Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to DNS: from manual records to a modern & dynamic approach
Similar to DNS: from manual records to a modern & dynamic approach (20)
More from Scaleway
More from Scaleway (20)
Recently uploaded
Recently uploaded (20)
DNS: from manual records to a modern & dynamic approach
- 1. 1
- 2. Van Hau TRAN Product Owner #Domain DNS: from manual records to a modern & dynamic approach Emplacement photo 2
- 3. "Everything is a freaking DNS problem" 3 DNS_PROBE_FINISHED_NXDOMAIN
- 4. "Everything is a freaking DNS problem" Index Why need to change? 4
- 5. "Everything is a freaking DNS problem" Index Why need to change? What we need? 5
- 6. "Everything is a freaking DNS problem" Agenda Why change? What do we need? Scaleway Domains under the hood 6
- 7. A long time ago Internet's phonebook 7
- 8. A long time ago BIND Berkeley Internet Name Domain Authoritative and Resolver Working with zone files 8
- 9. A brand new world Evolutions • Dedicated • Cloud • On-premises • Hybrid Cloud • Multi Cloud • VMs • Containers 9
- 10. Where is my service? 10
- 11. Scaleway Domains European cloud computing company Need a DNS product: • To connect to Scaleway products • To allow connection from/to any external services 11
- 13. Devops Culture • Continuous Anything needs: • Infrastructure Automation • Continuous Delivery INFRA AS CODE 13
- 14. Devops Culture • Continuous Anything needs: • Infrastructure Automation • Continuous Delivery INFRA AS CODE 14
- 15. Infra as Code Curl 15 curl --request PATCH --url https://api.scaleway.com/domain/v2alpha2/dns-zones/scaleway-demo.fr/records --header 'content-type: application/json' --header 'x-auth-token: xxxx' --data '{ "return_all_records": true, "changes": [ { "clear": {} }, { "add": { "records": [ { "name": "www", "data": "1.2.3.4", "type": "A", "ttl": 10 } ] } } ] }'
- 16. Infra as Code { "add": { "records": [ { "name": "www", "data": "1.2.3.4", "type": "A", "ttl": 10 } ] } } Curl 16
- 17. Infra as Code Ansible - name: define A records domain_scaleway_record: token: "{{ token }}" endpoint: "{{ endpoint | default('') }}" name: "{{ item['name'] }}" zone: "{{ zone }}" type: "{{ item['type'] }}" content : "{{ item['content'] }}" ttl: "{{ item['ttl'] }}" state: "{{ item['state'] }}" with_items: '{{ records }}' register: result 17
- 18. How we run some of our tests 18
- 19. Static vs Dynamic STATIC ANSWER 19 www resolve to 1.2.3.4
- 20. Static vs Dynamic STATIC ANSWER DYNAMIC ANSWER 20
- 21. Static vs Dynamic STATIC ANSWER DYNAMIC ANSWER record A 1.2.3.4 record A 1.2.3.4 if FR else 4.3.2.1 21
- 22. Static vs Dynamic STATIC ANSWER DYNAMIC ANSWER 22
- 23. Scaleway DNS Make it work 23
- 24. Scaleway Domains API BASIC VERSION 24 API GW DNS API DOMAIN API
- 25. BASIC VERSION 25 API GW DNS API DOMAIN API DNS SERVER REGISTRAR Scaleway Domains API
- 26. BASIC VERSION 26 API GW DNS API DOMAIN API DNS SERVER DNS Queries REGISTRAR Scaleway Domains API
- 27. BASIC VERSION 27 API GW DNS API DNS SERVER DNS Queries Scaleway Domains API
- 28. Scaleway Domains API - Basic Version PowerDNS • Don't reinvent the wheel • RFC compliant • API • + Dynamic record LUA example : ifurlup('http://www', {'51.15.121.80','51.15.210.104'}, {stringmatch='works'} 28
- 29. POWERDNS LUA 29 DNS SERVER DNS Queries engine Scaleway Domains API
- 30. POWERDNS LUA 30 DNS SERVER DNS Queries engine record LUA script function external call Scaleway Domains API
- 31. Scaleway Domains API - Basic Version Example 31 web1 web2 resolve www.scaleday-test.fr DNS SERVER don't use if down
- 32. Scaleway Domains API - Basic Version POWERDNS 32 record LUA script function external call check if http://51.15.121.80 contains the word "works" extract script for WWW use "ifurlup" function check http://51.15.210.104 contains the word "works" ifurlup( 'http://www', {'51.15.121.80','51.15.210.104'},{stringmatch='works'})
