Page MenuHomePhabricator

cloudvps: PDNS 3.x vs 4.x
Closed, ResolvedPublic

Description

According to https://doc.powerdns.com/ (landing page) the 3.x branch of PDNS is unsupported.

This is what we have right now in cloudservices1003.wikimedia.org:

aborrero@cloudservices1003:~ $ dpkg -l pdns-*
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name                          Version             Architecture        Description
+++-=============================-===================-===================-===============================================================
un  pdns-backend                  <none>              <none>              (no description available)
ii  pdns-backend-mysql            3.4.1-4+deb8u8      amd64               generic MySQL backend for PowerDNS
ii  pdns-recursor                 4.0.4-1+deb9u3~bpo8 amd64               PowerDNS Recursor
ii  pdns-server                   3.4.1-4+deb8u8      amd64               extremely powerful and versatile nameserver

Luckily PDNS 4.0.3-1~bpo8+1 is present in Debian's jessie-backports and apparently in good shape (https://tracker.debian.org/pkg/pdns).

Shall we try migrating from 3.x to 4.x?

Related Objects

StatusSubtypeAssignedTask
ResolvedAndrew
ResolvedAndrew
Resolvedaborrero
Resolvedaborrero
Resolvedaborrero
ResolvedPapaul
Resolved JHedden
Resolvedaborrero
Resolvedaborrero
ResolvedPapaul
Resolvedaborrero
Resolvedaborrero
Resolvedaborrero
Resolvedaborrero
ResolvedAndrew
Resolvedaborrero
Resolvedaborrero
ResolvedAndrew
Resolvedaborrero
Resolvedaborrero
ResolvedAndrew
Resolved Marostegui
Resolvedaborrero
ResolvedAndrew
DuplicateNone
ResolvedAndrew
ResolvedAndrew
Invalid JHedden

Event Timeline

aborrero triaged this task as Medium priority.Nov 29 2018, 10:54 AM
aborrero moved this task from Inbox to Soon! on the cloud-services-team (Kanban) board.

Migrating to 4 requires designate support for pdns4, which is not present in Mitaka. So this needs to be delayed until at least one OpenStack version upgrade.

Now that we're running designate/newton this is unblocked. Switching will probably involve downtime, though, since we need to swap in a different pdns version at the same time as a different designate backend.

Designate docs are here: https://docs.openstack.org/designate/latest/admin/backends/pdns4.html

Even though the Designate docs say that pdns4 involves a schema change from 3, the pdns4 upgrade docs say "No changes have been made to the database schema.". So upgrading pdns may be simple. https://doc.powerdns.com/authoritative/upgrading.html

Change 551227 had a related patch set uploaded (by Andrew Bogott; owner: Andrew Bogott):
[operations/puppet@production] pdns: support api server for pdns4

https://gerrit.wikimedia.org/r/551227

Change 551227 merged by Andrew Bogott:
[operations/puppet@production] pdns: support api server for pdns4

https://gerrit.wikimedia.org/r/551227

Change 551298 had a related patch set uploaded (by Andrew Bogott; owner: Andrew Bogott):
[operations/puppet@production] Typo fix, followup to rOPUPd119b955d908

https://gerrit.wikimedia.org/r/551298

Change 551298 merged by Andrew Bogott:
[operations/puppet@production] Typo fix, followup to rOPUPd119b955d908

https://gerrit.wikimedia.org/r/551298

Change 551320 had a related patch set uploaded (by Andrew Bogott; owner: Andrew Bogott):
[operations/puppet@production] pdns/cloudservices: add all_from list to dns api

https://gerrit.wikimedia.org/r/551320

Change 551320 merged by Andrew Bogott:
[operations/puppet@production] pdns/cloudservices: add all_from list to dns api

https://gerrit.wikimedia.org/r/551320

Change 551942 had a related patch set uploaded (by Andrew Bogott; owner: Andrew Bogott):
[operations/puppet@production] cloudservices: move from pdns3 to pdns4

https://gerrit.wikimedia.org/r/551942

Steps per host:

  • update schema (can be done at anytime since the table isn't used by pdns3)
CREATE TABLE comments (
    ->   id                    INT AUTO_INCREMENT,
    ->   domain_id             INT NOT NULL,
    ->   name                  VARCHAR(255) NOT NULL,
    ->   type                  VARCHAR(10) NOT NULL,
    ->   modified_at           INT NOT NULL,
    ->   account               VARCHAR(40) NOT NULL,
    ->   comment               VARCHAR(64000) NOT NULL,
    ->   PRIMARY KEY (id)
    -> ) Engine=InnoDB;
  • enable puppet, apply
  • remove /etc/apt/preferences.d/pdns3hack.pref and /etc/apt/sources.list.d/jessie_pdns3hack.list
  • pool show_config > poolconfig.yaml
  • edit poolconfig.yaml to use pdns4:
**     options:
        host: <whatever>
        port: 53
        api_endpoint: http://<whatever>:8081
        api_token: changeme
  • stop designate services
  • update pdns package
  • designate-manage pool update --file ./poolconfig.yaml
  • start designate services

Mentioned in SAL (#wikimedia-operations) [2019-11-20T16:58:22Z] <andrewbogott> disabling puppet on cloudvirt1003 and 1004 for T210715

Change 551942 merged by Andrew Bogott:
[operations/puppet@production] cloudservices: move from pdns3 to pdns4

https://gerrit.wikimedia.org/r/551942

Mentioned in SAL (#wikimedia-operations) [2019-11-20T17:03:25Z] <andrewbogott> upgrading pdns to version 4 on cloudvirt1004 T210715

Change 552093 had a related patch set uploaded (by Andrew Bogott; owner: Andrew Bogott):
[operations/puppet@production] pdns: Fix typo re: pdns_api_key

https://gerrit.wikimedia.org/r/552093

Change 552093 merged by Andrew Bogott:
[operations/puppet@production] pdns: Fix typo re: pdns_api_key

https://gerrit.wikimedia.org/r/552093

Change 552109 had a related patch set uploaded (by Andrew Bogott; owner: Andrew Bogott):
[operations/puppet@production] pdns monitoring: try to resolve target_fqdn rather than target_host

https://gerrit.wikimedia.org/r/552109

Change 552109 merged by Andrew Bogott:
[operations/puppet@production] pdns monitoring: try to resolve target_fqdn rather than target_host

https://gerrit.wikimedia.org/r/552109