Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

manifest: set the public and private zones for AWS #1233

Merged
merged 2 commits into from
Feb 14, 2019
Merged

manifest: set the public and private zones for AWS #1233

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
83f96fd
manifest: set the public and private zones for AWS
abhinavdahiya Feb 12, 2019
b65b613
vendor(github.com/openshift/api): bump
abhinavdahiya Feb 11, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions Gopkg.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

28 changes: 28 additions & 0 deletions pkg/asset/installconfig/aws/basedomain.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (
"sort"
"strings"

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/service/route53"
"github.com/pkg/errors"
Expand Down Expand Up @@ -78,3 +79,30 @@ func GetBaseDomain() (string, error) {

return domain, nil
}

// GetPublicZone returns a public route53 zone that matches the name.
func GetPublicZone(name string) (*route53.HostedZone, error) {
var res *route53.HostedZone
f := func(resp *route53.ListHostedZonesOutput, lastPage bool) (shouldContinue bool) {
for idx, zone := range resp.HostedZones {
if zone.Config != nil && !aws.BoolValue(zone.Config.PrivateZone) && strings.TrimSuffix(aws.StringValue(zone.Name), ".") == strings.TrimSuffix(name, ".") {
res = resp.HostedZones[idx]
return false
}
}
return !lastPage
}

session, err := GetSession()
if err != nil {
return nil, errors.Wrap(err, "getting AWS session")
}
client := route53.New(session)
if err := client.ListHostedZonesPages(&route53.ListHostedZonesInput{}, f); err != nil {
return nil, errors.Wrap(err, "listing hosted zones")
}
if res == nil {
return nil, errors.Errorf("No public route53 zone found matching name %q", name)
}
return res, nil
}
38 changes: 34 additions & 4 deletions pkg/asset/manifests/dns.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,17 +1,24 @@
package manifests

import (
"fmt"
"path/filepath"
"strings"

"github.com/ghodss/yaml"
"github.com/pkg/errors"

configv1 "github.com/openshift/api/config/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

"github.com/openshift/installer/pkg/asset"
"github.com/openshift/installer/pkg/asset/installconfig"
icaws "github.com/openshift/installer/pkg/asset/installconfig/aws"
"github.com/openshift/installer/pkg/asset/templates/content"

configv1 "github.com/openshift/api/config/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
awstypes "github.com/openshift/installer/pkg/types/aws"
libvirttypes "github.com/openshift/installer/pkg/types/libvirt"
nonetypes "github.com/openshift/installer/pkg/types/none"
openstacktypes "github.com/openshift/installer/pkg/types/openstack"
)

var (
Expand All @@ -36,13 +43,19 @@ func (*DNS) Name() string {
func (*DNS) Dependencies() []asset.Asset {
return []asset.Asset{
&installconfig.InstallConfig{},
&installconfig.ClusterID{},
// PlatformCredsCheck just checks the creds (and asks, if needed)
// We do not actually use it in this asset directly, hence
// it is put in the dependencies but not fetched in Generate
&installconfig.PlatformCredsCheck{},
}
}

// Generate generates the DNS config and its CRD.
func (d *DNS) Generate(dependencies asset.Parents) error {
installConfig := &installconfig.InstallConfig{}
dependencies.Get(installConfig)
clusterID := &installconfig.ClusterID{}
dependencies.Get(installConfig, clusterID)

config := &configv1.DNS{
TypeMeta: metav1.TypeMeta{
Expand All @@ -58,6 +71,23 @@ func (d *DNS) Generate(dependencies asset.Parents) error {
},
}

switch installConfig.Config.Platform.Name() {
case awstypes.Name:
zone, err := icaws.GetPublicZone(installConfig.Config.BaseDomain)
if err != nil {
return errors.Wrapf(err, "getting public zone for %q", installConfig.Config.BaseDomain)
}
config.Spec.PublicZone = &configv1.DNSZone{ID: strings.TrimPrefix(*zone.Id, "/hostedzone/")}
config.Spec.PrivateZone = &configv1.DNSZone{Tags: map[string]string{
"openshiftClusterID": clusterID.ClusterID,
fmt.Sprintf("kubernetes.io/cluster/%s", installConfig.Config.ObjectMeta.Name): "owned",
"Name": fmt.Sprintf("%s_int", installConfig.Config.ObjectMeta.Name),
}}
case libvirttypes.Name, openstacktypes.Name, nonetypes.Name:
default:
return errors.New("invalid Platform")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Isn't our current plan to ignore invalid platforms in most places? See here and here. I guess your current whitelist approach makes sense if we expect new platforms to require cluster-managed DNS configuration and that we feel a more permissive approach in this block would make it easier to forget to add it?

}

configData, err := yaml.Marshal(config)
if err != nil {
return errors.Wrapf(err, "failed to create %s manifests from InstallConfig", d.Name())
Expand Down
4 changes: 4 additions & 0 deletions vendor/github.com/openshift/api/config/v1/register.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

70 changes: 70 additions & 0 deletions vendor/github.com/openshift/api/config/v1/type_features.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

25 changes: 21 additions & 4 deletions vendor/github.com/openshift/api/config/v1/types.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 0 additions & 6 deletions vendor/github.com/openshift/api/config/v1/types_build.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

34 changes: 34 additions & 0 deletions vendor/github.com/openshift/api/config/v1/types_dns.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

42 changes: 42 additions & 0 deletions vendor/github.com/openshift/api/config/v1/types_registries.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading