-
Notifications
You must be signed in to change notification settings - Fork 62
DNS servers should have NS and SOA records #8047
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from all commits
Commits
Show all changes
64 commits
Select commit
Hold shift + click to select a range
a5e0264
should be the needful.. think the dns server needs soa testing too
iximeow 084553c
ok why does the test fail though
iximeow 5c8cded
looking basically reasonable now i think
iximeow 2a5b875
at least one omdb test needs updating..
iximeow a6150a4
puzzling that the nameserver IPs are like that though
iximeow 182f98e
actually answer NS and SOA queries, one more todo
iximeow 086d996
actually unwind local ipcc overrides
iximeow af76a85
deny DNS updates that define SOA records
iximeow f77c4aa
no magic @ string
iximeow 9ea1427
oops, goofy test misses
iximeow 19907ac
openapi happy, clippy happy, maybe its ok now
iximeow fa47ab1
bump progenitor, this works but obviously incorrect approach
iximeow aa3ecae
test should clean up when it passes, rustfmt
iximeow 69cd5d0
shuffle dns types and versions around to more suitable places
iximeow 0f17ae6
clean up BOTH new tests actually
iximeow bfb25a5
dont just duplicate v1 and v2 DNS API impls
iximeow 33ee507
make the into impls a little more reasonable
iximeow 9b8c813
add a test exercising DNS server/client version combinations
iximeow d399431
move the lossy v2->v1 dns types conversions to not *Into
iximeow 276356e
why was that there
iximeow 069d2cd
update Crucible and bump Progenitor to go with it
iximeow 8a9747d
Update nexus/db-model/src/dns.rs
iximeow 69f1506
review comments from Dave, ty
iximeow b6db528
"dns_resolver" -> dns_nameserver
iximeow 0807629
rustfmt
iximeow d3d59a0
rework SOA to not exist in the database, instead synthesize on demand
iximeow 427c1d6
wire up SOA answers and NXDomain correctly now that SOA is synthesize…
iximeow 1b1af79
V1 DNS HTTP clients cannot GET if V2 records are present
iximeow e45b8f0
move DNS serial selection to Nexus (and delete old SOA arms)
iximeow 12605e3
internal DNS has NS records and ns<N>.oxide.internal records now!
iximeow a65f160
anyway, blueprints should yield records at the apex too
iximeow dbe1448
shuffle reconfigurator test files around
iximeow bf0ef2b
existing tests don't look totally right (the interim state doesn't lo…
iximeow 0452cb6
external DNS reconfiguration fixed up, update other tests listing DNS…
iximeow 9a82034
set up internal DNS reconfigurator-cli test, looks reasonable too
iximeow ed9fdd8
rustfmt
iximeow bfba9f1
answers refer to DNS serial numbers, not config generations
iximeow 21e2160
prior_silo_name -> prior_record_name
iximeow 9981995
don't need to assert when constructing external DNS configuration
iximeow 3ba1960
Merge remote-tracking branch 'github/main' into ixi/dns-ns-and-soa
iximeow 4088b73
adjusted that name wrong
iximeow 3821a1f
do not create empty apex records if there are no name servers
iximeow b29eda8
correct other test issues now that it actually changes DNS config
iximeow 3af6f18
rustfmt, clippy
iximeow 4bafb09
ah, changed APIs so regenerate openapi
iximeow e646534
digest thoughts about who sees what synthesized data into docs
iximeow ff63ea1
DnsConfigZone::records -> DnsConfigZone::names
iximeow a99660d
sort external IPs before making NS records
iximeow db7b7d8
merge conflict kept around an old copy of dns expunge
iximeow 727343c
cleanup and self-review
iximeow 954e577
describe some of the happenings in the external dns test
iximeow d1cf240
and fix up the internal DNS reconfigurator-cli test after bad merge
iximeow f4251e5
and update the OpenAPI spec because i changed records->names
iximeow 8c6b357
and we don't need empty stderr file here
iximeow 9b1b846
Update dns-server/src/dns_server.rs
iximeow c12b276
Revert "DnsConfigZone::records -> DnsConfigZone::names".
iximeow 2c1841b
review feedback
iximeow 0214828
clippy
iximeow 31691bb
use VERSION_ constants instead of semver strings in API versions
iximeow a330948
accidentally stashed the change to delete this comment...
