openshift-cluster-update-zone¶

A task to create and update DNS zone entries for OpenShift cluster nodes

This task manages DNS zone entries for an OpenShift cluster. It creates or updates a DNS zone with records for all cluster nodes including API endpoints, internal API, and ingress wildcard records. This is essential for maintaining proper cluster networking when infrastructure changes occur.

Enabling DRP DNS Zone Management¶

DNS zone management is disabled by default. Set the openshift/enable-dns-zone parameter to true on the cluster profile to activate it. When disabled, the task exits immediately so that external DNS infrastructure is left undisturbed.

Requirements¶

Infrastructure Access¶

• openshift/enable-dns-zone must be true for any zone operations to occur
• DNS zone management permissions (DRP zones will be created, but do not have to be used if external DNS is preferred)
• Network connectivity between all nodes

Cluster State¶

• Valid DNS zone configuration
• Network connectivity
• Active cluster nodes

Node Configuration¶

• Nodes must have IP addresses assigned
• Nodes must have openshift/role parameter set (controlplane or worker)

Usage¶

This task is typically used in these scenarios: - During initial cluster formation (when openshift/enable-dns-zone is true) - After adding new nodes to the cluster - When changing load balancer configurations - After network infrastructure changes - When troubleshooting DNS resolution issues

Zone Management¶

This task automatically: - Creates DNS zone if it doesn't exist - Updates existing zone with current node records - Adds API and API-internal records pointing to control plane VIP or first control plane - Adds wildcard ingress record (*.apps) pointing to ingress VIP or first control plane - Adds individual A records for each control plane and worker node

DNS Records Created¶

• api.<cluster-name> - API endpoint
• api-int.<cluster-name> - Internal API endpoint
• *.apps.<cluster-name> - Wildcard ingress for applications
• <node-name> - Individual node records

Verification¶

After the task completes, verify proper configuration:

# List zones
drpcli zones list

# Show zone details
drpcli zones show <cluster-name>

# Test DNS resolution
dig api.<cluster-name>.<domain>
dig *.apps.<cluster-name>.<domain>

Objects that Reference openshift-cluster-update-zone¶

• blueprints openshift-cluster-add-nodes in Openshift as part of Tasks (declared)
• blueprints openshift-cluster-dns-refresh in Openshift as part of Tasks (declared)

Objects used by openshift-cluster-update-zone¶

• templates openshift-cluster-update-zone.sh.tmpl in field Templates[0].ID as value openshift-cluster-update-zone.sh.tmpl