search

opennetadmin / build_bind

OpenNetAdmin plugin to manage and build BIND DNS server configurations
13 stars 13 forks source link

Update build_bind.inc.php #7

Open SyBernot opened 11 years ago

SyBernot commented 11 years ago

This patch stabilizes the serial numbers on zone files giving you a last changed/built timestamp, it also dramatically cuts back on slave replication as the zones are no longer in constant flux.

--modify queries to return only domains that need rebuilt for each server and add query to unset the rebuild_flag once it has been built.

Currently being tested but preliminary tests look good.

mattpascoe commented 11 years ago

Here are some observations.

The final trigger that updates the rebuild flag back to 0 should not be in this location. The problem is that there are other places this function could get called that are intended to just 'view' the state of things.

I envision that it will be updated by the build_bind shell script either just before or just after the daemon restarts. If there are any errors prior to that in building/creating the zone files then it should not reset the rebuild flag. Only when a successful rebuild is complete should it reset the flag. This likely means I'll have to add another function strictly for resetting the rebuild flag. This can be called at any time from any where.

Another thing I think I would like to do before it gets merged into master is to add a '-a' option to build_bind that will allow you to force a rebuild of all zones. This way someone can still update things in case we find that the rebuild flag is not updating as expected.

Also we might want to update plugin_info with a 1.1 version. And I guess 1.6 in the build_bind shell script if we add the -a option to it.

You mention stabilizing the serial numbers. I dont see any specific code in this commit that does that. Did I miss it?

I figure this is a start and we can flesh it out from there. Thanks for working it through github, this helps me greatly keep track of what the heck I'm doing :smile:

SyBernot commented 11 years ago

This seems to be working , I agree about the trigger coming from the build bind script but as I'm running 3 different versions of that script I didn't want to tackle that until I have all our dns servers running on the same revision of os/puppet/bind (legacy stuff....hate it). There is skew in the serials but only by a few seconds, I was thinking of possibly setting the resolution of the timestamp to the ttl of the domain but that doesn't cover the case where a dcm client doesn't check in due to a local time skew or misses a checkin for some other reason. Ideally it would be the actual stamp on the change in ona and that would be what gets used as a serial. That could be done on the server end of things. I'll have to think how the update flag would work in that case but I think it would be similar. I'm mired in another project for now so it may be awhile before I can get back to this, hopefully I'll have the newest version up I can fiddle with when that time comes.

edit- one other thing came to mind is the special case of dns changes that happen in the future.