Table of Contents

Introduction 3

Common Networking Challenges in Cloud Environments 3

Limitations in Other Infoblox Solutions 3

Solution 3

Cloud Platform Appliance 4

Cloud Network Automation 4

Deployment 4

Prerequisites 5

Architecture 6

Deployment Instructions 6

Setup Details 6

Grid Master 8

Add Cloud Platform Members 13

Cloud API User 18

Extensible Attributes 21

Delegating Authority 21

Create Network View 22

Create Network 23

Create DNS Zone 26

Assign Name Server for Reverse Mapping Zone 29

Delegate Authority for Network View 32

Create Host Record in Delegated Network and Zone 35

Use Cases 39

Locally Survivable Solution Within a Data Center 40

Scalable Solution for API Calls and DDI Services 42

Multi-tenant Solution 42

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
1
 Proxy API Requests 47

Multiple Primary Name Servers 53

Create DNS Zone with Multiple Primaries 53

Create DNS Records Using Multiple Primaries 57

UI Support for Delegated Objects 60

Create Host Record 61

Create Fixed Address 65

Enhanced User Interface for Cloud Visibility 68

Cloud Dashboard and Report 70

Limitations 73

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
2
Introduction
As organizations continue to expand deployment of infrastructure and applications in public and private clouds,
visibility and automation of these environments is vital. Infoblox Cloud Network Automation and Cloud Platform
Appliances provide simplicity of deployment, ease of management, increased visibility, and a rich set of APIs
for automation of hybrid cloud environments.

Common Networking Challenges in Cloud Environments

When migrating to public and private clouds, IT professionals face a wide range of challenges.

● Network configuration for virtual machines (VMs) is time consuming and slows down rollout: It
takes administrators hours or sometimes days to provision networks and IP addresses for VMs, virtual
networks, and other cloud workloads, making it difficult to provide self-service style cloud services at a
fast pace. Manual provisioning and reclamation is cumbersome and error prone, leading to a sprawl of
unused IP addresses and DNS records.
● Solutions lack visibility and auditing capability for IP addresses and DNS records for VMs: IT
teams need to know which IP addresses and DNS records are assigned to which resources at any
point in time for security and auditing purposes.
● IT teams lack consistent and centralized IP address and DNS management: Without centralized
management across the IT infrastructure (multiple data centers, physical, virtual, and cloud), VM and
network management gets more time consuming and expensive and can lead to configuration errors.
● Cloud orchestration platforms for native DDI services are incomplete and unreliable: Existing
orchestration solutions provide only basic cloud network automation capabilities. They most often lack
high availability, have no central view of DHCP lease information across multiple DHCP servers, and
provide very limited DNS and IPAM capability.
● Lack of multi-cloud and hybrid cloud correlation: Virtually every enterprise has a combination of
platforms ranging from traditional physical networks to public cloud (such as AWS, GCP, or Azure) to
private cloud (such as Nutanix, OpenStack, or VMware) to supported hypervisors (such as VMware
ESXi, Microsoft Hyper-V, Nutanix AHV, or KVM). Without a consolidated view across all of the different
platforms, IT teams struggle with correlating multiple disparate tools which leads to increased errors
and incomplete, out-of-date information.
Limitations in Other Infoblox Solutions
● Lack of local survivability for distributed data centers: By default, all API calls go to the Grid
Master in any Infoblox Grid. If there are WAN connectivity issues, spinning up of VMs and assigning
them IP addresses and DNS records may be impacted.
● Lack of scalability for API calls: API calls to the Grid Master add to its load. While multiple Grid
Master Candidates in your environment can be used to distribute REST API read only operations,
there is no capability to distribute API calls across multiple appliances when provisioning a large
number of networks and VMs.

Solution
Infoblox Cloud Network Automation enables you to support agile and dynamic next generation data centers
and hybrid cloud environments that can handle anything your business demands. You can increase business
speed, agility, and efficiency by taking charge of your core network services and security. Infoblox offers a rich
set of APIs with which you can automate core network actions across your data centers, virtualized
environments, and the cloud with Infoblox DDI. It allows you to proactively detect, isolate, and stop data
exfiltration that exploits DNS vulnerabilities with enhanced DNS security and real-time threat intelligence.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
3
To help overcome the challenges outlined above, Infoblox offers Cloud Platform (CP) Appliances and Cloud
Network Automation (CNA) Solutions.

Cloud Platform Appliance

The Infoblox Cloud Platform Appliance is a Grid member designed to accept and process WAPI (RESTful API)
requests related to cloud objects, in addition to serving DNS, DHCP, and other protocols. Cloud Platform
appliances support cloud API requests, which are a subset of the WAPI requests. You can deploy multiple
Cloud Platform Appliances within your Grid to scale the processing of API requests and/or provide redundancy
and fault tolerance across your hybrid cloud infrastructure. Infoblox Cloud Platform Appliances are designed to
support a delegation model, enabling you to segment sets of DDI data for management through specific
appliances.

Cloud Network Automation

The Infoblox Cloud Network Automation solution enables automation of IPAM (IP address management) for
physical and virtual network devices on your Cloud Management Platform (CMP) whether it is private, public, or
hybrid. Instead of manually provisioning IP addresses and DNS name spaces for network devices and
interfaces, you can use Cloud Network Automation to leverage DNS and DHCP features of the Grid to manage
your cloud networks. When your cloud consists of many servers and VMs that have multiple associated
network interfaces, manually provisioning and de-provisioning IP addresses and managing DNS and DHCP
data can become time consuming and error prone. Utilizing Cloud Network Automation can minimize human
errors by streamlining IPAM, improving visibility of your cloud networks, and maximizing the flexibility and
efficiency that virtualization offers in your cloud environment. In multi-tenant heterogeneous cloud
environments, Cloud Network Automation enables a holistic view of the network components and simplifies
their management. It makes it possible to assign tenant permissions to admin users to restrict these users to
only view objects related to a given tenant or a set of tenants. Cloud Network Automation is a software module
license that is enabled on the Grid Master.

Deployment
Cloud Management Platforms (CMPs) such as VMware vRealize Automation and OpenStack orchestrate the
provisioning of virtual machines (VMs) within the data center/private cloud. Infoblox Adapters are available for
each of these CMPs and automate IP address allocation and DNS record creation for VMs as part of the VM
provisioning process. Every time a VM is created through the CMP, this will result in a WAPI call to the Grid
Master to create Host Records or separate Fixed Address/A/PTR records using the Next Available IP function
for a given network. Similarly, when a VM is destroyed through the CMP, a WAPI call will be made to the Grid
Master to de-allocate the IP address and delete the associated DNS records. Creation of other Infoblox objects
such as networks, zones, network views, and DNS views can also be done as part of the provisioning process
or by invoking workflows through the CMP. The adapters can be configured to support overlapping networks by
specifying the use of Network Views/DNS Views when records are created. This is often used for implementing
multi-tenancy for cloud environments.

The Cloud Platform Grid Member introduces the capability to respond to WAPI calls locally within the cloud
data center or public cloud by the same member(s) that are serving protocols to that cloud environment. This
enables local survivability for record creation/deletion with the ability to centrally manage multiple data center
environments through a single Grid. Having the ability to respond to API calls through local members also
increases the scale/responsiveness of the system since APIs do not have to go back to the Grid Master to
create objects which must be synchronized to the local members. Instead, all API calls for that particular data
center can be served locally and objects created immediately.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
4
In addition to the Cloud Platform Grid Members, Infoblox provides a Cloud tab on the Grid Master to enable
administrators to view Infoblox Cloud objects in a cloud-centric fashion. For example, IP address assignments
for VMs can be filtered for particular tenants and this view can be delegated to specific tenant administrators
enabling multi-tenancy.

In this guide, we will explore use-cases for Infoblox Cloud Platform Appliances and the Cloud Network
Automation license. Details of the example deployment used throughout this guide are covered in the next
sections.

This guide focuses on deployment steps specific to utilizing features of the Cloud Platform Appliances and the
Cloud Network Automation license in private clouds, however, most use-cases and features shown here are
also applicable in your public cloud environments.

Prerequisites
The following are prerequisites for deploying, configuring, and testing the use-cases and features described in
this guide.

● A private or public cloud environment to deploy vNIOS appliances in. In this guide, we use a private
VMware cloud. It is possible to set up a similar POC environment on public clouds such as Azure,
AWS, and GCP or supported hypervisors such Hyper-V, KVM, and Nutanix AHV. For detailed
information on deploying vNIOS appliances to these platforms, refer to appliance documentation at
https://docs.infoblox.com or deployment guides at https://www.infoblox.com/resources/.
● Access to vNIOS images found on https://support.infoblox.com. For some public cloud deployments,
virtual machines or images are available directly in those platforms.
● Understanding of basic networking concepts and tools, including IP addressing, DNS and command
line/terminal applications.
● Knowledge of basic Infoblox Grid deployment and configuration. This is not strictly required, but you
will need to reference other Infoblox documentation to fill these gaps.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
5
Architecture

As shown in the diagram above, we will consider a hybrid infrastructure, consisting of a corporate data center
and two private cloud environments. Each private cloud is served by a cloud platform member deployed within
its environment. Centralized management for the Infoblox Grid is provided by the Grid Master, deployed in the
corporate data center. Additionally, the Grid Master will utilize the CNA license for visibility and automation
throughout the hybrid environment.

Deployment Instructions
This guide focuses on deployment steps specific to utilizing features of the Cloud Platform Appliances and the
Cloud Network Automation license in an environment simulating the architecture detailed in the previous
section. For details on deploying Infoblox appliances and an Infoblox Grid, which are not given in this guide,
refer to Infoblox documentation at https://docs.infoblox.com.

Setup Details
This deployment guide uses Infoblox vNIOS for VMware appliances. OVA images for vNIOS for VMware can
be downloaded from the Infoblox Support Site.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
6
For detailed instructions on deploying vNIOS for VMware appliances and available appliance models, refer to
the Installation Guide found on https://docs.infoblox.com or Deployment Guides available on Infoblox.com at
https://infoblox.com/resources.

To follow the steps in this guide, use the details in the following table to deploy the three vNIOS appliances and
a client VM to use for API calls and access to the Grid Master UI.

Note: The client VM is optional and only needed if you are unable to access the NIOS Grid Manager and APIs
directly from outside your deployment environment. Additionally, while this guide shows an Ubuntu VM, other
client types can also be used.

Virtual Machine OS/Version Model IP Address

Grid Master NIOS 8.5.0 IB-V825 172.16.1.3

Cloud Platform Appliance 1 (CP1) NIOS 8.5.0 CP-V805 172.16.1.4

Cloud Platform Appliance 2 (CP2) NIOS 8.5.0 CP-V805 172.16.1.5

Client Device Ubuntu 18.04 N/A 172.16.1.101

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
7
Grid Master
First, we will add licenses and configure the Grid Master for a new Infoblox Grid.

1. Once you finish creating the Grid Master virtual appliance, power it on and access the virtual console.
2. Login with the default username: admin and password: infoblox.
3. Use the set temp_license command to install the Grid, DNS, DHCP, and NIOS Model IB-V825
licenses.

The appliance will restart after installing the NIOS Model IB-V825 license. After the appliance restarts, you can
optionally use the show license command to verify all licenses.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
8
 4. After the Grid Master restarts, log back into the CLI.
5. Enter the command set network.
6. Enter the IP address for the appliance. Press Enter.
7. Enter the netmask or press Enter to leave the default, 255.255.255.0.
8. Enter the gateway address. Press Enter.
9. Press Enter to leave the VLAN untagged.
10.When asked to Configure IPv6 network settings, enter n and press Enter.
11. When asked to Become a grid member, enter n and press Enter.
12.At the confirmation prompts, enter y and press Enter.

The appliance will restart after configuring the network settings. After the appliance restarts, you can optionally
use the show network command to verify configuration.

13.On the client device, open a web browser and navigate to the Grid Master at
https://<LAN1_IP_address>, using the IP address of your virtual appliance.
14.If prompted, accept the self-signed certificate to continue to the Grid Manager GUI.
15.Log in using the default username: admin and password: infoblox.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
9
 16.Accept the EULA and Infoblox Customer Experience Improvement Program.
17.Use the Grid Setup Wizard to Configure a Grid Master.

18.Complete the Grid Setup Wizard using the default values. If desired, you can change default values to
suit your environment. For details on configuring a new Grid, refer to Infoblox NIOS documentation at
https://docs.infoblox.com.
19.Once you have completed the wizard, agree to restart the device if prompted.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
10
 20.Once the restart is complete, log back in to the Grid Manager.
21.Navigate to the Grid → Grid Manager tab.

22.Click on the DHCP service.

23.On the DHCP service tab, select the checkbox next to your Grid Master.
24.Click on Start to start the service.

25.Click Yes in the Start Member DHCP Service dialog.

26.Repeat steps 22-25 for the DNS and NTP services.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
11
 27.Once all services are running, log back in to the Grid Master CLI using the virtual console or SSH.
28.Use the set temp_license command.
29.Enter 16 to select the Cloud Network Automation license.

30.Confirm your selection when prompted.

31.In the web browser, logout and log back in to the Grid Manager. The Cloud tab has now been added to
your Grid Manager.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
12
Add Cloud Platform Members
Next, we will add and and join the Cloud Platform members to the Grid.

1. In the Grid Manager, navigate to the Grid → Grid Manager → Members tab.

2. Click the (add button) to add a new Grid member.

3. On Step 1 of the Add Grid Member wizard, select Virtual NIOS from the Member Type dropdown.
4. Enter a name for the new member. Note: The Host Name must be a fully qualified domain name.
5. Click Next.

Warning: Cloud Platform appliances cannot serve as a Grid Master Candidate. Ensure you do NOT select the
checkbox for Master Candidate.
6. On Step 2 of the wizard, ensure Type of Network Connectivity is set to IPv4. Ensure Type of Member
is set to Standalone Member.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
13
 7. Enter the IP address for the member, referring to the table on page 7 of this guide. Enter the subnet
mask and the IP address of your gateway.
8. Click Save & Close.

9. Repeat steps 2-8 for Cloud Platform member 2. The two new members are visible in the Members tab,
showing an Offline status.

