From fb9155c4502eb761e6713409d9dafceb53de3b8f Mon Sep 17 00:00:00 2001 From: Thomas Nys Date: Fri, 9 Nov 2018 11:30:35 +0100 Subject: [PATCH] Add the option to create a DNS record for bastion deployed to Azure (#3675) This is rather convenient if you want to configure exceptions on a company firewall. --- contrib/azurerm/group_vars/all | 4 ++++ .../roles/generate-templates/templates/bastion.json | 7 ++++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/contrib/azurerm/group_vars/all b/contrib/azurerm/group_vars/all index 7aaa346f6..52b19b1e3 100644 --- a/contrib/azurerm/group_vars/all +++ b/contrib/azurerm/group_vars/all @@ -7,6 +7,10 @@ cluster_name: example # node that can be used to access the masters and minions use_bastion: false +# Set this to a prefered name that will be used as the first part of the dns name for your bastotion host. For example: k8s-bastion..cloudapp.azure.com. +# This is convenient when exceptions have to be configured on a firewall to allow ssh to the given bastion host. +# bastion_domain_prefix: k8s-bastion + number_of_k8s_masters: 3 number_of_k8s_nodes: 3 diff --git a/contrib/azurerm/roles/generate-templates/templates/bastion.json b/contrib/azurerm/roles/generate-templates/templates/bastion.json index 5bf1d75ee..d7fd9c8f6 100644 --- a/contrib/azurerm/roles/generate-templates/templates/bastion.json +++ b/contrib/azurerm/roles/generate-templates/templates/bastion.json @@ -15,7 +15,12 @@ "name": "{{bastionIPAddressName}}", "location": "[resourceGroup().location]", "properties": { - "publicIPAllocationMethod": "Static" + "publicIPAllocationMethod": "Static", + "dnsSettings": { + {% if bastion_domain_prefix %} + "domainNameLabel": "{{ bastion_domain_prefix }}" + {% endif %} + } } }, {