[designate] zone sharing between projects and how to create classless PTR
Hi Folks, I have a few questions: 1. Is there a possibility to share DNS zones between tenants? I've found this [1] patchset, but it's not merged yet. 2. Is there a way to create a classless reverse zone? According to [2], it should work. Creating a zone is ok: openstack zone create --email tomas.bredar@gmail.com \ --ttl 3600 --description "in-addr.arpa. zone for reverse lookups for e-devel subnet 10.254.226.0/26" \ 0-26.226.254.10.in-addr.arpa. But when I try to add a recordset, I get an error: openstack recordset create --record testvm.bredytest.abc.com. --type PTR --ttl 600 0-26.226.254.10.in-addr.arpa. 1.226.254.10.in-addr.arpa. RecordSet is not contained within it's parent zone I'm using OpenStack Wallaby If this won't work, I'm considering using the neutron integration with external DNS. Thanks for your help Tomas [1] https://review.opendev.org/c/openstack/designate/+/726334 [2] https://docs.openstack.org/designate/latest/user/manage-ptr-records.html
Hi Tomáš, Shared zones was a goal to get merged in Zed, but unfortunately no one found time to fix the open issues on the patch. This is a topic on the PTG agenda and hopefully we can add that feature in the Antelope release. As for classless reverse zones, this feature should work (I remember someone using it in 2020). I do however remember someone else struggling with this in the past given the complicated setup required for classless zones in DNS. I will refresh my memory on how those zones work tomorrow and see if I can improve the documentation (I only found that one mention as well). Michael On Thu, Sep 8, 2022 at 4:11 PM Tomáš Bredár <tomas.bredar@gmail.com> wrote:
Hi Folks,
I have a few questions: 1. Is there a possibility to share DNS zones between tenants? I've found this [1] patchset, but it's not merged yet. 2. Is there a way to create a classless reverse zone? According to [2], it should work. Creating a zone is ok: openstack zone create --email tomas.bredar@gmail.com \ --ttl 3600 --description "in-addr.arpa. zone for reverse lookups for e-devel subnet 10.254.226.0/26" \ 0-26.226.254.10.in-addr.arpa.
But when I try to add a recordset, I get an error: openstack recordset create --record testvm.bredytest.abc.com. --type PTR --ttl 600 0-26.226.254.10.in-addr.arpa. 1.226.254.10.in-addr.arpa. RecordSet is not contained within it's parent zone
I'm using OpenStack Wallaby If this won't work, I'm considering using the neutron integration with external DNS.
Thanks for your help
Tomas
[1] https://review.opendev.org/c/openstack/designate/+/726334 [2] https://docs.openstack.org/designate/latest/user/manage-ptr-records.html
Hi everyone, I am currently working on the aforementioned patchset [1]; I have finished rebasing and am making my way through the comments. I believe it will be ready for review by early next week, probably Monday. Best Regards, Sergey [1] https://review.opendev.org/c/openstack/designate/+/726334
On 9 Sep 2022, at 02:18, Michael Johnson <johnsomor@gmail.com> wrote:
Hi Tomáš,
Shared zones was a goal to get merged in Zed, but unfortunately no one found time to fix the open issues on the patch. This is a topic on the PTG agenda and hopefully we can add that feature in the Antelope release.
As for classless reverse zones, this feature should work (I remember someone using it in 2020). I do however remember someone else struggling with this in the past given the complicated setup required for classless zones in DNS. I will refresh my memory on how those zones work tomorrow and see if I can improve the documentation (I only found that one mention as well).
Michael
On Thu, Sep 8, 2022 at 4:11 PM Tomáš Bredár <tomas.bredar@gmail.com> wrote:
Hi Folks,
I have a few questions: 1. Is there a possibility to share DNS zones between tenants? I've found this [1] patchset, but it's not merged yet. 2. Is there a way to create a classless reverse zone? According to [2], it should work. Creating a zone is ok: openstack zone create --email tomas.bredar@gmail.com \ --ttl 3600 --description "in-addr.arpa. zone for reverse lookups for e-devel subnet 10.254.226.0/26" \ 0-26.226.254.10.in-addr.arpa.
But when I try to add a recordset, I get an error: openstack recordset create --record testvm.bredytest.abc.com. --type PTR --ttl 600 0-26.226.254.10.in-addr.arpa. 1.226.254.10.in-addr.arpa. RecordSet is not contained within it's parent zone
I'm using OpenStack Wallaby If this won't work, I'm considering using the neutron integration with external DNS.
Thanks for your help
Tomas
[1] https://review.opendev.org/c/openstack/designate/+/726334 [2] https://docs.openstack.org/designate/latest/user/manage-ptr-records.html
Hi Tomáš, I have tested this out and it appears to be working correctly. See this pastebin: https://paste.openstack.org/show/816672/ Looking at your email, it appears the record name was not under the correct zone. "1.226.254.10.in-addr.arpa." should have been "1.0-26.226.254.10.in-addr.arpa." I hope this example helps. In follow up, I will be adding a section to the docs for this and adding a scenario test as I don't see one. Michael On Fri, Sep 9, 2022 at 4:10 AM Sergey Drozdov <sergey.drozdov.dev@gmail.com> wrote:
Hi everyone,
I am currently working on the aforementioned patchset [1]; I have finished rebasing and am making my way through the comments. I believe it will be ready for review by early next week, probably Monday.
Best Regards, Sergey
[1] https://review.opendev.org/c/openstack/designate/+/726334
On 9 Sep 2022, at 02:18, Michael Johnson <johnsomor@gmail.com> wrote:
Hi Tomáš,
Shared zones was a goal to get merged in Zed, but unfortunately no one found time to fix the open issues on the patch. This is a topic on the PTG agenda and hopefully we can add that feature in the Antelope release.
As for classless reverse zones, this feature should work (I remember someone using it in 2020). I do however remember someone else struggling with this in the past given the complicated setup required for classless zones in DNS. I will refresh my memory on how those zones work tomorrow and see if I can improve the documentation (I only found that one mention as well).
Michael
On Thu, Sep 8, 2022 at 4:11 PM Tomáš Bredár <tomas.bredar@gmail.com> wrote:
Hi Folks,
I have a few questions: 1. Is there a possibility to share DNS zones between tenants? I've found this [1] patchset, but it's not merged yet. 2. Is there a way to create a classless reverse zone? According to [2], it should work. Creating a zone is ok: openstack zone create --email tomas.bredar@gmail.com \ --ttl 3600 --description "in-addr.arpa. zone for reverse lookups for e-devel subnet 10.254.226.0/26" \ 0-26.226.254.10.in-addr.arpa.
But when I try to add a recordset, I get an error: openstack recordset create --record testvm.bredytest.abc.com. --type PTR --ttl 600 0-26.226.254.10.in-addr.arpa. 1.226.254.10.in-addr.arpa. RecordSet is not contained within it's parent zone
I'm using OpenStack Wallaby If this won't work, I'm considering using the neutron integration with external DNS.
Thanks for your help
Tomas
[1] https://review.opendev.org/c/openstack/designate/+/726334 [2] https://docs.openstack.org/designate/latest/user/manage-ptr-records.html
Hi Michael, indeed this worked. Thanks. @Sergey or Michael, if the zone sharing would work, would it be something that I could use in Wallaby in the near future? Thanks Tomas pi 9. 9. 2022 o 22:29 Michael Johnson <johnsomor@gmail.com> napísal(a):
Hi Tomáš,
I have tested this out and it appears to be working correctly. See this pastebin: https://paste.openstack.org/show/816672/
Looking at your email, it appears the record name was not under the correct zone. "1.226.254.10.in-addr.arpa." should have been "1.0-26.226.254.10.in-addr.arpa."
I hope this example helps. In follow up, I will be adding a section to the docs for this and adding a scenario test as I don't see one.
Michael
On Fri, Sep 9, 2022 at 4:10 AM Sergey Drozdov <sergey.drozdov.dev@gmail.com> wrote:
Hi everyone,
I am currently working on the aforementioned patchset [1]; I have
finished rebasing and am making my way through the comments.
I believe it will be ready for review by early next week, probably Monday.
Best Regards, Sergey
[1] https://review.opendev.org/c/openstack/designate/+/726334
On 9 Sep 2022, at 02:18, Michael Johnson <johnsomor@gmail.com> wrote:
Hi Tomáš,
Shared zones was a goal to get merged in Zed, but unfortunately no one found time to fix the open issues on the patch. This is a topic on the PTG agenda and hopefully we can add that feature in the Antelope release.
As for classless reverse zones, this feature should work (I remember someone using it in 2020). I do however remember someone else struggling with this in the past given the complicated setup required for classless zones in DNS. I will refresh my memory on how those zones work tomorrow and see if I can improve the documentation (I only found that one mention as well).
Michael
On Thu, Sep 8, 2022 at 4:11 PM Tomáš Bredár <tomas.bredar@gmail.com> wrote:
Hi Folks,
I have a few questions: 1. Is there a possibility to share DNS zones between tenants? I've
found this [1] patchset, but it's not merged yet.
2. Is there a way to create a classless reverse zone? According to [2], it should work. Creating a zone is ok: openstack zone create --email tomas.bredar@gmail.com \ --ttl 3600 --description "in-addr.arpa. zone for reverse lookups for e-devel subnet 10.254.226.0/26" \ 0-26.226.254.10.in-addr.arpa.
But when I try to add a recordset, I get an error: openstack recordset create --record testvm.bredytest.abc.com. --type PTR --ttl 600 0-26.226.254.10.in-addr.arpa. 1.226.254.10.in-addr.arpa. RecordSet is not contained within it's parent zone
I'm using OpenStack Wallaby If this won't work, I'm considering using the neutron integration with external DNS.
Thanks for your help
Tomas
[1] https://review.opendev.org/c/openstack/designate/+/726334 [2] https://docs.openstack.org/designate/latest/user/manage-ptr-records.html
participants (3)
-
Michael Johnson
-
Sergey Drozdov
-
Tomáš Bredár