boundary icon indicating copy to clipboard operation
boundary copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

Support SRV records lookups for Boundary Hosts

Open oboukili opened this issue 2 years ago • 4 comments

Some targets may benefit from DNS SRV discovery, for example headless Kubernetes services, or any SaaS vendor regularly updating the topology of their exposed headless endpoints.

The Boundary host object should support an additional attribute (address_srv ) which points at a SRV record. Before establishing the worker' tcp connection to the target, the worker should execute a DNS SRV lookup and (randomly?) choose one of the returned responses.

oboukili avatar Dec 27 '21 16:12 oboukili

Our preferred/eventual approach for Kubernetes would be to integrate directly with the service catalog, in a fashion similar to the dynamic host catalogs for AWS/Azure that came out in 0.7. Would that work for your needs?

What SaaS vendors have changing headless endpoints that require SRV lookups as opposed to A records?

jefferai avatar Jan 05 '22 15:01 jefferai

On the top of my head, I can think of MongoDB atlas.

oboukili avatar Jan 24 '22 13:01 oboukili

@hashicorp/boundary any roadmap for this feature? Getting multiple bumps from partners in EMEA. Thanks

jboero avatar May 19 '23 10:05 jboero

MongoDB Atlas still uses this method for private link connected clusters. I just had to pull the plug when I learned Boundary doesn't support this and open up the private links my the entire corporate network. That's the last thing I wanted to do and is what Boundary let's me prevent for our other databases.

Please, please, please support this!

tylersmith34 avatar Mar 26 '24 21:03 tylersmith34