10.Next, ensure your CP appliances are powered on. Access the virtual console of CP1 and log in with the
default username and password.
11. Use the set temp_license command to install the Grid, DNS, DHCP, Cloud Platform, and NIOS Model
CP-V805 licenses.
The appliance will restart after installing the NIOS Model CP-V805 license. After the appliance restarts, you can
optionally use the show license command to verify all licenses.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
14
 12.After the CP appliance restarts, log back into the CLI.
13.Enter the command set network.
14.Enter the IP address for the appliance. Press Enter.
15.Enter the netmask or press Enter to leave the default, 255.255.255.0.
16.Enter the gateway address. Press Enter.
17.Press Enter to leave the VLAN untagged.
18.When asked to Configure IPv6 network settings, enter n and press Enter.

19.When asked to Become a grid member, enter y and press Enter.

20.Enter the LAN1 IP address of your Grid Master. Press Enter.
21.Enter the Grid name. Press Enter.
22.Enter the Grid Shared Secret. If you did not change this in the Grid setup, the default is test. Press
Enter.
23.At the confirmation prompts, enter y and press Enter to confirm.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
15
 24.The appliance will restart and attempt to contact the Grid Master.
25.From the web browser on your client device, log back in to Grid Manager.
26.Navigate to the Grid → Grid Manager → Members tab.

You can now see an entry for Cloud-API for services. This was automatically added when the Cloud Platform
member joined the Grid. The cloud API service provides the ability to automate management of IP addresses
and DNS records so your cloud environment can take full advantage of IPAM, DNS, and DHCP capabilities in
NIOS without the need for manual intervention. This cloud API service accepts and processes a subset of the

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
16
WAPI requests that are supported on the Grid Master either directly from an adapter or proxied through another
CP appliance or from the Grid Master.
27.Click on the Cloud-API service.
28.Select the checkbox for your CP1 member.
29.Click Start in the Toolbar to start the service.

30.Click Yes in the confirmation dialog.

31.Repeat steps 10-30 to join Cloud Platform appliance 2 to the Grid with its unique IP address and start
services.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
17
 32.You can also view CP members by navigating to the Cloud → Cloud Platform Members tab.

Cloud API User

To send cloud API requests, you must define admin users and their permissions in the admin group. By default,
the admin-group does not have authorization to make cloud API requests. When you install valid licenses and
configure your Grid for Cloud Network Automation, NIOS enables the cloud-api-only admin group. You can
assign admin users to this group to authorize them to send cloud API requests to your Cloud Platform
appliances. You cannot delete this admin group or create a new admin group using the same name. However,
if desired you can create additional admin groups with authorization to send cloud API requests.

1. To create a new admin user, navigate to the Administration → Administrators → Admins tab.

2. Click the (add button) to add a new admin user.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
18
 3. On Step 1 of the Add Administrator Wizard, select Local for Authentication Type.
4. Enter a Login name. For this guide, we will use cloud-admin.
5. Enter and confirm a Password. For this guide, we will use infoblox.

6. Next to Admin Group, click Select.

7. In the Admin Group Selector, click on the cloud-api-only group.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
19
 8. Back in the wizard, click Save & Close to create the user.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
20
Extensible Attributes
Prior to adding the Cloud Network Automation license to the Grid Master, the Grid contained a limited set of
predefined Extensible Attributes (EAs) used to define and track objects in the Grid.

When you enable Cloud Network Automation, NIOS installs a set of EAs specific for cloud usage. To view the
full list of EAs which are now available, navigate to the Administration → Extensible Attributes tab.

Delegating Authority
Authority delegation in Infoblox Cloud Network Automation is the ability to assign control of DNS, DHCP, and
IPAM objects in the Grid to a Cloud Platform appliance. When authority for an object is delegated to a Cloud
Platform member, the Grid Master no longer has authority over these objects or the objects within them.
Authority delegation can be explicitly assigned or inherited from parent objects. The following object types can
be explicitly delegated from the Grid Master:

● Network Views
● Network Containers (IPv4 and IPv6)
● Networks (IPv4 and IPv6)
● DHCP Ranges (IPv4 and IPv6)
● DNS Authoritative Zones, Note: DNS zones are also implicitly delegated if the assigned primary name
server is a Cloud Platform member.
Supported objects can be delegated to only one Cloud Platform member, except for DNS zones. DNS zones
can be delegated to multiple members by assigning multiple Cloud Platform members as primary name servers

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
21
for the zone. For further information on Authority Delegation, refer to Infoblox documentation at
https://docs.infoblox.com.

When a network view, network, or DNS zone is created, either the Grid Master or a Cloud Platform member
can be authoritative for that object to avoid conflicts. The object can be created on the Grid Master and then
delegated to a Cloud Platform member, or it can be created directly on a Cloud Platform member using a Cloud
API call. Once the object is created and assigned to a Cloud Platform member, all further updates to the
delegated network objects will be processed by the Cloud Platform member it is assigned to.

Create Network View

In this section, we will first create a network view. A network view is a single routing domain, with its own
networks and shared networks. A network view can contain both IPv4 and IPv6 networks. Each network is
contained within a network view.

In a multi-tenant environment, where you may have overlapping IP address space, a network view can be
delegated to be served by a Cloud Platform member and act as a container for all objects belonging to an
individual tenant. All of the network objects within a delegated network view will also be delegated to the
designated Cloud Platform member.
1. To create a network view, navigate to the Administration → Network Views tab in the Grid Manager.

2. Click the (add button) to add a new network view.

3. In the Add Network View Wizard, enter a name for the network view, for example cp1view.
4. Do not delegate the network view. We will delegate this later, after creating individual networks and
DNS zones.
5. Click Save & Close.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
22
 6. A warning will inform you that a DNS view will also be created for the new network view. Click Yes.

7. Click Restart in the warning bar when prompted.

8. Click Restart in the Restart Grid Services window.

Create Network
Next, we will create a network in the new network view. Networks can be explicitly delegated to a Cloud
Platform member from the Grid Master or inherit delegation from their parent network container or network
view.

1. To create a network in this new view, navigate to the Data Management → IPAM tab.
2. Use the network view dropdown to select your new network view.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
23
 3. Click the (add button) to add a new network.
4. On step 1 of the Add IPv4 Network Wizard, select Add Network → Manually.
5. Click Next.

6. On step 2 of the wizard, set a Netmask for the network, by typing in the box or using the slider.

7. Click the (add button) next to Networks and enter the network CIDR in the box, for example
10.10.10.0.
8. Check the box next to Automatically Create Reverse-Mapping Zone.
9. Click Next.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
24
 10.On step 3, click the (add button) to add a member as a DHCP server for the network.

11. In the Member Selector dialog, select your first Cloud Platform member.

12.Click Save & Close.

13.Click Restart in the warning bar when prompted.

14.Click Restart in the Restart Grid Services window.
15.The new network is now created.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
25
Create DNS Zone
Next, we will create an authoritative DNS zone in the DNS view automatically added under our new network
view. DNS zones are implicitly delegated to a Cloud Platform member when that member is assigned as the
primary name server for the zone.

1. To add an authoritative DNS zone, navigate to the Data Management → DNS → Zones tab.
2. Ensure you are in the DNS view that belongs to your new network view. The view name will be in the
format default.name, where name is the name of your network view.

