Open in app

Sign in

Write

Sign in

FreeIPA creating SRV records simple Cheat Sheet

Ola Sumbo
2 min readJun 26, 2020

#Cheat Sheet cheap from my OCP4 Late night escapades!

Cluster Setup: <component>.<cluster_name>.<base_domain>. e.g

etcd-0.ocp4-dev.ephicolabs.com

etcd-1.ocp4-dev.ephicolabs.com

etcd-2.ocp4-dev.ephicolabs.com

SRV Records: _etcd-server-ssl._tcp.<cluster_name>.<base_domain>.

Actual Name: _etcd-server-ssl._tcp.ocp4-dev.ephicolabs.com.

Note the dot(.) at the end of the name

[root@ipa ~]# kinit admin

Password for admin@EPHICOLABS.COM

[root@ipa ~]# klist

Ticket cache: KEYRING:persistent:0:0

Default principal: admin@EPHICOLABS.COM

Valid starting Expires Service principal

06/26/2020 13:22:18 06/27/2020 13:22:12 krbtgt/EPHICOLABS.COM@EPHICOLABS.COM

[root@ipa ~]#

[root@ipa ~]# ipa dnsrecord-add ocp4-dev.ephicolabs.com

Record name: _etcd-server-ssl._tcp.ocp4-dev.ephicolabs.com. =>enter and Please note dot (.) at the end

Please choose a type of DNS resource record to be added

The most common types for this type of zone are: A, AAAA

DNS resource record type: SRV

SRV Priority (order): 0

SRV Weight: 10

SRV Port: 2380

SRV Target: etcd-0.ocp4-dev.ephicolabs.com

Record name: _etcd-server-ssl._tcp

SRV record: 0 10 2380 etcd-0.ocp4-dev.ephicolabs.com

Now verify that the requested SRV record has been created.

[root@ipa ~]# dig _etcd-server-ssl._tcp.ocp4-dev.ephicolabs.com SRV +short

0 10 2380 etcd-0.ocp4-dev.ephicolabs.com.ocp4-dev.ephicolabs.com.

Add more.

[root@ipa ~]# ipa dnsrecord-add ocp4-dev.ephicolabs.com

Record name: _etcd-server-ssl._tcp.ocp4-dev.ephicolabs.com. ==> enter

DNS resource record type: SRV

SRV Priority (order): 0

SRV Weight: 10

SRV Port: 2380

SRV Target: etcd-1.ocp4-dev.ephicolabs.com

Record name: _etcd-server-ssl._tcp

SRV record: 0 10 2380 etcd-0.ocp4-dev.ephicolabs.com, 0 10 2380 etcd-1.ocp4-dev.ephicolabs.com.

OR after you created the first one. You can simply lookup the name and start using it to add more records as shown below

[root@ipa ~]# ipa dnsrecord-find ocp4-dev.ephicolabs.com --name=_etcd-server-ssl._tcp

Record name: _etcd-server-ssl._tcp

SRV record: 0 10 2380 etcd-0.ocp4-dev.ephicolabs.com, 0 10 2380 etcd-1.ocp4-dev.ephicolabs.com

[root@ipa ~]# ipa dnsrecord-add ocp4-dev.ephicolabs.com _etcd-server-ssl._tcp

DNS resource record type: SRV

SRV Priority (order): 0

SRV Weight: 10

SRV Port: 2380

SRV Target: etcd-2.ocp4-dev.ephicolabs.com

Record name: _etcd-server-ssl._tcp

SRV record: 0 10 2380 etcd-0.ocp4-dev.ephicolabs.com, 0 10 2380 etcd-1.ocp4-dev.ephicolabs.com, 0 10 2380 etcd-2.ocp4-dev.ephicolabs.com

--

--

Ola Sumbo

Written by Ola Sumbo

25 Followers

I'm an SME on anything Openshift, Kubernetes, Containers, Microservices, and DevOps in General. I love solving enterprise problems. Red Hat RHCA Level 1, CKA

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams