When you deploy a fenced service, the VMs behind the fence are segregated from the rest of your network and so do not automatically get DNS records created. Users outside the fence are still able to connect, providing you’ve allowed IN access, but only by IP address.
If you have a requirement for DNS records being created so that users can connect to fenced VMs using a name, follow the process below to create or add the steps below to your completion workflow.
In order for the procedure described in this article to function correctly, you must satisfy the following requirements:
- The DNS snap-in must be installed on the vCommander application server.
- The vCommander Service Account must be granted permission to create
and modify DNS records on the target DNS server. The easiest way to
accomplish this is to add the account to the DnsAdmins group.
- The workflow must be applied to individual components rather than services, including vApps.
Creating the Batch Files
Create the following batch files on the vCommander application
server. Embotics® recommends you use a single directory for all
executables that vCommander will call in workflows.
@echo off dnscmd.exe %1 /RecordAdd %2 %3 A %4
@echo off echo Y | dnscmd.exe %1 /RecordDelete %2 %3 A %4
Alternatively, download FencedDNS.zip here and extract it to the scripts directory on your vCommander application server.
Workflow Step – Add DNS Record
Create a new completion workflow or add the following step to an existing workflow. When you do so, replace dnsServer and domainName with the correct values for your domain.
Make sure that the Completion Workflow is applied only to those services in your catalog which are fenced.
Workflow Step – Remove DNS Record
Similarly, when decommissioning you can add the following step to
remove the DNS records in your change request approval workflow. When
you do so, replace DnsServer and domainName with the correct values for your environment.
Make sure that the Change Request Approval Workflow is applied only to the decommissioning request form(s).