- 33. Scaleway Domains API - Basic Version curl --request PATCH --url https://api.scaleway.com/domain/v2alpha2/dns-zones/scaleway-demo.fr/records --header 'content-type: application/json' --header 'x-auth-token: xxxxxxxxxxxxxxxxxx' --data '{ "return_all_records": false, "changes": [ { "clear": {} }, { "add": { "records": [ { "name": "www", "data": "url http://www.scaleway-demo.fr ips 51.15.121.80,51.15.210.104 text '''works'''" , "type": "FUNC_URLUP_A", "ttl": 60 } ] } } ] }' Curl using our API 33
- 34. Scaleway Domains API - Basic Version "name": "www", "data": "url http://www.scaleway-demo.fr ips 51.15.121.80,51.15.210.104 text '''works'''", "type": "FUNC_URLUP_A", 34 Curl using our API
- 35. "name": "www", "data": "url http://www.scaleway-demo.fr ips 51.15.121.80,51.15.210.104 text '''works'''", "type": "FUNC_URLUP_A", Scaleway Domains API - Basic Version 35 name of record url to ask IPs to check text to check custom type Curl using our API
- 36. Scaleway Domains API - Basic Version DEMO 36 when www.scaleway-demo.fr record is set to url http://www.scaleway-demo.fr ips 51.15.121.80,51.15.210.104 text 'works' with previous curl dig A www.scaleway-demo.fr @9.9.9.9 +short will answer randomly to 51.15.121.80 or 51.15.210.104 if we update the text of the page to simulate a server down on 51.15.210.104 ssh root@51.15.210.104 "sed -i 's/works/fails/g' /var/www/html/index.html" all dig will always answer 51.15.121.80
- 37. Scaleway Domains API - Basic Version PowerDNS LUA experience Works fine but: • limited list of functions • only accepting IP • -> limited rules Scaling / performance: • run on same server • limited control / monitoring • only works for PowerDNS 37
- 38. Scaleway Domains API - Basic Version PowerDNS LUA experience • BIND • KNOT • COREDNS • ... others software Works fine but: • limited list of functions • only accepting IP • -> limited rules Scaling / performance: • run on same server • limited control / monitoring • only works for PowerDNS 38
- 39. Scaleway Domains API I want more 39
- 40. Scaleway Domains API - Intermediate Version Need to be agnostic 40
- 41. INTERMEDIATE VERSION 41 DNS API DNS SERVER STATIC DNS Queries RESOLVE DYNAMIC?backend driver 1 2 Scaleway Domains API
- 42. INTERMEDIATE VERSION 42 DNS API DNS SERVER STATIC DNS Queries DNS SERVER DYNAMICbackend driver ? 1 2 Scaleway Domains API
- 43. INTERMEDIATE VERSION 43 DNS API DNS SERVER STATIC DNS Queries DNS SERVER DYNAMIC backend driver DNS SERVER DYNAMIC scaling ? 1 2 Scaleway Domains API
- 44. INTERMEDIATE VERSION 44 DNS API DNS SERVER STATIC DNS Queries DNS SERVER DYNAMIC backend driver DNS SERVER DYNAMIC A/B Testing ? 1 2 Scaleway Domains API
- 45. INTERMEDIATE VERSION 45 DNS API DNS SERVER STATIC DNS Queries DNS SERVER DYNAMICbackend driver ? 1 2 Scaleway Domains API
- 46. Scaleway Domains API - Intermediate Version Forward requests to DNS server running dynamic records 46 DNS SERVER STATIC DNS Queries DNS SERVER DYNAMIC USING ALIAS RECORD IPv4 for www ?
- 47. Scaleway Domains API - Intermediate Version Forward requests to DNS server running dynamic records 47 DNS SERVER STATIC DNS Queries DNS SERVER DYNAMIC USING ALIAS RECORD IPv4 for www ?
- 48. Scaleway Domains API - Intermediate Version Forward requests to DNS server running dynamic records 48 DNS SERVER STATIC DNS Queries DNS SERVER DYNAMIC USING ALIAS RECORD IPv4 for www is 1.2.3.4
- 49. Scaleway Domains API - Intermediate Version ALIAS can almost work but • custom record type • not working with wildcards Forward requests to DNS server running dynamic records 49
- 50. Scaleway Domains API - Intermediate Version Forward requests to DNS server running dynamic records 50 DNS SERVER STATIC DNS Queries DNS SERVER DYNAMIC USING ZONE DELEGATION IPv4 for www ?
