[Freeipa-devel] [PATCH 0064-0065] ipa-dns-install offers IP addresses from resolv.conf as default forwarder
Jan Cholasta
jcholast at redhat.com
Tue Dec 1 09:19:51 UTC 2015
On 1.12.2015 09:33, Petr Spacek wrote:
> On 26.11.2015 09:01, Jan Cholasta wrote:
>> On 11.11.2015 15:27, Petr Spacek wrote:
>>> On 11.11.2015 09:36, Martin Babinsky wrote:
>>>> On 11/11/2015 09:32 AM, Jan Cholasta wrote:
>>>>> On 11.11.2015 09:27, Martin Babinsky wrote:
>>>>>> On 11/11/2015 08:12 AM, Jan Cholasta wrote:
>>>>>>> On 10.11.2015 16:58, Petr Spacek wrote:
>>>>>>>> Hello,
>>>>>>>>
>>>>>>>> Patch 64:
>>>>>>>> ipa-dns-install offer IP addresses from resolv.conf as default
>>>>>>>> forwarders
>>>>>>>>
>>>>>>>> In non-interactive more option --auto-forwarders can be used to do the
>>>>>>>> same. --forward option can be used to supply additional IP addresses.
>>>>>>>>
>>>>>>>> https://fedorahosted.org/freeipa/ticket/5438
>>>>>>>
>>>>>>> IMO it's perverse to add option which effectively means "use default
>>>>>>> value" instead of actually using the value as default. This is
>>>>>>> inconsistent with every other option and I don't see what makes
>>>>>>> forwarders so special to require this.
>>>>>>>
>>>>>>> NACK unless you have a strong justification for this.
>>>
>>> Motivation:
>>> /etc/resolv.conf holds nearest DNS servers. On the other hand, you want to
>>> have backup forwarder which may not be local but could work even if local ones
>>> fail.
>>>
>>> Option --default-forwarders reads list of "local" servers from resolv.conf and
>>> --forwarder option allows you to add additional IP addresses to it.
>>>
>>> So your Ansible script can contain call like:
>>> ipa-server-install --setup-dns --default-forwarder
>>> --forwarder=<company-wide-fallback>
>>> and you do not need to worry about mapping sites to nearest servers etc.
>>>
>>>>>> Is it possible to use default_getter decorator to fetch defaults for the
>>>>>> 'forwarders' knob from the resolver if it is avaliable like so (warning:
>>>>>> untested and possibly wrong)?
>>>>>
>>>>> Yes, this is exactly how it should be used (although the exception
>>>>> handling could be better).
>>>>>
>>>> That was just a quick example off the top of my head without much thought
>>>> going into it.
>>>>
>>>> Anyway, when running in interactive mode the installer can inform the user
>>>> that he found these forwarders as defaults and prompt whether they shoud be
>>>> used.
>>>
>>> After discussion in person we decided to not use default_getter decorator
>>> because that would change current behavior in an unexpected way.
>>>
>>> Original option --auto-forwarders was renamed to --default-forwarders because
>>> it sounds nicer :-D
>>
>> Turns out I misunderstood the intent here and after another discussion in
>> person we decided to go with the --auto-forwarders option.
>>
>> ACK on the original patch.
>>
>> Petr, could you please rebase patch 65 on top of current master?
>
> Sure. I'm sorry for the delay!
Thank you, ACK.
Pushed to master: 8f5f0d6edd25d2ca747c0477366fb392a26390f2
--
Jan Cholasta
More information about the Freeipa-devel
mailing list