DNS Services

Introduction

Zadara Cloud Services supports DNS services on the following levels:

  1. VPC - which allows the definition of DNS names that are resolvable within the context of a single VPC. VPC-level DNS services support the A (IPv4 address) DNS record type only. Once the CoreDNS engine is enabled by an admin user, any member user can  enable or disable DNS services from any VPCs to which they have access.

  2. Hosted Zone - which allows the definition of DNS names that are resolvable within the context of one or more VPCs associated to a hosted zone. Hosted Zone-level DNS services support all Route 53 DNS record types. Hosted zones are created and managed by admin or member users. Once the CoreDNS engine is enabled by an admin user, any member user can  enable or disable DNS services from any VPCs to which he has access.

  3. Region Zone - a region (cluster-wide) hosted zone which allows the definition of DNS names that are exposed via the API (e.i. EC2, ELB), and are globally resolvable externally to valid DNS records.  Region Zone-level DNS services support all Route 53 DNS record types. There are two kinds of System Zones:

    • System-defined region zones, pre-defined system zones which are packaged with Zadara Cloud Services for use by various Zadara Cloud services. Although their name and domain name can be modified by an admin user, their record types cannot be modified and they cannot be deleted.

    • Admin-defined region zones, which are created and fully managed by the admin user.

Zadara Cloud Services supports AWS Route 53 APIs to manage the DNS for both hosted and region zones. This support includes the definition and use of reusable hosted zones.

Enable DNS Service Instance - CoreDNS

Note

This can be performed by an Admin user only.

To use the DNS services, on any level, VPC, hosted zone or region zone, the service VM image, CoreDNS, must first be enabled within the cluster.

image4

  1. In the Service Engines > Networking view verify that the CoreDNS engine is enabled and that the VPC_DNS engine is disabled.

  2. Once the CoreDNS service has been enabled, this cloud DNS service will be enabled by default on all newly created VPCs.

  3. VPCs whose DNS support was based on the older VPC-level DNS service should be upgraded.

VPC DNS Support

Zadara Cloud Services supports VPC level DNS. VMs can now resolve all DNS addresses in the context of a single VPC.

After the CoreDNS engine has been enabled and the VPC_DNS engine has been disabled,  you must individually enable or disable each VPC,  as follows:

VPC DNS Enablement or Disablement via the GUI

  1. Any newly created VPC is by default DNS-enabled, with an A record type for the domain’s IP address.

  2. To disable the DNS service from the VPC , select the VPC on the Networking > VPCs view and click Modify This pops-up the Modify VPC dialog.

    image1

    Uncheck the DNS Enable field and click OK .

VPC DNS Enablement or Disablement via the CLI

  1. Use the following command to enable DNS support for a VPC:

    vpc update --enable-dns-support true vpc_id
    
  2. Use the following command to disable DNS support for a VPC:

    vpc update --enable-dns-support false vpc_id
    

Upgrade

  1. For VPCs which were created before enabling the CoreDNS engine, but were not DNS-enabled,  select the VPC on the Networking > VPCs view and click Modify. Then check the DNS Enable field and click OK.

  2. VPCs which were created before enabling the CoreDNS engine, and are DNS-enabled must be first disabled and then enabled, as follows:

    1. Select the VPC on the Networking > VPCs view and click Modify.  Then uncheck the DNS Enable field and click OK. This detaches the VPC from the VPC_DNS engine.

    2. Re-open the Modify PC dialog and check the DNS Enable field. This enables the DNS services for this VPC through the CoreDNS engine.

  3. To list the DNS engine for each VPC, enter the following command from the CLI:

    vpc list -c id -c name -c service_vms
    

    The ‘service_vms’ field will be empty if there is no DNS service. If there is a DNS service the ‘sevice_vms/vm_type’ field will display either ‘dnsmsq’ for the older VPC_DNS engine, or ‘coredns’ for the new DNS engine.

Sample Terraform Scenario

The following scenario describes how you might use VPC DNS support with Terraform.

  1. Enable the VPC engine for your Zadara region (Menu > Networking > Engines > toggle the VPC_DNS Enabled button to ON).

  2. In the Terraform script, set the enable_dns_support flag to true, for a specific VPC.

With DNS support enabled, any VM that you create within this VPC can use the private_dns_name returned in the describeInstances response to access other VMs in the VPC.

Here is how this can work:

By default, when DNS support is enabled  in a VPC, the system creates a VM with the following host name:

host-a-b-c-d (where a.b.c.d is the VM IP address in the VPC)

So any VM within this VPC can do something like:

ping host-a-b-c-d” instead of “ping a.b.c.d” and it will work.

This functionality is useful for applications that require DNS names and do not work with IP addresses.

  1. In addition, you can also add DNS A records to external IPs so they will be resolved within this VPC.

For example, you can add an A record to resolve “service.<vpc-domain>” to any IP (usually external to the VPC). This lets you define a globally named services resolution that resides external to the VPC.

This DNS A record feature is useful for the same reason mentioned above – some applications require DNS names and do not work with IP addresses.

Hosted Zones

Introduction

Hosted Zones support the definition of DNS names that are resolvable within the context of one or more VPCs associated to a hosted zone. Hosted Zone-level DNS services support all Route 53 DNS record types. Hosted zones are created and managed by admin or member users. Once the CoreDNS engine is enabled by an admin user, any member user can  enable or disable DNS services from any VPCs to which he has access.

Creating a Hosted Zone

Note

This can be performed by Admin, Tenant Admin or Member users.

To create a hosted zone, do the following:

  1. In the Networking > Hosted Zones view (Hosted Zones is listed under the DNS group header in Networking) click Create: image2 The Create Hosted Zone dialog appears.

  2. Do the following:

    1. Enter a Name

    2. Enter a Description (Optional)

    3. Enter a valid Domain name

    4. Select one or more VPCs which will be Associated with this hosted zone. Note: A Member user can select only those VPC’s owned by the member’s project. An Admin user can select from all of the projects in the cluster.

    5. Select the Project which will own this hosted zone.

    6. Click OK. A hosted zone is created. This is a private hosted zone.

  3. To mange the VPC Associations with this hosted zone, go to the Networking > Hosted Zones view for the specific hosted zone and click on the VPC Associations tab. image3

    1. To associate additional VPCs to the hosted zone click Associate.

    2. To disassociate a VPC from the hosted zone, select the VPC and click Disassociate.