- 51. Scaleway Domains API - Intermediate Version Forward requests to DNS server running dynamic records 51 DNS SERVER STATIC DNS Queries USING ZONE DELEGATION please ask this DNS DNS SERVER DYNAMIC
- 52. Scaleway Domains API - Intermediate Version Forward requests to DNS server running dynamic records 52 DNS SERVER STATIC DNS Queries DNS SERVER DYNAMIC USING ZONE DELEGATION IPv4 for www ?
- 53. Scaleway Domains API - Intermediate Version Delegation zone with NS record: • mechanism for failover, load balancing • allows working with wildcards Forward requests to DNS server running dynamic records 53
- 54. INTERMEDIATE VERSION 54 DNS API DNS SERVER STATIC DNS Queries backend 1 2 DNS SERVER DYNAMIC 3 driver zone delegation Scaleway Domains API
- 55. INTERMEDIATE VERSION 55 DNS API DNS SERVER STATIC DNS Queries backend 1 2 zone delegation DNS SERVER DYNAMIC 1 not every request !!! driver Scaleway Domains API
- 56. INTERMEDIATE VERSION 56 DNS API DNS SERVER STATIC DNS Queries backend 1 2 zone delegation DNS SERVER DYNAMIC 3 engine driver Scaleway Domains API
- 57. Scaleway Domains API - Intermediate Version LUA engine can work but: • not everybody knows LUA • engine to code, scale and maintain Engine for dynamic records 57
- 58. Scaleway Domains API - Intermediate Version Microservices engine: • DNS over HTTPS JSON • all langages • external engine Engine for dynamic records 58
- 59. Scaleway Domains API - Intermediate Version DNS answer in JSON 59 { "Status":0, "TC":false, "RD":true, "RA":true, "AD":true, "CD":false, "Question":[ { "name":"www.scaleday-test.fr.", "type":1 } ], "Answer":[ { "name":"www.scaleday-test.fr.", "type":1, "TTL":60, "data":"51.158.125.207" } ] }
- 60. Scaleway Domains API - Intermediate Version DNS answer in JSON 60 "Answer":[ { "name":"www.scaleday-test.fr.", "type":1, "TTL":60, "data":"51.158.125.207" }
- 61. INTERMEDIATE VERSION 61 DNS API DNS SERVER STATIC DNS Queries backend driver 1 2 zone delegation DNS SERVER DYNAMIC 3 engine resolve service 4 Scaleway Domains API
- 62. INTERMEDIATE VERSION 62 DNS API DNS SERVER STATIC DNS Queries backend driver 1 2 zone delegation DNS SERVER DYNAMIC 3 engine external resolve service 4 Scaleway Domains API
- 63. Scaleway Domains API - Intermediate Version Demo - Mix Static & Dynamic 63 Domain: scaleway-test.fr www. time. *.dyn. static record A 1.2.3.4 dynamic record TXT return time dynamic record A/AAAA return IPs from external source
- 64. Scaleway Domains API - Intermediate Version Demo - Mix Static & Dynamic 64 *.dyn. IPs of instances tagged
- 65. Scaleway Domains API - Intermediate Version Demo - Mix Static & Dynamic 65 DNS SERVER DYNAMIC engine external resolve service Serverless Instances DNS over HTTPS API
- 66. Scaleway Domains API - Intermediate Version Declaration is easy 66 { "name": "*.dyn", "data": "https://bdc5d5cc-ccc3-402a-b642-c59d4d87a487- scalewaypython3deveratzbfk.functions.fnc.fr-par.scw.cloud/resolve", "type": "FUNCTION", "ttl": 10 }
- 67. Scaleway Domains API - Intermediate Version LIVE DEMO 67
- 68. Scaleway Domains API - Intermediate Version Next challenges Offer sample dynamics records DNSSEC with dynamics records Manage timeout, cache, warmup Performance etc .. 68
- 69. Scaleway Domains API Early Access open We need you 69 https://scaleway.com/betas/
- 70. "Everything is a freaking DNS problem" Source 70 vanonox
- 71. THANK YOU Stay tuned for exclusive how-to's and updates, follow us on Twitter and LinkedIn @Scaleway Emplacement QR Code 71 https://scaleway.com/betas/