From cd53a07315fb2584896623a33bfb6c2531e85dee Mon Sep 17 00:00:00 2001
From: Sandhya Dasu <sdasu@redhat.com>
Date: Sun, 5 Nov 2023 22:27:58 -0500
Subject: [PATCH] Generate manifests for CoreDNS pod definition and Corefile
 template

For cloud platforms where customers are allowed to bring their own
DNS post cluster install, an in-cluster DNS solution is required
for the installation to be successful.
Adding the manifest containing CoreDNS pod definition and Corefile
template to be used by the MCO instance on the bootstrap node.
---
 .../coredns-corefile.tmpl                     | 24 ++++++
 manifests/cloud-platform-alt-dns/coredns.yaml | 83 +++++++++++++++++++
 2 files changed, 107 insertions(+)
 create mode 100644 manifests/cloud-platform-alt-dns/coredns-corefile.tmpl
 create mode 100644 manifests/cloud-platform-alt-dns/coredns.yaml

diff --git a/manifests/cloud-platform-alt-dns/coredns-corefile.tmpl b/manifests/cloud-platform-alt-dns/coredns-corefile.tmpl
new file mode 100644
index 0000000000..45d3136d86
--- /dev/null
+++ b/manifests/cloud-platform-alt-dns/coredns-corefile.tmpl
@@ -0,0 +1,24 @@
+. {
+    errors
+    health :18080
+    cache 30
+    reload
+    template IN {{`{{ .Cluster.CloudLBRecordType }}`}} {{ .ControllerConfig.DNS.Spec.BaseDomain }} {
+        match ^api.{{ .ControllerConfig.DNS.Spec.BaseDomain }}
+        answer "{{`{{"{{ .Name }}"}}`}} 60 in {{`{{"{{ .Type }}"}}`}} {{ if gt (len (.Cluster.APILBIPs )) 0 }}{{ index (.Cluster.APILBIPs) 0 }}{{ end }}"
+        fallthrough
+    }
+    template IN {{`{{ .Cluster.CloudLBEmptyType }}`}} {{ .ControllerConfig.DNS.Spec.BaseDomain }} {
+        match ^api.{{ .ControllerConfig.DNS.Spec.BaseDomain }}
+        fallthrough
+    }
+    template IN {{`{{ .Cluster.CloudLBRecordType }}`}} {{ .ControllerConfig.DNS.Spec.BaseDomain }} {
+        match ^api-int.{{ .ControllerConfig.DNS.Spec.BaseDomain }}
+        answer "{{`{{"{{ .Name }}"}}`}} 60 in {{`{{"{{ .Type }}"}}`}} {{ if gt (len (.Cluster.APIIntLBIPs)) 0 }}{{ index (.Cluster.APIIntLBIPs) 0 }}{{ end }}"
+        fallthrough
+    }
+    template IN {{`{{ .Cluster.CloudLBEmptyType }}`}} {{ .ControllerConfig.DNS.Spec.BaseDomain }} {
+        match ^api-int.{{ .ControllerConfig.DNS.Spec.BaseDomain }}
+        fallthrough
+    }
+}
diff --git a/manifests/cloud-platform-alt-dns/coredns.yaml b/manifests/cloud-platform-alt-dns/coredns.yaml
new file mode 100644
index 0000000000..25f5c7c024
--- /dev/null
+++ b/manifests/cloud-platform-alt-dns/coredns.yaml
@@ -0,0 +1,83 @@
+---
+kind: Pod
+apiVersion: v1
+metadata:
+  name: coredns
+  namespace: openshift-infra
+  creationTimestamp:
+  deletionGracePeriodSeconds: 65
+  labels:
+    app: {{ cloudPlatformShortName .ControllerConfig }}-infra-coredns
+  annotations:
+    target.workload.openshift.io/management: '{"effect": "PreferredDuringScheduling"}'
+spec:
+  volumes:
+  - name: resource-dir
+    hostPath:
+      path: "/etc/kubernetes/static-pod-resources/coredns"
+  - name: kubeconfig
+    hostPath:
+      path: "/etc/kubernetes/kubeconfig"
+  - name: conf-dir
+    empty-dir: {}
+  - name: manifests
+    hostPath:
+      path: "/opt/openshift/manifests"
+  initContainers:
+  - name: render-config
+    image: {{ .Images.BaremetalRuntimeCfgBootstrap }}
+    command:
+    - runtimecfg
+    - render
+    - "/etc/kubernetes/kubeconfig"
+    - "--cloud-ext-lb-ips"
+    - "{{- range $index, $ips := .CloudExtLBIPs }}{{ if gt $index 0 }},{{end}}{{$ip}}{{end}}"
+    - "--cloud-int-lb-ips"
+    - "{{- range $index, $ips := .CloudIntLBIPs }}{{ if gt $index 0 }},{{end}}{{$ip}}{{end}}"
+    - "/config"
+    - "--out-dir"
+    - "/etc/coredns"
+    - "--cluster-config"
+    - "/opt/openshift/manifests/cluster-config.yaml"
+  resources: {}
+  volumeMounts:
+  - name: kubeconfig
+    mountpath: "/etc/kubernetes/kubeconfig"
+  - name: resource-dir
+    mountpath: "/config"
+  - name: conf-dir
+    mountpath: "/etc/coredns"
+  - name: manifests
+    mountpath: "/opt/openshift/manifests"
+    imagePullPolicy: IfNotPresent
+  containers:
+  - name: coredns
+    securityContext:
+      privileged: true
+      readOnlyRootFilesystem: false
+    image: {{ .Images.CorednsBootstrap }}
+    args:
+    - "--conf"
+    - "/etc/coredns/Corefile"
+    resources:
+      requests:
+        cpu: 100m
+        memory: 200Mi
+    volumeMounts:
+    - name: conf-dir
+      mountPath: "/etc/coredns"
+    livenessProbe:
+      httpGet:
+        path: /health
+        port: 18080
+        scheme: HTTP
+      initialDelaySeconds: 60
+      timeoutSeconds: 5
+      successThreshold: 1
+      failureThreshold: 5
+    terminationMessagePolicy: FallbackToLogsOnError
+  hostNetwork: true
+  tolerations:
+  - operator: Exists
+  priorityClassName: system-node-critical
+status: {}