区域导入和导出

概述

可以使用区域导入和导出 API 将区域导入到 Designate 并序列化导出。使用 区域文件格式 以及这些 API,您可以批量创建区域和记录集,并轻松地从 Designate 导出区域数据。

导出区域

您可以使用 zone export create 子命令从 Designate 导出区域文件,然后使用 zone export showfile 访问导出的区域文件。

例如,使用 openstack recordset list 查看您想要导出的区域的记录

$ openstack recordset list example.org.
+--------------------------------------+------------------+------+---------------------------------------------------------------------+--------+--------+
| id                                   | name             | type | records                                                             | status | action |
+--------------------------------------+------------------+------+---------------------------------------------------------------------+--------+--------+
| b4dfeb36-c4ae-4399-9493-6e6997099356 | example.org.     | NS   | ns1.example.org.                                                    | ACTIVE | NONE   |
| e9e3b31f-8aef-465f-9380-e3380191f8bd | example.org.     | SOA  | ns1.example.org. admin.example.org. 1624414033 3583 600 86400 3600  | ACTIVE | NONE   |
| 09407eaa-1fac-4257-b9e1-11d693bc1eae | www.example.org. | A    | 192.0.2.2                                                           | ACTIVE | NONE   |
|                                      |                  |      | 192.0.2.1                                                           |        |        |
+--------------------------------------+------------------+------+---------------------------------------------------------------------+--------+--------+

使用 openstack zone export create 命令,导出 example.org.

$ openstack zone export create example.org.
+------------+--------------------------------------+
| Field      | Value                                |
+------------+--------------------------------------+
| created_at | 2021-06-23T02:01:30.000000           |
| id         | e75aef2c-b562-4cd9-a426-4a73f6cb82be |
| location   | None                                 |
| message    | None                                 |
| project_id | cf5a8f5cc5834d2dacd1d54cd0a354b7     |
| status     | PENDING                              |
| updated_at | None                                 |
| version    | 1                                    |
| zone_id    | d8f81db6-937b-4388-bfb3-ba620e6c09fb |
+------------+--------------------------------------+

您可以使用 zone export showfile 访问区域文件的内容。使用 -f value 参数将打印区域文件的内容,而没有任何制表符,如果您想在本地修改导出的区域文件,然后将其导入回 Designate 以更新区域,这将非常有用。

$ openstack zone export showfile e75aef2c-b562-4cd9-a426-4a73f6cb82be -f value
$ORIGIN example.org.
$TTL 3600

example.org.  IN NS ns1.example.org.
example.org.  IN SOA ns1.example.org. admin.example.org. 1624414033 3583 600 86400 3600

www.example.org.  IN A 192.0.2.2
www.example.org.  IN A 192.0.2.1

默认情况下,区域导出文件将在访问时按需创建,因此,随着您向区域添加新的记录集,区域导出文件的内容将被更新

$ openstack recordset create example.org. test --type A --record 192.0.2.100
+-------------+--------------------------------------+
| Field       | Value                                |
+-------------+--------------------------------------+
| action      | CREATE                               |
| created_at  | 2021-06-23T02:35:06.000000           |
| description | None                                 |
| id          | aa27ccd8-77b1-41df-a3ed-2129259b334a |
| name        | test.example.org.                    |
| project_id  | cf5a8f5cc5834d2dacd1d54cd0a354b7     |
| records     | 192.0.2.100                          |
| status      | PENDING                              |
| ttl         | None                                 |
| type        | A                                    |
| updated_at  | None                                 |
| version     | 1                                    |
| zone_id     | d8f81db6-937b-4388-bfb3-ba620e6c09fb |
| zone_name   | example.org.                         |
+-------------+--------------------------------------+
$ openstack zone export showfile e75aef2c-b562-4cd9-a426-4a73f6cb82be -f value
$ORIGIN example.org.
$TTL 3600

example.org.  IN NS ns1.example.org.
example.org.  IN SOA ns1.example.org. admin.example.org. 1624415706 3583 600 86400 3600
www.example.org.  IN A 192.0.2.2
www.example.org.  IN A 192.0.2.1
test.example.org.  IN A 192.0.2.100

区域导出内部机制

创建的区域导出资源不包含区域文件数据,而是保存了该数据的位置,因为 Designate 可以由操作员配置为将区域导出存储在外部服务中。默认情况下,区域导出文件的位置位于 Designate 内部,并使用 Designate 协议 designate://。在这种情况下,区域文件数据将在使用 zone export showfile 时按需生成。您可以使用 zone export show 查看区域文件数据的 URI 位置

$ openstack zone export show e75aef2c-b562-4cd9-a426-4a73f6cb82be
+------------+--------------------------------------------------------------------------------+
| Field      | Value                                                                          |
+------------+--------------------------------------------------------------------------------+
| created_at | 2021-06-23T02:01:30.000000                                                     |
| id         | e75aef2c-b562-4cd9-a426-4a73f6cb82be                                           |
| location   | designate://v2/zones/tasks/exports/e75aef2c-b562-4cd9-a426-4a73f6cb82be/export |
| message    | None                                                                           |
| project_id | cf5a8f5cc5834d2dacd1d54cd0a354b7                                               |
| status     | COMPLETE                                                                       |
| updated_at | 2021-06-23T02:01:30.000000                                                     |
| version    | 2                                                                              |
| zone_id    | d8f81db6-937b-4388-bfb3-ba620e6c09fb                                           |
+------------+--------------------------------------------------------------------------------+

区域导入

您可以通过将区域及其所有记录集放入使用 区域文件格式 的文件中,然后调用 openstack zone import create 来导入区域和所有记录集

$ cat zone_file
$ORIGIN example.org.
$TTL 3600

example.org.  IN NS ns1.example.org.
example.org.  IN SOA ns1.example.org. admin.example.org. 1624415706 3583 600 86400 3600
www.example.org.  IN A 192.0.2.2
www.example.org.  IN A 192.0.2.1
test.example.org.  IN A 192.0.2.100

$ openstack zone import create zone_file
+------------+--------------------------------------+
| Field      | Value                                |
+------------+--------------------------------------+
| created_at | 2021-06-24T03:39:58.000000           |
| id         | 6140580d-c72a-4f07-82ab-908da979a9a3 |
| message    | None                                 |
| project_id | cf5a8f5cc5834d2dacd1d54cd0a354b7     |
| status     | PENDING                              |
| updated_at | None                                 |
| version    | 1                                    |
| zone_id    | None                                 |
+------------+--------------------------------------+

您现在可以在 Designate 中查看该区域

$ openstack recordset list example.org.
+--------------------------------------+-------------------+------+---------------------------------------------------------------------+--------+--------+
| id                                   | name              | type | records                                                             | status | action |
+--------------------------------------+-------------------+------+---------------------------------------------------------------------+--------+--------+
| 3d9e96c2-da27-4c5b-9b2b-c1b44a58c1e5 | www.example.org.  | A    | 192.0.2.2                                                           | ACTIVE | NONE   |
|                                      |                   |      | 192.0.2.1                                                           |        |        |
| 541bac15-18da-411f-a8e5-8ccecb65ae1f | example.org.      | SOA  | ns1.example.org. admin.example.org. 1624415706 3541 600 86400 3600  | ACTIVE | NONE   |
| a643b088-6052-49c0-81f7-6ade6682d9a3 | example.org.      | NS   | ns1.example.org.                                                    | ACTIVE | NONE   |
| f97274f1-e062-4f59-8ec0-11bccd830547 | test.example.org. | A    | 192.0.2.100                                                         | ACTIVE | NONE   |
+--------------------------------------+-------------------+------+---------------------------------------------------------------------+--------+--------+

