Our designate-sink hooks break a lot. The parts that create dns entries are tested by nova-fullstack, but we should also check that cleanup happens properly:
- Does the dns entry go away after the VM is deleted?
- Does the puppet cert get cleaned up after the VM is deleted?
If we leak and alert on those failures we can at least reduce the swarms of things that we leak whenever designate changes slightly.