DNS and Naming Scheme
An OpenShift 4 cluster requires using a specific DNS scheme which is described on this page. Most of the values are automatically generated and can’t be changed.
User selectable values
<base domain>-
The base domain for the cluster (input by the customer). If the customer doesn’t provide a specific base domain, VSHN uses
vshnmanaged.netas the base domain.
Automatically generated values
<cluster id>-
The Project Syn Lieutenant cluster id of the cluster. The cluster ID can be generated by the Lieutenant API. The cluster ID is always prefixed with
c-. By default, VSHN will suggest a cluster ID that reflects the customer and stage of the cluster, for examplec-company-test1
<role>-
Machine role. One of master, infra, worker and lb. Other roles possible when required by the customer (special node groups for builds, GPU support etc.).
<#>-
An automatically, randomly defined character sequence with four digits.
<index>-
A zero indexed incrementing number.
<cluster domain>-
<cluster id>.<base domain> <hostname>-
The fully qualified domain name of machines belonging to the cluster.
`<role><#>.<cluster domain>`
This will only be used for naming the machines. No DNS records will be created.
<external api>-
OpenShift API URL to be used by clients external to the cluster.
`api.<cluster domain>`
<internal api>-
OpenShift API URL to be used by clients internal to the cluster.
`api-int.<cluster domain>`
<ingress floating IP>-
The floating IP on which the applications are exposed.
`ingress.<cluster-domain>
<egress floating IP>-
The floating IP to which egress traffic is SNATed. Optional, but always present for clusters running in a private network with a VSHN-managed default gateway.
`egress.<cluster-domain>`
<default app domain>-
Usually a CNAME record to
ingress.<cluster-domain>.`*.apps.<cluster domain>`
<etcd>-
etcd-<index>.<cluster domain> <acme challenge>-
DNS Resource Record of type
TXTused for validating certificates using the DNS01 method. It must be possible to create these records programmatically with one of the APIs supported by cert-manager. By default, VSHN will use a self-hosted acme-dns instance to manage the TXT records.`_acme-challenge.<default app domain | external api>`
|
The following DNS records must resolve publicly:
|
Example
DNS Records
A full list of DNS records for the test cluster of company "summer-shadow" according to the definition on this page:
| This example assumes that the customer doesn’t provide a custom base domain. |
; Services api.c-summer-shadow-test1.vshnmanaged.net IN A x.x.x.x api-int.c-summer-shadow-test1.vshnmanaged.net IN A x.x.x.x ingress.c-summer-shadow-test1.vshnmanaged.net IN A x.x.x.x egress.c-summer-shadow-test1.vshnmanaged.net IN A x.x.x.x *.apps.c-summer-shadow-2592.vshnmanaged.net IN CNAME ingress.c-summer-shadow-test1.example.com. etcd-0.c-summer-shadow-test1.vshnmanaged.net IN A x.x.x.x etcd-1.c-summer-shadow-test1.vshnmanaged.net IN A x.x.x.x etcd-2.c-summer-shadow-test1.vshnmanaged.net IN A x.x.x.x _acme-challenge.api.c-summer-shadow-test1.vshnmanaged.net IN CNAME <acme-dns-client-uuid>.acme-dns.vshn.net. _acme-challenge.apps.c-summer-shadow-test1.vshnmanaged.net IN TXT <acme-dns-client-uuid>.acme-dns.vshn.net.
Hostnames
A full list of example hostnames for the test cluster of company "summer-shadow" according to the definition on this page:
infra-454b.c-summer-shadow-test1.vshnmanaged.net infra-9031.c-summer-shadow-test1.vshnmanaged.net infra-c8f2.c-summer-shadow-test1.vshnmanaged.net lb-5f52.c-summer-shadow-test1.vshnmanaged.net lb-ba8f.c-summer-shadow-test1.vshnmanaged.net master-0e9c.c-summer-shadow-test1.vshnmanaged.net master-1a3c.c-summer-shadow-test1.vshnmanaged.net master-e976.c-summer-shadow-test1.vshnmanaged.net worker-4720.c-summer-shadow-test1.vshnmanaged.net worker-7d32.c-summer-shadow-test1.vshnmanaged.net worker-a640.c-summer-shadow-test1.vshnmanaged.net