PowerDNS instead of bind9 #2
8 changed files with 66 additions and 31 deletions
|
|
@ -13,21 +13,16 @@ max-tcp-connections-per-client=10
|
||||||
|
|
||||||
security-poll-suffix=
|
security-poll-suffix=
|
||||||
|
|
||||||
server-id=${node.name}
|
server-id=${my_hostname}
|
||||||
|
|
||||||
default-ttl=86400
|
default-ttl=60
|
||||||
|
|
||||||
% if is_secondary:
|
% if is_secondary:
|
||||||
# Primary server: ${my_primary_server['node']}
|
# Primary servers: ${', '.join(sorted(my_primary_servers['nodes']))}
|
||||||
slave=yes
|
slave=yes
|
||||||
superslave=yes
|
superslave=yes
|
||||||
allow-notify-from=${','.join(my_primary_server['ips'])}
|
allow-notify-from=${','.join(sorted(my_primary_servers['ips']))}
|
||||||
% else:
|
% else:
|
||||||
allow-notify-from=
|
allow-notify-from=
|
||||||
% endif
|
|
||||||
|
|
||||||
% if node.metadata['powerdns'].get('my_secondary_servers'):
|
|
||||||
# This server is a primary server for the following nodes:
|
|
||||||
# ${', '.join(node.metadata['powerdns']['my_secondary_servers'])}
|
|
||||||
master=yes
|
master=yes
|
||||||
% endif
|
% endif
|
||||||
|
|
|
||||||
|
|
@ -22,11 +22,9 @@ $TTL 60
|
||||||
86400
|
86400
|
||||||
300
|
300
|
||||||
)
|
)
|
||||||
@ IN NS bind01.gce.kunbox.net.
|
|
||||||
IN NS b.ns14.net.
|
|
||||||
IN NS c.ns14.net.
|
|
||||||
IN NS d.ns14.net.
|
|
||||||
"""
|
"""
|
||||||
|
for rnode in sorted(repo.nodes_in_group('dns')):
|
||||||
|
ZONE_HEADER += '@ IN NS {}\n'.format(rnode.metadata.get('powerdns', {}).get('my_hostname', rnode.hostname))
|
||||||
|
|
||||||
directories = {
|
directories = {
|
||||||
'/etc/powerdns/pdns.d': {
|
'/etc/powerdns/pdns.d': {
|
||||||
|
|
@ -53,8 +51,9 @@ files = {
|
||||||
'content_type': 'mako',
|
'content_type': 'mako',
|
||||||
'context': {
|
'context': {
|
||||||
'api_key': node.metadata['powerdns']['api_key'],
|
'api_key': node.metadata['powerdns']['api_key'],
|
||||||
|
'my_hostname': node.metadata['powerdns'].get('my_hostname', node.name),
|
||||||
'is_secondary': node.metadata['powerdns'].get('is_secondary', False),
|
'is_secondary': node.metadata['powerdns'].get('is_secondary', False),
|
||||||
'my_primary_server': node.metadata['powerdns'].get('my_primary_server', {}),
|
'my_primary_servers': node.metadata['powerdns'].get('my_primary_servers', {}),
|
||||||
},
|
},
|
||||||
'needs': {
|
'needs': {
|
||||||
'pkg_apt:pdns-server',
|
'pkg_apt:pdns-server',
|
||||||
|
|
|
||||||
|
|
@ -28,29 +28,25 @@ defaults = {
|
||||||
|
|
||||||
|
|
||||||
@metadata_reactor
|
@metadata_reactor
|
||||||
def get_ips_of_secondary_nameservers(metadata):
|
def get_ips_of_primary_nameservers(metadata):
|
||||||
# Secondary Nameservers can't be a primary nameserver at the same
|
if not metadata.get('powerdns/is_secondary', False):
|
||||||
# time. Return early if this is a secondary server.
|
|
||||||
if metadata.get('powerdns/is_secondary', False):
|
|
||||||
return {}
|
|
||||||
|
|
||||||
try:
|
|
||||||
nameservers = repo.nodes_in_group(metadata.get('powerdns/secondary_nameservers', ''))
|
|
||||||
except NoSuchGroup:
