way to achieve
> this? I expect to reinstall the cluster soon, modifying the default
> subdomain properly to try with a sub-zone delegation from our dns
> domain, which I know works with dnsmasq, alghouth a standalone one.
The dnsmasq is not a workaround it's the solution for keep DNS
resolving up and running.
The flow is normally like this.
nodeX:
/etc/resolv.conf => dnsmasq
egrep ^ /etc/dnsmasq.d/origin-*
/etc/dnsmasq.d/origin-dns.conf:strict-order
/etc/dnsmasq.d/origin-dns.conf:no-resolv
/etc/dnsmasq.d/origin-dns.conf:domain-needed
/etc/dnsmasq.d/origin-dns.conf:server=/cluster.local/CLUSTER-IP-from-kubernetes
/etc/dnsmasq.d/origin-upstream-dns.conf:server=IP of master LB
You can execute this command to get the cluster ip, but the ansible
playbooks do this for you.
oc get svc -n default kubernetes -o jsonpath='{.spec.clusterIP}'
I have solved this with additional files in /etc/dnsmasq.d/ and it
looks to me that the current ansible playbooks have this feature
already there.
Maybe this part can solve this for you at install time.
https://github.com/openshift/openshift-ansible/blob/master/inventory/byo/hosts.origin.example#L709-L712
https://github.com/openshift/openshift-ansible/blob/master/roles/openshift_node_dnsmasq/tasks/main.yml#L23-L31
> Javier Palacios
--
Best Regards
Aleksandar Lazic - ME2Digital e. U.
https://me2digital.online/
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
