Yuvipanda has submitted this change and it was merged.
Change subject: labsdns: Allow returning arbitrary A records, not CNAMEs
......................................................................
labsdns: Allow returning arbitrary A records, not CNAMEs
CNAMEs are problematic since if the same DNS server is responsible
for the returned CNAME zone as well clients expect it to internally
resolve and return the A record too. This is too complex for us,
so we just fake return an A record directly. This has TTL implications,
but right now these are in /etc/hosts managed by puppet so it is
not making the situation worse.
Followup to I4c90b8002409f5de9bdc48bc878c27348122ce6c
Bug: T139190
Change-Id: I3480066e89cf825ba278983c35e6a97a95c17e7b
---
M hieradata/common/dnsrecursor/labsaliaser.yaml
M modules/dnsrecursor/files/labs-ip-alias-dump.py
M modules/dnsrecursor/manifests/labsaliaser.pp
3 files changed, 17 insertions(+), 15 deletions(-)
Approvals:
Yuvipanda: Verified; Looks good to me, approved
diff --git a/hieradata/common/dnsrecursor/labsaliaser.yaml
b/hieradata/common/dnsrecursor/labsaliaser.yaml
index 7d68825..521f54d 100644
--- a/hieradata/common/dnsrecursor/labsaliaser.yaml
+++ b/hieradata/common/dnsrecursor/labsaliaser.yaml
@@ -1,3 +1,5 @@
-# CNAMEs for use in labs projects. REMEMBER THE TRAILING DOT.
-cnames:
- tools-db.tools.eqiad.wmflabs.: tools.labsdb.
\ No newline at end of file
+# Extra records that the Labs DNS resolver should respond to.
+# Used for things that would ideally be in a .svc. DNS zone but
+# we do not have one. REMEMBER THE TRAILING DOT.
+extra_records:
+ tools-db.tools.eqiad.wmflabs.: 10.64.37.9 # labsdb1005.eqiad.wmnet / tools-db
\ No newline at end of file
diff --git a/modules/dnsrecursor/files/labs-ip-alias-dump.py
b/modules/dnsrecursor/files/labs-ip-alias-dump.py
index 3ce2930..3f5a8f2 100644
--- a/modules/dnsrecursor/files/labs-ip-alias-dump.py
+++ b/modules/dnsrecursor/files/labs-ip-alias-dump.py
@@ -99,24 +99,24 @@
"""
-if 'cnames' in config:
- output += 'cnamemapping = {}\n'
- cnames = config['cnames']
+if 'extra_records' in config:
+ output += 'extra_records = {}\n'
+ extra_records = config['extra_records']
- for cname in sorted(cnames.keys()):
+ for q in sorted(extra_records.keys()):
output += LUA_LINE_TEMPLATE.format(
- table='cnamemapping',
- key=cname,
- value=cnames[cname],
- comment=cname
+ table='extra_records',
+ key=q,
+ value=extra_records[q],
+ comment=q
)
output += """
function preresolve(remoteip, domain, qtype)
- if cnamemapping[domain]
+ if extra_records[domain]
then
return 0, {
- {qtype=pdns.CNAME, content=cnamemapping[domain], ttl=300,
place="1"},
+ {qtype=pdns.A, content=extra_records[domain], ttl=300, place="1"},
}
end
return -1, {}
diff --git a/modules/dnsrecursor/manifests/labsaliaser.pp
b/modules/dnsrecursor/manifests/labsaliaser.pp
index 425760f..24a2d9d 100644
--- a/modules/dnsrecursor/manifests/labsaliaser.pp
+++ b/modules/dnsrecursor/manifests/labsaliaser.pp
@@ -2,7 +2,7 @@
$username,
$password,
$nova_api_url,
- $cnames,
+ $extra_records,
$alias_file,
$admin_project_name,
) {
@@ -14,7 +14,7 @@
'password' => $password,
'output_path' => $alias_file,
'nova_api_url' => $nova_api_url,
- 'cnames' => $cnames,
+ 'extra_records' => $extra_records,
'admin_project_name' => $admin_project_name,
}
--
To view, visit https://gerrit.wikimedia.org/r/296941
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I3480066e89cf825ba278983c35e6a97a95c17e7b
Gerrit-PatchSet: 5
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Yuvipanda <yuvipa...@wikimedia.org>
Gerrit-Reviewer: Yuvipanda <yuvipa...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
