Custom DNS Profile on Avi Vantage
Overview
Avi Vantage supports custom DNS profiles to communicate the DNS provider. With the new feature, you can use your own DNS provider and Avi Vantage uses the allowed usable domain as per the requirement.
Configuring Custom DNS using UI
Uploading Python Script
A python script is uploaded to Avi Vantage to use a custom DNS profile option.
-
Navigate to Templates > Profiles > Custom IPAM/DNS, and click on Create to upload the script.
-
Provide DNS name and upload the script as the code to handle DNS records, for example, update and delete the DNS records.
The script has the following methods used:
- create and update record
- delete record
In this example, the following parameters are used while uploading the script to Avi Vantage:
- username – Example: admin
- password – Example: password (It is marked as sensitive)
- wapi version: Example: v2.0
- Server: IP address of the DNS provider
These parameters (provider-specific information) are used to communicate with DNS providers.
The above parameters are provided for an example purpose only. Based on the method used in the script, the parameters are passed to the script.
Creating Custom DNS Profile
Navigate to Templates > IPAM/DNS Profiles and click on the Create button to begin. Name the profile. Select Custom DNS from the drop-down menu provided for Type.
Choose the custom DNS created in the previous step, and provide the additional provider-specific parameters, as shown below:
- network_view: In this case, it is the default network view.
- dns_view: In this case, it is the defaultDNS view.
The additional parameters provided above and usable domains are optional fields. But, they help in provisioning virtual service automatically with the required attributes.
Using the same script, multiple usable domains can be created.
While provisioning the virtual service, the option to choose among multiple domains are available under Applicable Domain Name as shown below.
Using Custom DNS Profile for Cloud Deployment
To associate the custom DNS option for the cloud, navigate to Infrastructure > Cloud, and use the DNS profile created in the previous steps.
Creating Virtual Service
Navigate to Applications > Virtual Service and click on Create to create a new virtual service which will use the custom DNS profile for registering domain automatically. Provide the following mandatory attributes for the virtual service:
- Name: Name of the virtual service
- VIP address: IP address of the virtual service
- Application Domain Name: Use the usable domain provided while creating the custom DNS profile.
-
Servers: IP address of the back-end server
Once the virtual service creation is successful, the FQDN will be registered with the virtual service as shown below.
The same domain will be registered at the DNS provider site as well.
Configuring DNS Profile using CLI
Uploading Python Script
A python script is uploaded to Avi Vantage to use a custom DNS profile. Use the following script to upload the desired custom DNS script to Avi controller.
"
Custom DNS script
"""
import socket
import os
import getpass
import requests
import inspect
import urllib
import json
import time
def CreateOrUpdateRecord(record_info, params):
username = params.get('username')
passkey = params.get('password')
ip = record_info.get('f_ip_address', '') or record_info.get('ip_address', '')
cname = record_info.get('cname', '')
fqdn = record_info.get('fqdn')
ttl = record_info.get('ttl', 900)
record_type = record_info.get('type', 'DNS_RECORD_A')
dns_record_id = 0
metadata_j = record_info.get('metadata', None)
if metadata_j:
metadata = json.loads(metadata_j)
# Check if default of 0 as DNS record id is useful
dns_record_id = metadata.get('dns_record_id', 0)
if not fqdn:
print "Not valid FQDN found %s, returning"%record_info
return
# REST API
api = WebApiClient(username, passkey, domain)
api.disable_ssl_chain_verification()
param_dict = {
# DNS Record Information
"dns_record_id" : dns_record_id,
"fqdn" : fqdn,
"type" : "CNAME" if record_type == 'DNS_RECORD_CNAME' else "A",
"ttl" : str(ttl),
"content" : cname if record_type == 'DNS_RECORD_CNAME' else ip,
"site" : "ALL"
}
# Send request to register the FQDN, failures can be raised and the VS creation will fail
rsp = api.send_request("Update", param_dict)
if not rsp:
err_str = "ERROR:"
err_str += " STATUS: " + api.get_response_status()
err_str += " TYPE: " + str(api.get_error_type())
err_str += " MESSAGE: " + api.get_error_message()
print err_str
raise Exception("DNS record update failed with %s"%err_str)
def DeleteRecord(record_info, params):
username = params.get('username')
passkey = params.get('password')
ip = record_info.get('f_ip_address', '') or record_info.get('ip_address', '')
cname = record_info.get('cname', '')
fqdn = record_info.get('fqdn')
ttl = record_info.get('ttl', 900)
record_type = record_info.get('type', 'DNS_RECORD_A')
dns_record_id = 0
metadata_j = record_info.get('metadata', None)
if metadata_j:
metadata = json.loads(metadata_j)
# Check if default of 0 as DNS record id is useful
dns_record_id = metadata.get('dns_record_id', 0)
api = WebApiClient(username, passkey, domain)
api.disable_ssl_chain_verification()
param_dict = {
# DNS Record Information
"dns_record_id" : int(dns_record_id),
"delete_reason" : "Reason for deleting record",
"push_immediately" : True,
"update_serial" : True,
}
rsp = api.send_request("Delete", param_dict)
if not rsp:
print "ERROR:"
print " STATUS: " + api.get_response_status()
print " TYPE: " + str(api.get_error_type())
print " MESSAGE: " + api.get_error_message()
return ""
The following parameters can be used in the script
- username – Example: admin
- password – Example: avi123
- API version: Example: 1.2
The above parameters are provided for an example purpose only. Based on the method used in the script, the parameters should be passed to the script.
