openstack: add the API and wildcard DNS entries

This adds the `<cluster name>-api.<domain>` as well as the `*.apps.<cluster name>.<domain>` entries to the DNS running on the Service VM. That finally closes the loop and lets us install OpenShift on OpenStack and then open the UI in the browser (they'll need to use the DNS we provide, but that's a hard requirement at this point).
openshift · Feb 5, 2019 · cb36be3 · cb36be3
1 parent 26c31bc
commit cb36be3
Show file tree

Hide file tree

Showing 5 changed files with 67 additions and 22 deletions.
diff --git a/data/data/openstack/lb/main.tf b/data/data/openstack/lb/main.tf
@@ -79,14 +79,29 @@ data "ignition_file" "corefile" {
     log
     errors
     reload 10s
+
+    file /etc/coredns/db.${var.cluster_domain} ${var.cluster_name}-api.${var.cluster_domain} {
+    }
+
     file /etc/coredns/db.${var.cluster_domain} _etcd-server-ssl._tcp.${var.cluster_name}.${var.cluster_domain} {
     }
 
-${replace(join("\n", formatlist("file /etc/coredns/db.${var.cluster_domain} ${var.cluster_name}-etcd-%s.${var.cluster_domain} {\nupstream /etc/resolv.conf\n}\n", var.master_port_names)), "master-port-", "")}
+${replace(join("\n", formatlist("    file /etc/coredns/db.${var.cluster_domain} ${var.cluster_name}-etcd-%s.${var.cluster_domain} {\n    upstream /etc/resolv.conf\n    }\n", var.master_port_names)), "master-port-", "")}
 
     forward . /etc/resolv.conf {
     }
 }
+
+${var.cluster_name}.${var.cluster_domain} {
+    log
+    errors
+    reload 10s
+
+    file /etc/coredns/db.${var.cluster_domain} {
+        upstream /etc/resolv.conf
+    }
+}
+
 EOF
   }
 }
@@ -99,14 +114,17 @@ data "ignition_file" "coredb" {
   content {
     content = <<EOF
 $ORIGIN ${var.cluster_domain}.
-@    3600 IN SOA host-10-0-0-2.${var.cluster_domain}. hostmaster (
+@    3600 IN SOA host-${var.cluster_name}.${var.cluster_domain}. hostmaster (
                                 2017042752 ; serial
                                 7200       ; refresh (2 hours)
                                 3600       ; retry (1 hour)
                                 1209600    ; expire (2 weeks)
                                 3600       ; minimum (1 hour)
                                 )
 
+${var.cluster_name}-api  IN  A  ${var.service_vm_floating_ip}
+*.apps.${var.cluster_name}  IN  A  ${var.service_vm_floating_ip}
+
 ${replace(join("\n", formatlist("${var.cluster_name}-etcd-%s  IN  CNAME  ${var.cluster_name}-master-%s", var.master_port_names, var.master_port_names)), "master-port-", "")}
 
 ${replace(join("\n", formatlist("_etcd-server-ssl._tcp.${var.cluster_name}  8640  IN  SRV  0  10  2380   ${var.cluster_name}-etcd-%s.${var.cluster_domain}.", var.master_port_names)), "master-port-", "")}

diff --git a/data/data/openstack/lb/variables.tf b/data/data/openstack/lb/variables.tf
@@ -45,3 +45,7 @@ variable "master_ips" {
 variable "master_port_names" {
   type = "list"
 }
+
+variable "service_vm_floating_ip" {
+  type = "string"
+}
diff --git a/data/data/openstack/main.tf b/data/data/openstack/main.tf
@@ -26,16 +26,17 @@ provider "openstack" {
 module "lb" {
   source = "./lb"
 
