DNS as a Service¶
This feature deploys Designate, the OpenStack DNS service.
Enabling DNS¶
To enable DNS, run the following command:
sunbeam enable dns --nameservers="<ns record>"
The openstack CLI can now be used to manage DNS. See the upstream Designate command-line interface documentation for details.
Nameservers are specified with FQDNs separated by a space, each ending with a dot, whose records point to the DNS instance managed by the Designate service. It is assumed that your infrastructure DNS is configured to redirect your nameserver records to the DNS service address.
Disabling DNS¶
To disable DNS, run the following command:
sunbeam disable dns
Fetching DNS service address¶
To fetch the DNS service address, run the following command:
sunbeam dns address
Usage¶
Users need the role member to be able to manage DNS zones and
records. A user has this role by default so all users have the ability
to manage DNS in their own project.
For example, create zone sunbeam.tld with:
openstack zone create --email dnsmaster@sunbeam.tld sunbeam.tld.
+----------------+--------------------------------------+
| Field | Value |
+----------------+--------------------------------------+
| action | CREATE |
| attributes | |
| created_at | 2023-10-11T20:25:52.000000 |
| description | None |
| email | dnsmaster@sunbeam.tld |
| id | f27cd25d-43ff-4205-84a4-79c524bd9652 |
| masters | |
| name | sunbeam.tld. |
| pool_id | 794ccc2c-d751-44fe-b57f-8894c9f5c842 |
| project_id | b6cc0f4bf25c432785b4f7c91858304b |
| serial | 1697055952 |
| shared | False |
| status | PENDING |
| transferred_at | None |
| ttl | 3600 |
| type | PRIMARY |
| updated_at | None |
| version | 1 |
+----------------+--------------------------------------+
Retrieve the list of DNS zones - wait for the new zone to become
ACTIVE:
openstack zone list
+--------------------------------------+--------------+---------+------------+--------+--------+
| id | name | type | serial | status | action |
+--------------------------------------+--------------+---------+------------+--------+--------+
| f27cd25d-43ff-4205-84a4-79c524bd9652 | sunbeam.tld. | PRIMARY | 1697055952 | ACTIVE | NONE |
+--------------------------------------+--------------+---------+------------+--------+--------+
Create the TXT record note.sunbeam.tld:
openstack recordset create --type TXT --record '"This is a record created in Sunbeam!"' sunbeam.tld. note
+-------------+----------------------------------------+
| Field | Value |
+-------------+----------------------------------------+
| action | CREATE |
| created_at | 2023-10-11T20:30:33.000000 |
| description | None |
| id | 40222abd-1624-42af-90ff-7fc212e99885 |
| name | note.sunbeam.tld. |
| project_id | b6cc0f4bf25c432785b4f7c91858304b |
| records | "This is a record created in Sunbeam!" |
| status | PENDING |
| ttl | None |
| type | TXT |
| updated_at | None |
| version | 1 |
| zone_id | f27cd25d-43ff-4205-84a4-79c524bd9652 |
| zone_name | sunbeam.tld. |
+-------------+----------------------------------------+
Obtain the address of the DNS service with the sunbeam command:
sunbeam dns address
10.206.54.244
With the dig command, query the DNS service and verify that it
returns the newly-created TXT record:
dig @10.206.54.244 +short TXT note.sunbeam.tld
"This is a record created in Sunbeam!"