Hi Javier. Javier Palacios have written on Thu, 1 Jun 2017 11:59:29 +0000:
> Hello all, > > first suggest the creation of a new list for openshift admins, where > I feel this question fits much better. And second, the question itself > > I would like to convert the skydns built into openshift into a > delegated zone of our own DNS domain. I've seen that it runs at 8053, > and as our domain runs on a domain controller, seems that non- > standard ports are not an option. As a workaround, I've opened the > dnsmaq port of our master node in the firewall, and this is enough to > resolve individual names and even the SOA record, but only if I use > directly the dnsmasq instance. What is the proper way to achieve > this? I expect to reinstall the cluster soon, modifying the default > subdomain properly to try with a sub-zone delegation from our dns > domain, which I know works with dnsmasq, alghouth a standalone one. The dnsmasq is not a workaround it's the solution for keep DNS resolving up and running. The flow is normally like this. nodeX: /etc/resolv.conf => dnsmasq egrep ^ /etc/dnsmasq.d/origin-* /etc/dnsmasq.d/origin-dns.conf:strict-order /etc/dnsmasq.d/origin-dns.conf:no-resolv /etc/dnsmasq.d/origin-dns.conf:domain-needed /etc/dnsmasq.d/origin-dns.conf:server=/cluster.local/CLUSTER-IP-from-kubernetes /etc/dnsmasq.d/origin-upstream-dns.conf:server=IP of master LB You can execute this command to get the cluster ip, but the ansible playbooks do this for you. oc get svc -n default kubernetes -o jsonpath='{.spec.clusterIP}' I have solved this with additional files in /etc/dnsmasq.d/ and it looks to me that the current ansible playbooks have this feature already there. Maybe this part can solve this for you at install time. https://github.com/openshift/openshift-ansible/blob/master/inventory/byo/hosts.origin.example#L709-L712 https://github.com/openshift/openshift-ansible/blob/master/roles/openshift_node_dnsmasq/tasks/main.yml#L23-L31 > Javier Palacios -- Best Regards Aleksandar Lazic - ME2Digital e. U. https://me2digital.online/
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users