Prevent the DNS record from getting reset to the Pod's Container's in…

…ternal IP address.
freeipa · Nov 27, 2024 · 6b31e8d · 6b31e8d
1 parent 7d38f2e
commit 6b31e8d
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 1 deletion.
diff --git a/tests/freeipa-k3s.yaml b/tests/freeipa-k3s.yaml
@@ -102,6 +102,8 @@ spec:
           key: admin.password
     - name: IPA_SERVER_INSTALL_OPTS
       value: "-U -r CLUSTER.LOCAL --setup-dns --no-forwarders --no-ntp --ip-address=10.43.201.201"
+    - name: IPA_SERVER_IP
+      value: 10.43.201.201
     readinessProbe:
       exec:
         command: [ "/usr/bin/systemctl", "status", "ipa" ]

diff --git a/tests/freeipa-replica-k3s.yaml b/tests/freeipa-replica-k3s.yaml
@@ -95,6 +95,8 @@ spec:
         secretKeyRef:
           name: freeipa-server-password
           key: admin.password
+    - name: IPA_SERVER_IP
+      value: 10.43.202.202
     readinessProbe:
       exec:
         command: [ "/usr/bin/systemctl", "status", "ipa" ]

diff --git a/tests/run-master-in-k3s.sh b/tests/run-master-in-k3s.sh
@@ -51,10 +51,12 @@ if ! test -f /etc/resolv.conf.backup ; then
 	sudo mv /etc/resolv.conf /etc/resolv.conf.backup
 fi
 sudo systemctl stop systemd-resolved.service || :
-echo nameserver $( kubectl get -o=jsonpath='{.spec.clusterIP}' service freeipa-server-service ) | sudo tee /etc/resolv.conf
+IPA_SERVER_IP=$( kubectl get -o=jsonpath='{.spec.clusterIP}' service freeipa-server-service )
+echo nameserver $IPA_SERVER_IP | sudo tee /etc/resolv.conf
 curl -Lk https://$IPA_SERVER_HOSTNAME/ | grep -E 'IPA: Identity Policy Audit|Identity Management'
 curl -H "Referer: https://$IPA_SERVER_HOSTNAME/ipa/ui/" -H 'Accept-Language: fr' -d '{"method":"i18n_messages","params":[[],{}]}' -k https://$IPA_SERVER_HOSTNAME/ipa/i18n_messages | grep -q utilisateur
 echo Secret123 | kubectl exec -i pod/freeipa-server -- kinit admin
+dig +short $IPA_SERVER_HOSTNAME | tee /dev/stderr | grep -Fq $IPA_SERVER_IP
 kill $MASTER_LOGS_PID 2> /dev/null || :
 trap - EXIT
 
@@ -77,5 +79,9 @@ IPA_REPLICA_HOSTNAME=$( kubectl exec pod/freeipa-replica -- hostname -f )
 curl -Lk https://$IPA_REPLICA_HOSTNAME/ | grep -E 'IPA: Identity Policy Audit|Identity Management'
 curl -H "Referer: https://$IPA_REPLICA_HOSTNAME/ipa/ui/" -H 'Accept-Language: fr' -d '{"method":"i18n_messages","params":[[],{}]}' -k https://$IPA_REPLICA_HOSTNAME/ipa/i18n_messages | grep -q utilisateur
 echo Secret123 | kubectl exec -i pod/freeipa-replica -- kinit admin
+IPA_REPLICA_IP=$( kubectl get -o=jsonpath='{.spec.clusterIP}' service freeipa-replica-service )
+dig +short $IPA_REPLICA_HOSTNAME | tee /dev/stderr | grep -Fq $IPA_REPLICA_IP
 kill $REPLICA_LOGS_PID 2> /dev/null || :
 trap - EXIT
+
+echo OK $0.