search

AbsaOSS / external-dns-infoblox-webhook

Infoblox provider based on in-tree provider for ExternalDNS
Apache License 2.0
10 stars 6 forks source link

InfoBlox error: A parent was not found. #20

Closed oscrx closed 1 week ago

oscrx commented 2 months ago

Hi there, I am having some issues with our infoblox <> external-dns integration. I hope I can get some debug suggestions.

When I switched from external dns 0.14.5 to 0.15.0 I noticed that the in-tree infoblox provider was no longer there. I am currently switching our config to the webhook provider. Unfortunately our infoblox thinks there is something wrong :)

time="2024-09-12T20:42:59Z" level=info msg="Changing record" action=CREATE record=test-oscar.xxx.xxx.nl target=cluster.k8s.xxxxxxx.xxxxxxx.xxxxxx.xxx.nl ttl=600 type=RecordCNAME
2024/09/12 20:43:00 CreateObject request error: 'WAPI request error: 400('400 Bad Request')
Contents:
{ "Error": "AdmConDataError: None (IBDataConflictError: IB.Data.Conflict:The action is not allowed. A parent was not found.)",
  "code": "Client.Ibap.Data.Conflict",
  "text": "The action is not allowed. A parent was not found."
}

I did find some forum posts about the error message but things did not get clear for me instantly.

https://community.infoblox.com/t5/api-integration-devops-netops/the-action-is-not-allowed-a-parent-was-not-found/td-p/21172

These are my settings (external-dns helm chart)

  provider:
    name: webhook
    webhook:
      image:
        repository: ghcr.io/absaoss/external-dns-infoblox-webhook
        tag: v1.1.1
      env:
        - name: INFOBLOX_HOST
          value: "x.x.x.x"
        - name: INFOBLOX_WAPI_USER
          valueFrom:
            secretKeyRef:
              name: infoblox-config
              key: infoblox-user
        - name: INFOBLOX_WAPI_PASSWORD
          valueFrom:
            secretKeyRef:
              name: infoblox-config
              key: infoblox-pass
        - name: INFOBLOX_VERSION
          value: "2.11.2"
        - name: INFOBLOX_SSL_VERIFY
          value: "false"
        # - name: INFOBLOX_DRY_RUN
        #   value: "true"
        - name: INFOBLOX_VIEW
          value: intern
        - name: INFOBLOX_CREATE_PTR
          value: "true"
        - name: LOG_LEVEL
          value: trace
      livenessProbe:
        httpGet:
          port: 8888
      readinessProbe:
        httpGet:
          port: 8888

Our records are part of a subzone, it worked with the in-tree implementation in External DNS. The logging is a little bit underwhelming unfortunately.

With the dry-run option it seems to work. Only during the creation of actual records some setting/api option is wrong and I cannot determine what it is. If I was able to capture the content of the actual requests being done I might have been able to locate the issue by comparing. Maybe I'll setup a simple proxy for it tomorrow.

Any help is appreciated.

kuritka commented 2 months ago

Hi @oscrx, did you try request infoblox manually? see: https://github.com/absaoSS/external-dns-infoblox-webhook?tab=readme-ov-file#writing-data. the provider basically creates these json objects and sends them to infoblox.