OVH support

[Oprax]

That would be pretty nice if OVH is support ! Here documentation : https://api.ovh.com/console/#/domain

[tlimoncelli]

Good suggestion!

I've added this to the list of requests. If someone would like to volunteer to implement this, please re-open this issue.

Advice on how to write a provider is documented here. Also, speak up in this issue and someone will get back to you asap.

[masterzen]

Hi,

I started working on the dns provider yesterday (and also want to work on the domain provider) . I'm not yet ready to submit a PR though, there are lots of corner cases to fix :)

What level of automated test do you require (beside the integration test)? I was thinking about mocking the OVH API and test how I call it, but looking at the other providers it doesn't seem to be required?

Thanks ! Brice

[masterzen]

Hi,

I've pushed the PR for the OVH DNS Provider. Please feel free to review.

I don't have the privileges to reopen the issue as I'm not the OP, can someone do it for me ?

For the moment the DNS Provider ignores any apex NS change, as this requires a specific implementation that uses the OVH registrar API, which I hope I can do soon :)

One question though is how one is supposed to manage nameservers in the dnsconfig.js as there exists both the NS() and NAMESERVER() commands. And how does that play with the dnscontrol registrar api?

Thanks, Brice

[captncraig]

We try to let the nameservers automatically resolve themselves. Each provider has the GetNameservers method that is intended to help dynamically discover what nameservers are needed to serve the zone. The driver tries to infer the nameservers and set up NS records appropriately, and register them.

If that fails, you can specify them manually with NAMESERVER. As far as I know, you cannot use NS directly. See https://stackexchange.github.io/dnscontrol/nameservers for details.

[masterzen]

@captncraig thanks for the answer, that makes sense (and I wonder how I missed this documentation).

So, in essence, I need to add a registrar provider for OVH so that one can manage NS records.

[captncraig]

Your pr looks ok for using ovh as a dns provider. It looks like GetNameservers does the right thing. Using OVH as a rgistrar is another thing altogether, and does not need to be included if you don't want to right now.

Although, now that I look, I don't see any way to use dns without purchasing a domain through them, so maybe the registrar bits would be good to have.

[masterzen]

Yes you need to have a domain in their registrar to be able to host a zone. They sell '.ovh' domain for less than 1 EUR/year which is what I used for my tests.

Regarding, adding the registrar part in the OVH provider, I'll try to add it tomorrow in a subsequent commit in the PR.

[tlimoncelli]

FYI: I just updated provider-list.md to clarify the responsibilities of someone that submits a new provider. Basically you'll be asked to fix future bugs, but the DNSControl maintainers will take responsibility for maintaining a test suite that lets you do that easily. May we list you as the maintainer of this provider?

[masterzen]

@tlimoncelli of course, you can list me as the maintainer of this provider. Just, this will only be in "best effort" mode as my spare time is quite limited nowadays :)

[masterzen]

Quick question about the registrar provider: Setting the NS in the registrar is a slow operation. In the OVH API this is asynchronous: you post the operation, then get a handle which you can use to ask completion information.

Is the provider supposed to return only when the change is fully applied (with a failure or success) or only at submission ?

[captncraig]

Good question. In general, we want to wait until we have a high confidence the operation will succeed. The main indicator for me in these decisions is "what nameservers does the api return if you query in between initiating a change and the completion event".

In other words, if the change reflects in future api requests immediately, don't bother waiting. If it has a possibility of being rolled back, maybe wait for more info.

We want to supply a consistency model such that running dnscontrol twice consecutively should result in zero corrections the second time wherever possible.

[masterzen]

Hi,

I've updated the PR #175 with the latest changes, including the registrar provider and documentation. Feel free to merge if you think this is correct and match your expectation level.

BTW, I noticed that the Route53 is waiting for the registrar update to be applied. Based on the discussion we had earlier @captncraig, the ovh provider doesn't wait (it just assures that the API returns a "work will be done" status). I changed the GetNameservers function to return a view of the changes instead of the hosted zone DNS, so that it is now idempotent.

Also, OVH unfortunately doesn't support setting manually apex NS in the hosted zone, so most dual providers scenario can't be achieved (I opened a ticket, we'll see what they answer).

Thanks, Brice

[masterzen]

Latest news: the fine folks at OVH have added support for adding apex NS records in their zone. I'm going to modify the PR to take advantage of this, and thus enable full dual provider on OVH.

Still, I have a question regarding dual providers scenario. I'm currently having panic errors because of duplicate nameservers.

I have the following dnsconfig.js:

var REG_OVH = NewRegistrar('ovh', 'OVH');
var ovh = NewDnsProvider("ovh", "OVH");
var route53 = NewDnsProvider("r53", "ROUTE53");

D("dnscontroltest.ovh", REG_OVH, DnsProvider(ovh, 2), DnsProvider(route53, 2),
    DefaultTTL(3600),
    A("xyz", "1.2.3.4")
);

Now, I'm in a state where I correctly added the NS to the OVH registrar containing both the OVH NS and 2 of the R53 NS.

So next time when dnscontro asks the OVH provider for the list of its known NS, it will happily return all those 4 NS. A bit later the complete list is formed by concatenating 2 NS of each providers, and bad luck the returned list for OVH has the R53 NS entries first. Thus the final list of NS contains duplicate record and we end up panicking here

Am I supposed to filter the returned NS in GetNameServers to return only 'native' (to the provider) NS ?

It doesn't seem to be the case for any providers I have looked to.

Thanks for any explanations, Brice

[captncraig]

You are correct. The purpose of the GetNameservers function is not to get the currently configured nameservers, but to answer "what nameservers should I use to host this zone exclusively on this provider?"

For many providers this can be a simple hard-coded list. Others give you unique nameservers per zone. But you should only ever use OVH nameservers there.

[masterzen]

@captncraig thanks for the explanation, I fixed the OVH provider so that GetNameServers returns the correct information based on your explanation. The PR is also rebased on the current master.

I think I'm now done for this provider, and PR #175 can be merged if you think it is correct. If not, feel free to comment and I'll make sure to fix any issues.

Thanks! Brice

[masterzen]

To my knowledge the OVH provider has been merged, this issue can probably be closed.

[tlimoncelli]

Must have been an oversight. Thanks for checking. I'll close this issue.