[Freeipa-devel] DNS tests [from LinuxAlt 2013]

Wed Nov 20 16:08:02 UTC 2013

Ok, I can't see authors' names in your wiki. I just meant maybe that author
could be a resource inside OpenShift re: DNS testing.

Otherwise, their mailing list is:

http://lists.openshift.redhat.com/openshiftmm/listinfo/dev

And they promote their Google+ community a lot:

https://plus.google.com/communities/114361859072744017486

Also, check out the #1 Top Idea feature request:

https://www.openshift.com/ideas
i.e.,
https://www.openshift.com/content/please-provide-a-dns-server

In my attempts to interact with OpenShift devs, I've mostly jumped into:

http://irc.lc/freenode/openshift-dev

In fact, I just hopped into #openshift-dev on IRC, and I think I have a
good point-of-contact for you guys re: DNS integration and DNS testing:

[09:51] <derekm> hey all... some FreeIPA devs are wondering: Who would be a
good dev contact inside OpenShift re: DNS server and/or automated
bind-dyndb-ldap testing?
[09:51] <markllama> err.  I'm afraid that might be me.  What's the question?
[09:51] <derekm> markllama: they just want to have a point of contact for
cross-project coordination and integration
[09:52] <markllama> the automated testing might get referred to QE.
[09:53] <derekm> FreeIPA is starting work on a DNS test suite in
conjunction with Knot DNS folks
[09:54] <derekm> I suggested they try to coordinate with you guys, too,
since you use an internal bind with dynamic domains
[09:54] * markllama will have to learn Knot.
[09:54] * markllama was just thinking about who to coordinate with to add
an OpenShift plugin to update DNS via the LDAP db in FreeIPA rather than
RFC2136
[09:55] <derekm> if you don't mind, I'll pass on your name to the
freeipa-dev list as a potential point of contact
[09:55] <markllama> yep, I can at least field the questions and find the
contacts either in OpenShift or in the IPA group here.

I don't see Mark Llama on the mailing list, so you might have to go to IRC
to catch him.

On Wed, Nov 20, 2013 at 8:26 AM, Dmitri Pal <dpal at redhat.com> wrote:

>  On 11/20/2013 09:15 AM, Derek Moore wrote:
>
> Perhaps whoever wrote these: ?
>
>
> http://www.freeipa.org/page/OpenShift_Broker_and_IPA_DNS_Server_with_Dynamic_Updates_with_GSS-TSIG
>
>
> http://www.freeipa.org/page/OpenShift_Broker_Apache_%2B_mod_auth_kerb_for_IdM
>
> I've tried to hit up openshift devs on IRC, but like oVirt they are very
> US business hours oriented, which is when I'm usually working and not
> tinkering on the fun stuff.
>
>
> This was written by a person who is no longer working on the project.
> However I am not quite sure I understand what you are looking for?
>
> At some point, several month ago we did integration with OpenShift making
> Kerberos work, integrating DNS and other things.
> The pages you mention are the ground work. It was sort of testing
> integration waters. Things might be a bit broken now as OpenShift is moving
> fast. We have plans to get back and correct things however first of all
> would be important to understand your interest and use case.
>
>
> On Wednesday, November 20, 2013, Petr Spacek wrote:
>
>> On 15.11.2013 18:30, Derek Moore wrote:
>>
>>> Is there an opportunity to also bring in OpenShift Origin, in particular
>>> Broker, which also uses its own BIND with dyndb and/or nsupdate?
>>>
>>> Maybe they don't care as much since they use a limited subset of BIND
>>> only
>>> for namespace and app subdomains.
>>>
>>
>> Generally, I don't see a reason why not. Do you have any pointer to the
>> right mailing list or particular person? It would help me a lot because I
>> know next to nothing about OpenShift.
>>
>> Thank you!
>>
>> Petr^2 Spacek
>>
>>
>>> Knot DNS looks cool, hadn't heard of these guys yet.
>>>
>>>
>>> On Fri, Nov 15, 2013 at 9:48 AM, Petr Spacek <pspacek at redhat.com> wrote:
>>>
>>>  Hello list,
>>>>
>>>> as you may know, we don't have any tests for bind-dyndb-ldap/DNS in
>>>> FreeIPA. It seems that we have a chance to change that now.
>>>>
>>>> The LinuxAlt conference 2013 brought the information that Knot DNS [1]
>>>> developers plan to write a new test suite for their server, but as
>>>> usual,
>>>> resources are limited and nobody really want to spent time on tests :-)
>>>>
>>>> This resulted in the idea of test-sharing between Knot DNS and
>>>> bind-dyndb-ldap/FreeIPA. I think that this would be beneficial for both
>>>> sides.
>>>>
>>>> We can mutually re-use tests from the other project, so overall cost of
>>>> test-development will be lower for both sides.
>>>>
>>>> The only technical obstacle is that we need to design/to bend testing
>>>> framework from Knot DNS, so it will be able to run the same set of tests
>>>> against BIND with bind-dyndb-ldap.
>>>>
>>>> It seems feasible after a quick look. We just need to allocate some time
>>>> for initial discussion/framework design/bending and then we can add
>>>> tests
>>>> incrementally, as our schedule allows.
>>>>
>>>> Current 'test suite' is a part of Knot DNS git repo, and I think that it
>>>> can stay in this way. The idea is to:
>>>> - clone the repo
>>>> - set few environment variables (to direct tests to local BIND)
>>>> - run the tests
>>>>
>>>> That is it :-)
>>>>
>>>> It would be great if we could spend some time on this now. We need to
>>>> discuss it and prepare the testing framework.
>>>>
>>>> We risk that Knot DNS guys will go ahead and design the framework in a
>>>> way
>>>> which will not fit to our needs if we will wait too long.
>>>>
>>>> [1] http://www.knot-dns.cz/
>>>> [2] https://gitlab.labs.nic.cz/labs/knot/tree/master/tests-
>>>> extra/functional
>>>>
>>>> The bonus part: A wiki page about current functional tests for Knot DNS:
>>>> https://gitlab.labs.nic.cz/labs/knot/wikis/functional-testing
>>>>
>>>
>
> _______________________________________________
> Freeipa-devel mailing listFreeipa-devel at redhat.comhttps://www.redhat.com/mailman/listinfo/freeipa-devel
>
>
>
> --
> Thank you,
> Dmitri Pal
>
> Sr. Engineering Manager for IdM portfolio
> Red Hat Inc.
>
>
> -------------------------------
> Looking to carve out IT costs?www.redhat.com/carveoutcosts/
>
>
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131120/b6c48e64/attachment.htm>