External DNS Service Integration¶
Since the Mitaka release, neutron has an interface defined to interact with an external DNS service. This interface is based on an abstract driver that can be used as the base class to implement concrete drivers to interact with various DNS services. The reference implementation of such a driver integrates neutron with OpenStack Designate.
This integration allows users to publish dns_name and dns_domain attributes associated with floating IP addresses, ports, and networks in an external DNS service.
Changes to the neutron API¶
To support integration with an external DNS service, the dns_name and dns_domain attributes were added to floating ips, ports and networks. The dns_name specifies the name to be associated with a corresponding IP address, both of which will be published to an existing domain with the name dns_domain in the external DNS service.
Specifically, floating ips, ports and networks are extended as follows:
Floating ips have a dns_name and a dns_domain attribute.
Ports have a dns_name attribute.
Networks have a dns_domain attributes.
Pre-configured domains for projects and users¶
ML2 plugin extension dns_domain_keywords
provides same dns integration as
dns_domain_ports
and subnet_dns_publish_fixed_ip
and it also allows to
configure network’s dns_domain with some specific keywords: <project_id>
,
<project_name>
, <user_id>
, <user_name>
. Please see example below
for more details.
Create DNS zone.
0511951bd56e4a0aac27ac65e00bddd0
is ID of the project used in the example$ openstack zone create 0511951bd56e4a0aac27ac65e00bddd0.example.com. --email admin@0511951bd56e4a0aac27ac65e00bddd0.example.com +----------------+----------------------------------------------------+ | Field | Value | +----------------+----------------------------------------------------+ | action | CREATE | | attributes | | | created_at | 2021-02-19T14:48:06.000000 | | description | None | | email | admin@0511951bd56e4a0aac27ac65e00bddd0.example.com | | id | c14a8edc-d0b9-4cdd-93f1-1ab5a5f5ff9d | | masters | | | name | 0511951bd56e4a0aac27ac65e00bddd0.example.com. | | pool_id | 794ccc2c-d751-44fe-b57f-8894c9f5c842 | | project_id | 0511951bd56e4a0aac27ac65e00bddd0 | | serial | 1613746085 | | status | PENDING | | transferred_at | None | | ttl | 3600 | | type | PRIMARY | | updated_at | None | | version | 1 | +----------------+----------------------------------------------------+
Create network with dns_domain
$ openstack network create dns-test-network --dns-domain "<project_id>.demo.net." +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | UP | | availability_zone_hints | | | availability_zones | | | created_at | 2021-02-19T15:16:36Z | | description | | | dns_domain | <project_id>.demo.net. | | id | fb247287-43aa-4a83-b768-a3b34dc6735a | | ipv4_address_scope | None | | ipv6_address_scope | None | | is_default | False | | is_vlan_transparent | None | | mtu | 1450 | | name | dns-test-network | | port_security_enabled | True | | project_id | 0511951bd56e4a0aac27ac65e00bddd0 | | provider:network_type | vxlan | | provider:physical_network | None | | provider:segmentation_id | 1003 | | qos_policy_id | None | | revision_number | 1 | | router:external | Internal | | segments | None | | shared | False | | status | ACTIVE | | subnets | | | tags | | | updated_at | 2021-02-19T15:16:37Z | +---------------------------+--------------------------------------+ $ openstack subnet create --network dns-test-network --subnet-range 192.168.100.0/24 --dns-publish-fixed-ip dns-test-subnet +----------------------+--------------------------------------+ | Field | Value | +----------------------+--------------------------------------+ | allocation_pools | 192.168.100.2-192.168.100.254 | | cidr | 192.168.100.0/24 | | created_at | 2021-02-19T15:21:50Z | | description | | | dns_nameservers | | | dns_publish_fixed_ip | True | | enable_dhcp | True | | gateway_ip | 192.168.100.1 | | host_routes | | | id | 2547a3f2-374f-4262-aed5-3a69af73e732 | | ip_version | 4 | | ipv6_address_mode | None | | ipv6_ra_mode | None | | name | dns-test-subnet | | network_id | fb247287-43aa-4a83-b768-a3b34dc6735a | | prefix_length | None | | project_id | 0511951bd56e4a0aac27ac65e00bddd0 | | revision_number | 0 | | segment_id | None | | service_types | | | subnetpool_id | None | | tags | | | updated_at | 2021-02-19T15:21:50Z | +----------------------+--------------------------------------+
Create port in that network
$ openstack port create --network dns-test-network --dns-name dns-test-port test-port +-------------------------+---------------------------------------------------------------------------------------------------------------------------+ | Field | Value | +-------------------------+---------------------------------------------------------------------------------------------------------------------------+ | admin_state_up | UP | | allowed_address_pairs | | | binding_host_id | | | binding_profile | | | binding_vif_details | | | binding_vif_type | unbound | | binding_vnic_type | normal | | created_at | 2021-02-19T15:22:51Z | | data_plane_status | None | | description | | | device_id | | | device_owner | | | device_profile | None | | dns_assignment | fqdn='dns-test-port.0511951bd56e4a0aac27ac65e00bddd0.example.com.', hostname='dns-test-port', ip_address='192.168.100.17' | | dns_domain | | | dns_name | dns-test-port | | extra_dhcp_opts | | | fixed_ips | ip_address='192.168.100.17', subnet_id='2547a3f2-374f-4262-aed5-3a69af73e732' | | id | f30908a1-6ef5-4137-bff4-c1205c6660ee | | ip_allocation | None | | mac_address | fa:16:3e:e8:33:b8 | | name | test-port | | network_id | fb247287-43aa-4a83-b768-a3b34dc6735a | | numa_affinity_policy | None | | port_security_enabled | True | | project_id | 0511951bd56e4a0aac27ac65e00bddd0 | | propagate_uplink_status | None | | qos_network_policy_id | None | | qos_policy_id | None | | resource_request | None | | revision_number | 1 | | security_group_ids | 4425c3fd-6705-4134-9878-07b333d81314 | | status | DOWN | | tags | | | trunk_details | None | | updated_at | 2021-02-19T15:22:51Z | +-------------------------+---------------------------------------------------------------------------------------------------------------------------+
Test if recordset was created properly in the DNS zone
$ openstack recordset list c14a8edc-d0b9-4cdd-93f1-1ab5a5f5ff9d +--------------------------------------+-------------------------------------------------------------+------+------------------------------------------------------------------------------------------------------+--------+--------+ | id | name | type | records | status | action | +--------------------------------------+-------------------------------------------------------------+------+------------------------------------------------------------------------------------------------------+--------+--------+ | 1c302468-4e30-466e-9330-e4cd9191ff99 | 0511951bd56e4a0aac27ac65e00bddd0.example.com. | SOA | ns1.devstack.org. admin.0511951bd56e4a0aac27ac65e00bddd0.example.com. 1613748171 3549 600 86400 3600 | ACTIVE | NONE | | 99ce92d1-8c7a-4193-aeb2-44835048a6fa | 0511951bd56e4a0aac27ac65e00bddd0.example.com. | NS | ns1.devstack.org. | ACTIVE | NONE | | 01f0569d-ce81-4424-915f-c6fe6229256e | dns-test-port.0511951bd56e4a0aac27ac65e00bddd0.example.com. | A | 192.168.100.17 | ACTIVE | NONE | +--------------------------------------+-------------------------------------------------------------+------+------------------------------------------------------------------------------------------------------+--------+--------+