iximeow 6ab6003
unwind more unnecessary diff
iximeow f33dea6
adjust external DNS config test to be a bit clearer
iximeow 5a4c249
"serial" was misleading and kinda pointless
iximeow 7de2cc1
names -> records revert comes with rolling back openapi changes
iximeow File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
19 changes: 19 additions & 0 deletions
19
dev-tools/reconfigurator-cli/tests/input/cmds-expunge-newly-added-external-dns.txt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| # This is a legacy test; new tests shouldn't need to set a seed | ||
|
|
||
| load-example --seed test_expunge_newly_added_external_dns | ||
|
|
||
| blueprint-show 3f00b694-1b16-4aaa-8f78-e6b3a527b434 | ||
| blueprint-edit 3f00b694-1b16-4aaa-8f78-e6b3a527b434 expunge-zone 9995de32-dd52-4eb1-b0eb-141eb84bc739 | ||
|
|
||
| # Diff DNS to see that the expunged zone is no longer has DNS records. | ||
| blueprint-diff 3f00b694-1b16-4aaa-8f78-e6b3a527b434 366b0b68-d80e-4bc1-abd3-dc69837847e0 | ||
|
|
||
| blueprint-show 366b0b68-d80e-4bc1-abd3-dc69837847e0 | ||
| # blueprint-plan will place a new external DNS zone, diff DNS to see the new zone has `ns<N>` and NS records. | ||
| blueprint-plan 366b0b68-d80e-4bc1-abd3-dc69837847e0 | ||
| blueprint-diff 366b0b68-d80e-4bc1-abd3-dc69837847e0 9c998c1d-1a7b-440a-ae0c-40f781dea6e2 | ||
|
|
||
| blueprint-show 9c998c1d-1a7b-440a-ae0c-40f781dea6e2 | ||
| # expunging the new zone should work, then diff again to see the new zone also have its DNS records removed. | ||
| blueprint-edit 9c998c1d-1a7b-440a-ae0c-40f781dea6e2 expunge-zone d786ef4a-5acb-4f5d-a732-a00addf986b5 | ||
| blueprint-diff 9c998c1d-1a7b-440a-ae0c-40f781dea6e2 2ac8c740-444d-42ff-8d66-9812a7e51288 | ||
17 changes: 17 additions & 0 deletions
17
dev-tools/reconfigurator-cli/tests/input/cmds-expunge-newly-added-internal-dns.txt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| load-example | ||
|
|
||
| blueprint-show dbcbd3d6-41ff-48ae-ac0b-1becc9b2fd21 | ||
| # Expunge an internal DNS zone | ||
| blueprint-edit dbcbd3d6-41ff-48ae-ac0b-1becc9b2fd21 expunge-zone 5a526763-1d2b-42a5-b2ef-42f58aa8cbfa | ||
| # Diff against the new blueprint; the zone has been expunged so its records should be removed. | ||
| blueprint-diff dbcbd3d6-41ff-48ae-ac0b-1becc9b2fd21 8da82a8e-bf97-4fbd-8ddd-9f6462732cf1 | ||
|
|
||
| # Mark the internal DNS zone ready for cleanup. | ||
| # This approximates sled-agent performing an inventory collection and seeing the DNS zone has gone away. | ||
| # This zone's records were removed in the expunge before, so there are no further DNS changes. | ||
| blueprint-edit 8da82a8e-bf97-4fbd-8ddd-9f6462732cf1 mark-for-cleanup 5a526763-1d2b-42a5-b2ef-42f58aa8cbfa | ||
| blueprint-diff 8da82a8e-bf97-4fbd-8ddd-9f6462732cf1 58d5e830-0884-47d8-a7cd-b2b3751adeb4 | ||
|
|
||
| # Planning a new blueprint will now replace the expunged zone, with new records for its replacement. | ||
| blueprint-plan 58d5e830-0884-47d8-a7cd-b2b3751adeb4 | ||
| blueprint-diff 58d5e830-0884-47d8-a7cd-b2b3751adeb4 af934083-59b5-4bf6-8966-6fb5292c29e1 |
12 changes: 0 additions & 12 deletions
12
dev-tools/reconfigurator-cli/tests/input/cmds-expunge-newly-added.txt
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
unfortunately, between the diff size and having conflicting changes on main, i had a hard time keeping the output a more legible "file moved and now has some additional lines". instead, git shows the diff as a fully new file even though it's mostly the prior content.
blueprint-diffincludes the DNS output though, which is of course what i actually care about here. if this is a bear to review (and i'm pretty empathetic to it being a lot) i'm open to moving the DNS checking over to a new test and leaving this unchanged, or moving the internal DNS testing to live in this test as well.