Designate, a recently incubated Project, intends to solve the DNS needs of OpenStack by providing a RESTful API for managing DNS data with a variety of databases on many different backends. Additionally, Designate will also provide a service for integrating with Nova and Neutron. This talk will cover:
Why Openstack and operators need DNSaaS.
The Designate Architecture.
The Designate API.
New Features Since the Last Summit, including MiniDNS, Server Pools, the Version 2 API.
The Next Steps For Designate, including the Version 2 API, additions to Server Pools, and MinDNS.
Come see who is involved, and how easy it is to get involved in this exciting project.
This talk is a general overview. It will cover the problem statement, architecture and general features.
10. Why Pools
Allow private pools
Pools with different capabilities - such as GeoIP /
Round Robin DNS / Anycast.
Reduce amount of domains hosted by servers
12. Backend Plugins - now
Plugins responsible for creation/updation and
deletion of domains at the backend.
Each API making a change needs the plugin to
take a corresponding action.
e.g. create/delete/update record/recordset
13. Backend Plugins - Future
Backends can now get changes from MiniDNS
using DNS protocol - so simplified plugins.
Plugins are responsible for creation/deletion of
domains.
14. Pool
Manager
API Central DB
Mini DNS
Flow of information with pools
Backend
Customer
Facing DNS
Servers
15. Pool
Manager
API Central DB
Mini DNS
User Creates Domain
Backend
Customer
Facing DNS
Servers
16. Pool
Manager
API Central DB
Mini DNS
Central stores the information
Backend
Customer
Facing DNS
Servers
17. Pool
Manager
API Central DB
Mini DNS
Central tells the pool manager
Backend
Customer
Facing DNS
Servers
18. Pool
Manager
API Central DB
Mini DNS
Pool manager creates the domain
Backend
Customer
Facing DNS
Servers
19. Pool
Manager
API Central DB
Mini DNS
MiniDNS transfers the zone info
Backend
Customer
Facing DNS
Servers
21. Designate REST API
Filter on resource data
Pagination
Nested Collections
Extensions
Policy
Experimental for Kilo
22. Designate REST API
Zones
Recordsets
Records
TLDs
Blacklisted Domains
Quotas
Pools
23. Zones
GET/POST/PATCH/DELETE - /v2/zones/<id>
- Accept: application/json
DNS Zones
Subresources - Recordsets, Records
Name, email, TTL, description
24.
25. Zone Import/Export
GET/POST - /v2/zones/<id>
- Accept: text/dns
Migrating your zones to/from Designate
Backup your zones
Tool for preparing zones for import
(zoneextractor.py)
26.
27. Record Sets
GET/POST/PATCH/DELETE -
/v2/zones/id/recordsets/<id>
- Accept: application/json
Groups of similarly typed resource records
A, AAAA, CNAME, MX, NS, PTR, SOA, SPF, SRV,
SSHFP, TXT
Easy to expand to others
28.
29. Records
GET/PUT/ - /v2/zones/<id>/recordsets/id
- Accept: application/json
Resource records that make up a recordset
Each type of record has different “data”
List of records in each Record set
30.
31. TLDs
GET/POST/PATCH/DELETE - /v2/tlds/<id>
- Accept: application/json
TLDs are a simple representation of Top-Level
Domains that are allowed to be added to
Designate
eg. “com” to add “.com” to your allowed list
Bulk addition outside of the API is supported
32.
33. Blacklisted Domains
GET/POST/PATCH/DELETE - /v2/blacklists/<id>
- Accept: application/json
Blacklists are regular expressions to block a
domain from creation
^example.com.$
^([A-Za-z0-9_-]+.)*example.com.$
34.
35. Floating IP Pointers
GET/PATCH - /v2/reverse/floatingips/<id>
Manage PTR records for Neutron Floating IPs
Operators delegate the *.in-addr.arpa zone to
Designate
Users can manage their own DNS
Users can only set PTRs for IPs currently associated with
their tenant
46. What are handlers?
How we respond to notifications
Extendable and customizable
Write your own
Example in:
$designate_repo/contrib/designate-ext-samplehandler
47. Sink for Neutron Floating IPs
Create a Domain
$ designate domain-create --name my-vms.co. --email
root@me.co
Enable the handler
[service:sink]
enable_notification_handlers = neutron_floatingip
[handler:neutron_floatingip]
domain_id = 3b65035d-acfe-4add-9182-e9bf8acf1eb3
48. Sink for Neutron Floating IPs
Start the designate-sink service
Boot a vm and associate a floating IP with it
Results in a Record:
vm-x.my-vms.co
49.
50. We are hiring (both HP
and Rackspace - come
talk to us if you are
interested)