DNS Integration via Delegation

Note: anynines recommends using this pattern for production setups.

If this integration pattern should be used, you must be able to configure a DNS delegation in your existing nameserver.

By default, each hostname that should be resolved by the a9s Consul DNS for PCF ends with .a9svs. You can modify this top level domain in the tile configuration. Each DNS lookup containing a hostname which ends with the configured top level domain should be delegated to the nameserver within the a9s Consul DNS tile.

Before you can configure the DNS delegation you must install the a9s Consul DNS for PCF tile and find out the IP addresses of the nameserver. See the instructions below.

1. Add/Configure the a9s Consul DNS Tile for PCF

Complete the following steps to download and install a9s Consul for PCF.

  1. Download the product file from the Pivotal Network.

  2. Navigate to the Ops Manager Installation Dashboard and click Import a Product to upload the product file.

  3. Click Add next to the uploaded a9s Consul for PCF tile in the Ops Manager Available Products view to add it to your staging area.

  4. Click the a9s Consul DNS for PCF tile.

  5. Click on Assign AZs and Networks and assign the network and AZs that should be used for this tile.

  6. If you have multiple PCF environments and you want to install the a9s Consul DNS for PCF tile on each environment, click on Consul Settings and ensure that you configure different domains for each PCF environment. This is necessary to be able to distinguish the dnslookups. Otherwise your company’s DNS server would be confused as to which Consul DNS a DNS lookup should be delegated.

  7. Click Upstream Nameservers.

  8. Enter your default nameservers in the General upstream nameservers field. These nameservers resolve DNS queries except those from the following targets:

    • Domain-specific nameservers that will be defined in the Domain Specific Nameservers field
    • Hosts containing the .a9svs pattern in the hostname, which is reserved for services provided by anynines screenshot of upstream nameservers configuration
  9. Perform the following procedure for each additional domain you want to add:

    1. Click Add to add a domain-specific nameserver. Screenshot of domain specific nameservers configuration
    2. Enter an internal domain or top-level domain in the Domain field.
    3. Enter a corresponding nameserver in the Nameservers field. The nameserver resolves DNS queries matching the domain. For example, this could be the nameserver of your specific provider or data center. When using vSphere, this could be an internal nameserver that resolves vSphere host names.
  10. Click Save.

  11. Return to the Installation Dashboard and click Apply changes to deploy the service.

2. Find Out the IP Addresses of the dnsmasq Servers within the a9s Consul DNS for PCF Tile

Once the tile is successfully installed it is required that you find out the IP addresses of the nameservers within the a9s Consul DNS for PCF tile in order to setup the DNS delegation in your company’s nameservers.

For this reason, click on the a9s Consul DNS tile and then on Status. It takes a few seconds until the required information are displayed.

Remember the three IP addresses of the dnsmasq servers.

screenshot of a9s Consul DNS for PCF tile

3. Setup DNS Delegation within your existing nameservers

Talk to the administrator of your company’s nameservers to setup a delegation of a9s Consul DNS hostnames. The hostnames of these queries end with a9svs by default and must be delegated to the IP addresses of the dnsmasq server within the a9s Consul DNS tile.

Note: The domain used by the a9s Consul DSN tile (a9svs) can be changed in the Consul DNS tile settings.

Create a pull request or raise an issue on the source for this page in GitHub