refactor dns

2016-02-02 22:15:17 +00:00 · 2016-02-02 22:15:17 +00:00 · cdf198f61e
commit cdf198f61e
parent 3ab9757992
10 changed files with 74 additions and 47 deletions
--- a/hooks/evenet-routes
+++ b/hooks/evenet-routes
@ -1,5 +0,0 @@
-#!/bin/bash
-
-/usr/bin/ip route add 172.16.0.0/12 via 172.16.75.1 proto static metric 100
-/usr/bin/ip route add 10.0.0.0/8 via 172.16.75.1 proto static metric 100
-exit 0
--- a/hooks/lib/lxc/container.rb
+++ b/hooks/lib/lxc/container.rb
@ -11,11 +11,11 @@ module Lxc
      @data["network"][name] = {}

      zone = @data["zone"] || {}
-      @ipv4_subnet = NetAddr::CIDR.create(zone["v4_subnet"] || "192.168.10.0/24")
-      @ipv6_subnet = NetAddr::CIDR.create(zone["v6_subnet"] || "fd7d:aed0:18aa::/48")
-      @ula_subnet  = NetAddr::CIDR.create(zone["ula_subnet"] || "fdc5:bdb8:b81::/48")
+      @ipv4_subnet = NetAddr::CIDR.create(zone["ipv4-subnet"] || "192.168.10.0/24")
+      @ipv6_subnet = NetAddr::CIDR.create(zone["ipv6-subnet"] || "fd7d:aed0:18aa::/48")
+      @ula_subnet  = NetAddr::CIDR.create(zone["ula-subnet"] || "fdc5:bdb8:b81::/48")

-      @container_root = Pathname.new(zone["lxc_root"]).join(name)
+      @container_root = Pathname.new(zone["lxc-root"]).join(name)

      network = data["network"]
      @name = name
--- a/hooks/lib/lxc/rdns.rb
+++ b/hooks/lib/lxc/rdns.rb
@ -21,7 +21,6 @@ module Lxc
        host_part = arpa[0, arpa.size - @subnet.arpa.size - 1]
        # only allowed characters in FQDN
        name = name.gsub(/[^a-zA-Z0-9\-]/, "-")
-        # <%= addr %> PTR <%= fqdn(name) %>.<%= data["zone"]["domain"] %>.
        yield name, host_part
      end
    end
@ -32,7 +31,7 @@ module Lxc

    def write_zone_file(path)
      zone_template = Template.new(CONFIG_ROOT.join("hooks/templates/rdns-zone.erb"))
-      domain = data["zone"]["#{@addr_field}-domain"]
+      domain = data["zone"]["dn42-domain"]
      zone_template.write(path.join("zones", name),
                          zone: self,
                          data: data,
--- a/hooks/templates/config.erb
+++ b/hooks/templates/config.erb
@ -8,4 +8,4 @@ lxc.mount = <%= fstab %>
 lxc.network.ipv4 = <%= ipv4 %>
 lxc.network.ipv6 = <%= ipv6 %>
 lxc.network.ipv6 = <%= ula %>
-lxc.network.veth.pair = lxc_<%= name[0..(16-4)] %>
+lxc.network.veth.pair = <%= "lxc_#{name}"[0..14] %>
--- a/hooks/templates/dn42-zone.erb
+++ b/hooks/templates/dn42-zone.erb
@ -13,11 +13,12 @@ $TTL <%= data["zone"]["ttl"] %>
 <% end -%>

 <% if data["zone"]["a"] -%>
-  A <%= data["zone"]["a"] %>
+  A <%= data["zone"]["dn42-a"] %>
 <% end -%>
 <% if data["zone"]["aaaa"] -%>
-  AAAA <%= data["zone"]["aaaa"]%>
+  AAAA <%= data["zone"]["dn42-aaaa"]%>
 <% end -%>
+
 <% data["network"].each do |name, value| %>
 <% if value["cname"] -%>
 <%= fqdn(name) %> CNAME <%= value["cname"] %>
@ -29,12 +30,11 @@ $TTL <%= data["zone"]["ttl"] %>
 <%= fqdn(name) %> A <%= NetAddr::CIDR.create(value["ipv4"]).ip(Short: true) %>
 ipv4.<%= fqdn(name) %> A <%= NetAddr::CIDR.create(value["ipv4"]).ip(Short: true) %>
 <% end -%>
-<% if value["ipv6"] -%>
-<%= fqdn(name) %> AAAA <%= NetAddr::CIDR.create(value["ipv6"]).ip(Short: true) %>
-ipv6.<%= fqdn(name) %> AAAA <%= NetAddr::CIDR.create(value["ipv6"]).ip(Short: true) %>
-<% end -%>
 <% if value["ula"] -%>
 <%= fqdn(name) %> AAAA <%= NetAddr::CIDR.create(value["ula"]).ip(Short: true) %>
 ula.<%= fqdn(name) %> AAAA <%= NetAddr::CIDR.create(value["ula"]).ip(Short: true) %>
 <% end -%>
+<% if value["ipv6"] -%>
+ipv6.<%= fqdn(name) %> AAAA <%= NetAddr::CIDR.create(value["ipv6"]).ip(Short: true) %>
+<% end -%>
 <% end -%>
--- a/hooks/templates/ipv6-zone.erb
+++ b/hooks/templates/ipv6-zone.erb
@ -0,0 +1,32 @@
+<% if data["zone"]["ttl"] -%>
+$TTL <%= data["zone"]["ttl"] %>
+<% end -%>
+
+@ IN SOA <%= data["zone"]["soa"] %> <%= data["zone"]["hostmaster"] %> (
+                    <%= data["zone"]["serial"] %> ; serial
+                    <%= data["zone"]["refresh"] %> ; refresh
+                    <%= data["zone"]["retry"] %> ; retry
+                    <%= data["zone"]["expire"] %> ; expire
+                    <%= data["zone"]["minimum"] %>) ; minimum
+<% data["zone"]["ns"].each do |name, value| -%>
+  NS <%= name %>.
+<% end -%>
+
+<% if data["zone"]["a"] -%>
+  A <%= data["zone"]["a"] %>
+<% end -%>
+<% if data["zone"]["aaaa"] -%>
+  AAAA <%= data["zone"]["aaaa"]%>
+<% end -%>
+
+<% data["network"].each do |name, value| %>
+<% if value["cname"] -%>
+<%= fqdn(name) %> CNAME <%= value["cname"] %>
+<% end -%>
+<% if value["srv"] -%>
+<%= fqdn(name) %> SRV <%= value["srv"] %>
+<% end -%>
+<% if value["ipv6"] -%>
+<%= fqdn(name) %> AAAA <%= NetAddr::CIDR.create(value["ipv6"]).ip(Short: true) %>
+<% end -%>
+<% end -%>
--- a/hooks/update-hetzner-rdns
+++ b/hooks/update-hetzner-rdns
@ -39,7 +39,7 @@ end
 registry = Lxc::Registry.new
 registry.data["zone"] ||= {}
 domain = registry.data["zone"]["ipv6-domain"] || "lxc"
-subnet = registry.data["zone"]["v6_subnet"]
+subnet = registry.data["zone"]["ipv6-subnet"]
 if subnet
  subnet_cidr = NetAddr::CIDR.create(subnet)
  credentials = File.read(Lxc::CONFIG_ROOT.join("hetzner.key"))
@ -47,5 +47,5 @@ if subnet
  network = registry.data["network"] || {}
  update_hetzner_rdns6(user, password, domain, subnet_cidr, network)
 else
-  puts "no v6_subnet specified in container.json. skip rdns records"
+  puts "no ipv6-subnet specified in container.json. skip rdns records"
 end
--- a/hooks/update-lxc-configs
+++ b/hooks/update-lxc-configs
@ -4,7 +4,7 @@ require_relative "lib/lxc"


 registry = Lxc::Registry.new
-container_root = Pathname.new(registry.data["zone"]["lxc_root"])
+container_root = Pathname.new(registry.data["zone"]["lxc-root"])
 network = registry.data["network"] || {}
 network.each do |name, container|
  next if container["lxc"] == false
--- a/hooks/update-mounts
+++ b/hooks/update-mounts
@ -5,8 +5,10 @@ require_relative "lib/lxc"

 LXC_ROOT = Pathname.new("/data/containers")
 FSTAB_D = Pathname.new("/etc/fstab.d")
+SYS_MOUNT = 165
+MS_BIND = 4096