您不能使用区域导入来更新区域或在已存在区域中创建记录。导入已存在的区域将导致错误,并且不会创建或修改任何记录。

$ echo "new.example.org. IN A 192.0.2.101" >> zone_file
$ openstack zone import create zone_file
+------------+--------------------------------------+
| Field      | Value                                |
+------------+--------------------------------------+
| created_at | 2021-06-24T03:40:28.000000           |
| id         | 50516762-23ec-4bf3-a065-530171c5d0fb |
| message    | None                                 |
| project_id | cf5a8f5cc5834d2dacd1d54cd0a354b7     |
| status     | PENDING                              |
| updated_at | None                                 |
| version    | 1                                    |
| zone_id    | None                                 |
+------------+--------------------------------------+
$ openstack zone import show 50516762-23ec-4bf3-a065-530171c5d0fb
+------------+--------------------------------------+
| Field      | Value                                |
+------------+--------------------------------------+
| created_at | 2021-06-24T03:40:28.000000           |
| id         | 50516762-23ec-4bf3-a065-530171c5d0fb |
| message    | An undefined error occurred.         |
| project_id | cf5a8f5cc5834d2dacd1d54cd0a354b7     |
| status     | ERROR                                |
| updated_at | 2021-06-24T03:40:28.000000           |
| version    | 2                                    |
| zone_id    | None                                 |
+------------+--------------------------------------+
$ openstack recordset list example.org.
+--------------------------------------+-------------------+------+---------------------------------------------------------------------+--------+--------+
| id                                   | name              | type | records                                                             | status | action |
+--------------------------------------+-------------------+------+---------------------------------------------------------------------+--------+--------+
| 3d9e96c2-da27-4c5b-9b2b-c1b44a58c1e5 | www.example.org.  | A    | 192.0.2.2                                                           | ACTIVE | NONE   |
|                                      |                   |      | 192.0.2.1                                                           |        |        |
| 541bac15-18da-411f-a8e5-8ccecb65ae1f | example.org.      | SOA  | ns1.example.org. admin.example.org. 1624415706 3541 600 86400 3600  | ACTIVE | NONE   |
| a643b088-6052-49c0-81f7-6ade6682d9a3 | example.org.      | NS   | ns1.example.org.                                                    | ACTIVE | NONE   |
| f97274f1-e062-4f59-8ec0-11bccd830547 | test.example.org. | A    | 192.0.2.100                                                         | ACTIVE | NONE   |
+--------------------------------------+-------------------+------+---------------------------------------------------------------------+--------+--------+

您必须使用区域文件中的 TTL 语句设置区域 TTL。为区域创建的 SOA 记录可能与区域文件中的值不匹配,因为某些值取决于 Designate 配置选项

  • MNAME 使用分配给区域的池信息设置。

  • 刷新值在 default_soa_refresh_mindefault_soa_refresh_max 配置值之间随机设置。

  • 最小值设置为 soa_default_minimum 配置值。

区域的 NS 记录基于分配给区域的池生成。其他 NS 记录在导入时不做修改。

例如,以下区域文件使用 test.example.org. 作为其 nameserver,并为其区域 TTL、刷新、最小值和过期提供自己的值。刷新和最小值将在导入时被丢弃,并且 nameserver 将更改为池的 nameserver,即 ns1.example.org.

$ cat zone_file
$ORIGIN example.org.
$TTL 3000

example.org.  IN NS test.example.org.
example.org.  IN SOA test.example.org. admin.example.org. 1624415706 9000 500 86000 5000
www.example.org.  IN A 192.0.2.2
test.example.org.  IN NS test.example.org.
$ openstack zone import create zone_file
+------------+--------------------------------------+
| Field      | Value                                |
+------------+--------------------------------------+
| created_at | 2021-06-25T07:07:41.000000           |
| id         | ccd0af00-aa5f-43e0-a57d-67cfa2f3738e |
| message    | None                                 |
| project_id | cf5a8f5cc5834d2dacd1d54cd0a354b7     |
| status     | PENDING                              |
| updated_at | None                                 |
| version    | 1                                    |
| zone_id    | None                                 |
+------------+--------------------------------------+
$ openstack recordset list example.org.
+--------------------------------------+-------------------+------+---------------------------------------------------------------------+--------+--------+
| id                                   | name              | type | records                                                             | status | action |
+--------------------------------------+-------------------+------+---------------------------------------------------------------------+--------+--------+
| 35143297-5268-4bc9-80bb-9d2d12c609e0 | example.org.      | SOA  | ns1.example.org. admin.example.org. 1624415706 3582 500 86000 3600  | ACTIVE | NONE   |
| 3532dee3-effc-4aac-b5c4-90b6e2ad20e0 | test.example.org. | NS   | test.example.org.                                                   | ACTIVE | NONE   |
| bef04729-f49e-4920-83b6-2ef9b620fa9d | example.org.      | NS   | ns1.example.org.                                                    | ACTIVE | NONE   |
| c290d79a-6583-4666-a6f7-d4b967f67d79 | www.example.org.  | A    | 192.0.2.2                                                           | ACTIVE | NONE   |
+--------------------------------------+-------------------+------+---------------------------------------------------------------------+--------+--------+