implement dns configuration

deploy/config.yaml.example

@@ -4,12 +4,12 @@ rps:
   resourceGroupName: aro-eastus
   configuration:
     databaseAccountName: ''
-    domainName: ''
     keyvaultPrefix: ''
     rpServerCertCommonName: ''
 configuration:
   adminApiCaBundle: ''
   adminApiClientCertCommonName: ''
+  clusterParentDomainName: ''
   extraCosmosDBIPs: ''
   extraKeyvaultAccessPolicies: []
   fpServicePrincipalId: ''
@@ -24,4 +24,5 @@ configuration:
   rpImage: ''
   rpImageAuth: ''
   rpMode: ''
+  rpParentDomainName: ''
   sshPublicKey: ''

deploy/rp-development.json

@@ -179,5 +179,15 @@
                 "[resourceId('Microsoft.Network/dnsZones', parameters('domainName'))]"
             ]
         }
-    ]
+    ],
+    "outputs": {
+        "[concat(parameters('domainName'), '-nameServers')]": {
+            "type": "array",
+            "value": "[reference(resourceId('Microsoft.Network/dnsZones', parameters('domainName')), '2019-07-01').nameServers]"
+        },
+        "rp-pip-ipAddress": {
+            "type": "string",
+            "value": "[reference(resourceId('Microsoft.Network/publicIPAddresses', 'rp-pip'), '2019-07-01').ipAddress]"
+        }
+    }
 }

deploy/rp-production.json

@@ -578,5 +578,15 @@
                 "[resourceId('Microsoft.Network/dnsZones', parameters('domainName'))]"
             ]
         }
-    ]
+    ],
+    "outputs": {
+        "[concat(parameters('domainName'), '-nameServers')]": {
+            "type": "array",
+            "value": "[reference(resourceId('Microsoft.Network/dnsZones', parameters('domainName')), '2019-07-01').nameServers]"
+        },
+        "rp-pip-ipAddress": {
+            "type": "string",
+            "value": "[reference(resourceId('Microsoft.Network/publicIPAddresses', 'rp-pip'), '2019-07-01').ipAddress]"
+        }
+    }
 }

pkg/deploy/config.go

@@ -30,8 +30,8 @@ type Configuration struct {
 	ACRResourceID                string        `json:"acrResourceId,omitempty"`
 	AdminAPICABundle             string        `json:"adminApiCaBundle,omitempty"`
 	AdminAPIClientCertCommonName string        `json:"adminApiClientCertCommonName,omitempty"`
+	ClusterParentDomainName      string        `json:"clusterParentDomainName,omitempty"`
 	DatabaseAccountName          string        `json:"databaseAccountName,omitempty"`
-	DomainName                   string        `json:"domainName,omitempty"`
 	ExtraCosmosDBIPs             string        `json:"extraCosmosDBIPs,omitempty"`
 	ExtraKeyvaultAccessPolicies  []interface{} `json:"extraKeyvaultAccessPolicies,omitempty"`
 	FPServicePrincipalID         string        `json:"fpServicePrincipalId,omitempty"`
@@ -47,6 +47,7 @@ type Configuration struct {
 	RPImage                      string        `json:"rpImage,omitempty"`
 	RPImageAuth                  string        `json:"rpImageAuth,omitempty"`
 	RPMode                       string        `json:"rpMode,omitempty"`
+	RPParentDomainName           string        `json:"rpParentDomainName,omitempty"`
 	RPServerCertCommonName       string        `json:"rpServerCertCommonName,omitempty"`
 	SSHPublicKey                 string        `json:"sshPublicKey,omitempty"`
 }

pkg/deploy/config_test.go

@@ -40,7 +40,7 @@ func TestConfigurationFieldParity(t *testing.T) {
 		// check each parameter exists as a field in Configuration
 		for name := range params.Parameters {
 			switch name {
-			case "rpServicePrincipalId", "vmssName":
+			case "domainName", "rpServicePrincipalId", "vmssName":
 			default:
 				if _, found := m[name]; !found {
 					t.Errorf("field %s not found in config.Configuration but exists in templates", name)
@@ -64,15 +64,15 @@ func TestMergeConfig(t *testing.T) {
 			name: "overrides",
 			primary: Configuration{
 				DatabaseAccountName: "primary accountname",
-				DomainName:          "primary domain",
+				ExtraCosmosDBIPs:    "primary cosmosdb",
 			},
 			secondary: Configuration{
-				DomainName:     "secondary domain",
-				KeyvaultPrefix: "secondary kv",
+				ExtraCosmosDBIPs: "secondary cosmosdb",
+				KeyvaultPrefix:   "secondary kv",
 			},
 			want: Configuration{
 				DatabaseAccountName: "primary accountname",
-				DomainName:          "primary domain",
+				ExtraCosmosDBIPs:    "primary cosmosdb",
 				KeyvaultPrefix:      "secondary kv",
 			},
 		},

pkg/deploy/deploy.go

@@ -15,6 +15,7 @@ import (
 	"time"
 
 	mgmtcompute "github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2019-03-01/compute"
+	mgmtdns "github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns"
 	mgmtresources "github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/resources"
 	"github.com/Azure/go-autorest/autorest/azure"
 	"github.com/Azure/go-autorest/autorest/azure/auth"
@@ -26,6 +27,7 @@ import (
 	"github.com/Azure/ARO-RP/pkg/util/arm"
 	"github.com/Azure/ARO-RP/pkg/util/azureclient/mgmt/compute"
 	"github.com/Azure/ARO-RP/pkg/util/azureclient/mgmt/containerregistry"
+	"github.com/Azure/ARO-RP/pkg/util/azureclient/mgmt/dns"
 	"github.com/Azure/ARO-RP/pkg/util/azureclient/mgmt/resources"
 	"github.com/Azure/ARO-RP/pkg/util/keyvault"
 )
@@ -42,6 +44,7 @@ type deployer struct {
 	log *logrus.Entry
 
 	globaldeployments  resources.DeploymentsClient
+	globalrecordsets   dns.RecordSetsClient
 	globalreplications containerregistry.ReplicationsClient
 	deployments        resources.DeploymentsClient
 	groups             resources.GroupsClient
@@ -71,6 +74,7 @@ func New(ctx context.Context, log *logrus.Entry, config *RPConfig, version strin
 		log: log,
 
 		globaldeployments:  resources.NewDeploymentsClient(config.Configuration.GlobalSubscriptionID, authorizer),
+		globalrecordsets:   dns.NewRecordSetsClient(config.Configuration.GlobalSubscriptionID, authorizer),
 		globalreplications: containerregistry.NewReplicationsClient(config.Configuration.GlobalSubscriptionID, authorizer),
 		deployments:        resources.NewDeploymentsClient(config.SubscriptionID, authorizer),
 		groups:             resources.NewGroupsClient(config.SubscriptionID, authorizer),
@@ -103,21 +107,47 @@ func (d *deployer) Deploy(ctx context.Context, rpServicePrincipalID string) erro
 	}
 
 	parameters := d.getParameters(template["parameters"].(map[string]interface{}))
-	parameters.Parameters["vmssName"] = &arm.ParametersParameter{
-		Value: d.version,
+	parameters.Parameters["domainName"] = &arm.ParametersParameter{
+		Value: d.config.Location + "." + d.config.Configuration.ClusterParentDomainName,
 	}
 	parameters.Parameters["rpServicePrincipalId"] = &arm.ParametersParameter{
 		Value: rpServicePrincipalID,
 	}
+	parameters.Parameters["vmssName"] = &arm.ParametersParameter{
+		Value: d.version,
+	}
 
