$ oc whoami
You can create DNS records on GCP using External DNS Operator.
You can create DNS records on a public managed zone for GCP by using Red Hat External DNS Operator.
Check the user. The user must have access to the kube-system
namespace. If you don’t have the credentials, as you can fetch the credentials from the kube-system
namespace to use the cloud provider client:
$ oc whoami
system:admin
Copy the value of service_account.json in gcp-credentials secret in a file encoded-gcloud.json by running the following command:
$ oc get secret gcp-credentials -n kube-system --template='{{$v := index .data "service_account.json"}}{{$v}}' | base64 -d - > decoded-gcloud.json
Export Google credentials:
$ export GOOGLE_CREDENTIALS=decoded-gcloud.json
Activate your account by using the following command:
$ gcloud auth activate-service-account <client_email as per decoded-gcloud.json> --key-file=decoded-gcloud.json
Set your project:
$ gcloud config set project <project_id as per decoded-gcloud.json>
Get the routes to check the domain:
$ oc get routes --all-namespaces | grep console
openshift-console console console-openshift-console.apps.test.gcp.example.com console https reencrypt/Redirect None
openshift-console downloads downloads-openshift-console.apps.test.gcp.example.com downloads http edge/Redirect None
Get the list of managed zones to find the zone which corresponds to the previously found route’s domain:
$ gcloud dns managed-zones list | grep test.gcp.example.com
qe-cvs4g-private-zone test.gcp.example.com
Create ExternalDNS
resource for route
source:
apiVersion: externaldns.olm.openshift.io/v1beta1
kind: ExternalDNS
metadata:
name: sample-gcp (1)
spec:
domains:
- filterType: Include (2)
matchType: Exact (3)
name: test.gcp.example.com (4)
provider:
type: GCP (5)
source:
openshiftrouteOptions: (6)
routerName: default (7)
type: OpenShiftroute (8)
EOF
1 | Specifies the name of External DNS CR. |
2 | By default all hosted zones are selected as potential targets. You can include a hosted zone that you need. |
3 | The matching of the target zone’s domain has to be exact (as opposed to regular expression match). |
4 | Specify the exact domain of the zone you want to update. The hostname of the routes must be subdomains of the specified domain. |
5 | Defines Google Cloud DNS provider. |
6 | You can define options for the source of DNS records. |
7 | If the source is OpenShiftroute then you can pass the OpenShift Ingress Controller name. External DNS selects the canonical hostname of that router as the target while creating CNAME record. |
8 | Defines OpenShift route resource as the source for the DNS records which gets created in the previously specified DNS provider. |
Check the records created for OCP routes using the following command:
$ gcloud dns record-sets list --zone=qe-cvs4g-private-zone | grep console