Final updates for cluster cname

SCT-Engineering · Oct 8, 2024 · f299c5f · f299c5f
1 parent 885b8f8
commit f299c5f
Show file tree

Hide file tree

Showing 4 changed files with 65 additions and 26 deletions.
diff --git a/aws_data.tf b/aws_data.tf
@@ -20,15 +20,4 @@ data "aws_vpc" "dummy_vpc" {
     name   = "tag:Name"
     values = ["vpc0-dummy"]
   }
-}
-
-# We need to lookup the DNS entry for the istio ingress load balancer created by the tfmod-istio
-# We then use this value to create the CNAME record for cluster app/api addressing
-data "external" "load_balancer_dns" {
-  program = ["bash", "${path.module}/load_balancer_dns.sh", format("%v-%v", var.cluster_name, "istio-ingress")]
-}
-
-# format("%v-%v", var.cluster_name, "metrics-server")
-output "load_balancer_dns" {
-  value = data.external.load_balancer_dns.result.dnsName
 }
diff --git a/load_balancer_dns.sh b/load_balancer_dns.sh
diff --git a/main.tf b/main.tf
@@ -6,14 +6,52 @@
 # Locals
 #-------------------------------------------------
 
+locals {
+  _defaults = {
+    enable_ptr = {
+      cname = false
+      a     = false
+      aaaa  = false
+      txt   = false
+      host  = true
+      ptr   = true
+    }
+    heritage_label = "terraform"
+    heritage_prefix = {
+      cname = "_txt"
+      a     = ""
+      aaaa  = ""
+      txt   = "_txt"
+      host  = ""
+      ptr   = ""
+    }
+  }
+}
+
+locals {
+  base_heritage_tags = [
+    format("heritage=%v", local._defaults.heritage_label),
+    format("%v/account_id=%v", local._defaults.heritage_label, data.aws_caller_identity.current.account_id),
+    format("%v/region=%v", local._defaults.heritage_label, local.region),
+    format("%v/create_time=%d", local._defaults.heritage_label, time_static.timestamp.unix)
+  ]
+  # heritage_tags = [for k, v in {} : format("%v/%v=%v", local._defaults.heritage_label, k, v)]
+}
+
 locals {
   cluster_domain_description = format("%v EKS Cluster DNS Zone", var.cluster_name)
   cluster_domain_name        = format("%v.%v", var.cluster_name, local.vpc_domain_name)
   region                     = var.region
   is_shared_vpc              = data.aws_vpc.eks_vpc.owner_id != data.aws_caller_identity.current.account_id
   vpc_domain_name            = var.vpc_domain_name
+  record_type                = "cname"
+  ttl                        = 900
+
+  default_heritage_prefix = lookup(local._defaults.heritage_prefix, local.record_type, "") != "" ? format("%v.", lookup(local._defaults.heritage_prefix, local.record_type)) : ""
 }
 
+resource "time_static" "timestamp" {}
+
 #-------------------------------------------------
 # cluster_domain dns zone
 #-------------------------------------------------
@@ -90,3 +128,25 @@ resource "aws_route53_zone_association" "self_zone_west" {
 
   depends_on = [aws_route53_vpc_association_authorization.self_zone_west]
 }
+
+###################################################################
+# Cluster DNS CNAME MAPPED TO INGRESS NLB
+###################################################################
+
+resource "aws_route53_record" "entry" {
+  zone_id = aws_route53_zone.cluster_domain.zone_id
+  name    = "*.${local.cluster_domain_name}"
+  type    = upper(local.record_type)
+  ttl     = local.ttl
+  records = [var.istio_ingress_lb]
+}
+
+resource "aws_route53_record" "entry_heritage" {
+  zone_id = aws_route53_zone.cluster_domain.zone_id
+  name    = format("%v%v", local.default_heritage_prefix, "*.${local.cluster_domain_name}")
+
+  type = "TXT"
+  ttl  = local.ttl
+  # records = [join(",", concat(local.base_heritage_tags, local.heritage_tags))]
+  records = local.base_heritage_tags
+}
diff --git a/variables.tf b/variables.tf
@@ -47,6 +47,11 @@ variable "os_username" {
 # DNS variables
 ###################################################################
 
+variable "istio_ingress_lb" {
+  description = "The Istio ingress network load balancer."
+  type        = string
+}
+
 variable "region_map" {
   description = "AWS region map"
   type        = map(string)