3. Click the (add button) to add a new zone.

4. On step 1 of the Add Authoritative Zone Wizard, select Add an authoritative forward-mapping zone.
5. Click Next.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
26
 6. On step 2 of the wizard, enter a Name for your zone, for example cpguide.com.
7. Click Next.

8. On step 3, select Use this set of name servers.

9. Click the (add button) to add a Primary DNS name server for the zone.

10.Under Add Grid Primary, click Select.

11. In the Member Selector dialog, select your Cloud Platform member 1. By selecting the Cloud Platform
member as the primary name server in this step, the zone will automatically be delegated to that
member.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
27
 12.Click Add.

13.Click Save & Close.

14.Click Restart in the warning bar when prompted.

15.Click Restart in the Restart Grid Services window.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
28
 16.Notice that the new zone shows Cloud from delegation in the Cloud Usage column and the CP member
name in the Delegated To column.

Assign Name Server for Reverse Mapping Zone

Next, we will assign a Cloud Platform member as the Grid Primary for the reverse mapping zone which was
automatically created when we created a network. This will automatically delegate the zone to the Cloud
Platform appliance.

1. Navigate to the Data Management → DNS → Zones tab.

2. Select the checkbox next to the reverse mapping zone.

3. Click the (action menu).

4. Click Edit.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
29
 5. In the Authoritative Zone window, navigate to the Name Server page.
6. Select Use this set of name servers.

7. Click the (add button) to add a Primary DNS name server for the zone.

8. Under Add Grid Primary, click Select.

9. In the Member Selector dialog, select CP1. By selecting the Cloud Platform member as the primary
name server in this step, the zone will automatically be delegated to that member.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
30
 10.Click Add.

11. Click Save & Close.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
31
 12.Click Restart in the warning bar when prompted.
13.Click Restart in the Restart Grid Services window.

Delegate Authority for Network View

Next, we will delegate the newly created network view to a Cloud Platform member. This can also be done
while creating the network view. Once we delegate the network view to a Cloud Platform member, all objects in
the view, including networks and DNS zones, will be automatically delegated through inheritance.

1. To delegate the entire network view to your Cloud Platform member, navigate to the Administration →
Network Views tab.

2. Select the checkbox next to your new network view and click the (action menu).

3. Click Edit.

4. In the network view window, under Delegate authority from the Grid Master, click Select next to
Delegated To.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
32
 5. In the Cloud Member Selector dialog, select Cloud Platform member 1.

6. Click Save & Close.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
33
 7. Click Restart in the warning bar when prompted.
8. Click Restart in the Restart Grid Services window.
9. Notice that the network view now shows Cloud from delegation in the Cloud Usage column and the CP
member name in the Delegated To column.

10.Navigate to the Data Management → IPAM tab. You can see the previously created network has been
delegated to the Cloud Platform member and the icon color has changed from green to blue.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
34
 11. Select the checkbox next to the network and click the (action menu).
12.Click Edit.

13.You can see in the Cloud IPv4 Network window that the delegation of this network has been inherited
from the network view.

Create Host Record in Delegated Network and Zone

Now that you have a network view, network, and authoritative DNS zone delegated to a Cloud Platform
member, all API calls for objects in that network view will be made to the Cloud Platform member. To view this
in action, we will create a host record (for a VM) using a cloud API request. We will use the following sample
API call.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
35
 REST
API Call Sample Body
Method

Operation
Sample cURL Command

Sample Output

{"name": "vm1.cpguide.com",
"ipv4addrs":
[{"ipv4addr":"10.10.10.11"}],
"view":"default.cp1view",
"extattrs":
{ "Tenant ID": {"value":
"DC1"},
POST https://172.16.1.4/wapi/v2.11/record:host "CMP Type": {"value":
"Openstack"},
"Cloud API Owned":
{"value":"True" },
"VM ID": { "value":
"VM-ID-1"},
"VM Name": { "value":
"LinuxVM1" }}}

curl -k -u cloud-admin:infoblox -H 'content-type: application/json' -X POST

"https://172.16.1.4/wapi/v2.11/record:host?_return_fields%2B=name,extattrs" -d '{"name":
Create a Host Record "vm1.cpguide.com","ipv4addrs": [{"ipv4addr":"10.10.10.11"}],"view":"default.cp1view", "extattrs": {
within a Tenant "Tenant ID": {"value": "DC1"}, "CMP Type": {"value": "Openstack"}, "Cloud API Owned":
{"value":"True" },"VM ID": { "value": "VM-ID-1"},"VM Name": { "value": "LinuxVM1" }}}'

{"_ref": "record:host/ZG5zLmhvc3QkLjIuY29tLnRlc3Qudm0x:vm1.cpguide.com/default.cp1view",
"extattrs":
{"CMP Type": {"value": "Openstack"},
"Cloud API Owned": {"value": "True"},
"Tenant ID": {"value": "DC1"},
"VM ID": {"value": "VM-ID-1"},
"VM Name": {"value": "LinuxVM1"} },
"ipv4addrs":
[{"_ref":
"record:host_ipv4addr/ZG5zLmhvc3RfYWRkcmVzcyQuMi5jb20udGVzdC52bTEuMTAuMTAuMTAu
MTEu:10.10.10.11/vm1.cpguide.com/default.cp1view",
"configure_for_dhcp": false,
"host": "vm1.cpguide.com",
"ipv4addr": "10.10.10.11" }],
"name": "vm1.cpguide.com",
"view": "default.cp1view"}

1. To test this cloud API call, open a terminal window on your client device.
2. Copy the example cURL command from above and paste it in the terminal. Ensure you use the IP
address of the CP1 appliance, the correct DNS view name, and the correct DNS zone.

3. Press Enter. The screenshot below shows the output from a successful API call.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
36
 4. To view the host record in Grid Manager, navigate to the Data Management → DNS → Zones tab.
5. If necessary, use the network view dropdown to select the cp1view network view created earlier.
6. Click on the cpguide.com zone created earlier.

7. The newly created host record is visible. Select the checkbox for the host record.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
37
 8. To view Extensible Attributes added to the record through the cloud API, click the (action menu).
9. Click on Extensible Attributes.

10.You can see cloud specific EAs such as CMP Type and Tenant ID have been assigned to the record.

11. Click Cancel to close the host record window.

12.Navigate to the Cloud → Tenants tab. Here you can see a new tenant is added, DC1.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
38
 13.Click on DC1.
14.Click VMs. You will see details of the virtual machine that was specified when creating the host record.

Use Cases
In this section, we will use cloud API calls and/or a set of tasks in the Grid Manager GUI to demonstrate
common tasks, use cases, and benefits of Cloud Platform appliances and Cloud Network Automation. The API
examples shown in this section are limited to the use cases discussed and do not cover all cloud API
functionality. For additional information on Infoblox API, including cloud API, refer to documentation at
https://docs.infoblox.com. The following tasks and use cases are explored:

● Locally Survivable Solution Within a Data Center

● Scalable Solution for API Calls and DDI Services
● Multi-tenant Solution
● Proxy API Requests
● Multiple Primary Name Servers
● UI Support for Delegated Objects
● Enhanced User Interface for Cloud Visibility

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
39
Locally Survivable Solution Within a Data Center
This solution offers localized management of objects by delegating ownership to Cloud Platform members.
Cloud Platform members can serve API requests and protocols (DHS, DHCP) locally within data centers
outside an organization's primary data center. Centralized management and visibility is retained through the
Grid Master and Grid Manager UI.

