From 03ca146ef37144ed759bd28ebd6c5bb3587f36fd Mon Sep 17 00:00:00 2001
From: Barak Michener <me@barakmich.com>
Date: Tue, 19 Sep 2017 12:07:10 -0700
Subject: [PATCH] Add option for Cluster DNS having a FQDN other than
 cluster.local

---
 assets.tf                                    | 1 +
 resources/manifests/kube-dns-deployment.yaml | 8 ++++----
 tls-k8s.tf                                   | 2 +-
 variables.tf                                 | 6 ++++++
 4 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/assets.tf b/assets.tf
index 9a0cf34..01d375c 100644
--- a/assets.tf
+++ b/assets.tf
@@ -30,6 +30,7 @@ resource "template_dir" "manifests" {
     cloud_provider      = "${var.cloud_provider}"
     pod_cidr            = "${var.pod_cidr}"
     service_cidr        = "${var.service_cidr}"
+    cluster_dns_fqdn    = "${var.cluster_dns_fqdn}"
     kube_dns_service_ip = "${cidrhost(var.service_cidr, 10)}"
 
     ca_cert            = "${base64encode(var.ca_certificate == "" ? join(" ", tls_self_signed_cert.kube-ca.*.cert_pem) : var.ca_certificate)}"
diff --git a/resources/manifests/kube-dns-deployment.yaml b/resources/manifests/kube-dns-deployment.yaml
index c5aa06d..af97737 100644
--- a/resources/manifests/kube-dns-deployment.yaml
+++ b/resources/manifests/kube-dns-deployment.yaml
@@ -67,7 +67,7 @@ spec:
           initialDelaySeconds: 3
           timeoutSeconds: 5
         args:
-        - --domain=cluster.local.
+        - --domain=${cluster_dns_fqdn}.
         - --dns-port=10053
         - --config-dir=/kube-dns-config
         - --v=2
@@ -108,7 +108,7 @@ spec:
         - --cache-size=1000
         - --no-negcache
         - --log-facility=-
-        - --server=/cluster.local/127.0.0.1#10053
+        - --server=/${cluster_dns_fqdn}/127.0.0.1#10053
         - --server=/in-addr.arpa/127.0.0.1#10053
         - --server=/ip6.arpa/127.0.0.1#10053
         ports:
@@ -140,8 +140,8 @@ spec:
         args:
         - --v=2
         - --logtostderr
-        - --probe=kubedns,127.0.0.1:10053,kubernetes.default.svc.cluster.local,5,A
-        - --probe=dnsmasq,127.0.0.1:53,kubernetes.default.svc.cluster.local,5,A
+        - --probe=kubedns,127.0.0.1:10053,kubernetes.default.svc.${cluster_dns_fqdn},5,A
+        - --probe=dnsmasq,127.0.0.1:53,kubernetes.default.svc.${cluster_dns_fqdn},5,A
         ports:
         - containerPort: 10054
           name: metrics
diff --git a/tls-k8s.tf b/tls-k8s.tf
index 5295ec7..be53f03 100644
--- a/tls-k8s.tf
+++ b/tls-k8s.tf
@@ -70,7 +70,7 @@ resource "tls_cert_request" "apiserver" {
     "kubernetes",
     "kubernetes.default",
     "kubernetes.default.svc",
-    "kubernetes.default.svc.cluster.local",
+    "kubernetes.default.svc.${var.cluster_dns_fqdn}",
   ]
 
   ip_addresses = [
diff --git a/variables.tf b/variables.tf
index a7812c1..e6bd72d 100644
--- a/variables.tf
+++ b/variables.tf
@@ -52,6 +52,12 @@ EOD
   default = "10.3.0.0/24"
 }
 
+variable "cluster_dns_fqdn" {
+  description = "The FQDN base to use for DNS within the cluster (eg, KubeDNS)"
+  type        = "string"
+  default     = "cluster.local"
+}
+
 variable "container_images" {
   description = "Container images to use"
   type        = "map"