-def fstab_entries(src_path, dest_path, mounts)
+def mount(src_path, dest_path, mounts)
  unless src_path.exist?
    abort "container directory for shared mount does not exists #{dest_path}"
  end
@ -17,14 +19,14 @@ def fstab_entries(src_path, dest_path, mounts)
    src = src.gsub(/^\//, "")

    src_mount = dest_path.join(src)
-    puts ("mkdir -p #{src_mount}")
    if dest == true
      dest_mount = src_path.join(src)
    else
      dest_mount = src_path.join(dest.gsub(/^\//, ""))
    end
+    puts ("mkdir -p #{dest_mount}")
    FileUtils.mkdir_p(dest_mount)
-    "#{src_mount} #{dest_mount} none bind,nofail,x-systemd.device-timeout=1 0 0"
+    syscall(SYS_MOUNT, src_mount.to_s, dest_mount.to_s, "none", MS_BIND, 0)
  end

  entries
@ -38,21 +40,10 @@ def main
    containers = container["mounts"]
    next if containers.nil?

-    fstab = []
    containers.each do |dest_container, mounts|
      dest_path = LXC_ROOT.join(dest_container, "rootfs")
-      fstab << fstab_entries(src_path, dest_path, mounts)
+      mount(src_path, dest_path, mounts)
    end
-    content = fstab.join("\n")
-    path = FSTAB_D.join("50_lxc_#{name}")
-
-    f = File.open(path, "w+")
-    f.write content
-    f.write "\n"
-    f.close
-
-    Lxc::Utils.sh("update-conf.d", "fstab")
-    Lxc::Utils.sh("mount", "-a")
  end
 end

--- a/hooks/update-zone
+++ b/hooks/update-zone
@ -5,6 +5,16 @@ require_relative "lib/lxc"

 DNS_CONTAINER = "dns"

+def dns_zone(registry, template, zone_name)
+  root_path = Pathname.new(File.expand_path("../..", __FILE__))
+  zone_template = Lxc::Template.new(root_path.join("hooks/templates/#{template}.erb"))
+  zone = registry.data["zone"] || {}
+  zone_template.write(root_path.join("zones",
+                                     "#{zone_name}.zone"),
+                                     data: registry.data,
+                                     zone: zone)
+end
+
 def main
  registry = Lxc::Registry.new
  registry.data["zone"] ||= {}
@ -13,23 +23,23 @@ def main

  root_path = Lxc::CONFIG_ROOT

-  if subnet = registry.data["zone"]["ula_subnet"]
-    Lxc::RdnsZone.new(registry.data, "ula", subnet).write_zone_file(root_path)
+  if subnet = registry.data["zone"]["ula-subnet"]
+    zone = Lxc::RdnsZone.new(registry.data, "ula", subnet)
+    zone.write_zone_file(root_path)
  end

-  if subnet = registry.data["zone"]["v4_subnet"]
-    Lxc::RdnsZone.new(registry.data, "ipv4", subnet).write_zone_file(root_path)
+  if subnet = registry.data["zone"]["ipv4-subnet"]
+    zone = Lxc::RdnsZone.new(registry.data, "ipv4", subnet)
+    zone.write_zone_file(root_path)
  end

-  if subnet = registry.data["zone"]["v6_subnet"]
-    Lxc::RdnsZone.new(registry.data, "ipv6", subnet).write_zone_file(root_path)
+  if domain = registry.data["zone"]["ipv6-domain"]
+    dns_zone(registry, "ipv6-zone", domain)
  end

-  root_path = Pathname.new(File.expand_path("../..", __FILE__))
-  zone_template = Lxc::Template.new(root_path.join("hooks/templates/lxc-zone.erb"))
-  zone = registry.data["zone"] || {}
-  zone_name = registry.data["zone"]["domain"] || "lxc"
-  zone_template.write(root_path.join("zones", "#{zone_name}.zone"), data: registry.data, zone: zone)
+  if domain = registry.data["zone"]["dn42-domain"]
+    dns_zone(registry, "dn42-zone", domain)
+  end

  Lxc::Utils.sh("lxc-attach", "-n", DNS_CONTAINER, "--", "rndc", "reload")
 end