Home

Awesome

OctoBlox

Infoblox provider for octoDNS

CI MIT PyPI Python Downloads Code style: black

OctoBlox provides the glue for enterprise migration to GitOps with Infoblox.

Installation

pip install octoblox

Configure

providers:
  infoblox:
    class: octoblox.InfoBloxProvider
    endpoint: infoblox.example.com
    username: admin
    password: env/INFOBLOX_PASSWORD
    # verify: ./infoblox.pem
    # apiver: 1.0
    # dns_view: default
    # log_change: true
    # alias_types:
    #   - A
    #   - AAAA
    #   - TXT
    # create_zones: true
    # new_zone_fields:
    #   grid_primary:
    #     - name: infoblox.example.com
    #   ns_group: default
    #   restart_if_needed: true
    #   soa_default_ttl: 3600
    #   view: default
    #   use_grid_zone_timer: true
  delegated:
    class: octoblox.DelegatedProvider
    endpoint: infoblox.example.com
    username: admin
    password: env/INFOBLOX_PASSWORD
    # verify: ./infoblox.pem
    # apiver: 1.0
    # dns_view: default
    # log_change: true
    # create_zones: true
    # new_zone_fields:
    #   delegate_to:
    #     - name: ns1.delegated.example.com
    #       address: 1.1.1.1
    #     - name: ns2.delegated.example.com
    #       address: 8.8.8.8
    #   ns_group: default
    #   view: default

Alias Record Update Behaviour

Infoblox allows for an alias record per DNS record type. By default OctoBlox will ensure both A and AAAA records are created. This can be changed using the alias_types parameter.

In the event that too many or not enough record types exist for a single record, the discovered target value will have invalid. appended to make sure that a record update is generated. This value was chosen as it's specifically listed in RFC2606 for this purpose.

This will result in octoDNS reporting that the value is incorrect when the reality is that the number of ALIAS records is incorrect. While it is possible that both are the case this is unlikely and OctoBlox can handle this as well.

Use of Lenient Flag for Alias Records

OctoDNS has implemented a behavior of not accepting alias records for non-root zone entries by default. To get around this provide the --lenient flag when dumping from InfoBlox with alias records.

When storing alias entries in YAML ensure that you add the octodns lenient entry to the record like so:

---
alias:
  octodns:
    lenient: true
  type: ALIAS
  value: www.example.com.

Alternatively you can set a zone level lenient flag like so:

---
example.com.:
    octodns:
      lenient: true
    sources:
    - yaml
    targets:
    - infoblox

Refer to the octoDNS entry on lenience for more information.