Service Discovery Using IPAM and DNS (16.3+)
Avi Vantage can be configured to provide automatic IP address allocation for virtual services and to provide authoritative DNS resolution for their virtual IP addresses. Use this article to learn:
- What IPAM and DNS providers are supported
- What IPAM and/or DNS provider choices exist, on a per-cloud-type basis
- General configuration workflow
- Provider-specific IPAM/DNS profile configuration
- How to use these profiles in a virtual service configuration
Note: Starting with Avi Vantage version 20.1.3, GCP IPAM on GCP is not supported.
IPAM and DNS Provider Support Matrix
This table lists all supported providers and what kind of services are accepted from them:
| Provider | DNS | IPAM | IPAM+DNS simultaneously |
|---|---|---|---|
| Avi Vantage | Yes | Yes | Yes |
| Amazon Web Services (AWS) | No | Yes | No |
| Google Cloud Platform (GCP) | No | Yes | No |
| Infoblox | No | No | Yes |
| OpenStack | No | Yes | No |
Specifically,
- If Avi Vantage is the chosen provider, the Avi Vantage user has the option to use IPAM, DNS, or both simultaneously
- If Infoblox is the chosen provider, both IPAM and DNS profiles must use Infoblox
- In AWS, GCP, and OpenStack environments, you can use the respective cloud-native IPAM services
IPAM/DNS Support for Cloud Infrastructure
This table lists the IPAM and DNS provider support available for each type of cloud (infrastructure) configured in Avi Vantage:
| Provider => | Infoblox | Avi Vantage Internal | Cloud-native | ||
|---|---|---|---|---|---|
| Cloud Infrastructure | IPAM+DNS | IPAM | DNS | IPAM | DNS |
| VMware vCenter | Yes | Yes | Yes | N/A | N/A |
| OpenStack | No | No | Yes | Yes (default) | N/A (not used) |
| Amazon Web Services | No | No | Yes | Yes (default) | Yes (default) |
| Google Cloud Platform | No | No | Yes | Yes | No |
| Containers (Mesos/Kubernetes/Rancher/Docker UCP) | Yes | Yes | Yes | Yes | No |
| Linux Server (bare metal) | Yes | Yes | Yes | Yes | No |
| No access | Yes | Yes | Yes | Yes | No |
For example,
- When creating virtual services in OpenStack or AWS cloud, a separate configuration for IPAM is not needed/allowed, since the cloud configuration has support for IPAM natively in Avi Vantage.
- “Default” means Avi accepts the cloud’s IPAM/DNS support without additional action on the part of the Avi Vantage admin
- Avi Vantage supports Route 53 when AWS is the cloud provider configuration in Avi.
- “Not used” means, although the cloud supports DNS, Avi Vantage does not use it
- When creating a virtual service in “Linux Server” cloud in AWS/GCP environment, you can use the cloud-native IPAM solution of AWS/GCP
- Avi Vantage DNS service can be used with all these clouds.
General Configuration Workflow
Initial configuration is common to both IPAM and DNS. This section lists the steps for configuring IPAM and DNS support. The configuration fields differ among the infrastructure types and the provider (Avi Vantage, Infoblox, AWS, GCP, and OpenStack). See the sections following this one for detailed steps.
- Navigate to Templates > Profiles.
- Click IPAM/DNS Profile.
- Click Create and select the provider:
- Internal
- Infoblox
- AWS (IPAM only)
- GCP (IPAM only)
- OpenStack (IPAM only)
- Fill in the displayed fields. (Detailed steps are provided in the sections below.)
- Click Save. The profile appears in the list.
- Navigate to Infrastructure > Clouds, and edit the cloud setting.
- Select the IPAM and DNS providers from the pull-down list. Either one or both need to be selected, based on the provider selected.
For example: if Infoblox is the IPAM provider, it must be the DNS provider as well. - (Optional) For east-west virtual services in this cloud, you need to additionally select east-west IPAM and DNS providers from the pull-down list. Either one or both can be selected.
- Click Save.
Configuring the IPAM/DNS Profiles by Provider Type
IPAM and/or DNS profiles can be configured to use the following providers:
Using IPAM/DNS in a VS Configuration
The following examples are cloud-independent.
IPAM only. With IPAM in play, selecting the Auto Allocate checkbox causes the Network for VIP Address Allocation selection box to appear. From a list of displayed networks and subnets a choice can be made; in this case, either ipam-nw1 or ipam-nw2 can be selected. From the selected network (ipam-nw1) an address for the VIP will be auto-allocated.
DNS only. With DNS in play, no list of networks is offered. Instead, one of several domains is offered. By selecting .test.avi from the list and accepting the default prefix (vs) in the Fully Qualified Domain Name field, the user is specifying vs.test.avi as the final FQDN.
IPAM and DNS. With both IPAM and DNS available, the user can both specify a network from which to auto-allocate a VIP address and the FQDN (vs.test.avi) to which it will be associated.
Note:
- If a DNS profile is configured under a cloud where the virtual service is being created, then the virtual service's IP cannot be determined from a fully qualified domain name; the user is expected to enter an IP address or select the Auto Allocate checkbox.
- In the case of Infoblox, if there is a list of usable_subnets/usable_domains configured (refer to section for Infoblox above in this article), then the dropdown will consist only of those entries. If no such configuration is found, Avi Vantage will display the entire list of available subnets/domains from Infoblox.