How to use the apex(root) domain on OpenShift applications

Resolution

Disclaimer: Links contained herein to external website(s) are provided for convenience only. Red Hat has not reviewed the links and is not responsible for the content or its availability. The inclusion of any link to an external website does not imply endorsement by Red Hat of the website or their entities, products or services. You agree that Red Hat is not responsible or liable for any loss or expenses that may result due to your use of (or reliance on) the external site or content.

Note 1: This procedure has been verified by using AWS Route53. For any other DNS providers, please check the feasibility directly with the provider's support team.

Note 2: For inquires and/or issues with AWS Route53, please refer to the AWS Customer Support.

1. From Red Hat perspective, the only required configuration is to have created a custom domain, which will have something like this:

   apiVersion: managed.openshift.io/v1alpha1
   kind: CustomDomain
   metadata:
     name: example-com
   spec:
     certificate:
       name: example-com-tls
       namespace: example
     domain: example.com
     scope: External
   

2. With the custom domain in Ready state and the Endpoint already provisioned, if required, a CNAME for the subdomains can be added to the DNS hosted zone:

   *.<domain>               CNAME    Simple    -    <endpoint>
   

3. As it is not possible to create a CNAME record using the apex domain, the alternative is to create an A record with alias enabled pointing to the AWS Load Balance:

   1. Name: example.com
   2. Type: A
   3. Alias Enabled: True
   4. Choose Alias to Application and Classic Load Balancer
   5. Choose same region as the cluster
   6. Choose the name of the load balance created by the custom domain (something like "dualstack...elb.amazonaws.com")

4. Then create the route by using the apex domain:

   $ oc create route edge --service=example-app example-app --hostname example.com