robszumski
commented
7 years ago Thanks for reporting this @brmakana. Also interested in your thoughts on this @jkochfrontline.
Some background: We're using this private zone to keep some traffic internal to the cluster for things like our ODIC/auth traffic between the API server and dex. This also reduces any impact on your cluster if public DNS is down or having other issues.
There are a few different options we are considering to give you a bit more control over this functionality. Would you mind rating the following options as ideal/satisfactory/blocker?
- Flag for turning off private zone management while maintaining the public zone usage for public VPCs. This introduces some maintenance and testing complexity. Would still allow for using both zones if desired/required.
- Bring your own zone by simply specifying the ID. This would give you control over using an existing zone or creating a new one.
- Stop mixing public and private zones; use public for public VPCs and private for private.
- Is there something I missed?
Overall, would y'all mind expanding on why you desire to use a public zone with your private VPCs?
Issue Report Template
Tectonic Version
1.6.2-tectonic.1
Environment
What hardware/cloud provider/hypervisor is being used with Tectonic? AWS
Expected Behavior
Selecting an existing Route 53 zone to use should just create new records inside that zone, as previous installers have done.
Actual Behavior
When creating a private VPC cluster and selecting an existing public route 53 zone, tectonic's installer creates a new, private zone with the same name as the existing public zone, but different NS, SOA, etc records.
Reproduction Steps
Other Information
The 'expected behavior' is what happened in previous installer versions.