Designate is a component of OpenStack that provides DNS as a service, including domain name registration and zone and record set management for OpenStack clouds.

After deploying VMware Integrated OpenStack, you can enable Designate to provide DNS functions. Enabling or disabling Designate may temporarily affect other OpenStack services.

For more information about Designate, see the OpenStack Designate documentation.

Prerequisites

VMware Integrated OpenStack supports Infoblox, Bind9, PowerDNS, and Microsoft DNS back-end servers for Designate. The prerequisites for each type of DNS server are listed as follows.

Infoblox:

  1. Ensure that the DNS server can communicate with the VMware Integrated OpenStack API access network.
  2. On the Infoblox server, create a user for Designate to use.
  3. Create one name server group to serve Designate zones.
    1. Set the Designate mDNS servers as external primaries.
    2. Set all IP addresses on the eth1 interface of the load balancer node as external primaries.
    3. Add a grid member as a grid secondary and select the Lead Secondary option for this member.
    4. Add additional grid secondaries as needed.

Bind9:

  1. Ensure that the DNS server can communicate with the VMware Integrated OpenStack API access network.
  2. Enable rndc addzone and rndc delzone functionality to allow receipt of a NOTIFY message from a secondary node. Open named.conf.options or named.conf in a text editor and add the following lines in the options section: 
    allow-new-zones yes;
allow-notify{any;};
  3. Restart the Bind9 server.

PowerDNS:

  1. Ensure that the DNS server can communicate with the VMware Integrated OpenStack API access network.
  2. Enable the API in the pdns.conf file.
  3. In the pdns.conf file, add the trusted-notification-proxy parameter and set its value to the IP address of the eth1 interface of each controller node, separated by commas:
    trusted-notification-proxy=controller1-eth1-ip,...

Microsoft DNS:

  1. Ensure that the DNS server can communicate with the VMware Integrated OpenStack API access network.
  2. On the Microsoft DNS server, add inbound rules allowing communication on port 5358 over TCP and UDP.
  3. Install Python 2.7, the Microsoft Visual C++ Compiler for Python 2.7, and the pip package installer.
  4. Install Designate version 8.0.0.
    pip install designate==8.0.0
  5. Write the following information to a file named designate.conf:
    [service:agent]
backend_driver = msdns
masters = mgmt-server-ip:53
  6. Open Command Prompt as an administrator and start the Designate agent using the designate.conf file:
    designate-agent --config-file path/designate.conf

    The Designate agent must remain open while Designate is in use.

Procedure

  1. Log in to the Integrated OpenStack Manager web interface as the admin user.
  2. In OpenStack Deployment, click the name of your deployment and open the Manage tab.
  3. On the Settings tab, select Configure Designate and click Enable.
  4. Select your back end and enter the required parameters.
    • Infoblox back end
      Option Description

      DNS server

      Enter the IP address of the Infoblox server.

      DNS port

      Enter the port on the Infoblox server for the DNS service. The default value is 53.

      WAPI URL

      Enter the Infoblox WAPI URL. The default is https://<infoblox-server>/wapi/v<wapi-version-major.minor>/.

      For example: https://infoblox-server-example/wapi/v3.4/

      Note: The URL must end with a slash (/).

      Username

      Enter the username for Designate to access the Infoblox API.

      Password

      Enter the password for the Infoblox username.

      Confirm password

      Confirm the password for the Infoblox username.

      NS group

      Specify the name server group to serve Designate zones.

    • Bind9 back end
      Option Description

      DNS server

      Enter the IP address of the Bind9 server.

      DNS port

      Enter the port on the Bind9 server for the DNS service. The default value is 53.

      RNDC host

      Enter the IP address of the Remote Name Daemon Control (RNDC) server. The default value is the IP address of the Bind9 server.

      RNDC port

      Enter the port for the RNDC service. The default value is 953.

      RNDC key

      Enter the contents of the /etc/bind/rndc.key file.

    • PowerDNS back end
      Option Description

      DNS server

      Enter the IP address of the PowerDNS server.

      DNS port

      Enter the port on the PowerDNS server for the DNS service. The default value is 53.

      API endpoint

      Enter the PowerDNS API endpoint URL. The default value is http://powerdns-server/8081.

      API key

      Enter the value of api-key in the /etc/powerdns/pdns.conf file.

    • Microsoft DNS back end
      Option Description

      DNS server

      Enter the IP address of the Microsoft DNS server.

      DNS port

      Enter the port on the Microsoft DNS server for the DNS service. The default value is 53.

      Agent server

      Enter the IP address of the host where the Designate agent is running.

      Agent port

      Enter the port to use for the Designate agent service. The default value is 5358.
  5. Click Validate. Once validation has finished, click OK.

Results

Tenants can now create DNS zones using the VMware Integrated OpenStack dashboard. For instructions, see Create a DNS Zone.