|
|
||||||
# This probably is no primary nameserver, either. Should be fine.
|
|
||||||
return {}
|
return {}
|
||||||
|
|
||||||
|
ips = set()
|
||||||
nodes = set()
|
nodes = set()
|
||||||
for rnode in nameservers:
|
for rnode in repo.nodes_in_group('dns'):
|
||||||
if rnode.name == node.name:
|
if not rnode.metadata.get('powerdns/is_secondary', False):
|
||||||
# We can't be primary and secondary at the same time
|
ips.update({
|
||||||
continue
|
str(ip) for ip in repo.libs.tools.resolve_identifier(repo, rnode.name)
|
||||||
|
})
|
||||||
nodes.add(rnode.name)
|
nodes.add(rnode.name)
|
||||||
|
|
||||||
return {
|
return {
|
||||||
'powerdns': {
|
'powerdns': {
|
||||||
'my_secondary_servers': nodes,
|
'my_primary_servers': {
|
||||||
|
'ips': ips,
|
||||||
|
'nodes': nodes,
|
||||||
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
11
nodes/a.ns14.net.py
Normal file
11
nodes/a.ns14.net.py
Normal file
|
|
@ -0,0 +1,11 @@
|
||||||
|
# This node is not actually part of this repository, it's a DNS server
|
||||||
|
# managed by AutoDNS. It needs a node file, because we're using that to
|
||||||
|
# auto-generate DNS configs.
|
||||||
|
|
||||||
|
nodes['a.ns14.net'] = {
|
||||||
|
'hostname': 'a.ns14.net',
|
||||||
|
'dummy': True,
|
||||||
|
'groups': {
|
||||||
|
'dns',
|
||||||
|
},
|
||||||
|
}
|
||||||
11
nodes/b.ns14.net.py
Normal file
11
nodes/b.ns14.net.py
Normal file
|
|
@ -0,0 +1,11 @@
|
||||||
|
# This node is not actually part of this repository, it's a DNS server
|
||||||
|
# managed by AutoDNS. It needs a node file, because we're using that to
|
||||||
|
# auto-generate DNS configs.
|
||||||
|
|
||||||
|
nodes['b.ns14.net'] = {
|
||||||
|
'hostname': 'b.ns14.net',
|
||||||
|
'dummy': True,
|
||||||
|
'groups': {
|
||||||
|
'dns',
|
||||||
|
},
|
||||||
|
}
|
||||||
11
nodes/c.ns14.net.py
Normal file
11
nodes/c.ns14.net.py
Normal file
|
|
@ -0,0 +1,11 @@
|
||||||
|
# This node is not actually part of this repository, it's a DNS server
|
||||||
|
# managed by AutoDNS. It needs a node file, because we're using that to
|
||||||
|
# auto-generate DNS configs.
|
||||||
|
|
||||||
|
nodes['c.ns14.net'] = {
|
||||||
|
'hostname': 'c.ns14.net',
|
||||||
|
'dummy': True,
|
||||||
|
'groups': {
|
||||||
|
'dns',
|
||||||
|
},
|
||||||
|
}
|
||||||
11
nodes/d.ns14.net.py
Normal file
11
nodes/d.ns14.net.py
Normal file
|
|
@ -0,0 +1,11 @@
|
||||||
|
# This node is not actually part of this repository, it's a DNS server
|
||||||
|
# managed by AutoDNS. It needs a node file, because we're using that to
|
||||||
|
# auto-generate DNS configs.
|
||||||
|
|
||||||
|
nodes['d.ns14.net'] = {
|
||||||
|
'hostname': 'd.ns14.net',
|
||||||
|
'dummy': True,
|
||||||
|
'groups': {
|
||||||
|
'dns',
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
@ -34,6 +34,7 @@ nodes['gce.bind01'] = {
|
||||||
'powerdns': {
|
'powerdns': {
|
||||||
'is_secondary': False,
|
'is_secondary': False,
|
||||||
'secondary_nameservers': 'dns',
|
'secondary_nameservers': 'dns',
|
||||||
|
'my_hostname': 'ns-1.kunbox.net',
|
||||||
},
|
},
|
||||||
'vm': {
|
'vm': {
|
||||||
'cpu': 1,
|
'cpu': 1,
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue