$ oc whoami
You can create DNS records on Azure using External DNS Operator.
You can create DNS records on a public DNS zone for Azure by using Red Hat External DNS Operator.
Check the user. The user must have access to the kube-system
namespace. If you don’t have the credentials, as you can fetch the credentials from the kube-system
namespace to use the cloud provider client:
$ oc whoami
system:admin
Fetch the values from azure-credentials secret present in kube-system
namespace.
$ CLIENT_ID=$(oc get secrets azure-credentials -n kube-system --template={{.data.azure_client_id}} | base64 -d)
$ CLIENT_SECRET=$(oc get secrets azure-credentials -n kube-system --template={{.data.azure_client_secret}} | base64 -d)
$ RESOURCE_GROUP=$(oc get secrets azure-credentials -n kube-system --template={{.data.azure_resourcegroup}} | base64 -d)
$ SUBSCRIPTION_ID=$(oc get secrets azure-credentials -n kube-system --template={{.data.azure_subscription_id}} | base64 -d)
$ TENANT_ID=$(oc get secrets azure-credentials -n kube-system --template={{.data.azure_tenant_id}} | base64 -d)
Login to azure with base64 decoded values:
$ az login --service-principal -u "${CLIENT_ID}" -p "${CLIENT_SECRET}" --tenant "${TENANT_ID}"
Get the routes to check the domain:
$ oc get routes --all-namespaces | grep console
openshift-console console console-openshift-console.apps.test.azure.example.com console https reencrypt/Redirect None
openshift-console downloads downloads-openshift-console.apps.test.azure.example.com downloads http edge/Redirect None
Get the list of dns zones to find the one which corresponds to the previously found route’s domain:
$ az network dns zone list --resource-group "${RESOURCE_GROUP}"
Create ExternalDNS
resource for route
source:
apiVersion: externaldns.olm.openshift.io/v1alpha1
kind: ExternalDNS
metadata:
name: sample-azure (1)
spec:
zones:
- "/subscriptions/1234567890/resourceGroups/test-azure-xxxxx-rg/providers/Microsoft.Network/dnszones/test.azure.example.com" (2)
provider:
type: Azure (3)
source:
openshiftRouteOptions: (4)
routerName: default (5)
type: OpenShiftRoute (6)
EOF
1 | Specifies the name of External DNS CR. |
2 | Define the zone ID. |
3 | Defines the Azure DNS provider. |
4 | You can define options for the source of DNS records. |
5 | If the source is OpenShiftRoute then you can pass the OpenShift Ingress Controller name. External DNS selects the canonical hostname of that router as the target while creating CNAME record. |
6 | Defines OpenShift route resource as the source for the DNS records which gets created in the previously specified DNS provider. |
Check the records created for OCP routes using the following command:
$ az network dns record-set list -g "${RESOURCE_GROUP}" -z test.azure.example.com | grep console
To create records on private hosted zones on private Azure dns, you need to specify the private zone under |