patch0
commented
7 years ago The tinydns backend works fine, thought it does involve installing tinydns on the machine to compile the DNS snippets in to the cdb format. This is no longer available for stretch (though we could build it), and if we did that, we might as well just use TinyDNS to serve everything up!
I think this can be stalled pending a redesign of the Bytemark content DNS servers.
Currently, symbiosis generates tinydns-data records and, when within bytemark, uploads them to upload.ns.bytemark.co.uk for DNS to be served. This works fine for us, but is less useful for domains that aren't Bytemark DNS, or machines running symbiosis outside of Bytemark's network.
It should be possible to set a flag that signals "run an authoritative nameserver with my DNS data". This could just be tinydns, or alternatively, we could use powerdns with the tinydns-data backend.
The latter would allow the VM to distribute its records to other nameservers (as a master, via AXFR) for redundancy; and we could also enable DNSSEC functionality this way, by way of pdnssec integration.