opendev/system-config
Code Issues Proposed changes

dns variables : move to canonical locations

Browse Source 
We have three groups

 adns : the hidden primary bind server
 ns : the secondary public authoratitive servers
 dns : both of the above

Only the primary server needs to clone the bind config repos and
notify the secondary servers on updates.  So the dns_repos and
dns_notify arguments can go into adns.yaml so they're only available
to the primary server.

Only the secondary servers need to know the ip address of the
master/primary server so it can allow itself to be notified by that
IP, and do transfer requests.  So dns_master_ipv<4|6> can live in
ns.yaml

This leaves in dns.yaml the one thing both have to agree on, which is
the zones to transfer betwen each other.

Change-Id: Ibd8063e92ad7ff9ee683dcc7dfcc115a0b19dcaa
This commit is contained in:
Ian Wienand 2023-03-09 14:29:06 +11:00
parent edb16542b1
commit a2569707fe
No known key found for this signature in database
3 changed files with 13 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
inventory/service/group_vars/adns.yaml
View File

@ -1,3 +1,13 @@
dns_repos:
- name: zone-opendev.org
url: https://opendev.org/opendev/zone-opendev.org
- name: zone-zuul-ci.org
url: https://opendev.org/opendev/zone-zuul-ci.org
- name: zone-gating.dev
url: https://opendev.org/opendev/zone-gating.dev
dns_notify:
- 104.239.140.165
- 162.253.55.16
iptables_extra_allowed_hosts:
- protocol: tcp
port: 53

12
inventory/service/group_vars/dns.yaml
View File

@ -1,10 +1,3 @@
dns_repos:
- name: zone-opendev.org
url: https://opendev.org/opendev/zone-opendev.org
- name: zone-zuul-ci.org
url: https://opendev.org/opendev/zone-zuul-ci.org
- name: zone-gating.dev
url: https://opendev.org/opendev/zone-gating.dev
dns_zones:
- name: gating.dev
source: zone-gating.dev/zones/gating.dev/
@ -17,8 +10,3 @@ dns_zones:
source: zone-zuul-ci.org/zones/zuul-ci.org/
- name: zuulci.org
source: zone-zuul-ci.org/zones/zuulci.org/
dns_notify:
- 104.239.140.165
- 162.253.55.16
dns_master_ipv4: 104.239.146.24
dns_master_ipv6: 2001:4800:7819:104:be76:4eff:fe04:43d0

3
inventory/service/group_vars/ns.yaml
View File

@ -1,3 +1,6 @@
dns_master_ipv4: 104.239.146.24
dns_master_ipv6: 2001:4800:7819:104:be76:4eff:fe04:43d0
iptables_extra_public_tcp_ports:
- 53
iptables_extra_public_udp_ports: