 Can you guys hear me? Okay, if you intend to follow the demo, please come and grab a USB key. There's a VM, a background file in one of the folders. And the other folder has background and virtual box installers for the different platforms, okay? So at the top, at the root in the USB key, you're going to see the two folders, one with the background file and the VM, and the other with installers for your platform for background and virtual box. And I'm afraid we run out of keys, so if you can, if you can pass them around once you're finished installing. And essentially what you need to do is from the USB copy the two folders to your laptop. And in one of those folders, you're going to find the installers for virtual box and background for your platform. And in the other folder, you're going to find the VM and the background file that you need to start the demonstration. So I'm going to give everybody five minutes to get ready. And since we only have 40 minutes, I'm going to start in exactly five minutes, okay? So if you need assistance with the VM, installing the VM, please raise your hand. There's three or four people in the room that can assist you, okay? So to the people in the last row, is that a good size for the terminal? Can you read the perfect? No, we are out of keys, but we are going to be passing them around. And essentially once you have the VM and the virtual box and background installed, you just need to change the directory to where you put the VM and the background file and do background up and background SSH. And it's going to send you into the SSH to the VM. And you're ready to go. Essentially you should get something like this, okay? Thank you. One more key here. So again, in that USB key, there's two folders, one with the VM and the background file and the other with the virtual box and background installers for the different platforms, for windows, mac, linux. One USB key here available. Here you go. Again, if you need help with the VM, raise your hand and there's people around here who will be able to help you. So okay, let's get going. Again, if you need help installing the VM and the background and virtual box, raise your hands and James and the other group of people will go around and help you. This is the agenda for today. And essentially, we're going to cover the three use cases that were implemented in this integration between Nova, Neutral, and Designate. And those three cases are shown there. I'm really not going to go over the slides themselves a lot. I'm just going to show you the agenda. We're going to review some two or three slides and then we are going to be showing how this thing works in the VM. That's why it's important for you to have the VM. And essentially, the first thing that I would like you to do is if you are ready, create an instance. And these are the commands that you need to execute, essentially. You need to export to the environment the credentials to access the OpenStack APIs. Do a Neutral List. In that Neutral List, so essentially you do also OpenRC User 1. Once you do that, please do a Neutral List. You're going to see that that user has three networks. For this first example, we're going to use Tenant1 Network. So essentially, you need to do a boot command. You need to specify the image, the flavor, and the network that you're going to be using for this boot. And as you can see, the VM starts really, really quickly. So again, those are the commands. Essentially, you're pulling out of Nova the information. You need to boot the instance. And then you're booting the instance using the Network1 Network. I think we need some help with the VM on this side of the room. So what we did during Mitaka, during this pass cycle, essentially was, in reality, was very simple. We added attributes to three neutral resources. We added attributes to ports. And essentially what we did is that in Mitaka now, ports have a new attribute associated to them, which is the DNS name attribute. And essentially what you do with that attribute is that you assign a valid DNS label to your ports. We also added an attribute named DNS Domain to your networks. So with a combination of ports, DNS name plus a network DNS domain, essentially we take that information, we put it together, and we push it to the external DNS service. And in this case, in this example, the external DNS service being designated. And the third attribute, the third neutral resource where we added attribute was floating IPs. And in the case of floating IPs, we added both a DNS name and a DNS domain attribute to floating IPs. And with those two together, again, we put them together and we push the information to the external DNS service based on how you configure the integration between neutral and designated. So the first example, the first use case that we implemented was one in which we create a port, and then when we associate a floating IP to that port, the ports, DNS name and the network's DNS domain are going to be pushed to the external DNS service with the floating IP address that was associated to that port. Okay? So the picture looks a little bit like this. And here I'm showing the complete integration between Nova, Neutron and Designate because on top of adding attributes to Neutron, to Neutron resources, the other thing that we modified was the way that Nova allocates network resources to instances. And essentially what we did is that when Nova is creating an instance and it's allocating network resources for the instance, it's going to use the instance's host name and it's going to assign that host name to the ports associated to that instance, the ports that are created by Nova for that instance. It's important to mention that when we say the instance's host name is not the same thing as the instance's display name. The instance's host name is a sanitized version of the name that the user gave