Designate

Add DNS configuration examples for Quantum + multiple tenants

Bug #1112866 reported by Manu Sporny
18
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Designate
Won't Fix
Wishlist
Unassigned

Bug Description

We're running an operational OpenStack Folsom + Quantum cluster configured to host multiple tenants, each having their own subnet. OpenStack configures a DNSMasq process for each subnet already. I was attempting to get DNS configured correctly for each subnet, but the documentation isn't very clear on how to do that. I read everything about the dhcp_agent.ini file and finally had to give up and start reading the code.

It seems like you can only have one domain for all tenants (the docs aren't very clear about this), which seems like an artificial limitation. It also seems like the VM hostnames you enter via the Horizon UI aren't reflected in DNS at all (just the IP address converted to a hostname, which is not very useful).

Here's why that matters to us:

We isolate different product websites in our company into their own Tenants. Many of those websites are backed by multiple database servers and back-end application servers. So, one tenant would be responsible for all VMs running example.com. We might have web-1, web-2, db-1, db-2, and app-1. We'd like the default domain name exposed by dnsmasq for this tenant to be 'example.com'. We'd also like each machine name to be registered in dnsmasq, so each of the machines could use the short names to ping each other... for example, 'ping web-2' from the app-1 VM should just work. It currently does not.

If we wanted to have another Tenant expose 'blue.com' as the default domain for its subnet, we couldn't do it. Currently, you're limited to one domain name for your entire OpenStack cluster, AFAICT. It should be, at least, one domain name per tenant. Perhaps it would be simpler to allow the Tenant to specify the DNS entry for the VM for the subnet's DNSmasq process?

We'd also like to see the VM hostname chosen via the Horizon UI to be exposed to the subnet. So a ping to web-2.example.com should work /from inside of the subnet/.

Finally, documentation about how to setup DNS to achieve this use case would be very helpful. The OpenStack documentation for DNS configuration is pretty sparse, and to get an understanding of how this stuff works required me to start reading code for 2-3 days to wrap my mind around whether there was any way to do what I wanted to do (the use case above).

Revision history for this message
Tom Fifield (fifieldt) wrote :

Thanks for your detailed report Manu

Changed in openstack-manuals:
status: New → Confirmed
importance: Undecided → Medium
Revision history for this message
Manu Sporny (msporny) wrote :

The Quantum bug for this is filed here:

https://bugs.launchpad.net/quantum/+bug/1112884

Anne Gentle (annegentle)
tags: added: neutron
Edgar Magana (emagana)
Changed in openstack-manuals:
assignee: nobody → Edgar Magana (emagana)
Revision history for this message
Tom Fifield (fifieldt) wrote :

Believe this should be handled by the DNS project before it can be written about in docs

no longer affects: openstack-manuals
Kiall Mac Innes (kiall)
Changed in designate:
status: New → Triaged
importance: Undecided → Wishlist
sonu (sonu-bhumca11)
Changed in designate:
assignee: nobody → sonu (sonu-bhumca11)
Revision history for this message
Graham Hayes (grahamhayes) wrote :

This has been superseded by the neutron-designate integration in mitaka

Changed in designate:
status: Triaged → Won't Fix
assignee: sonu (sonu-bhumca11) → nobody
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.