This plugin deploys Designate, the OpenStack DNS service.
Note: This feature is currently only supported in channel 2023.2 of the openstack snap.
Enabling DNS
To enable DNS, run the following command:
sunbeam enable dns --nameservers="<ns record>"
The openstack CLI can now be used to manage DNS. See the upstream Built-in Designate documentation for details.
Nameservers are specified with FQDNs separated by a space, each ending with a dot, whose records point to the DNS instance managed by the Designate service. It is assumed that your infrastructure DNS is configured to redirect your nameserver records to the DNS service address.
Disabling DNS
To disable DNS, run the following command:
sunbeam disable dns
Fetching DNS service address
To fetch the DNS service address, run the following command:
sunbeam dns address
Usage
Users need the role member to be able to manage DNS zones and records. A user has this role by default so all users have the ability to manage DNS in their own project.
For example, create zone sunbeam.tld with:
openstack zone create --email dnsmaster@sunbeam.tld sunbeam.tld.
+----------------+--------------------------------------+
| Field | Value |
+----------------+--------------------------------------+
| action | CREATE |
| attributes | |
| created_at | 2023-10-11T20:25:52.000000 |
| description | None |
| email | dnsmaster@sunbeam.tld |
| id | f27cd25d-43ff-4205-84a4-79c524bd9652 |
| masters | |
| name | sunbeam.tld. |
| pool_id | 794ccc2c-d751-44fe-b57f-8894c9f5c842 |
| project_id | b6cc0f4bf25c432785b4f7c91858304b |
| serial | 1697055952 |
| shared | False |
| status | PENDING |
| transferred_at | None |
| ttl | 3600 |
| type | PRIMARY |
| updated_at | None |
| version | 1 |
+----------------+--------------------------------------+
Retrieve the list of DNS zones - wait for the new zone to become ACTIVE:
openstack zone list
+--------------------------------------+--------------+---------+------------+--------+--------+
| id | name | type | serial | status | action |
+--------------------------------------+--------------+---------+------------+--------+--------+
| f27cd25d-43ff-4205-84a4-79c524bd9652 | sunbeam.tld. | PRIMARY | 1697055952 | ACTIVE | NONE |
+--------------------------------------+--------------+---------+------------+--------+--------+
Create the TXT record note.sunbeam.tld:
openstack recordset create --type TXT --record '"This is a record created in Sunbeam!"' sunbeam.tld. note
+-------------+----------------------------------------+
| Field | Value |
+-------------+----------------------------------------+
| action | CREATE |
| created_at | 2023-10-11T20:30:33.000000 |
| description | None |
| id | 40222abd-1624-42af-90ff-7fc212e99885 |
| name | note.sunbeam.tld. |
| project_id | b6cc0f4bf25c432785b4f7c91858304b |
| records | "This is a record created in Sunbeam!" |
| status | PENDING |
| ttl | None |
| type | TXT |
| updated_at | None |
| version | 1 |
| zone_id | f27cd25d-43ff-4205-84a4-79c524bd9652 |
| zone_name | sunbeam.tld. |
+-------------+----------------------------------------+
Obtain the address of the DNS service with the sunbeam command:
sunbeam dns address
10.206.54.244
With the dig command, query the DNS service and verify that it returns the newly-created TXT record:
dig @10.206.54.244 +short TXT note.sunbeam.tld
"This is a record created in Sunbeam!"