to the instance to the instance's display name. It's a sanitized version, sanitized to be useful as a valid DNS label. So essentially what happens is that Nova creates a VM. During the VM creation, Nova creates a port and associates the instance's host name to the DNS name of the ports being created. So in the middle of the slide, what we essentially are seeing is the result of that port creation. And as you can see, the port gets a DNS name with the sanitized version of the VM highlighted in red. And then the port has a new attribute also called DNS assignment, which essentially shows the DNS characteristics of that port. And those characteristics being the host name, the IP address associated to that host name, and the fully qualified domain name, which is the instances plus... the instance's host name plus the domain name. So let's find out... So let's put... Now a list. So let's look at our instance that it's active and running. So let's find the port associated to that instance by Nova. Let's do a port list, filtering by the instance's device ID. And now let's do a port show for that port. And as you can see, we actually got the DNS name attribute associated to that port by Nova, and we got the DNS assignment. So now let's create a floating IP with that port. We are going to associate to that floating IP the port that we just created. And we just created the floating IP. Shoot, I forgot a step, which is for the network. Let's delete that floating IP. So in order to push the DNS information to designate, to the external DNS service, what you need is that the port has a DNS name attribute associated to it, and also you need that network that port is running on. It needs a DNS domain associated to it. So that's a step that we didn't do. So let's do it again. So let's do net update. We're going to take the network that we are using for that instance, and we are going to associate a DNS domain to that network. And the example we are using is mydomain.org. So the network was associated. Another step that you need to take, obviously the domain needs to exist already in the external DNS service. So you would need to type something like that, open the stack zone, create your email address, and the name of the domain. My-domain.org. In my case, I already did that, so that's already configured in designate. So the very next step would be to create the floating IP with the port associated to it. What happens when you forget a step in a live demo? So we are going to attempt our boot again. So our instance is up and running. Let's find the port that was associated to it. Let's create a floating IP. And then we should do a record set list. And as you can see, the floating IP information was pushed to the external DNS service with the DNS name and DNS domain associated to the port and the network that we use for the instance. Are you guys being able to follow the thing in your VMs? Okay, perfect. So that's use case number one. In use case number one, we want the DNS information to be associated with the port and the VM. Whereas in use case number two, we want the DNS information to be associated with the floating IP. With the idea that you publish that information in the external DNS service, and then you can change VMs. It doesn't matter what VM you're using. You're going to preserve the same DNS information in the external DNS service. So let's do that. Let's create a floating IP. And in this case, we are not going to specify a port ID, right? Because now the DNS information belongs to the floating IP. I forgot. But in the floating IP creation, we are going to specify a DNS name. And let's call it myfip and dnsdomain.org. As you can see now, the floating IP shows that it has DNS attributes associated with it. The DNS name and the DNS domain. And we should see that information in the external DNS service. We created a new record for that floating IP. The other thing that we are creating also is we are creating PTR records, reverse lookup records in the external DNS service for you every time we create that. So essentially, let's open another terminal. Begrant SSH. Is that good enough? In this case, what we are going to do is to sign in as admin. Okay? And once we do that, let's do an open stack sound list. And as you can see, we are creating reverse lookup sounds for you. Specifically for the floating IP, it's the 255 sound. The last row in that table, it's the sounds that we are creating for you. Those sounds are created by the integration. You don't need to create them, okay? And it's configurable whether you want PTR records or not. You can say, I don't want reverse lookup. In that case, these sounds and records are not created for you. And the idea here is that the PTR records go under an admin user, an admin tenant, an admin project, and that's where we are creating the PTR records for you. So let's take a look at open stack record set list. Let's look at this specific sound. And as you can see, there you have the reverse lookup records, the PTR records for the two floating IPs that we created. The floating IP associated to the instance and the floating IP that we created on its own. Finally, there's a third use case, and that use case is where you want the port and the port's DNS name and the port's DNS domain, the network's DNS domain associated to that port to be published directly to the external DNS service without the need to associate a floating IP. And this use case is one where you have a network, a provided network, wiring your deployment in such a way that you are routing those ports directly to the outside. So in that case, you may be interested in publishing the DNS name and the DNS domain associated to the port and the network directly to the external DNS service. For that to happen, you need to create a network. It can be a flat network, it can be a VLAN network, or it can be any of