Creating Custom DNS Profile using CLI
l
[admin-cntrl1]: > configure customipamdnsprofile custom-dns-profile
[admin-cntrl1]: customipamdnsprofile>
cancel Exit the current submode without saving
do Execute a show command
name Name of the Custom IPAM DNS Profile.
new (Editor Mode) Create new object in editor mode
no Remove field
save Save and exit the current submode
script_params (submode)
script_uri Script URI of form controller://ipamdnsscripts/<file-name>
show_schema show object schema
tenant_ref Help string not found for argument
watch Watch a given show command
where Display the in-progress object
[admin-cntrl1]: customipamdnsprofile>
In the above configuration snippet, the custom_dns_script.py script is uploaded with the following attributes.
- Name: custom-dns-profile
- Username: dnsuser
- Password: Password with the
is_sensitiveflag set to True - URI for the script: controller://ipamdnsscripts/custom_dns_script.py
Use the following syntax for uploading your script. controller://ipamdnsscripts/<script name>
Below is the output of the show customipamdnsprofile custom-dns-profile command.
[admin:10-10-25-160]: > show customipamdnsprofile custom-dns-profile
+------------------+-----------------------------------------------------------+
| Field | Value |
+------------------+-----------------------------------------------------------+
| uuid | customipamdnsprofile-c12faa8a-f0eb-4128-a976-98d30391b9f2 |
| name | custom-dns-profile |
| script_uri | controller://ipamdnsscripts/custom_dns_script.py |
| script_params[1] | |
| name | username |
| value | dnsuser |
| is_sensitive | False |
| is_dynamic | False |
| script_params[2] | |
| name | password |
| value | <sensitive> |
| is_sensitive | True |
| is_dynamic | False |
| tenant_ref | admin |
+------------------+-----------------------------------------------------------+
Configuring IPAM DNS Provider profile
Use the command configure ipamdnsproviderprofile <profile name> to create the IPAM DNS provider profile.
Note: Parameters used for the profile configuration depend on the environment.
[admin-cntrl1]: configure ipamdnsproviderprofile dns-profile
[admin-cntrl1]: ipamdnsproviderprofile>
allocate_ip_in_vrf If this flag is set, only allocate IP from networks in the Virtual Service VRF. Applicable for Avi Vantage IPAM only
aws_profile (submode)
azure_profile (submode)
cancel Exit the current submode without saving
custom_profile (submode)
do Execute a show command
gcp_profile (submode)
infoblox_profile (submode)
internal_profile (submode)
name Name for the IPAM/DNS Provider profile
new (Editor Mode) Create new object in editor mode
no Remove field
openstack_profile (submode)
proxy_configuration (submode)
save Save and exit the current submode
show_schema show object schema
tenant_ref Help string not found for argument
type Provider Type for the IPAM/DNS Provider profile
watch Watch a given show command
where Display the in-progress object
[admin-cntrl1]: ipamdnsproviderprofile>
- Provide the desired name – Example: dns-profile
- Select
Typeas IPAMDNS_TYPE_CUSTOM - Provide the
custom_ipam_dns_profile_refvalue as custome-dns-profile (name of the custom DNS profile created in the previous step)
The following additional parameter is passed to the script:
- Name – api_version
- value – 2.2
[admin-cntrl1]: > show ipamdnsproviderprofile dns-profile
+-------------------------------+-------------------------------------------------------------+
| Field | Value |
+-------------------------------+-------------------------------------------------------------+
| uuid | ipamdnsproviderprofile-82ec8888-122e-4ca9-a1b3-0320c37e2d68 |
| name | dns-profile |
| type | IPAMDNS_TYPE_CUSTOM |
| custom_profile | |
| custom_ipam_dns_profile_ref | custom-dns-profile |
| dynamic_params[1] | |
| name | api_version |
| value | 2.2 |
| is_sensitive | False |
| is_dynamic | False |
| allocate_ip_in_vrf | False |
| tenant_ref | admin |
+-------------------------------+-------------------------------------------------------------+