Setting up a wildcard DNS entry
This document uses a sample to show you how to set up a wildcard DNS entry.
A DNS wildcard entry makes all Cloud Pak for Data services automatically reply to any FQDN prefix via the wildcard.
It is recommended that you create a DNS entry on the customer DNS server to handle all FQDN
prefixes for all services. The wildcard entry is simply *.<FQDN>
.
icpd-zen.<FQDN>
icpd-system.<FQDN>
icpd-npsconsole.<FQDN>
oauth-openshift.apps.<FQDN>
openshift-console.<FQDN>
About this task
The sample configuration was written on Red Hat Enterprise Linux 7.6. The bind
and bind-utils
packages are version 9.9.4. The guidelines should apply to any
bind9
-based distribution.
A DNS CNAME record is a type of resource record in the DNS that maps one domain name (an alias) to another (the canonical name).
The following example provides an overview of the CNAME and A record configuration for an IBM
Cloud Pak for Data System that is installed in the testlab.customer.com
domain. The
application's FQDN is cp4ds.testlab.customer.com
and its IP is 10.0.0.11. The DNS
server's FQDN is ns.testlabl.customer.com
and its IP is 10.0.0.254.
A wildcard DNS entry is a record that answers DNS requests for any undefined subdomain within a
defined domain. You create a wildcard record by entering an asterisk (*) and a dot (.) before the
defined domain in the A record of a zone file. In the following example, a wildcard record
*.cp4ds
is created, which resolves to the IP address specified in the CNAME entry
for cp4ds
. The FQDN for the application is completed by concatenating the CNAME
with the $ORIGIN
domain that is cp4ds.testlab.customer.com
.
/etc/named.conf
file is the default configuration file for the named server. For
example:options {
directory "/var/named"; 1
}
zone "testlab.customer.com." IN {
type master;
file "testlab"; 2
};
zone "0.0.10.in-addr.arpa" IN {
type master;
file "0.0.10.in-addr.arpa"; 3
};
In this example, the directory
option 1 points to
the working directory for the name server /etc/named
. All non-absolute path names
in the named.conf
file are expected to be relative to this directory (this includes
the zone files that are described in the example). The zone definition
2 defines the zone for which the name server is responsible (its zone
of authority).The zone definition 3 describes a reverse lookup
(pointer) record for the zone.
Zone file:
- The A and CNAME type records begin at 4 .
- The example general record for the application is at 5 .
- The example wildcard entry is at 6 .
The wildcard entry maps all addresses within the cpds.testlab.customer.com
to
the cp4ds
IP address.
Note that a typical zone file has many more entries than the sample.
$ORIGIN .
$TTL 86400 ; 1 day
testlab IN SOA ns.testlab.customer.com. root.testlab.customer.com. (
1906281151 ; serial as YYMMDDhhmm
3600 ; refresh (1 hour)
1800 ; retry (30 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS ns.testlab.customer.com.
$ORIGIN testlab.customer.com.
$TTL 3600 ; 1 hour
gateway A 10.0.0.1 4
ns A 10.0.0.254
cp4ds A 10.0.0.11 5
*.cp4ds CNAME cp4ds 6
Using DHCP for the application (cp4ds) address is not supported.
PTR (Reverse-lookup) Zone File:
cp4ds.testlab.customer.com
. This is shown below
at 7 .$ORIGIN 0.0.10.in-addr.arpa.
$TTL 3600 ; 1 hour
11 PTR cp4ds.testlab.customer.com. 7
The header was left out of the sample, and there would typically be many records in the pointer zone file.
Since red.cp4ds.testlab.customer.com
,
green.cp4ds.testlab.customer.com
, and
blue.cp4ds.testlab.customer.com
all resolve to
cp4ds.testlab.customer.com
, there is no PTR record for them.