GCP: DNS hardcodes Ops Manager domain name to "opsman"

Question

GCP: DNS hardcodes Ops Manager domain name to "opsman"

Closed this issue 7 years ago · 7 comments

Issue

Looking at https://github.com/pivotal-cf/pcf-pipelines/blob/master/install-pcf/gcp/terraform/dns.tf#L8 we can see that the Ops Manager DNS name configured by Terraform inside Google DNS is hardcoded to opsman.${google_dns_managed_zone.env_dns_zone.dns_name}

This is fine, if your ops manager is actually called that.

However, the pipeline params.yml asks users what they want their Ops Manager domain to be at https://github.com/pivotal-cf/pcf-pipelines/blob/master/install-pcf/gcp/params.yml#L139

opsman_domain_or_ip_address: CHANGEME

So, if you set your opsman_domain_or_ip_address to anything that is not opsman.<sysdomain> then the Google DNS record that gets configured will be incorrect. This will cause subsequent steps to fail such as check-opsman-dns.

IAAS: GCP
Pipeline: install-pcf
PCF: 2.0.6
pcf-pipelines: 0.23.1-rc.21

Context

When setting up a new foundation on GCP that happened to use omg instead of opsman as the Ops Manager name, this issue caused the pipeline to fail and we had to manually add a new DNS entry to Google DNS.

Expected result

The Terraform DNS step would have utilised the chosen Ops Manager name when creating the DNS entry.

Current result

The Terraform DNS step created an entry for opsman.<sysdomain>.

Steps to Reproduce

Run the install-pcf pipeline on GCP with opsman_domain_or_ip_address set to anything that is not opsman.<sysdomain>

Possible Fix

Parse the first section of the opsman_domain_or_ip_address value and insert that into https://github.com/pivotal-cf/pcf-pipelines/blob/master/install-pcf/gcp/terraform/dns.tf#L8

Answer 1 · 2018-03-02T20:13:51.000Z

We have created an issue in Pivotal Tracker to manage this. Unfortunately, the Pivotal Tracker project is private so you may be unable to view the contents of the story.

The labels on this github issue will be updated when the story is started.

Answer 2 · 2018-03-02T21:49:43.000Z

Along with above hardcoded value there is another task configure ert where opsman hostname is hardcoded with pcf_ert_domain
https://github.com/pivotal-cf/pcf-pipelines/blob/v0.23.1-rc.21/tasks/configure-ert/task.sh#L5

Answer 3 · 2018-03-06T23:27:25.000Z

@eamonryan @ronakbanka we've actually worked on and applied a fix for these issues. We plan to release v23.1 once it is ready. Let me know if you have any questions. Thanks.

Answer 4 · 2018-03-06T23:35:34.000Z

@abbyachau I don't see how that commit helps this problem. Looking through it, there are still many places where opsman is hardcoded as the first piece of the FQDN for the Ops Manager server.

The point here is that opsman is not always what people call their Ops Manager, so this should be accounted for.

Answer 5 · 2018-03-06T23:39:26.000Z

@eamonryan thanks seeing those references to opsman. Prioritised for review.

Answer 6 · 2018-04-03T19:38:29.000Z

Hi @eamonryan, as discussed, we will be updating the docs instead of making this change with the aim of making customers aware early on that they must obtain certs and set up DNS with the opsman prefix in order to use the pcf-pipelines.

Answer 7 · 2018-04-04T18:54:15.000Z

Hi @eamonryan we've had clarification notes here and we've also updated the params.yml for AWS, GCP, and Azure. If you feel later down the line that we need to add a warning to the main install docs, then we can review again. Thanks again.