-  swift_container   = "${openstack_objectstorage_container_v1.container.name}"
-  cluster_name      = "${var.cluster_name}"
-  cluster_id        = "${var.cluster_id}"
-  cluster_domain    = "${var.base_domain}"
-  image_name        = "${var.openstack_base_image}"
-  flavor_name       = "${var.openstack_master_flavor_name}"
-  ignition          = "${var.ignition_bootstrap}"
-  lb_port_id        = "${module.topology.lb_port_id}"
-  master_ips        = "${module.topology.master_ips}"
-  master_port_names = "${module.topology.master_port_names}"
+  swift_container        = "${openstack_objectstorage_container_v1.container.name}"
+  cluster_name           = "${var.cluster_name}"
+  cluster_id             = "${var.cluster_id}"
+  cluster_domain         = "${var.base_domain}"
+  image_name             = "${var.openstack_base_image}"
+  flavor_name            = "${var.openstack_master_flavor_name}"
+  ignition               = "${var.ignition_bootstrap}"
+  lb_port_id             = "${module.topology.lb_port_id}"
+  master_ips             = "${module.topology.master_ips}"
+  master_port_names      = "${module.topology.master_port_names}"
+  service_vm_floating_ip = "${module.topology.service_vm_floating_ip}"
 }
 
 module "bootstrap" {

diff --git a/data/data/openstack/topology/outputs.tf b/data/data/openstack/topology/outputs.tf
@@ -18,6 +18,10 @@ output "service_vm_fixed_ip" {
   value = "${openstack_networking_port_v2.lb_port.all_fixed_ips[0]}"
 }
 
+output "service_vm_floating_ip" {
+  value = "${openstack_networking_floatingip_v2.lb_fip.address}"
+}
+
 output "master_sg_id" {
   value = "${openstack_networking_secgroup_v2.master.id}"
 }

diff --git a/docs/user/openstack/README.md b/docs/user/openstack/README.md
@@ -82,26 +82,44 @@ because there are no nodes available.
 
 While deploying the cluster, the installer will hang trying to reach the API as
 the node running the installer cannot resolve the service VM (the cluster
-should still come up successfully within the isolated network). As a temporary
-workaround you can add the service VM floating IP and hostname to the
-`/etc/hosts` file as:
+should still come up successfully within the isolated network).
+
+You can add the service VM floating IP address at the top of your `/etc/resolv.conf`:
+
+```
+$ cat /etc/resolv.conf
+# Generated by NetworkManager
+search example.com
+# OpenShift Service VM DNS:
+nameserver 10.19.115.117
+
+# Your previous DNS servers:
+nameserver 83.240.0.215
+nameserver 83.240.0.136
+```
+
+(the service VM floating IP is `10.19.115.117` in this example)
+
+If you don't want to update your DNS config, you can add a couple of entries in your `/etc/hosts` file instead:
 
 ```
 $ cat /etc/hosts
 127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
 ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
 10.19.115.117 <cluster-name>-api.<domain>
+10.19.115.117 console-openshift-console.apps.<cluster-name>.<domain>
 ```
 
-If you do expose the cluster, the installer should make it far enough along to
-bring up the HA control plane and tear down the bootstrap node.  It will then
-hang waiting for the console to come up.
+If you do expose the cluster, the installer should complete successfully.
+
+It will print the console URL, username and password and you should be able to go there and log in.
 
 ```
-DEBUG Still waiting for the console route: the server is currently unable to
-handle the request (get routes.route.openshift.io)
-...
-FATAL waiting for openshift-console URL: context deadline exceeded
+INFO Install complete!
+INFO Run 'export KUBECONFIG=/home/thomas/go/src/github.com/openshift/installer/ostest/auth/kubeconfig' to manage the cluster with 'oc', the OpenShift CLI.
+INFO The cluster is ready when 'oc login -u kubeadmin -p siDhh-STMU3-hWDPW-jM4co' succeeds (wait a few minutes).
+INFO Access the OpenShift web-console here: https://console-openshift-console.apps.ostest.shiftstack.com
+INFO Login to the console with user: kubeadmin, password: siDhh-STMU3-hWDPW-jM4co
 ```
 
 #### Create the openstack-credentials Secret