Caution: Articles written for technical not grammatical accuracy, If poor grammar offends you proceed with caution ;-)
Automating the creation of DNS records is becoming increasingly more important in the enterprise. One bad record or typo can cause outages or mission critical services. In this article, I’m going to walk through creating a DNS Policy in OneFuse using Infoblox as a DNS provider.
OneFuse DNS Features
The following list is not all inclusive.
- Create Host records
- Crate A Records
- Create PTR Records
- Validate records are unique before creation
- Validate records are able to resolve
- Customizable wait times and timeout
- Dynamic domain assignment
- Multi-domain registration
- Support for Infoblox, BlueCat, Men & Mice, & Microsoft
What makes the OneFuse DNS module powerful isn’t any one of the features listed above, it’s about all of them together. In my years of doing datacenter automation DNS has posed a number of challenges for many organizations I have worked with. How many times have you been bit by DNS replication and having to wait for a record to resolve? If your records don’t resolve by the time the next step in your process needs, it can wreak havoc.
OneFuse DNS Policies allow you to wait and validate that your new records are resolving before you move on. You have full control over how long you wait before trying to validate the record and the ability to set a timeout in case the resolution takes too long.
DNS Considerations
- Which DNS provider are you currently using? OneFuse supports multiple providers. For a list of current providers please visit the OneFuse DNS Module documentation page.
- What platform(s) will you be using? vSphere, AWS, Azure, GPC, etc. OneFuse can support all platforms through integrations with its upstream providers such as vRA7, vRA8, vRA Cloud, Terraform, CloudBolt, etc.
- How do you determine which DNS zone a particular workload or service should be placed in?
Prerequisites
- A supported DNS provider and version. See the OneFuse DNS Module documentation page for supported providers and versions.
- Service Account with appropriate permission. See documentation for details.
- DNS Zones you wish to create records in.
Creating a OneFuse DNS Policy
This example builds on my previous article “Creating a OneFuse IPAM Policy”. In the previous article, we created credentials and an endpoint to be used with the Infoblox IPAM. We will use the same endpoint that we used for the IPAM Policy with the DNS Policy we are going to create in this article.
- Select DNS from the home page.
- Select Create from the DNS page.
- Next, we need to configure the policy. To do that you will need to understand what all the options are and how they work.
- DNS Policy Name – The name you would like to give your policy. Unless you have a specific reason try to avoid naming it after a DNS zone.
- Endpoint Type – Select the endpoint type for your DNS Policy
- Endpoint – The Module Endpoint that you created
- Remove Fixed Address Record From IPAM Reservation – This setting is specific to Infoblox. If you are using a different provider you will not see this option. Infoblox creates a fixed address reservation when an IP address is reserved. To create host, A, and/or PTR records OneFuse needs to remove the fixed address record. In the event the DNS records are removed, but not the IP reservation OneFuse will put the Fixed address record back.
- Create Host Record – Created both a PTR record and A record at the same time. Enabling this option disabled the option to create A and PTR records.
- Pre-Validate Record – This option allows you to check the DNS zone to ensure a record with the same name or IP Address does not already exist.
- Post-Validate Record – This option allows you to validate forward/reverse lookup of the record after it is created.
- Create A Record – This option is available when you disable “Create Host Record”. This is helpful if you want to create an A record, but don’t want to create a PTR Record. It has the same validation options as Create Host Record
- Create PTR Record – This option is available when you disable “Create Host Record”. This is helpful if you want to create an PTR record, but don’t want to create an A Record. It has the same validation options as Create Host Record
- Post-Validation Sleep Seconds – How long should OneFuse wait before it tries to resolve the created record.
- DNS Validation Timeout Seconds – How long before OneFuse fails the record creation if it does not resolve.
- Hostname Override – This is an optional field. This is helpful if you want to create DNS records for multiple interfaces that belong to the same host.
- Select “Create” to create the policy.
- Now that we have a DNS Policy created, it is ready for use.
Next we will look at how to consume the DNS policy using vRA8 and other platforms.
Visit https://onefuse.cloudbolt.io for more information and to join the OneFuse Community Forum