Optional: Creating a Pseudo-Public DNS (PPDN) for Azure

The publicly-available OpenShift® Container Platform (OCP) cluster on Azure requires configuration of an authoritative DNS zone. This can be a new domain or a subdomain that exists with a valid authority to it (Azure does not support recursive queries to the public DNS zone).

Procedure

  1. Create the resource group and specify the correct region. The DNS region can differ from the OCP region.
    az group create -l <region> -n <resource_group_name>
    For example,
    az group create -l eastus -n gi300-dns
    The output is similar to:
    root@sys-backup-client1:/ocp-tools# az group create -l eastus -n gi300-dns
    {
      "id": "/subscriptions/297d75cf-……./resourceGroups/gi300-dns",
      "location": "eastus",
      "managedBy": null,
      "name": "gi300-dns",
      "properties": {
        "provisioningState": "Succeeded"
      },
      "tags": null,
      "type": "Microsoft.Resources/resourceGroups"
    }
  2. Create a pseudo-public DNS zone:
    az network dns zone create -g <dns-resource_group_name> -n <public-domain_FQDN> --zone-type Public
    For example,
    az network dns zone create -g gi300-dns -n gi.priv.test --zone-type Public
    The output is similar to:
    root@sys-backup-client1:/ocp-tools# az network dns zone create -g gi300-dns -n gi.priv.test --zone-type Public
    Argument 'zone_type' has been deprecated and will be removed in a future release.
    {
      "etag": "00000002-0000-0000-f169-9b662a5cd701",
      "id": "/subscriptions/297d75cf-………/resourceGroups/gi300-dns/providers/Microsoft.Network/dnszones/gi.priv.test",
      "location": "global",
      "maxNumberOfRecordSets": 10000,
      "maxNumberOfRecordsPerRecordSet": null,
      "name": "gi.priv.test",
      "nameServers": [
        "ns1-02.azure-dns.com.",
        "ns2-02.azure-dns.net.",
        "ns3-02.azure-dns.org.",
        "ns4-02.azure-dns.info."
      ],
      "numberOfRecordSets": 2,
      "registrationVirtualNetworks": null,
      "resolutionVirtualNetworks": null,
      "resourceGroup": "gi300-dns",
      "tags": {},
      "type": "Microsoft.Network/dnszones",
      "zoneType": "Public"
    }
  3. To delete the resource group, complete the following steps.
    1. Log in to the Azure user interface.
    2. Open the Resource Group page.
    3. Search for your resource group.
      For example, gi300-dns.
    4. Click the group name.
    5. Select all check boxes.
    6. Click Delete resource group.
    7. In the confirmation page, type the resource group name and click Delete:
    8. After a few minutes, the following confirmation message appears.