The CloudStack “Virtual Router” provides “Private DNS” services for guest instances. The hostnames can be set from the Add Instance creation wizard or directly via the deployVirtualMachine API call.
Instances that are created with the “Name” (Optional) parameter will have it’s forward and reverse DNS entry set to the user defined value. In the screenshot below, the newly launched instance has its “Name” set to “Tiny4”.
The DNS entry can be verified by using the host command.
So for the private DNS resolution to work…
- Clients would need to update their DNS settings to use the CloudStack VR
- Have access to the private guest network to reach the VR via site to site VPN or client VPN tunnels
So what about the rest of the world? Since the DNS services provided by the CloudStack VR are “Private” to CloudStack, public DNS servers like Google DNS or your ISPs DNS servers wont be able to resolve the entries created on the CloudStack Virtual Router.
For Public DNS resolution to work, public DNS infrastructure hosting solution from various DNS hosting providers can be used. Alternatively, you could run your own public DNS hosting infrastructure. DNS entries can then be created dynamically with the provier’s DNS updater APIs.
- Signup for public DNS services with a providers
- Generate Keys for using the DNS updater APIs
- Create custom scripts which trigger the update on instance start. Alternatively, there are updater scripts publicly available for popular service providers which can be readily used with your OS
- Create a new CloudStack OS template with the scripts integrated
- Finally, launch new instances from the custom template with the “Name” parameter set
Once the updater does its job, DNS resolution would work across all public DNS servers. Of course, you would still need network connectivity like the VPN to actually reach the instances.
What about public IPs that’s assigned to the instance VMs? The CloudStack VR only provides internal resolution for DHCP assigned ip addresses and not statically assigned public IP addresses. You could rely on your public DNS updater scripts to add the public IP address of the instance instead of the private DHCP IP.
The public IPv4 assigned to the instance can be fetched from the meta-data server via the following URL.
See Apacge User Data and Meta Data documentation. The public IP addresses would be routable over the internet and would be useful for publicly accessible services like websites.
A note for user’s looking to write their own custom DNS updater scripts:
- The very popular Cloud-init framework already supports CloudStack’s metadata source. It would be best to implement a custom updater module inside cloud-init to provide DNS update services to your instances.
- Be careful about storing updater keys and credentials on publicly accessible templates or on instances where you have untrusted users
- Configuration management systems like Puppet, Chef and Ansible can certainly be used for doing DNS updates. But they too will require custom recipes and modules. Cloud-init, IMHO would be the way forward as its a framework seeing wider adoption across all IaaS cloud.