mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
53 lines
2.6 KiB
Plaintext
53 lines
2.6 KiB
Plaintext
:_mod-docs-content-type: SNIPPET
|
|
Clients access the {product-title} cluster nodes over the `baremetal` network. A network administrator must configure a subdomain or subzone where the canonical name extension is the cluster name.
|
|
|
|
[source,text]
|
|
----
|
|
<cluster_name>.<base_domain>
|
|
----
|
|
|
|
For example:
|
|
|
|
[source,text]
|
|
----
|
|
test-cluster.example.com
|
|
----
|
|
|
|
{product-title} includes functionality that uses cluster membership information to generate A/AAAA records. This resolves the node names to their IP addresses. After the nodes are registered with the API, the cluster can disperse node information without using CoreDNS-mDNS. This eliminates the network traffic associated with multicast DNS.
|
|
|
|
CoreDNS requires both TCP and UDP connections to the upstream DNS server to function correctly. Ensure the upstream DNS server can receive both TCP and UDP connections from {product-title} cluster nodes.
|
|
|
|
In {product-title} deployments, DNS name resolution is required for the following components:
|
|
|
|
* The Kubernetes API
|
|
* The {product-title} application wildcard ingress API
|
|
|
|
A/AAAA records are used for name resolution and PTR records are used for reverse name resolution. {op-system-first} uses the reverse records or DHCP to set the hostnames for all the nodes.
|
|
|
|
Installer-provisioned installation includes functionality that uses cluster membership information to generate A/AAAA records. This resolves the node names to their IP addresses. In each record, `<cluster_name>` is the cluster name and `<base_domain>` is the base domain that you specify in the `install-config.yaml` file. A complete DNS record takes the form: `<component>.<cluster_name>.<base_domain>.`.
|
|
|
|
.Required DNS records
|
|
[cols="1a,3a,5a",options="header"]
|
|
|===
|
|
|
|
|Component
|
|
|Record
|
|
|Description
|
|
|
|
|Kubernetes API
|
|
|`api.<cluster_name>.<base_domain>.`
|
|
|An A/AAAA record and a PTR record identify the API load balancer. These records must be resolvable by both clients external to the cluster and from all the nodes within the cluster.
|
|
|
|
|Routes
|
|
|`*.apps.<cluster_name>.<base_domain>.`
|
|
|The wildcard A/AAAA record refers to the application ingress load balancer. The application ingress load balancer targets the nodes that run the Ingress Controller pods. The Ingress Controller pods run on the worker nodes by default. These records must be resolvable by both clients external to the cluster and from all the nodes within the cluster.
|
|
|
|
For example, `console-openshift-console.apps.<cluster_name>.<base_domain>` is used as a wildcard route to the {product-title} console.
|
|
|
|
|===
|
|
|
|
[TIP]
|
|
====
|
|
You can use the `dig` command to verify DNS resolution.
|
|
====
|