4.7 KiB
4.7 KiB
DNS Integration Guide
Overview
The DNS integration module provides automatic DNS registration and management for provisioned servers through CoreDNS integration.
Architecture
┌─────────────────┐
│ Orchestrator │
│ (Rust) │
└────────┬────────┘
│
▼
┌─────────────────┐
│ DNS Manager │
│ │
│ - Auto-register│
│ - TTL config │
│ - Verification │
└────────┬────────┘
│
▼
┌─────────────────┐
│ CoreDNS Client │
│ (HTTP API) │
└────────┬────────┘
│
▼
┌─────────────────┐
│ CoreDNS │
│ Service │
└─────────────────┘
Features
1. Automatic DNS Registration
When a server is created, the orchestrator automatically registers its DNS record:
// In server creation workflow
let ip = server.get_ip_address();
state.dns_manager.register_server_dns(&hostname, ip).await?;
2. DNS Record Types
Supports multiple DNS record types:
- A - IPv4 address
- AAAA - IPv6 address
- CNAME - Canonical name
- TXT - Text record
3. DNS Verification
Verify DNS resolution after registration:
let verified = state.dns_manager.verify_dns_resolution("server.example.com").await?;
if verified {
info!("DNS resolution verified");
}
4. Automatic Cleanup
When a server is deleted, DNS records are automatically removed:
state.dns_manager.unregister_server_dns(&hostname).await?;
Configuration
DNS settings in config.defaults.toml:
[orchestrator.dns]
coredns_url = "http://localhost:53"
auto_register = true
ttl = 300
Configuration Options
- coredns_url: CoreDNS HTTP API endpoint
- auto_register: Enable automatic DNS registration (default: true)
- ttl: Default TTL for DNS records in seconds (default: 300)
API Endpoints
List DNS Records
GET /api/v1/dns/records
Response:
{
"success": true,
"data": [
{
"name": "web-01.example.com",
"record_type": "A",
"value": "192.168.1.10",
"ttl": 300
}
]
}
Usage Examples
Register Server DNS
use std::net::IpAddr;
let ip: IpAddr = "192.168.1.10".parse()?;
dns_manager.register_server_dns("web-01.example.com", ip).await?;
Unregister Server DNS
dns_manager.unregister_server_dns("web-01.example.com").await?;
Update DNS Record
let new_ip: IpAddr = "192.168.1.20".parse()?;
dns_manager.update_dns_record("web-01.example.com", new_ip).await?;
List All Records
let records = dns_manager.list_records().await?;
for record in records {
println!("{} -> {} ({})", record.name, record.value, record.record_type);
}
Integration with Workflows
Server Creation Workflow
- Create server via provider API
- Wait for server to be ready
- Register DNS record (automatic)
- Verify DNS resolution
- Continue with next steps
Server Deletion Workflow
- Stop services on server
- Unregister DNS record (automatic)
- Delete server via provider API
- Update inventory
Error Handling
The DNS integration handles errors gracefully:
- Network errors: Retries with exponential backoff
- DNS conflicts: Reports error but continues workflow
- Invalid records: Validates before sending to CoreDNS
Testing
Run DNS integration tests:
cd provisioning/platform/orchestrator
cargo test test_dns_integration
Troubleshooting
DNS registration fails
- Check CoreDNS is running and accessible
- Verify
coredns_urlconfiguration - Check network connectivity
- Review orchestrator logs
DNS records not resolving
- Verify record was registered (check logs)
- Query CoreDNS directly
- Check TTL settings
- Verify DNS resolver configuration
Best Practices
- Use FQDN: Always use fully-qualified domain names
- Set appropriate TTL: Lower TTL for dev, higher for prod
- Enable auto-register: Reduces manual operations
- Monitor DNS health: Check DNS resolution periodically
Security Considerations
- Access Control: Restrict access to CoreDNS API
- Validation: Validate hostnames and IP addresses
- Audit: Log all DNS operations
- Rate Limiting: Prevent DNS flooding
Future Enhancements
- Support for SRV records
- DNS zone management
- DNSSEC integration
- Multi-zone support
- DNS caching layer