Comment 5 for bug 1804057

I think we could have this debate for a while about the work/changes involved. This is a pain point for every cloud handover to bootstack. the customer tests DNS with one set of bind IPs with Field Engineering, then Bootstack redeploys getting new bind IPs (without Dmitrii's workaround subnet).

Work required sometimes spans many groups and many services, though. You've got corporate DNS which is controlled outside the juju model, you've potentially got internic/whois records, if it's a public cloud which take X hours/days to update, you've got firewalls/ACLs to reconfigure, and you have to bounce neutron-gateway/n-ovs for dhcp-agent dns-server updates for dnsmasq. All of these are risks when what may have happened was a box hosting a bind server died and needed to be rebuilt.

I take the point of not wanting to add more ip management in the charm, but right now, DNS is brittle without statically assignable IPs, as it is the one service that can't be referenced by external name records.

Another solution is to deploy KVMs with static IPs on the infra nodes for bind, but that would require those VMs to be able to be deployable within two zones (which maas pods don't do).

I think the issue is less work-effort, and more about time to restore service based on the different things that plug into DNS that have to be reconfigured and aren't under the control of the cloud operator.