Open Stack

On 2017-07-13 13:03:26 -0400 (-0400), Zane Bitter wrote:
[...]
> This is pretty much the same argument as I would make for DNSaaS.
> Without it you're developing your own orchestration and/or
> manually updating stuff every time you make a change in your
> infrastructure, which pretty much negates the benefits of IaaS for
> a very large subset of applications and leaves you stuck back in
> the pre-aaS days where making any changes to where your
> application ran was slow and painful.
[...]

For the most part I would agree with you, and in fact I myself run
geographically-distributed authoritative nameservers for my own
domains on general purpose virtual machines so I can have better
control over things like DNSSEC.... but there is one exception.

At least I (and many sysadmins I know personally or professionally)
expect working reverse DNS for the systems they maintain. Reverse
DNS either has to be set through or delegated by the holder of the
IP address assignments (the LIR in IANA's terminology). If you can't
get _some_ direct mechanism from your provider to set reverse DNS
entries for the systems you're running there, then that's bad. If
they don't provide an API or some tight integration with their
server management automation to set your chosen reverse DNS entries
on each new system you boot, and you're instead relegated to
submitting a trouble ticket or change request to get that added
afterward, then it's not an especially functional service.

It doesn't matter that I can boot a server in your environment in
seconds if it then sits there for hours or days before I have proper
reverse DNS added so I feel comfortable putting it into production.
-- 
Jeremy Stanley
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: Digital signature
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20170713/066f097f/attachment.sig>