CloudOne DNS - V 1
CloudOne DevOps DNS
Background
We have standardized the DNS records for CloudOne to support automation for things like DR failover/failback. This standard also provides easier setup and troubleshooting, since the dns record clearly shows which namespace the service is running on.
TLDR: You create your DNS record(s) to point to {namespace}.cloudone.netapp.com, regardless of which cluster it is running on. This is the same for both internal and external records.
Requirements
- Must be using Ambassador (Routes not supported)
- You must have an ambassador mapping with the host value as your production service url
- You will need a seperate ambassador mappings with the ambassador_id as
Internaland/orExternalas needed
Create DNS Records (automated)
- Use the DNS as a Service function within the ServiceNow CloudOne DevOps Portal (see KB0008132).
-
Once the DNS record has been created, verify that it is valid
$ nslookup myapp.netapp.com Server: 10.122.76.132 Address: 10.122.76.132#53 myapp.netapp.com canonical name = abc-uiservice-prd.cloudone.netapp.com. abc-uiservice-prd.cloudone.netapp.com canonical name = abc-uiservice-prd.prd02i.cloudone.netapp.com. abc-uiservice-prd.prd02i.cloudone.netapp.com canonical name = npc-us-west-dc61-aes.ncloud.netapp.com. Name: npc-us-west-dc61-aes.ncloud.netapp.com Address: 10.124.0.13
Create DNS Records (manual)
-
Determine the destination (canonical) of your endpoint
- This will be in the format of
{namespace}.cloudone.netapp.com -
If your production service
https://myapp.netapp.com/is running in the namespaceabc-uiservice-prd, then your DNS record will be:myapp.netapp.com (name) -> abc-uiservice-prd.cloudone.netapp.com (canonical)
- This will be in the format of
-
Verify that your canonical is valid
$ nslookup abc-uiservice-prd.cloudone.netapp.com Server: 10.122.76.132 Address: 10.122.76.132#53 Non-authoritative answer: abc-uiservice-prd.cloudone.netapp.com canonical name = abc-uiservice-prd.prd02i.cloudone.netapp.com. abc-uiservice-prd.prd02i.cloudone.netapp.com canonical name = npc-us-west-dc61-aes.ncloud.netapp.com. Name: npc-us-west-dc61-aes.ncloud.netapp.com Address: 10.124.0.13 -
Open an INC
- Assign to
ITSO > Unix Operationsto create the DNS record. - You will need to request this DNS record to be created for Internal and/or External.
- Assign to
-
Once the DNS record has been created, verify that it is valid
$ nslookup myapp.netapp.com Server: 10.122.76.132 Address: 10.122.76.132#53 myapp.netapp.com canonical name = abc-uiservice-prd.cloudone.netapp.com. abc-uiservice-prd.cloudone.netapp.com canonical name = abc-uiservice-prd.prd02i.cloudone.netapp.com. abc-uiservice-prd.prd02i.cloudone.netapp.com canonical name = npc-us-west-dc61-aes.ncloud.netapp.com. Name: npc-us-west-dc61-aes.ncloud.netapp.com Address: 10.124.0.13
DR DNS Records
You will also want to create DR URL's for your services (e.g. myapp-dr.netapp.com) for DR testing. You should use the instructions above to create DNS records for those to point to '{namespace}-dr.cloudone.netapp.com' (note the -dr suffix)
Example: myapp-dr.netapp.com -> abc-uiservice-prd-dr.cloudone.netapp.com
You will also need to add dr ambassador mapping entries in your values*.yml file(s) for the -dr url - refer
There are 2 phases to the DR process within the CloudOne DevOps Portal in Service-Now
- Initiate Failover - Once the initiate failover process has completed, you should then be able to reach your service on the new cluster at
myapp-dr.netapp.comto perform your testing. - Finalize Failover - Once testing is completed and the finalize failover process has completed, you should then be able to reach your service on the new cluster at your production url
myapp.netapp.comand will no longer be reachable at the -dr url.
The red lines in the diargram below is what the application team will need to setup. Keep in mind that the two {namespace} values in the diagram should match.
Notes
- You will need to perform the nslookup while on corp network to test internal dns records and off the corp network to test external dns records.
- If you have moved your service to a different hostspace, just open an INC to have them remove the old record(s) and create the new record(s) pointing to the new hostspace.
- You can use your workspace, hostspace, or dataspace namespace. Keep in mind that workspace and dataspace dns records can only be created as Internal.