Cray System Management Documentation > Cray System Management (CSM) Administration Guide > network > external dns > Update the cmn-external-dns value post-installation

Update the `cmn-external-dns` value post-installation

By default, the services/cray-dns-powerdns-cmn-tcp and services/cray-dns-powerdns-cmn-udp services both share the same Customer Management Network (CMN) external IP address. This is defined by the cmn-external-dns value, which is specified during the csi config init input.

The IP address must be in the static range reserved in MetalLB’s cmn-static-pool subnet. Currently, this is the only CMN IP address that must be known external to the system, in order for external DNS to delegate the system-name.site-domain zone to services/cray-dns-powerdns deployment.

Changing this value after install is relatively straightforward, and only requires the external IP address for services/cray-dns-powerdns-cmn-tcp and services/cray-dns-powerdns-cmn-udp services to be changed. This procedure will update the IP addresses that DNS queries.

Prerequisites

The system is installed.

Procedure

Update the LoadBalancer IP address

(ncn-m001#) Find the external IP address for the services/cray-dns-powerdns-cmn-tcp and services/cray-dns-powerdns-cmn-tcp services.

kubectl -n services get svc | grep cray-dns-powerdns-cmn-

Example output:

cray-dns-powerdns-cmn-tcp                     LoadBalancer   10.25.211.48    10.102.14.113   53:31111/TCP                 2d2h
cray-dns-powerdns-cmn-udp                     LoadBalancer   10.25.156.88    10.102.14.113   53:32674/UDP                 2d2h

Edit the services and change spec.loadBalancerIP to the desired CMN IP address.
1. (ncn-m001#) Edit the cray-dns-powerdns-cmn-tcp service.
```
kubectl -n services edit svc cray-dns-powerdns-cmn-tcp
```
2. (ncn-m001#) Edit the cray-dns-powerdns-cmn-udp service.
```
kubectl -n services edit svc cray-dns-powerdns-cmn-udp
```

Update SLS

The external-dns IP address reservation in the SLS CMN cmn_metallb_static_pool subnet should be updated to the desired CMN IP address.

(ncn-m001#) Retrieve the SLS data for CMN.

export TOKEN=$(curl -s -k -S -d grant_type=client_credentials \
    -d client_id=admin-client -d client_secret=`kubectl get secrets admin-client-auth \
    -o jsonpath='{.data.client-secret}' | base64 -d` \
    https://api-gw-service-nmn.local/keycloak/realms/shasta/protocol/openid-connect/token \
  | jq -r '.access_token')

curl -s -k -H "Authorization: Bearer ${TOKEN}" \
    https://api-gw-service-nmn.local/apis/sls/v1/networks/CMN|jq > CMN.json

cp CMN.json CMN.json.bak

(ncn-m001#) Update the external-dns IP address in CMN.json to the desired CMN IP address.

{
  "Comment": "site to system lookups",
  "IPAddress": "x.x.x.x",
  "Name": "external-dns"
}

(ncn-m001#) Upload the updated CMN.json file to SLS.

curl -s -k -H "Authorization: Bearer ${TOKEN}" --header \
    "Content-Type: application/json" --request PUT --data @CMN.json \
    https://api-gw-service-nmn.local/apis/sls/v1/networks/CMN

Update `customizations.yaml`

IMPORTANT: If this step is not performed, then the PowerDNS configuration will be overwritten with the previous value the next time CSM or the cray-dns-powerdns Helm chart is upgraded.

(ncn-m001#) Extract customizations.yaml from the site-init secret in the loftsman namespace.

kubectl -n loftsman get secret site-init -o json | jq -r '.data."customizations.yaml"' | base64 -d > customizations.yaml

(ncn-m001#) Update system_to_site_lookups in customizations.yaml to the desired CMN IP address.
```
spec:
  network:
    netstaticips:
      site_to_system_lookups: x.x.x.x
```

(ncn-m001#) Update the site-init secret in the loftsman namespace.

kubectl delete secret -n loftsman site-init
kubectl create secret -n loftsman generic site-init --from-file=customizations.yaml