Suggestion for AWS: use CNAMEs instead of A Alias records in Route53

[Obirah]

Hi,

I already opened a similar issue for the OpenShift installer: openshift/installer#3150

The gist is: I'm suggesting to use a CNAME record instead of an A Alias record for the "*.apps.<cluster-url" DNS record in Route53 on AWS since CNAME records conform to the RFC standard while A Alias records (to my knowledge) do not.

Would that be feasible for the cluster-ingress-operator or are there any big advantages to using the A Alias that I'm just not seeing because I cannot use them in my enterprise environment?

Another feasible approach for me would, if we were able to parameterize the operator so that it uses CNAME instead of A Alias. This way, A Alias could still be the default and the impact of the change would be a bit lower.

[Obirah]

A colleague of mine also contributed something similar to the "external-dns" project for plain k8s: https://github.com/kubernetes-sigs/external-dns/blob/master/docs/faq.md#can-i-force-externaldns-to-create-cname-records-for-elbalb

Maybe this approach might be useful here as well.

[ironcladlou]

Interesting. There are also cost considerations (see https://aws.amazon.com/route53/pricing/).

[ironcladlou]

(Specifically, queries to ALIAS records mapped to ELBs are free.)

[Obirah]

You are right, I discussed it with a colleague a few days ago. Therefore, it possibly would be best to be able to pick between the two choices.

[openshift-bot]

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

[openshift-bot]

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten
/remove-lifecycle stale

[openshift-bot]

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.

/close

[openshift-ci-robot]

@openshift-bot: Closing this issue.

In response to this:

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.