The Cloud Platform members will continue to serve APIs and other services even when disconnected from the
Grid Master. If you are experiencing WAN connectivity issues or the Grid Master goes offline, your data center
is not brought down since the API calls are served locally by the CP member. When connectivity is restored to
the Grid Master, the Cloud Platform appliance will automatically sync changes made while the connection was
down. These updates will then be visible in Grid Manager.

You can use the following steps to verify and demonstrate the local survivability use case:

1. Shut down the Grid Master.

2. Use the following API call to create a new host record for a virtual machine on the locally available
Cloud Platform member.

REST
API Call Sample Body
Method

Operation
Sample cURL Command

Sample Output

{"name": "vm2.cpguide.com",
"ipv4addrs":
[{"ipv4addr":"10.10.10.12"}],
"view":"default.cp1view",
"extattrs":
{ "Tenant ID": {"value":
"DC1"},
POST https://172.16.1.4/wapi/v2.11/record:host "CMP Type": {"value":
"Openstack"},
"Cloud API Owned":
{"value":"True" },
"VM ID": { "value":
"VM-ID-2"},
"VM Name": { "value":
Create a Host Record
"LinuxVM2" }}}
within a Tenant
curl -k -u cloud-admin:infoblox -H 'content-type: application/json' -X POST
"https://172.16.1.4/wapi/v2.11/record:host?_return_fields%2B=name,extattrs" -d '{"name":
"vm2.cpguide.com","ipv4addrs": [{"ipv4addr":"10.10.10.12"}],"view":"default.cp1view", "extattrs": {
"Tenant ID": {"value": "DC1"}, "CMP Type": {"value": "Openstack"}, "Cloud API Owned":
{"value":"True" },"VM ID": { "value": "VM-ID-2"},"VM Name": { "value": "LinuxVM2" }}}'

{"_ref": "record:host/ZG5zLmhvc3QkLjIuY29tLnRlc3Qudm0x:vm2.cpguide.com/default.cp1view",
"extattrs":
{"CMP Type": {"value": "Openstack"},
"Cloud API Owned": {"value": "True"},
"Tenant ID": {"value": "DC1"},
"VM ID": {"value": "VM-ID-2"},
"VM Name": {"value": "LinuxVM2"} },

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
40
 "ipv4addrs":
[{"_ref":
"record:host_ipv4addr/ZG5zLmhvc3RfYWRkcmVzcyQuMi5jb20udGVzdC52bTEuMTAuMTAuMTAu
MTEu:10.10.10.12/vm2.cpguide.com/default.cp1view",
"configure_for_dhcp": false,
"host": "vm2.cpguide.com",
"ipv4addr": "10.10.10.12" }],
"name": "vm2.cpguide.com",
"view": "default.cp1view"}

3. To test this cloud API call, open a terminal window on your client device.
4. Copy the example cURL command from above and paste it in the terminal. Ensure you use the IP
address of your CP1 appliance, the correct DNS view name, and the correct DNS zone.

5. Press Enter. The screenshot below shows the output from a successful API call, demonstrating that
you can continue managing objects on the Cloud Platform member, even when the Grid Master is
offline.

6. To verify changes are synced once connectivity is restored, power on your Grid Master.
7. Wait a few minutes until the Grid Manager UI is available and log in.
8. Navigate to the Cloud → Tenants tab.
9. Click on the DC1 tenant.
10.Click on VMs. You can see that the object for your newly added VM has been synced to the Grid.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
41
Scalable Solution for API Calls and DDI Services
By adding additional Cloud Platform members to your data center or cloud environment and delegating a
subset of objects to each, you can horizontally scale API call capacity. The following table shows capacity limits
for available Cloud Platform appliance models as well as the number of VMs each is recommended to serve.

Recommended API Calls per DNS Queries per DHCP Leases per
Model
Number of VMs Minute Second Second

CP-V805 1,000 10 4,000 60

CP-V1405 5,000 50 30,000 210

CP-V2205 20,000 200 143,000 600

Multi-tenant Solution
You can leverage a combination of Network Views and Cloud Platform members for a multi-tenant solution.

When a network view is created, a corresponding DNS view is also created. DNS views provide the ability to
serve one version of DNS data to one set of clients and another version to another set of clients. With DNS
views, the appliance can provide a different answer to the same query, based on the source and/or destination
of the query. A DNS view can be in only one network view, but a network view can contain multiple DNS views.

Network views can be used in cloud environments or data centers to isolate each environment or tenant to their
own respective view. This enables support of overlapping networks across different tenants, each in its own
network view, thus enabling multi-tenancy for cloud environments. Note that when DHCP service is provided, a
Cloud Platform member may only be associated with a single network view.

To demonstrate this use case, we will create overlapping networks under tenants in multiple network views,
each delegated to different Cloud Platform members. First, we will create a new network view and delegate it to
Cloud Platform member 2.

1. Log in to Grid Manager.

2. Navigate to the Administration → Network Views tab.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
42
 3. Click the (add button) to add a new network view.

4. In the Add Network View Wizard, enter a name for the network view, for example cp2view.
5. Click Select next to Delegated To.

6. In the Cloud Member Selector dialog, click on CP2.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
43
 7. Click Save & Close.

8. A warning will inform you that a DNS view will also be created for the new network view. Click Yes.
9. Click Restart in the warning bar when prompted.
10.Click Restart in the Restart Grid Services window.

11. Next, we will create overlapping networks and new tenants in the two network views, using the following
cloud API calls.

REST
API Call Sample Body
Method

Operation
Sample cURL Command

Sample Output

{"network": "1.1.1.0/24",
On Cloud Platform "network_view": "cp1view",
Member 1, create a "extattrs":
network 1.1.1.0/24 in POST https://172.16.1.4/wapi/v2.11/network { "Tenant ID": {"value": "Dev"},
cp1view under a tenant "CMP Type": {"value":
Dev "Openstack"},
"Cloud API Owned":

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
44
 {"value":"True" }}}

curl -k -u cloud-admin:infoblox -H 'content-type: application/json' -X POST

"https://172.16.1.4/wapi/v2.11/network?_return_fields%2B=network,extattrs" -d '{"network":
"1.1.1.0/24","network_view": "cp1view","extattrs": { "Tenant ID": {"value": "Dev"},"CMP Type":
{"value": "Openstack"},"Cloud API Owned": {"value":"True" }}}'

{"_ref": "network/ZG5zLm5ldHdvcmskMS4xLjEuMC8yNC8y:1.1.1.0/24/cp1view",
"extattrs":
{"CMP Type": {"value": "Openstack"},
"Cloud API Owned": {"value": "True"},
"Tenant ID": {"value": "Dev"} },
"network": "1.1.1.0/24",
"network_view": "cp1view"
}

{"network": "1.1.1.0/24",
"network_view": "cp2view",
"extattrs":
{ "Tenant ID": {"value":
POST https://172.16.1.4/wapi/v2.11/network "Dev2"},
"CMP Type": {"value":
"Openstack"},
"Cloud API Owned":
{"value":"True" }}}

