Need to add records to the route53 zones generated by the rosa cli when creating clusters
Environment
-
Red Hat OpenShift Service on AWS (ROSA)
- 4
Issue
-
Need to add a
TXT
record forletsencrypt ACME
for authorizing certificate signing to a domain created by the rosa cli for cluster creation. -
As this zone is managed by
Terraform
, so will it cause any issue with the support or stability of the cluster. -
Will the entry be removed since it is not tracked in
Terraform
state .
Resolution
-
There would not be any issue with using
route53
public zones when it comes to the supportability of the cluster, butroute53
public zone is used for domain’s ACME validation so it can't be assured that the use of this zone won’t impact the cluster’s stability. -
It is highly recommend using the own
DNS
androute53
zones which are fully in control of. Using the ownDNS
androute53
zones will have no impact on the stability of the cluster.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments