Document URL: https://docs.openshift.com/container-platform/4.6/installing/installing_azure/installing-azure-user-infra.html#installation-arm-control-plane_installing-azure-user-infra Section Number and Name: ARM template for control plane machines. Describe the issue: Starting with OCP 4.4, it's no longer needed to create the etcd DNS records. The ARM template includes those recrods. Suggestions for improvement: Remove the etcd DNS records from the ARM templates. Additional information: All versions starting with OCP 4.4 KCS 5309701: etcd DNS records are not required for Openshift 4.4 and above [1]. BZ for the documentation [2]. [1] https://access.redhat.com/solutions/5309701 [2] https://bugzilla.redhat.com/show_bug.cgi?id=1852798
1. Doc need change: https://docs.openshift.com/container-platform/4.9/installing/installing_azure/installing-azure-user-infra.html#installation-creating-azure-control-plane_installing-azure-user-infra Create the deployment by using the az CLI: az deployment group create -g ${RESOURCE_GROUP} --template-file "<installation_directory>/05_masters.json" --parameters masterIgnition="${MASTER_IGNITION}" --parameters sshKeyData="${SSH_KEY}" --parameters baseName="${INFRA_ID}" remove --parameters privateDNSZoneName="${CLUSTER_NAME}.${BASE_DOMAIN}" diff 05_masters.json ../new/05_master.json 33,38d32 < "privateDNSZoneName" : { < "type" : "string", < "metadata" : { < "description" : "Name of the private DNS zone the master nodes are going to be attached to" < } < }, 174,213d167 < "apiVersion": "2018-09-01", < "type": "Microsoft.Network/privateDnsZones/SRV", < "name": "[concat(parameters('privateDNSZoneName'), '/_etcd-server-ssl._tcp')]", < "location" : "[variables('location')]", < "properties": { < "ttl": 60, < "copy": [{ < "name": "srvRecords", < "count": "[length(variables('vmNames'))]", < "input": { < "priority": 0, < "weight" : 10, < "port" : 2380, < "target" : "[concat('etcd-', copyIndex('srvRecords'), '.', parameters('privateDNSZoneName'))]" < } < }] < } < }, < { < "apiVersion": "2018-09-01", < "type": "Microsoft.Network/privateDnsZones/A", < "copy" : { < "name" : "dnsCopy", < "count" : "[length(variables('vmNames'))]" < }, < "name": "[concat(parameters('privateDNSZoneName'), '/etcd-', copyIndex())]", < "location" : "[variables('location')]", < "dependsOn" : [ < "[concat('Microsoft.Network/networkInterfaces/', concat(variables('vmNames')[copyIndex()], '-nic'))]" < ], < "properties": { < "ttl": 60, < "aRecords": [ < { < "ipv4Address": "[reference(concat(variables('vmNames')[copyIndex()], '-nic')).ipConfigurations[0].properties.privateIPAddress]" < } < ] < } < }, < { 227c181 < }, --- > }, 229,231c183 < "[concat('Microsoft.Network/networkInterfaces/', concat(variables('vmNames')[copyIndex()], '-nic'))]", < "[concat('Microsoft.Network/privateDnsZones/', parameters('privateDNSZoneName'), '/A/etcd-', copyIndex())]", < "[concat('Microsoft.Network/privateDnsZones/', parameters('privateDNSZoneName'), '/SRV/_etcd-server-ssl._tcp')]" --- > "[concat('Microsoft.Network/networkInterfaces/', concat(variables('vmNames')[copyIndex()], '-nic'))]" 2. the private dns record-set dump $ az network private-dns record-set list -g ${RESOURCE_GROUP} -z ${CLUSTER_NAME}.${BASE_DOMAIN} -o tsv None None None 2ac3d966-a5e9-4eba-ba11-8d5dd371a937 maxunupi.qe.azure.devcluster.openshift.com. /subscriptions/53b8f551-f0fc-4bea-8cba-6d1fefd54c8a/resourceGroups/maxunupi-fptv7-rg/providers/Microsoft.Network/privateDnsZones/maxunupi.qe.azure.devcluster.openshift.com/SOA/@ False None None @ None maxunupi-fptv7-rg None 3600 None Microsoft.Network/privateDnsZones/SOA 1 None None 94bd2bef-8c49-4af6-a15c-ad1527b8698c api.maxunupi.qe.azure.devcluster.openshift.com. /subscriptions/53b8f551-f0fc-4bea-8cba-6d1fefd54c8a/resourceGroups/maxunupi-fptv7-rg/providers/Microsoft.Network/privateDnsZones/maxunupi.qe.azure.devcluster.openshift.com/A/api False None None api None maxunupi-fptv7-rg None None 60 None Microsoft.Network/privateDnsZones/A 1 None None f8819097-69fd-4567-8d27-1ec5b0a5f9e4 api-int.maxunupi.qe.azure.devcluster.openshift.com. /subscriptions/53b8f551-f0fc-4bea-8cba-6d1fefd54c8a/resourceGroups/maxunupi-fptv7-rg/providers/Microsoft.Network/privateDnsZones/maxunupi.qe.azure.devcluster.openshift.com/A/api-int False None None api-int None maxunupi-fptv7-rg None None 60 None Microsoft.Network/privateDnsZones/A 1 None None b76a0b3b-ad81-4a42-89c4-b61e461e6be5 *.apps.maxunupi.qe.azure.devcluster.openshift.com. /subscriptions/53b8f551-f0fc-4bea-8cba-6d1fefd54c8a/resourceGroups/maxunupi-fptv7-rg/providers/Microsoft.Network/privateDnsZones/maxunupi.qe.azure.devcluster.openshift.com/A/*.apps False None None *.apps None maxunupi-fptv7-rg None None 30 None Microsoft.Network/privateDnsZones/A 3.the cluster health after deployment with the new 05_masters.json: $ ./oc get nodes NAME STATUS ROLES AGE VERSION maxunupi-fptv7-master-0 Ready master 4h9m v1.22.0-rc.0+894a78b maxunupi-fptv7-master-1 Ready master 4h9m v1.22.0-rc.0+894a78b maxunupi-fptv7-master-2 Ready master 4h9m v1.22.0-rc.0+894a78b maxunupi-fptv7-worker-centralus-1 Ready worker 3h24m v1.22.0-rc.0+894a78b maxunupi-fptv7-worker-centralus-2 Ready worker 3h24m v1.22.0-rc.0+894a78b maxunupi-fptv7-worker-centralus-3 Ready worker 3h24m v1.22.0-rc.0+894a7 $ ./oc get co NAME VERSION AVAILABLE PROGRESSING DEGRADED SINCE MESSAGE authentication 4.9.0 True False False 3h42m baremetal 4.9.0 True False False 4h32m cloud-controller-manager 4.9.0 True False False 4h35m cloud-credential 4.9.0 True False False 4h46m cluster-autoscaler 4.9.0 True False False 4h33m config-operator 4.9.0 True False False 4h34m console 4.9.0 True False False 3h46m csi-snapshot-controller 4.9.0 True False False 4h33m dns 4.9.0 True False False 4h33m etcd 4.9.0 True False False 4h32m image-registry 4.9.0 True False False 3h49m ingress 4.9.0 True False False 3h48m insights 4.9.0 True False False 4h27m kube-apiserver 4.9.0 True False False 4h29m kube-controller-manager 4.9.0 True False False 4h32m kube-scheduler 4.9.0 True False False 4h32m kube-storage-version-migrator 4.9.0 True False False 4h24m machine-api 4.9.0 True False False 4h29m machine-approver 4.9.0 True False False 4h33m machine-config 4.9.0 True False False 4h32m marketplace 4.9.0 True False False 4h33m monitoring 4.9.0 True False False 3h44m network 4.9.0 True False False 4h34m node-tuning 4.9.0 True False False 4h33m openshift-apiserver 4.9.0 True False False 4h24m openshift-controller-manager 4.9.0 True False False 4h26m openshift-samples 4.9.0 True False False 4h26m operator-lifecycle-manager 4.9.0 True False False 4h33m operator-lifecycle-manager-catalog 4.9.0 True False False 4h33m operator-lifecycle-manager-packageserver 4.9.0 True False False 4h27m service-ca 4.9.0 True False False 4h34m storage 4.9.0 True False False 4h34m
PR: https://github.com/openshift/openshift-docs/pull/38485
PR: https://github.com/openshift/installer/pull/5375
more pr: https://github.com/openshift/release/pull/23567
PR: https://github.com/openshift/installer/pull/5394
Hi, Caleb: Could you help remove privateDNSZoneName in https://github.com/openshift/installer/blob/master/docs/user/azure/install_upi.md? thanks
(In reply to MayXu from comment #10) > Hi, Caleb: > > Could you help remove privateDNSZoneName in > https://github.com/openshift/installer/blob/master/docs/user/azure/ > install_upi.md? thanks Please do not re-assign BZs. @cchandra Could you finish the work for this BZ?
(In reply to Matthew Staebler from comment #11) > (In reply to MayXu from comment #10) > > Hi, Caleb: > > > > Could you help remove privateDNSZoneName in > > https://github.com/openshift/installer/blob/master/docs/user/azure/ > > install_upi.md? thanks > > Please do not re-assign BZs. > > @cchandra Could you finish the work for this BZ? I update the install_upi.md on https://github.com/openshift/installer/pull/5457
Beside https://github.com/openshift/installer/blob/master/docs/user/azure/install_upi.md need some update, the more important thing is RedHat official doc also need update accordingly. So I think we need this bug to track the official doc issue.
verified on 4.10