Awesome
OctoBlox
Infoblox provider for octoDNS
OctoBlox provides the glue for enterprise migration to GitOps with Infoblox.
Installation
pip install octoblox
Configure
providers:
infoblox:
class: octoblox.InfoBloxProvider
endpoint: infoblox.example.com
username: admin
password: env/INFOBLOX_PASSWORD
# verify: ./infoblox.pem
# apiver: 1.0
# dns_view: default
# log_change: true
# alias_types:
# - A
# - AAAA
# - TXT
# create_zones: true
# new_zone_fields:
# grid_primary:
# - name: infoblox.example.com
# ns_group: default
# restart_if_needed: true
# soa_default_ttl: 3600
# view: default
# use_grid_zone_timer: true
delegated:
class: octoblox.DelegatedProvider
endpoint: infoblox.example.com
username: admin
password: env/INFOBLOX_PASSWORD
# verify: ./infoblox.pem
# apiver: 1.0
# dns_view: default
# log_change: true
# create_zones: true
# new_zone_fields:
# delegate_to:
# - name: ns1.delegated.example.com
# address: 1.1.1.1
# - name: ns2.delegated.example.com
# address: 8.8.8.8
# ns_group: default
# view: default
Alias Record Update Behaviour
Infoblox allows for an alias record per DNS record type.
By default OctoBlox will ensure both A and AAAA records are created.
This can be changed using the alias_types
parameter.
In the event that too many or not enough record types exist for a single record,
the discovered target value will have invalid.
appended to make sure that
a record update is generated. This value was chosen as it's specifically listed
in RFC2606 for this purpose.
This will result in octoDNS reporting that the value is incorrect when the reality is that the number of ALIAS records is incorrect. While it is possible that both are the case this is unlikely and OctoBlox can handle this as well.
Use of Lenient Flag for Alias Records
OctoDNS has implemented a behavior of not accepting alias records for non-root
zone entries by default. To get around this provide the --lenient
flag when
dumping from InfoBlox with alias records.
When storing alias entries in YAML ensure that you add the octodns lenient entry to the record like so:
---
alias:
octodns:
lenient: true
type: ALIAS
value: www.example.com.
Alternatively you can set a zone level lenient flag like so:
---
example.com.:
octodns:
lenient: true
sources:
- yaml
targets:
- infoblox
Refer to the octoDNS entry on lenience for more information.