Need to add records to the route53 zones generated by the rosa cli when creating clusters

Solution Verified - Updated -

Environment

  • Red Hat OpenShift Service on AWS (ROSA)

    • 4

Issue

  • Need to add a TXT record for letsencrypt ACME for authorizing certificate signing to a domain created by the rosa cli for cluster creation.

  • As this zone is managed by Terraform , so will it cause any issue with the support or stability of the cluster.

  • Will the entry be removed since it is not tracked in Terraform state .

Resolution

  • There would not be any issue with using route53 public zones when it comes to the supportability of the cluster, but route53 public zone is used for domain’s ACME validation so it can't be assured that the use of this zone won’t impact the cluster’s stability.

  • It is highly recommend using the own DNS and route53 zones which are fully in control of. Using the own DNS and route53 zones will have no impact on the stability of the cluster.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments