Page MenuHomePhabricator

openstack designate: introduce some as-code mechanism to instrument DNS data
Open, Needs TriagePublic

Description

There are a number of openstack Designate DNS information that can be instrumented via some kind of as-code mechanism (ansible, terraform, puppet):

  • basic zone creation, information (like SOA, NS) and delegations per deployment
  • well known and stable records

Example use case: as part of T307357: Move cloud vps ns-recursor IPs to host/row-independent addressing we have renamed the DNS auth servers. That means that we need to update each and every zone manually (via openstack CLI or Horizon) to match the new FQDN of the new auth server, or do some ugly raw database modifications. With some as-code mechanism, we would just run it again after a patch.

See also: https://wikitech.wikimedia.org/wiki/Portal:Cloud_VPS/Admin/DNS