On Cloud Platform
curl -k -u cloud-admin:infoblox -H 'content-type: application/json' -X POST
Member 2, create a
"https://172.16.1.5/wapi/v2.11/network?_return_fields%2B=network,extattrs" -d '{"network":
network 1.1.1.0/24 in
"1.1.1.0/24","network_view": "cp2view","extattrs": { "Tenant ID": {"value": "Dev2"},"CMP Type":
cp2view under a tenant
{"value": "Openstack"},"Cloud API Owned": {"value":"True" }}}'
Dev2
{"_ref": "network/ZG5zLm5ldHdvcmskMS4xLjEuMC8yNC8y:1.1.1.0/24/cp2view",
"extattrs":
{"CMP Type": {"value": "Openstack"},
"Cloud API Owned": {"value": "True"},
"Tenant ID": {"value": "Dev2"} },
"network": "1.1.1.0/24",
"network_view": "cp2view"
}

12.To create the network and tenant in cp1view, open a terminal window on your client device.
13.Copy the first example cURL command from above and paste it in the terminal. Ensure you use the IP
address of your CP1 appliance and the correct network view name.

14.Press Enter. The screenshot below shows the output from a successful API call.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
45
 15.To create the network and tenant in cp2view, copy the second example cURL command from above
and paste it in the terminal. Ensure you use the IP address of your CP2 appliance and the correct
network view name.

16.Press Enter. The screenshot below shows the output from a successful API call.

17.To view the new tenants and networks, log in to Grid Manager.
18.Navigate to the Cloud → Tenants tab.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
46
Here you can see the two new tenants, Dev associated with cp1view, and Dev2 associated with cp2view.
19.Navigate to the Cloud → Networks tab.

The two new networks using the same CIDR, have both been added. Each is isolated to their own network
view and served by a separate Cloud Platform member. This makes it easy to work with network objects locally
and in an isolated, yet centralized manner. In the example architecture used in this guide, where Cloud
Platform Members 1 and 2 are each in different data centers, the network views cp1view and cp2view each
contain all network objects for their respective data centers.

Proxy API Requests

Cloud Platform appliances, and the Grid Master, include built-in functionality to proxy cloud API calls to the
appropriate CP member or Grid Master for processing. Cloud API calls can be sent to any Cloud Platform
member in the Grid and the call is either processed locally or transparently forwarded to the appliance that is
authoritative for the object referenced in the API request. The requestor (user) does not need to maintain the
object to owner relationship, as the request will be proxied to the correct member.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
47
This functionality is limited to only cloud API requests. Additionally, proxying is limited to one hop in the Grid. If
the destination appliance cannot process a proxied request, the request will not be forwarded again and the
client will receive an error.

To demonstrate this capability, use the following steps:

1. First, we will clear the Syslog to make it easier to view the proxy in action. Log in to the Grid Manager.
2. Navigate to the Administration → Logs → Syslog tab.

3. Click the (clear button) to clear current logs.

4. In the Clear Syslog dialog, click Yes to clear the logs.

5. Use the Member selector dropdown to select CP2.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
48
 6. Click the (clear button) to clear logs for this member.
7. In the Clear Syslog dialog, click Yes to clear the logs.
8. Next, we will create a DNS zone in cp2view using an API call to CP2 and create a new record in this
zone by proxying the request through the Grid Master. The following API calls will be used.

REST
API Call Sample Body
Method

Operation
Sample cURL Command

Sample Output

'{"fqdn": "cp2.com",
"grid_primary":
[{"name":"cp2.ibxdemo.com"}]
,
"view":"default.cp2view",
"extattrs":
POST https://172.16.1.5/wapi/v2.11/zone_auth
{ "Tenant ID": {"value":
"Dev2"},
"CMP Type": {"value":
"Openstack"},
"Cloud API Owned":
{"value":"True" }}}'

curl -k -u cloud-admin:infoblox -H 'content-type: application/json' -X POST

"https://172.16.1.5/wapi/v2.11/zone_auth?_return_fields%2B=fqdn,grid_primary,extattrs" -d
On Cloud Platform
'{"fqdn": "cp2.com","grid_primary":[{"name":"cp2.ibxdemo.com"}],"view":"default.cp2view","extattrs":
Member 2, create a zone
{ "Tenant ID": {"value": "Dev2"},"CMP Type": {"value": "Openstack"},"Cloud API Owned":
cp2.com in cp2view
{"value":"True" }}}'

{"_ref": "zone_auth/ZG5zLnpvbmUkLjMuY29tLmNwMg:cp2.com/default.cp2view",
"extattrs":
{"CMP Type": {"value": "Openstack"},
"Cloud API Owned": {"value": "True"},
"Tenant ID": { "value": "Dev2"}
},
"fqdn": "cp2.com",
"grid_primary":
[{"name": "cp2.ibxdemo.com",
"stealth": false
}],
"view": "default.cp2view"
}

{"name": "vm3.cp2.com",
"ipv4addrs":
[{"ipv4addr":"1.1.1.11"}],
"view":"default.cp2view",
Issue the call to Grid "extattrs":
Master to create a Host { "Tenant ID": {"value":
POST https://172.16.1.3/wapi/v2.11/record:host
Record under the zone "Dev2"},
cp2.com in cp2 view "CMP Type": {"value":
"Openstack"},
"Cloud API Owned":
{"value":"True" },
"VM ID": { "value":

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
49
 "VM-ID-3"},
"VM Name": { "value":
"LinuxVM3" }}}

curl -k -u cloud-admin:infoblox -H 'content-type: application/json' -X POST

"https://172.16.1.3/wapi/v2.11/record:host?_return_fields%2B=name,extattrs" -d '{"name":
"vm3.cp2.com","ipv4addrs": [{"ipv4addr":"1.1.1.11"}],"view":"default.cp2view", "extattrs": { "Tenant
ID": {"value": "Dev2"}, "CMP Type": {"value": "Openstack"}, "Cloud API Owned": {"value":"True"
},"VM ID": { "value": "VM-ID-3"},"VM Name": { "value": "LinuxVM3" }}}'

{"_ref": "record:host/ZG5zLmhvc3QkLjMuY29tLmNwMi52bTE:vm3.cp2.com/default.cp2view",
"extattrs":
{"CMP Type": {"value": "Openstack"},
"Cloud API Owned": {"value": "True"},
"Tenant ID": {"value": "Dev2"},
"VM ID": {"value": "VM-ID-3"},
"VM Name": {"value": "LinuxVM3"}
},
"ipv4addrs":
[{"_ref":
"record:host_ipv4addr/ZG5zLmhvc3RfYWRkcmVzcyQuMy5jb20uY3AyLnZtMS4xLjEuMS4xMS4:1.
1.1.11/vm3.cp2.com/default.cp2view",
"configure_for_dhcp": false,
"host": "vm3.cp2.com",
"ipv4addr": "1.1.1.11"
}],
"name": "vm3.cp2.com",
"view": "default.cp2view"
}

9. Open a terminal window on your client device.

10.Copy the first example cURL command from above and paste it in the terminal. Ensure you use the IP
address of your CP2 appliance, hostname of your CP2 appliance for the name server, and the correct
DNS view name.

11. Press Enter. The screenshot below shows the output from a successful API call.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
50
 12.To create the Host record in this zone using the proxy, copy the second example cURL command from
above and paste it in the terminal. Ensure you use the IP address of your Grid Master and the correct
DNS view name.

13.Press Enter. The screenshot below shows the output from a successful API call.

14.To view the logs showing the proxy, in Grid Manager return to the Administration → Logs → Syslog
tab.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
51
 15.Select the Grid Master form the Member selector dropdown. A syslog entry shows the request proxying
to CP2.

16.Select CP2 form the Member selector dropdown. Syslog entries show the proxied request from the GM,
creating the host address and host record.

17.Navigate to the Data Management → DNS → Zones tab.

18.Use the network view dropdown to select the cp2view network view.

19.Click on the cp2.com zone. The Host record has been successfully created using the proxy
functionality.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
52
Multiple Primary Name Servers
In order to increase availability of the DNS service, Infoblox NIOS allows multiple primary name servers to be
assigned for an authoritative DNS zone. When multiple Cloud Platform members are assigned as primary
name servers for a zone, the zone is delegated to each of the assigned primary members. Using the cloud API,
changes to the zone can be processed on any of these members. The changes are then synced through the
Grid Master and pushed to the other name servers.

There are some limitations to keep in mind when configuring multiple Cloud Platform members as primary
name servers for a zone.

● Updates to the zone are sent to the Grid Master and then synced to other name servers. If the CP
member which processes the update is not able to communicate with the Grid Master, changes to the
zone will not be synced to other members until that connectivity is restored. The Cloud Platform
member which processed the change will serve the updated zone, while any other members assigned
to the zone will continue to use zone data from their last sync with the Grid Member.
● This is also true if a member is unable to communicate with the Grid Master when changes are
processed on a different Cloud Platform member. The offline member will not receive the updates until
it is able to communicate with the Grid Master.
For other considerations and best practices when assigning multiple primaries for a zone, refer to Infoblox
NIOS documentation at https://docs.infoblox.com.
Create DNS Zone with Multiple Primaries
To illustrate this use case, use the following steps.

Warning: This section only demonstrates the ability to process zone changes on multiple CP members. If you
have followed the other sections of this guide, the new DNS zone will not be resolvable from the CP members
due to the ordering of DNS views they serve. To make this zone resolvable, you can change the order of DNS
views for each member. For further information on DNS view ordering and configuration, refer to NIOS
documentation at https://docs.infoblox.com.
1. Log in to the Grid Manager. Navigate to the Data Management → DNS → Zones tab.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
53
 2. Use the network view dropdown to select the default network view.

3. Click the (add button) to add a new zone.

4. On step 1 of the Add Authoritative Zone Wizard, select Add an authoritative forward-mapping zone.
5. Click Next.

6. On step 2, enter a name for the zone.

7. Click Next.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
54
 8. On step 3, select Use this set of name servers.

9. Click the (add button) to add a name server.

10.Click Select to choose a Grid Primary.

11. In the Member Selector dialog, click on CP1.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
55
 12.Click Add.

13.Repeat steps 9-12, selecting CP2 as a second Grid Primary.

14.Click Save & Close.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
56
 15.Click Yes in the Warning dialog.
16.Click Restart in the warning bar when prompted.
17.Click Restart in the Restart Grid Services window.
18.Notice that the new zone shows both CP members in the Delegated To and Grid Primary Services
columns.

Create DNS Records Using Multiple Primaries

Next, we will create new records in the zone, using the cloud API, to demonstrate the ability to process zone
changes on both of the assigned Cloud Platform members. We will use the following API calls for this example.

REST
API Call Sample Body
Method

Operation
Sample cURL Command

Sample Output

'{"name":
On Cloud Platform
"server1.newzone.com","ipv4
Member 1, create an A
POST https://172.16.1.4/wapi/v2.11/record:a addr":"2.2.2.1","view":"default
record in zone with
", "extattrs": { "Tenant ID":
multiple primaries
{"value": "Dev3"}, "CMP

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
57
 Type": {"value": "Openstack"},
"Cloud API Owned":
{"value":"True" },"VM ID": {
"value": "VM-ID-4"},"VM
Name": { "value": "Server1"
}}}'

curl -k -u cloud-admin:infoblox -H 'content-type: application/json' -X POST

"https://172.16.1.4/wapi/v2.11/record:a?_return_fields%2B=name,ipv4addr&_return_as_object=1"
-d '{"name": "server1.newzone.com","ipv4addr":"2.2.2.1","view":"default", "extattrs": { "Tenant ID":
{"value": "Dev3"}, "CMP Type": {"value": "Openstack"}, "Cloud API Owned": {"value":"True" },"VM
ID": { "value": "VM-ID-4"},"VM Name": { "value": "Server1" }}}'

{"_ref":
"record:a/ZG5zLmJpbmRfYSQuX2RlZmF1bHQuY29tLm5ld3pvbmUsc2VydmVyMSwxLjEuMS4xM
Q:server1.newzone.com/default",
"ipv4addr": "2.2.2.1",
"name": "server1.newzone.com",
"view": "default"
}

'{"name":
"server2.newzone.com","ipv4
addr":"2.2.2.2","view":"default
", "extattrs": { "Tenant ID":
{"value": "Dev3"}, "CMP
POST https://172.16.1.5/wapi/v2.11/record:a Type": {"value": "Openstack"},
"Cloud API Owned":
{"value":"True" },"VM ID": {
"value": "VM-ID-5"},"VM
Name": { "value": "Server2"
}}}'
On Cloud Platform
Member 2, create an A
curl -k -u cloud-admin:infoblox -H 'content-type: application/json' -X POST
record in zone with
"https://172.16.1.5/wapi/v2.11/record:a?_return_fields%2B=name,ipv4addr&_return_as_object=1"
multiple primaries
-d '{"name": "server2.newzone.com","ipv4addr":"2.2.2.2","view":"default", "extattrs": { "Tenant ID":
{"value": "Dev3"}, "CMP Type": {"value": "Openstack"}, "Cloud API Owned": {"value":"True" },"VM
ID": { "value": "VM-ID-5"},"VM Name": { "value": "Server2" }}}'

{"_ref":
"record:a/ZG5zLmJpbmRfYSQuX2RlZmF1bHQuY30tLm5ld3pvbmUsc2VydmVyMSwxLjEuMS4xM
Q:server2.newzone.com/default",
"ipv4addr": "2.2.2.2",
"name": "server2.newzone.com",
"view": "default"
}

1. Open a terminal window on your client device.

2. Copy the first example cURL command from above and paste it in the terminal. Ensure you use the IP
address of your CP1 appliance, the correct DNS zone, and the correct DNS view name.

3. Press Enter. The screenshot below shows the output from a successful API call.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
58
 4. In the Grid Manager, navigate to the Administration → Logs → Syslog tab.
5. Use the Member selector dropdown to select CP1.
6. A SysLog entry shows the new A record created on CP1 (not proxied).

7. To view the new record in the zone, navigate to the Data Management → DNS → Zones tab.
8. Click on the DNS zone to view records.

