From fb9155c4502eb761e6713409d9dafceb53de3b8f Mon Sep 17 00:00:00 2001
From: Thomas Nys <hello@thomasnys.com>
Date: Fri, 9 Nov 2018 11:30:35 +0100
Subject: [PATCH] Add the option to create a DNS record for bastion deployed to
 Azure (#3675)

This is rather convenient if you want to configure exceptions on a
company firewall.
---
 contrib/azurerm/group_vars/all                             | 4 ++++
 .../roles/generate-templates/templates/bastion.json        | 7 ++++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/contrib/azurerm/group_vars/all b/contrib/azurerm/group_vars/all
index 7aaa346f6..52b19b1e3 100644
--- a/contrib/azurerm/group_vars/all
+++ b/contrib/azurerm/group_vars/all
@@ -7,6 +7,10 @@ cluster_name: example
 # node that can be used to access the masters and minions
 use_bastion: false
 
+# Set this to a prefered name that will be used as the first part of the dns name for your bastotion host. For example: k8s-bastion.<azureregion>.cloudapp.azure.com.
+# This is convenient when exceptions have to be configured on a firewall to allow ssh to the given bastion host.
+# bastion_domain_prefix: k8s-bastion
+
 number_of_k8s_masters: 3
 number_of_k8s_nodes: 3
 
diff --git a/contrib/azurerm/roles/generate-templates/templates/bastion.json b/contrib/azurerm/roles/generate-templates/templates/bastion.json
index 5bf1d75ee..d7fd9c8f6 100644
--- a/contrib/azurerm/roles/generate-templates/templates/bastion.json
+++ b/contrib/azurerm/roles/generate-templates/templates/bastion.json
@@ -15,7 +15,12 @@
       "name": "{{bastionIPAddressName}}",
       "location": "[resourceGroup().location]",
       "properties": {
-        "publicIPAllocationMethod": "Static"
+        "publicIPAllocationMethod": "Static",
+        "dnsSettings": {
+          {% if bastion_domain_prefix %}
+          "domainNameLabel": "{{ bastion_domain_prefix }}"
+          {% endif %}
+        }
       }
     },
     {
-- 
GitLab