Ask Your Question
0

Designate: How is multitenancy achieved and how to use designate as nameserver in OpenStack VMs

asked 2015-12-18 02:27:00 -0500

Herr-Herner gravatar image

updated 2015-12-18 03:31:59 -0500

I am running OpenStack Liberty and was able to get Designate running (I had no luck with the Designate's dashboard extension). I am using Bind9 as backend under Ubuntu 14.04.

I require automatic DNS resolution for VMs within each tenant and Designate's sink service seems to be a perfect candidate to solve the problem. I must admit, that I have many questions in my mind and maybe I got everything wrong with Designate.

  1. Multitenancy: How is multitenancy achieved in Designate? Has each tenant its private Bind server? Is there a single central Bind server that is shared among the tenants? How is multitenancy working in the single case?
  2. Designate in OpenStack VMs: How can I configure Neutron or Nova in that way that the VMs get their tenant-specific Nameserver for DNS resolution? Is this possible with the current implementation state of Designate? Are there any tutorials available?
  3. Designate Sink: The configuration for the Designate Sink Service requires a domain_id. Does this mean,that all IPs and VMs' FQDN from all tenants are stored within this common domain or is this domain created for each tenant? In the central case, how is multitenancy achieved? Each tenant should only see its own IPs. Sharing Neutron's Floating IPs seems to be a nice way, but would that not cause name collisions? All VMs in each tenant get the same domain name. When they get the same hostname, we have one FQDN resolving to two different IPs.

I know, it's a lot... Maybe someone can help me in understanding Designate's principle. This service is really cool and I want to use it.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2016-03-04 07:54:31 -0500

grahamhayes gravatar image

Multitenancy:

Currently there is one (or more in Mitaka) pools of servers shared between all the tenants. We prevent users from registering sub or super domains of other users on the system, and allow only a domain to be use once only (there can only be one example.com. on each pool)

Designate in OpenStack VMs:

This is work that merged in mitaka in nova and neutron.

Designate Sink:

The current implementation of the sample handlers in sink does require all records to be in the same domain. Sink was designed to be extended for each persons use case - it has a plugin model that allows deployers to write code to do exactly what they want.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-12-18 02:27:00 -0500

Seen: 838 times

Last updated: Mar 04 '16