infra-ansible config-dns-server: Add support for multiple masters servers with unique keys

config-dns-server: Add support for multiple masters servers with unique keys

Open oybed opened this issue 6 years ago • 0 comments

The config-dns-server role should support running an inventory with multiple master type servers, belonging to separate groups, and hence have unique nsupdate keys. Currently this isn't possible and requires multiple ansible runs with the -l filter to make it work. An example inventory to demonstrate this short-comings is:

inventory/hosts:

[dns-servers:children]
dns-server
forward-server

[dns-server]
192.168.10.15 ansible_user=centos ansible_become=True dns_server_type=master

[forward-server]
192.168.10.17 ansible_user=centos ansible_become=True dns_server_type=master

inventory/group_vars/dns-server:

named_config_recursion: 'no'
named_config_dnssec_enable: 'yes'
named_config_dnssec_validation: 'yes'
named_config_dnssec_lookaside: 'no'
named_config_views:
- name: private
  recursion: 'yes'
  acl_entry: 
  - 192.168.10.0/24
  zone:
  - dns_domain: first.example.com
  - dns_domain: forward.example.com
    type: forward
    forwarders:
    - 192.168.10.17

inventory/group_vars/forward-server:

named_config_recursion: 'yes'
named_config_dnssec_enable: 'yes'
named_config_dnssec_validation: 'yes'
named_config_dnssec_lookaside: 'no'
named_config_views:
- name: my_forward_zone
  recursion: 'yes'
  zone:
  - dns_domain: forward.example.com

Jan 02 '18 19:01 oybed

infra-ansible infra-ansible copied to clipboard

config-dns-server: Add support for multiple masters servers with unique keys

infra-ansible
infra-ansible copied to clipboard