fix: use cluster domain neutral svc dns (#2655)

Signed-off-by: Igor Makhtes <igor@enso.security>
argoproj · Jun 22, 2023 · 5adbc75 · 5adbc75
1 parent 4220892
commit 5adbc75
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 4 deletions.
diff --git a/USERS.md b/USERS.md
@@ -19,6 +19,7 @@ Organizations below are **officially** using Argo Events. Please send a PR with
 1. [Dazz](https://dazz.io/)
 1. [DevSamurai](https://www.devsamurai.com/)
 1. [Elastic](https://elastic.co/)
+1. [Enso Security](https://enso.security)
 1. [Fairwinds](https://fairwinds.com/)
 1. [Gepardec](https://gepardec.com/)
 1. [GHGSat](https://www.ghgsat.com/)

diff --git a/controllers/eventbus/installer/jetstream.go b/controllers/eventbus/installer/jetstream.go
@@ -117,7 +117,7 @@ func (r *jetStreamInstaller) Install(ctx context.Context) (*v1alpha1.BusConfig,
 	r.eventBus.Status.MarkDeployed("Succeeded", "JetStream is deployed")
 	return &v1alpha1.BusConfig{
 		JetStream: &v1alpha1.JetStreamConfig{
-			URL: fmt.Sprintf("nats://%s.%s.svc.cluster.local:%s", generateJetStreamServiceName(r.eventBus), r.eventBus.Namespace, strconv.Itoa(int(jsClientPort))),
+			URL: fmt.Sprintf("nats://%s.%s.svc:%s", generateJetStreamServiceName(r.eventBus), r.eventBus.Namespace, strconv.Itoa(int(jsClientPort))),
 			AccessSecret: &corev1.SecretKeySelector{
 				LocalObjectReference: corev1.LocalObjectReference{
 					Name: generateJetStreamClientAuthSecretName(r.eventBus),
@@ -358,7 +358,7 @@ func (r *jetStreamInstaller) buildStatefulSetSpec(jsVersion *controllers.JetStre
 							{Name: "POD_NAME", ValueFrom: &corev1.EnvVarSource{FieldRef: &corev1.ObjectFieldSelector{FieldPath: "metadata.name"}}},
 							{Name: "SERVER_NAME", Value: "$(POD_NAME)"},
 							{Name: "POD_NAMESPACE", ValueFrom: &corev1.EnvVarSource{FieldRef: &corev1.ObjectFieldSelector{FieldPath: "metadata.namespace"}}},
-							{Name: "CLUSTER_ADVERTISE", Value: "$(POD_NAME)." + generateJetStreamServiceName(r.eventBus) + ".$(POD_NAMESPACE).svc.cluster.local"},
+							{Name: "CLUSTER_ADVERTISE", Value: "$(POD_NAME)." + generateJetStreamServiceName(r.eventBus) + ".$(POD_NAMESPACE).svc"},
 							{Name: "JS_KEY", ValueFrom: &corev1.EnvVarSource{SecretKeyRef: &corev1.SecretKeySelector{LocalObjectReference: corev1.LocalObjectReference{Name: generateJetStreamServerSecretName(r.eventBus)}, Key: common.JetStreamServerSecretEncryptionKey}}},
 						},
 						VolumeMounts: []corev1.VolumeMount{
@@ -557,7 +557,7 @@ func (r *jetStreamInstaller) createSecrets(ctx context.Context) error {
 		}
 
 		// Generate TLS self signed certificate for Jetstream cluster nodes: includes TLS private key, certificate, and CA certificate
-		clusterNodeHosts := []string{fmt.Sprintf("*.%s.%s.svc.cluster.local", generateJetStreamServiceName(r.eventBus), r.eventBus.Namespace)}
+		clusterNodeHosts := []string{fmt.Sprintf("*.%s.%s.svc", generateJetStreamServiceName(r.eventBus), r.eventBus.Namespace)}
 		r.logger.Infof("cluster node hosts: %+v", clusterNodeHosts)
 		clusterKeyPEM, clusterCertPEM, clusterCACertPEM, err := tls.CreateCerts(certOrg, clusterNodeHosts, time.Now().Add(10*365*24*time.Hour), true, true) // expires in 10 years
 		if err != nil {
@@ -639,7 +639,7 @@ func (r *jetStreamInstaller) createConfigMap(ctx context.Context) error {
 	}
 	routes := []string{}
 	for j := 0; j < replicas; j++ {
-		routes = append(routes, fmt.Sprintf("nats://%s-%s.%s.%s.svc.cluster.local:%s", ssName, strconv.Itoa(j), svcName, r.eventBus.Namespace, strconv.Itoa(int(jsClusterPort))))
+		routes = append(routes, fmt.Sprintf("nats://%s-%s.%s.%s.svc:%s", ssName, strconv.Itoa(j), svcName, r.eventBus.Namespace, strconv.Itoa(int(jsClusterPort))))
 	}
 	settings := r.config.EventBus.JetStream.Settings
 	if x := r.eventBus.Spec.JetStream.Settings; x != nil {