[RFE] - OpenShift 4 IPI + AWS: use CNAME instead of A Alias records

Solution Verified - Updated -

Issue

  • As an enterprise customer, OpenShift 4 should CNAME records instead of A Alias records in AWS Route53, because CNAMEs conform to the RFC DNS standard whereas A Alias records do not.
  • For enterprise companies, only RFC conforming Route53 records are synced into the enterprise DNS server. Therefore, with the current state of the openshift-installer the "api." URL of an OpenShift 4 cluster is only reachable from within the AWS VPC but not from all the company computers.
  • As a proof-of-concept for this approach, there is a workaround to change those records https://github.com/openshift/installer/blob/release-4.3/data/data/aws/route53/base.tf#L50 in the installer to CNAMEs and built a customized version of the installer. With this change, it is possible to resolve the API from the company computers.
  • Hence, It would be great to introduce this change into the installer upstream.

Environment

  • Red Hat OpenShift Container Platform 4.3

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content