We defined an alias in alias.json.erb such as {aliasName: vmName}.
After deployment, we can do dns reverse-lookup for vmIP -> vmName.
But we'd like to do dns reverse-lookup for vmIP-> {vmName, aliasName}, which means nslookup vmIP can return both vmName and its aliasName
We need this feature because tkgi's certificates for etcd use aliasName as SANs, and etcd will do DNS reverse-lookup for ip to match the SANs(https://github.com/etcd-io/etcd/pull/8281) .
And it's impossible for the tkgi certificates to use vmName as SANs, since the vmName is generated at runtime during deploying vm while the certificates is generated before deploying vm.
We defined an alias in
alias.json.erb
such as{aliasName: vmName}
. After deployment, we can do dns reverse-lookup forvmIP -> vmName
.But we'd like to do dns reverse-lookup for
vmIP-> {vmName, aliasName}
, which meansnslookup vmIP
can return both vmName and its aliasNameWe need this feature because tkgi's certificates for etcd use
aliasName
as SANs, and etcd will do DNS reverse-lookup for ip to match the SANs(https://github.com/etcd-io/etcd/pull/8281) .And it's impossible for the tkgi certificates to use
vmName
as SANs, since the vmName is generated at runtime during deploying vm while the certificates is generated before deploying vm.Here's a slack discussion: https://vmware.slack.com/archives/C3M0B3TV3/p1603180877229800