THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Page History
...
At this moment, we're using our own repository, branch 4.3.0-dnsapi: https://github.com/globocom/cloudstack/tree/4.3.0-dnsapi. However, we hope to commit these changes to branch 4.5 from in Cloudstack repository.
Introduction
...
This proposal includes both GloboDNS (a DNS API) to be run in a DNS server and a plugin designed for integrating virtual machines and virtual networks in Cloudstack with DNS APIGloboDNS.
Purpose
Allow Cloudstack to manage DNS domains and records in Bind DNS or PowerDNS, through Globo.com DNSAPI GloboDNS (https://github.com/globocom/Dns-ApiGloboDNS).
References
Document History
...
Create a network provider of DNS, called DNSAPIGloboDNS, so users can choose to register records in a centralized DNS server or keep using Virtual Router in others networks.
Administrators can choose which domains will be visible to other networks. By using a network offering with Virtual Router as DNS provider, names from this network will not be visible to other networks, but will be able to translate names from networks that use DNSAPI GloboDNS as DNS provider. This is guaranteed if the DNS server managed by DNSAPI GloboDNS is the same as the internal DNS of a zone.
DNSAPI GloboDNS only manage names of virtual machines of types User, Console Proxy and Domain Router.
It is necessary to activate DNSAPI GloboDNS in each zone you want to use it.
Networks with DNSAPI GloboDNS as DNS provider will not use Virtual Router as DNS service, but that does not prevent Virtual Router from being used for other services, such as DHCP.
DNS records use machine hostname as name
Plugin handles reverse domains and reverse records as well.
It is expected to work with any hypervisor, but tests were conducted only with XenServer 6.2.
Networks using DNSAPI GloboDNS as DNS provider need to have access to Bind servers. The plugin does not control network ACLs.
Opened Open Issues:
When a network is deleted, its network domain is erased in Bind server, along with reverse domain, all records and reverse records. It is recommended to use exclusive names as network domains to avoid loss of records managed by a third-party.
If a record with given name already exists in that domain, it will be overwritten.
There is a conflict if more than one network is created with the same network domain.
Hostnames with upper case characters are not supported, since Bind is not case sensitive. It is necessary to set the configuration "instance.name" to lower-case letters.
...
Creation of NIC will call DNSAPI GloboDNS to create new record
If record exists in the Bind server, it will be overwritten
If network domain doesn't exist, it will be created
When a network is deleted, all records in that network domain will be deleted from the Bind server
Uppercase characters are not allowed
Reverse domains and reverse records are created
Features
All DNSAPI GloboDNS logging is done with "com.globo.dnsapi" namespace
There are no special events triggered
Some inconsistencies are fixed automatically:
When a new record is created and the network domain no longer exists in Bind server, network domain will be created first to allow record creation.
If record already exists in zone, it will be overwritten. Same for reverse records.
When networks are deleted, all records in that network domain will be deleted too.
To avoid conflict with records names, only lower case hostnames are allowed.
...
Administrator must access provider configuration in Infrastructure → Zone → Physical Network → Network Service Providers → DNSAPIGloboDNS.
Click "Add" button (DNS API GloboDNS Configuration), and type the e-mail, password and endpoint of DNSAPI GloboDNS and click OK. A new entry in host/host_details table is created to store this configuration.
Click "Enable Provider" button and wait for plugin to be enabled.
...
Administrator must access provider configuration in Infrastructure → Zone → Physical Network → Network Service Providers → DNSAPIGloboDNS.
Click "Disable Provider" button and wait for plugin to be disabled. Host/Host_details entries are marked as removed.
Put
...
GloboDNS as DNS service in network offering
Administrator must create a new network offering.
In supported Services, check DNS, and in DNS Provider choose DNSAPIGloboDNS.
Network offering creation must be enabled before using it.
Create a new network with
...
GloboDNS as DNS service
DNSAPI GloboDNS is called to implement network.
Network provider calls DNSAPI GloboDNS to create network domain and reverse domain.
Destroy network with
...
GloboDNS
DNSAPI GloboDNS is called to destroy network.
Network provider calsl DNSAPI calls GloboDNS to remove network domain and reverse domain.
Allocate a new NIC
DNSAPI GloboDNS provider is called to prepare virtual machine.
DNSAPI GloboDNS provider checks if virtual machine type is User, Virtual Router or Console Proxy. Otherwise, it does nothing.
If virtual machine type is User, check if there is uppercase character in hostname.
DNSAPI GloboDNS is called to create a new record.
DNSAPI GloboDNS is called to create a new reverse record.
IDs of DNS records and reverse record are store in database.
Release NIC
DNSAPI GloboDNS provider is called to release virtual machine.
Network provider checks if virtual machine type is User, Virtual Router or Console Proxy. Otherwise, it does nothing.
DNSAPI GloboDNS is called to remove DNS record and reverse record.
Remove record and reverse record IDs from database.
Architecture and Design description
All calls to DNS API GloboDNS are in DNSAPIResource. This approach avoids confusion, since DNSAPI GloboDNS Client code is isolated from Cloudstack core code.
DNSAPIResource type is L2Networking for lack of a better option.
DNSAPI GloboDNS generates Bind configuration files and exports to DNS server using rsync calls over SSH. Then, DNS server is reloaded. Bind servers are synced using IXFR (Incremental Zone Transfers, RFC 1995)
...
Web Services APIs
addDnsApiHost: configure DNS API GloboDNS credentials and endpoint in Zone. Need Needs to be called before plugin is enable enabled in zone.
UI flow
The only change in UI is to ask user about credentials and endpoint of API in Network Provider configuration for a Zone.
There is a video showing how the plugin works: https://www.youtube.com/watch?v=fAB53T_NZMI
Overview
Content Tools
Apps