×

You can create DNS records on Google Cloud Platform (GCP) by using the External DNS Operator.

Using the External DNS Operator on a cluster with GCP Workload Identity enabled is not supported. For more information about the GCP Workload Identity, see GCP Workload Identity.

Creating DNS records on a public managed zone for GCP

You can create DNS records on a public managed zone for GCP by using the External DNS Operator.

Prerequisites
  • You must have administrator privileges.

Procedure
  1. Copy the gcp-credentials secret in the encoded-gcloud.json file by running the following command:

    $ oc get secret gcp-credentials -n kube-system --template='{{$v := index .data "service_account.json"}}{{$v}}' | base64 -d - > decoded-gcloud.json
  2. Export your Google credentials by running the following command:

    $ export GOOGLE_CREDENTIALS=decoded-gcloud.json
  3. Activate your account by using the following command:

    $ gcloud auth activate-service-account  <client_email as per decoded-gcloud.json> --key-file=decoded-gcloud.json
  4. Set your project by running the following command:

    $ gcloud config set project <project_id as per decoded-gcloud.json>
  5. Get a list of routes by running the following command:

    $ oc get routes --all-namespaces | grep console
    Example output
    openshift-console          console             console-openshift-console.apps.test.gcp.example.com                       console             https   reencrypt/Redirect     None
    openshift-console          downloads           downloads-openshift-console.apps.test.gcp.example.com                     downloads           http    edge/Redirect          None
  6. Get a list of managed zones by running the following command:

    $ gcloud dns managed-zones list | grep test.gcp.example.com
    Example output
    qe-cvs4g-private-zone test.gcp.example.com
  7. Create a YAML file, for example, external-dns-sample-gcp.yaml, that defines the ExternalDNS object:

    Example external-dns-sample-gcp.yaml file
    apiVersion: externaldns.olm.openshift.io/v1beta1
    kind: ExternalDNS
    metadata:
      name: sample-gcp (1)
    spec:
      domains:
        - filterType: Include (2)
          matchType: Exact (3)
          name: test.gcp.example.com (4)
      provider:
        type: GCP (5)
      source:
        openshiftRouteOptions: (6)
          routerName: default (7)
        type: OpenShiftRoute (8)
    1 Specifies the External DNS name.
    2 By default, all hosted zones are selected as potential targets. You can include your hosted zone.
    3 The domain of the target must match the string defined by the name key.
    4 Specify the exact domain of the zone you want to update. The hostname of the routes must be subdomains of the specified domain.
    5 Defines the provider type.
    6 You can define options for the source of DNS records.
    7 If the source type is OpenShiftRoute, you can pass the OpenShift Ingress Controller name. External DNS selects the canonical hostname of that router as the target while creating CNAME record.
    8 Defines the route resource as the source for GCP DNS records.
  8. Check the DNS records created for OKD routes by running the following command:

    $ gcloud dns record-sets list --zone=qe-cvs4g-private-zone | grep console