When you deploy a fenced service, the VMs behind the fence are segregated from the rest of your network and so do not automatically get DNS records created. Users outside the fence are still able to connect, providing you’ve allowed IN access, but only by IP address. 


If you have a requirement for DNS records being created so that users can connect to fenced VMs using a name, follow the process below to create or add the steps below to your completion workflow.


Requirements


In order for the procedure described in this article to function correctly, you must satisfy the following requirements:

  1. ​The DNS snap-in must be installed on the vCommander application server.

  2. The vCommander Service Account must be granted permission to create and modify DNS records on the target DNS server. The easiest way to accomplish this is to add the account to the DnsAdmins​ group.

  3. The workflow must be applied to individual components rather than services, including vApps.
 

Creating the Batch Files


Create the following batch files on the vCommander application server. Embotics® recommends you use a single directory for all executables that vCommander will call in workflows.

Add_DNS.bat

 

@echo off
dnscmd.exe %1 /RecordAdd %2 %3 A %4

 

Remove_DNS.bat

 

@echo off
echo Y | dnscmd.exe %1 /RecordDelete %2 %3 A %4

 


Alternatively, download FencedDNS.zip here and extract it to the scripts directory on your vCommander application server.

Workflow Step – Add DNS Record


Create a new completion workflow or add the following step to an existing workflow. When you do so, replace dnsServer and domainName with the correct values for your domain.




Make sure that the Completion Workflow is applied only to those services in your catalog which are fenced.


Workflow Step – Remove DNS Record


Similarly, when decommissioning you can add the following step to remove the DNS records in your change request approval workflow. When you do so, replace DnsServer and domainName with the correct values for your environment.



Make sure that the Change Request Approval Workflow is applied only to the decommissioning request form(s).