 	d.log.Printf("deploying rp version %s to %s", d.version, d.config.ResourceGroupName)
-	return d.deployments.CreateOrUpdateAndWait(ctx, d.config.ResourceGroupName, "rp-production-"+d.version, mgmtresources.Deployment{
+	err = d.deployments.CreateOrUpdateAndWait(ctx, d.config.ResourceGroupName, "rp-production-"+d.version, mgmtresources.Deployment{
 		Properties: &mgmtresources.DeploymentProperties{
 			Template:   template,
 			Mode:       mgmtresources.Incremental,
 			Parameters: parameters.Parameters,
 		},
 	})
+	if err != nil {
+		return err
+	}
+
+	deployment, err := d.deployments.Get(ctx, d.config.ResourceGroupName, "rp-production-"+d.version)
+	if err != nil {
+		return err
+	}
+
+	rpPipIPAddress := deployment.Properties.Outputs.(map[string]interface{})["rp-pip-ipAddress"].(map[string]interface{})["value"].(string)
+
+	_nameServers := deployment.Properties.Outputs.(map[string]interface{})[parameters.Parameters["domainName"].Value.(string)+"-nameServers"].(map[string]interface{})["value"].([]interface{})
+	nameServers := make([]string, 0, len(_nameServers))
+	for _, ns := range _nameServers {
+		nameServers = append(nameServers, ns.(string))
+	}
+
+	err = d.configureDNS(ctx, rpPipIPAddress, nameServers)
+	if err != nil {
+		return err
+	}
+
+	return nil
 }
 
 func (d *deployer) Upgrade(ctx context.Context) error {
@@ -210,6 +240,37 @@ func (d *deployer) removeOldScalesets(ctx context.Context) error {
 	return nil
 }
 
+func (d *deployer) configureDNS(ctx context.Context, rpPipIPAddress string, nameServers []string) error {
+	_, err := d.globalrecordsets.CreateOrUpdate(ctx, d.config.Configuration.GlobalResourceGroupName, d.config.Configuration.RPParentDomainName, d.config.Location, mgmtdns.A, mgmtdns.RecordSet{
+		RecordSetProperties: &mgmtdns.RecordSetProperties{
+			TTL: to.Int64Ptr(3600),
+			ARecords: &[]mgmtdns.ARecord{
+				{
+					Ipv4Address: &rpPipIPAddress,
+				},
+			},
+		},
+	}, "", "")
+	if err != nil {
+		return err
+	}
+
+	nsRecords := make([]mgmtdns.NsRecord, 0, len(nameServers))
+	for i := range nameServers {
+		nsRecords = append(nsRecords, mgmtdns.NsRecord{
+			Nsdname: &nameServers[i],
+		})
+	}
+
+	_, err = d.globalrecordsets.CreateOrUpdate(ctx, d.config.Configuration.GlobalResourceGroupName, d.config.Configuration.ClusterParentDomainName, d.config.Location, mgmtdns.NS, mgmtdns.RecordSet{
+		RecordSetProperties: &mgmtdns.RecordSetProperties{
+			TTL:       to.Int64Ptr(3600),
+			NsRecords: &nsRecords,
+		},
+	}, "", "")
+	return err
+}
+
 // getParameters returns an *arm.Parameters populated with parameter names and
 // values.  The names are taken from the ps argument and the values are taken
 // from d.config.Configuration.

pkg/deploy/generator/templates.go

@@ -76,6 +76,17 @@ func (g *generator) rpTemplate() *arm.Template {
 	t.Resources = append(t.Resources, g.cosmosdb()...)
 	t.Resources = append(t.Resources, g.rbac()...)
 
+	t.Outputs = map[string]*arm.Output{
+		"[concat(parameters('domainName'), '-nameServers')]": {
+			Type:  "array",
+			Value: "[reference(resourceId('Microsoft.Network/dnsZones', parameters('domainName')), '2019-07-01').nameServers]",
+		},
+		"rp-pip-ipAddress": {
+			Type:  "string",
+			Value: "[reference(resourceId('Microsoft.Network/publicIPAddresses', 'rp-pip'), '2019-07-01').ipAddress]",
+		},
+	}
+
 	return t
 }