the tunnel-type networks, VX, LAN, and GRE. The only condition is that the segmentation ID associated to those networks has to be outside the range of the tenant networks. So if you enable the integration between neutron and designate, and you create a network with a segmentation ID outside the ranges assigned to the tenant networks, the integration is going to assume that you want to publish that information to the external DNS service and it's going to push that information to designate. Does that make sense? So let's run an example. In your... So to create such a network, we need admin privileges, so please source, do the following command, openrc.admin, and we are going to create a network outside the... In this example, this is a simple example. I'm using VXLANs. That's what it's configuring in your VM. So I'm going to create a VXLAN with a segmentation ID outside the range associated to tenant networks. In this example VM, we assign the range from 1,000 to 2,000 for tenant networks, and we are going to create a network outside that range. I'm saying create type VXLAN, segmentation ID 2016, and it's going to have the DNS domain, mydomain.org, and I'm calling that network public, okay? I'm also associating two subnets to that network, one IPv4 subnet, and one IPv6 subnet. So after executing both commands, you should have something like this under your user1 user. As you can see, there's a public network with IPv4 and IPv6 ranges. So let's create a variable with the ID of that network, and let's put an instance. I'm going to call it otherVM. So our otherVM seems to be working fine, let's see. Yep, as you can see, we created for you the IPv4 record and the IPv6 record in the mydomain.org, and we also created the PTR records for you. So there you can see the PTR record for the IPv4 address, and a similar thing for the IPv6 PTR record. Okay, it's the last row. As you can see, the record is active. So how do you configure this thing? So let's go to the... The slides really walk you through the commands that we have executed and shows you the different use cases. What I want to spend some time with you is how do you configure the... How do you configure the integration between Neutron and Designate? So the first thing you need to do, in Neutron.conf you need to do essentially three things. You need to configure a DNS domain. DNS domain is a configuration parameter that exists in Neutron prior to developing this integration. Its default value is OpenStackLocal. Essentially, if you want to enable the integration part between Neutron and Designate, you need to change that DNS domain parameter to something other than OpenStackLocal, whatever you want. And that way you are signaling that you want to enable OpenStackLocal, the integration with DNS. You also need to specify the external DNS driver, and in this case we are using Designate. And this is important. The way we implemented this, we implemented this as a pluggable driver, and we Designate being the reference implementation. We essentially defined a common API for the external DNS driver API. So with the idea that in the near future other people are going to be implementing other drivers for external DNS services. For the timing, the only reference implementation is Designate. And there is a Designate section in Neutron.conf where you specify the URL of Designate. This is specific for Designate. The admin credentials that you want to use remember that we use an admin user to create the PTR zones and the PTR records. Those are created for you. And finally, we specify whether we want a reverse DNS lookup or not. If that variable is set to false, you are not going to find the PTR records. They are not going to be created. And the IPv4 and IPv6, the last two parameters essentially specify the sound prefix size for the reverse lookup records. For both IPv4 and IPv6. The other thing where you need to change something is in the ML2 plugin configuration file. And essentially there is a parameter extension driver that allows you to configure the DNS extension driver and other ML2 extension drivers. In this case, we only have DNS configured, but if you regularly run a DevStack and configure DevStack with Neutron, you will find that, for example, DevStack configures port security also in that extension. And those are the knobs, those are the parameters that you need to play with to configure the integration between Nova, Neutron, and Designate. All this information is contained in the slide set, in the presentation. And the other thing that is important to mention is that we did our best to document this. So we added a chapter to the OpenStack networking guide and all this information is explained in detail, each use case is explained in detail in that networking guide. The last thing that I want to mention in this presentation, the very last thing I want to mention is some performance consideration, and this is for use case number three. That use case where you publish the port and the port information directly to the external DNS service. And in that case, if in Neutron, the port binding extension is configured, when you create the instance, Nova is going to execute one additional port update operation on each port associated to the instance. Okay? Therefore, before adopting this use case widely in your deployment, please make sure that you take this into consideration and see what the impact might be in your instance boots times and expected performance. In the testing we have done, it's really not significant, but that changes from SLA to SLA, so make sure that you take that into consideration. And again, this is mentioned in the documentation that we created for this. So I think we are right at time. So if you have any questions, I'll stay here for as long as you guys need. Come to the front and I'll try to answer all your questions. Thank you so much.