VPC DNS server DHCP options settings

[Eric Neumann <er...@icloud.com>]

Hi All,

How can a CloudStack tenant set their preferred DNS servers in the VPC’s DHCP options it gives out. The VPC seems to give out it’s own IP address, which it serves with DNSmasq - forwarding all requests to the public DNS ip addresses defined; all of that works fine, but if a tenant wants to configure a set of DNS servers internal to the VPC - AD Domain Controllers for example - then how can this be accommodated?

Thanks all in advance,
Eric

Re: VPC DNS server DHCP options settings

[Rene Moser <ma...@renemoser.net>]

Hi

On 03/03/2018 02:56 PM, Eric Neumann wrote:
> Hi All,
> 
> How can a CloudStack tenant set their preferred DNS servers in the VPC’s DHCP options it gives out. The VPC seems to give out it’s own IP address, which it serves with DNSmasq - forwarding all requests to the public DNS ip addresses defined; all of that works fine, but if a tenant wants to configure a set of DNS servers internal to the VPC - AD Domain Controllers for example - then how can this be accommodated?

There is a new field in the APIs for virtualmachines:
dhcpoptionsnetworklist which sound like the thing you are looking for,
but I haven't a chance to play with it. This is new for 4.11.

If have cloudstack < 4.11 you have a couple of choices.

I see another option: build your templates with cloud-init support.
Among other options and configurations, it allows your users to define
the cloud config
http://cloudinit.readthedocs.io/en/latest/topics/examples.html#configure-an-instances-resolv-conf
in the userdata field in the deployVirtualMachines API.

Unfortunately (as far as I remember) the UI has the user data form field
since 4.11, so your users can't use the built in UI to pass the cloud
configs.

They have to use the API directly of a configration management engine
(like ansible)

The ansible modules support it:

- cs_instance:
    display_name: web-vm-1
    template: Linux Debian 9 64-bit
    service_offering: Tiny
    ssh_key: john@example.com
    user_data: |
      #cloud-config
      manage_resolv_conf: true
      resolv_conf:
        nameservers: ['8.8.4.4', '8.8.8.8']
        searchdomains:
          - foo.example.com
          - bar.example.com
        domain: example.com
        options:
          rotate: true
          timeout: 1

Second option is to use a configuration management tool (puppet,
ansible, chef) after the vm has been deployed and overwrite the
resolv.conf and reconfigure the network configs to only use IP from dhcp
(so reboot is no problem) or create a template which already have this
setup and deploy the VMs from it.

Hope I could help

René

Re: VPC DNS server DHCP options settings

[Andrija Panic <an...@gmail.com>]

Hi Eric,

not sure this is possible actually, except that you can override DNS
settings (windows at least I know for sure) in the TCP/IP dialog properties.

Cheers

On 3 March 2018 at 14:56, Eric Neumann <er...@icloud.com> wrote:

> Hi All,
>
> How can a CloudStack tenant set their preferred DNS servers in the VPC’s
> DHCP options it gives out. The VPC seems to give out it’s own IP address,
> which it serves with DNSmasq - forwarding all requests to the public DNS ip
> addresses defined; all of that works fine, but if a tenant wants to
> configure a set of DNS servers internal to the VPC - AD Domain Controllers
> for example - then how can this be accommodated?
>
> Thanks all in advance,
> Eric




-- 

Andrija Panić