9. To create a second record, using the cloud API on CP2, open a terminal on your client device.
10.Copy the second example cURL command from above and paste it in the terminal. Ensure you use the
IP address of your CP2 appliance, the correct DNS zone, and the correct DNS view name.

11. Press Enter. The screenshot below shows the output from a successful API call.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
59
 12.In the Grid Manager, navigate to the Administration → Logs → Syslog tab.
13.Use the Member selector dropdown to select CP2.
14.A SysLog entry shows the new A record created on CP2 (not proxied).

15.You can also view the new record in the zone on the Data Management → DNS → Zones tab.

UI Support for Delegated Objects

While most interaction with objects delegated to Cloud Platform members is done using the cloud API, the Grid
Manager UI provides limited ability to create/delete some object types. Within delegated networks and zones,
you can create/delete Fixed Addresses, Reservations, and Host records using Grid Manager. In this case, the
creation/deletion is synced to the member which owns the delegated objects. Note: Updating of these
delegated objects is not supported.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
60
Create Host Record
To create a Host record in a delegated zone, use the following steps.

1. In the Grid Manager, navigate to the Data Management → DNS → Zones tab.
2. Use the network view dropdown to select the cp1view network view.
3. Click on the authoritative zone to view.

4. Click the (add dropdown).

5. Hover on Host.
6. Click on Host in the expanded menu.

7. On step 1 of the Add Host wizard, enter a name for the host.

8. Next to IPv4 Addresses, Click the (add dropdown).

9. Click on Add Address.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
61
Note: You cannot use the Next Available IP Address function. It will return the following error .

10.Enter an IP address for the host from one of the networks belonging to CP1.
11. Click Next.

12.On step 2, you see that a list of mandatory extensible attributes are pre-populated. Enter values for
CMP Type, Tenant ID, and VM ID.
13.Click Save & Close.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
62
 14.The new Host record has been added.

Note: If you try to add a different record type that is not supported, you will encounter the following error.

15.You can also delete records, one at a time. Select the checkbox next to a Host record.

16.Click the (delete button).

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
63
 17.In the Delete Confirmation dialog, click Yes.

Note: You cannot delete multiple delegated records at once. If you select multiple records, the delete button is
greyed out.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
64
Create Fixed Address
To create a Fixed Address in a delegated network, use the following steps.

1. In the Grid Manager, navigate to the Data Management → IPAM tab.

2. If necessary, Use the network view dropdown to select the cp1view network view.
3. Click on a network to view.

4. Open the Add dropdown in the Toolbar.

5. Hover on Fixed Address.
6. Click IPv4 in the expanded menu.

7. On step 1 of the Add IPv4 Fixed Address Wizard, select Add Fixed Address.
8. Click Next.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
65
 9. On step 2, enter an IP Address, MAC Address, and optionally a Name.
10.Click Next.

Note: The Next Available IP function is not available when adding a fixed address to a delegated network in the
UI and is greyed out as shown above.
11. On step 3, leave the defaults and click Next.
12.On step 4, you see that a list of mandatory extensible attributes are pre-populated. Most values are
inherited from the network object. You will need to enter a VM ID.
13.Click Save & Close.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
66
 14.The fixed address has been added. Click on the address in the IP Map to view details.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
67
Enhanced User Interface for Cloud Visibility
With the Cloud Network Automation license, the Cloud tab is added in Grid Manager. The Cloud tab includes
five additional tabs that each provide different perspectives for viewing your cloud resources, making it easy to
see what is deployed in each of your cloud environments. The additional tabs display your cloud resources by
Tenant, VPC, Network, VM, and Cloud Platform Members.

● Tenants: This tab displays all cloud tenants contained in your Grid. You can drill down to view all
networks and VMs associated with each tenant.

● VPCs: This tab displays Virtual Private Clouds, used to contain private networking space in many
public and private clouds such as AWS, Azure, VMware and Openstack. Note: Not all cloud platforms
use the concept of VPCs in a manner that will populate data in the VPCs tab.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
68
 ● Networks: This tab displays all cloud networks in your Grid. From here, you can easily jump to IPAM
data or other views to display additional details for a network. Searches, Smart Folders, and reports
can also leverage the metadata stored as EAs for each network.

● VMs: This tab shows all cloud virtual machines. Details for each VM such as IP addresses, associated
object types, and FQDNs are displayed on this tab.

● Cloud Platform Members: This tab displays all Cloud Platform members in the Grid. You can edit
some Cloud API properties of the members from this page.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
69
Cloud Dashboard and Report
To give you further insight into your hybrid infrastructure, the Infoblox Cloud Network Automation license
enables a Cloud Statistics widget for your Grid Manager dashboards. This includes statistics for IP address
utilization by tenant and IP type (fixed/floating). Cloud networks are also added to the Networks Over
Thresholds widget.

The CNA license also provides a VM Address History Report detailing IP address and DNS Record
allocation/deallocation for VMs by tenant. This report additionally allows you to drill down into lease history for
VM IPs. Using this report also requires an Infoblox reporting appliance and is not shown in this guide.

For additional information on dashboards and reports, refer to Infoblox NIOS documentation at
https://docs.infoblox.com.

To use the Cloud Statistics widget on your dashboard, use the following steps.

1. In the Grid Manager, navigate to the Dashboards → Status tab.

2. Expand the Status dropdown and select Add Content.

3. Click the (cloud icon) next to the listed widgets to filter for cloud widgets.
4. Click and drag the Cloud Statistics widget onto your dashboard.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
70
 5. The widget displays the Number of Tenants, VMs, and IP addresses in use. Optionally, click the
checkbox for Auto Refresh Period to set refresh time. You can also use Select Tenant to view
statistics for individual tenants.

Note: Fixed and Floating address types refer to OpenStack IP address types and are not relevant to all
deployments.
6. Click on Available vs. Allocated. Here you can see the total available cloud IP addresses compared to
those which are allocated.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
71
 7. To view cloud networks in the Networks Over Thresholds widget, expand the Status dropdown and
select Add Content.
8. Locate the Networks Over Thresholds widget and drag it onto your dashboard.

9. In this widget, you can enter the Threshold you want to view. To see only cloud networks over this
threshold, click the checkbox for View Cloud Networks Only.

Note: As shown above, no networks will be listed unless they are above the set threshold.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
72
Limitations
Please note the following limitations when deploying Cloud Network Automation and Cloud Platform
appliances.

● The default admin user is not allowed to make cloud API calls by default and design. This setting can
be changed, but it is not recommended for security best practices.
● When a Cloud Platform member is offline, any object delegated to that member cannot be
undelegated.
● To create Host records on a Cloud Platform member, the member must be authoritative for both the
IPAM network and DNS zone used for the Host.
● Not all WAPI calls are supported on Cloud Platform appliances. Only cloud API requests, a subset of
the WAPI, are supported. You must use WAPI version 2.0 and above.
● Cloud Platform members cannot be configured as Grid Masters or Grid Master Candidates.
● Response Policy Zones (RPZ) cannot be delegated to Cloud Platform members.
● Cloud Platform members cannot be added to DHCP failover associations.

Infoblox Deployment Guide - Cloud Platform and Cloud Network Automation (October 2021)
73
74