From 324ed0f1d01b278f3c3d837d4469c91b8a3d72f5 Mon Sep 17 00:00:00 2001 From: Arnau Verdaguer Date: Mon, 2 Dec 2024 12:38:15 +0100 Subject: [PATCH] Use dns cluster info from lib common get function Openshift coreDNS creates the domain name using an string located in dnses.operator.openshift.io. This string can change in the future, calling lib-common/GetDNSClusterDomain the responsability of gathering this information correctly only falls under lib-common intead of all operators. Depends-on: openstack-k8s-operators/lib-common#580 --- pkg/openstack/common.go | 9 ++++----- pkg/openstack/neutron.go | 4 +++- pkg/openstack/ovn.go | 8 +++++--- 3 files changed, 12 insertions(+), 9 deletions(-) diff --git a/pkg/openstack/common.go b/pkg/openstack/common.go index 80ffa71bd..1bd3ea7fb 100644 --- a/pkg/openstack/common.go +++ b/pkg/openstack/common.go @@ -20,6 +20,7 @@ import ( keystonev1 "github.com/openstack-k8s-operators/keystone-operator/api/v1beta1" "github.com/openstack-k8s-operators/lib-common/modules/certmanager" "github.com/openstack-k8s-operators/lib-common/modules/common/condition" + "github.com/openstack-k8s-operators/lib-common/modules/common/clusterdns" "github.com/openstack-k8s-operators/lib-common/modules/common/helper" "github.com/openstack-k8s-operators/lib-common/modules/common/route" "github.com/openstack-k8s-operators/lib-common/modules/common/secret" @@ -58,9 +59,6 @@ const ( // overrides ooAppSelector = "osctlplane-service" - // ClusterInternalDomain - cluster internal dns domain - ClusterInternalDomain = "cluster.local" - // serviceCertSelector selector passed to cert-manager to set on the service cert secret serviceCertSelector = "service-cert" @@ -209,6 +207,7 @@ func EnsureEndpointConfig( endpoints := Endpoints{ EndpointDetails: map[service.Endpoint]EndpointDetail{}, } + clusterDomain := clusterdns.GetDNSClusterDomain() for _, svc := range svcs.Items { ed := EndpointDetail{ @@ -316,7 +315,7 @@ func EnsureEndpointConfig( CertName: ed.Service.TLS.CertName, Hostnames: []string{ fmt.Sprintf("%s.%s.svc", ed.Name, instance.Namespace), - fmt.Sprintf("%s.%s.svc.%s", ed.Name, instance.Namespace, ClusterInternalDomain), + fmt.Sprintf("%s.%s.svc.%s", ed.Name, instance.Namespace, clusterDomain), }, Ips: nil, Annotations: ed.Annotations, @@ -366,7 +365,7 @@ func EnsureEndpointConfig( CertName: ed.Service.TLS.CertName, Hostnames: []string{ fmt.Sprintf("%s.%s.svc", ed.Name, instance.Namespace), - fmt.Sprintf("%s.%s.svc.%s", ed.Name, instance.Namespace, ClusterInternalDomain), + fmt.Sprintf("%s.%s.svc.%s", ed.Name, instance.Namespace, clusterDomain), }, Ips: nil, Annotations: ed.Annotations, diff --git a/pkg/openstack/neutron.go b/pkg/openstack/neutron.go index 425c7ac9a..f1ba248c3 100644 --- a/pkg/openstack/neutron.go +++ b/pkg/openstack/neutron.go @@ -7,6 +7,7 @@ import ( certmgrv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" "github.com/openstack-k8s-operators/lib-common/modules/certmanager" "github.com/openstack-k8s-operators/lib-common/modules/common/condition" + "github.com/openstack-k8s-operators/lib-common/modules/common/clusterdns" "github.com/openstack-k8s-operators/lib-common/modules/common/helper" "github.com/openstack-k8s-operators/lib-common/modules/common/service" "github.com/openstack-k8s-operators/lib-common/modules/common/tls" @@ -68,13 +69,14 @@ func ReconcileNeutron(ctx context.Context, instance *corev1beta1.OpenStackContro instance.Spec.Neutron.Template.TLS = neutronAPI.Spec.TLS serviceName := "neutron" + clusterDomain := clusterdns.GetDNSClusterDomain() // create ovndb client certificate for neutron certRequest := certmanager.CertificateRequest{ IssuerName: instance.GetOvnIssuer(), CertName: fmt.Sprintf("%s-ovndbs", serviceName), Hostnames: []string{ fmt.Sprintf("%s.%s.svc", serviceName, instance.Namespace), - fmt.Sprintf("%s.%s.svc.%s", serviceName, instance.Namespace, "cluster.local"), + fmt.Sprintf("%s.%s.svc.%s", serviceName, instance.Namespace, clusterDomain), }, Ips: nil, Usages: []certmgrv1.KeyUsage{ diff --git a/pkg/openstack/ovn.go b/pkg/openstack/ovn.go index a0efd0adc..40bfd8d95 100644 --- a/pkg/openstack/ovn.go +++ b/pkg/openstack/ovn.go @@ -5,6 +5,7 @@ import ( "fmt" "github.com/openstack-k8s-operators/lib-common/modules/certmanager" + "github.com/openstack-k8s-operators/lib-common/modules/common/clusterdns" "github.com/openstack-k8s-operators/lib-common/modules/common/condition" "github.com/openstack-k8s-operators/lib-common/modules/common/helper" @@ -73,6 +74,7 @@ func ReconcileOVN(ctx context.Context, instance *corev1beta1.OpenStackControlPla func ReconcileOVNDbClusters(ctx context.Context, instance *corev1beta1.OpenStackControlPlane, version *corev1beta1.OpenStackVersion, helper *helper.Helper) (bool, error) { Log := GetLogger(ctx) + dnsSuffix := clusterdns.GetDNSClusterDomain() OVNDBClustersReady := len(instance.Spec.Ovn.Template.OVNDBCluster) != 0 for name, dbcluster := range instance.Spec.Ovn.Template.OVNDBCluster { @@ -111,7 +113,7 @@ func ReconcileOVNDbClusters(ctx context.Context, instance *corev1beta1.OpenStack // Cert needs to be valid for the individual pods in the statefulset so make this a wildcard cert Hostnames: []string{ fmt.Sprintf("*.%s.svc", instance.Namespace), - fmt.Sprintf("*.%s.svc.%s", instance.Namespace, ovnv1.DNSSuffix), + fmt.Sprintf("*.%s.svc.%s", instance.Namespace, dnsSuffix), }, Ips: nil, Usages: []certmgrv1.KeyUsage{ @@ -225,7 +227,7 @@ func ReconcileOVNNorthd(ctx context.Context, instance *corev1beta1.OpenStackCont CertName: fmt.Sprintf("%s-ovndbs", "ovnnorthd"), Hostnames: []string{ fmt.Sprintf("%s.%s.svc", serviceName, instance.Namespace), - fmt.Sprintf("%s.%s.svc.%s", serviceName, instance.Namespace, ovnv1.DNSSuffix), + fmt.Sprintf("%s.%s.svc.%s", serviceName, instance.Namespace, dnsSuffix), }, Ips: nil, Usages: []certmgrv1.KeyUsage{ @@ -347,7 +349,7 @@ func ReconcileOVNController(ctx context.Context, instance *corev1beta1.OpenStack CertName: fmt.Sprintf("%s-ovndbs", "ovncontroller"), Hostnames: []string{ fmt.Sprintf("%s.%s.svc", serviceName, instance.Namespace), - fmt.Sprintf("%s.%s.svc.%s", serviceName, instance.Namespace, ovnv1.DNSSuffix), + fmt.Sprintf("%s.%s.svc.%s", serviceName, instance.Namespace, dnsSuffix), }, Ips: nil, Usages: []certmgrv1.KeyUsage{