This plugin gets an A record from NetBox1. It uses the REST API of netbox to ask for a an IP address of a hostname:
curl https://netbox.example.org/api/ipam/ip-addresses/?dns_name=example-vm-host
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"family": {
"value": 4,
"label": "IPv4"
},
"address": "192.168.1.101/25",
"interface": {
"id": 452,
"url": "https://netbox.example.org/api/virtualization/interfaces/452/",
"virtual_machine": {
"url": "https://netbox.example.org/api/virtualization/virtual-machines/10/",
},
},
}
]
}
To activate the netbox plugin you need to compile CoreDNS with the plugin added
to plugin.cfg
netbox:github.com/oz123/coredns-netbox-plugin
The ordering of plugins in the plugin.cfg
file is important to ensure you
get the behaviour you expect when using multiple plugins in a
Corefile server block.
For example, in order to utilise the native cache plugin, ensure that you add
the netbox plugin after cache:cache
but before any plugins you want to
be able to fall-through to (eg file:file
or forward:forward
).
netbox [ZONES...] {
token TOKEN
url URL
tls CERT KEY CACERT
fallthrough [ZONES...]
}
ZONES zones that the netbox should be authoritative for.
token
TOKEN sets the API token used to authenticate against NetBox
(REQUIRED).
url
URL defines the URL netbox should query. This URL must be
specified in full as SCHEME://HOST/api/ipam/ip-addresses
(REQUIRED).
tls
is followed by:
These options set certificate verification method for the NetBox server if HTTPS is used to access the API.
ttl
DURATION defines the TTL of records returned from netbox. Default
is 1h (3600s).
timeout
DURATION defines the HTTP timeout for API requests against
NetBox. Default is 5s.
fallthrough
If a zone matches but no record can be generated, pass request
to the next plugin. If [ZONES…] is omitted, then fallthrough happens for
all zones for which the plugin is authoritative. If specific zones are listed
then only queries for those zones will be subject to fallthrough.
The config parameters token
, url
and localCacheDuration
are required.
Send all requests to NetBox:
. {
netbox {
token SuperSecretNetBoxAPIToken
url https://netbox.example.org/api/ipam/ip-addresses
}
}
Send requests within example.org
to NetBox and fall-through to the file
plugin in order to respond to unsupported record types (ie SOA
, NS
etc):
. {
netbox example.org {
token SuperSecretNetBoxAPIToken
url https://netbox.example.org/api/ipam/ip-addresses
fallthrough
}
file db.example.org
}
Handle all requests with netbox and fall-through to the forward
plugin for requests within example.org
with caching via the cache
plugin:
. {
netbox {
token SuperSecretNetBoxAPIToken
url https://netbox.example.org/api/ipam/ip-addresses
fallthrough example.org
}
forward . 1.1.1.1 1.0.0.1
cache
}
0.2 - Cleanup add IPv6 support
query.go
0.1 - Initial Naive release
You can test the plugin functionallity with CoreDNS by adding the following to
go.mod
in the source code directory of coredns.
replace github.com/oz123/coredns-netbox-plugin => <path-to-you-local-copy>/coredns-netbox-plugin
Testing against a remote instance of netbox is possible with SSH port forwarding:
Host YourHost
Hostname 10.0.0.91
ProxyJump YourJumpHost
LocalForward 18443 192.168.1.128:8443
This plugin is heavily based on the code of the redis-plugin for CoreDNS.