[Freeipa-devel] [PATCH 0064-0065] ipa-dns-install offers IP addresses from resolv.conf as default forwarder
Petr Spacek
pspacek at redhat.com
Wed Nov 11 14:27:38 UTC 2015
On 11.11.2015 09:36, Martin Babinsky wrote:
> On 11/11/2015 09:32 AM, Jan Cholasta wrote:
>> On 11.11.2015 09:27, Martin Babinsky wrote:
>>> On 11/11/2015 08:12 AM, Jan Cholasta wrote:
>>>> On 10.11.2015 16:58, Petr Spacek wrote:
>>>>> Hello,
>>>>>
>>>>> Patch 64:
>>>>> ipa-dns-install offer IP addresses from resolv.conf as default
>>>>> forwarders
>>>>>
>>>>> In non-interactive more option --auto-forwarders can be used to do the
>>>>> same. --forward option can be used to supply additional IP addresses.
>>>>>
>>>>> https://fedorahosted.org/freeipa/ticket/5438
>>>>
>>>> IMO it's perverse to add option which effectively means "use default
>>>> value" instead of actually using the value as default. This is
>>>> inconsistent with every other option and I don't see what makes
>>>> forwarders so special to require this.
>>>>
>>>> NACK unless you have a strong justification for this.
Motivation:
/etc/resolv.conf holds nearest DNS servers. On the other hand, you want to
have backup forwarder which may not be local but could work even if local ones
fail.
Option --default-forwarders reads list of "local" servers from resolv.conf and
--forwarder option allows you to add additional IP addresses to it.
So your Ansible script can contain call like:
ipa-server-install --setup-dns --default-forwarder
--forwarder=<company-wide-fallback>
and you do not need to worry about mapping sites to nearest servers etc.
>>> Is it possible to use default_getter decorator to fetch defaults for the
>>> 'forwarders' knob from the resolver if it is avaliable like so (warning:
>>> untested and possibly wrong)?
>>
>> Yes, this is exactly how it should be used (although the exception
>> handling could be better).
>>
> That was just a quick example off the top of my head without much thought
> going into it.
>
> Anyway, when running in interactive mode the installer can inform the user
> that he found these forwarders as defaults and prompt whether they shoud be used.
After discussion in person we decided to not use default_getter decorator
because that would change current behavior in an unexpected way.
Original option --auto-forwarders was renamed to --default-forwarders because
it sounds nicer :-D
>>>>> Patch 65:
>>>>> Remove global variable dns_forwarders from ipaserver.install.dns
>>>>> It seems to me that the global thingy is not necessary, so I've ripped
>>>>> it out.
>>>>
>>>> ACK.
Rebased version of patch 65 is attached.
--
Petr^2 Spacek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pspacek-0064-2-ipa-dns-install-offer-IP-addresses-from-resolv.conf-.patch
Type: text/x-patch
Size: 7366 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20151111/9126f8aa/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pspacek-0065-2-Remove-global-variable-dns_forwarders-from-ipaserver.patch
Type: text/x-patch
Size: 4789 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20151111/9126f8aa/attachment-0001.bin>
More information about the Freeipa-devel
mailing list