[Freeipa-devel] Structured DNS record API proposal - summary

Martin Kosek mkosek at redhat.com
Fri Sep 23 06:01:29 UTC 2011 

On Thu, 2011-09-22 at 19:31 -0500, Endi Sukma Dewata wrote:
> On 9/22/2011 7:24 AM, Martin Kosek wrote:
> >> 2) Some DNS records may be pretty large. MX record data is small, but
> >> for example CERT records have an entire certificate stored in it.
> >> Wouldn't there be a problem if we place the large DNS record in URL?
> 
> This is how the DNS record list page could be redesigned:
> http://edewata.fedorapeople.org/images/dns-record-list-page.png
> 
> It should resemble what you see in the zone file. The content can be 
> obtained with a single dnsresource-find operation.
> 
> If you click one of the data, it would open a dialog box for that 
> particular record type. We will use the raw data as a primary key to 
> execute the dnsresource-<rrtype>-show command. Each attribute in this 
> record type will be displayed in separate fields:
> http://edewata.fedorapeople.org/images/dns-record-edit-dialog.png
> 
> When you save it will call dnsresource-<rrtype>-mod and put the values 
> in separate parameters. It will still use the original raw data as 
> primary key, but we don't need to encode the new values into raw data.
> 
> If we use a dialog box like this none of the attributes need to be added 
> into the URL. It will be passed internally via variables. If we use a 
> separate edit page (with a unique URL for each record), we might need to 
> specify the entire raw data in the URL, but maybe we can find a 
> workaround for CERT record. I'd prefer to use a dialog box because it 
> can be used for both add and modify.

I am not an UX designer, but I think this should work. Plus, as you
said, we wouldn't have to deal with large DNS records in URL problem.

> 
> > OPEN QUESTION: should we implement these new commands also for discrete
> > DNS records types to be consistent? I mean for example A, AAAA, CNAME,
> > PTR, ... They would look like
> >
> >> ipa dnsrecord-aaaa-add --ip-address=IPAddress
> >
> > BENEFITS of this approach (command per RR type):
> > - use can get all help for RR type by simply typing "ipa help
> > dnsrecord-mx-add"
> > - we would be able to implement helper methods consistently on one
> > place, for example:
> > dnsrecord-aaaa-add --from-mac=00:1D:BA:06:37:64
> 
> If we have this for all record types the UI can use a generic code to 
> figure out which command to use. Everything will be in this pattern: 
> dnsrecord-<rrtype>-add/mod/del <primary keys> [parameters*]

So far, I didn't plan to implement also -del methods as deleting should
take the raw value as its primary key. dnsrecord-del does that already.
But if we find benefits of -del methods we can implement it.

> 
> > OPEN QUESTION: should we implement also -find methods
> > (dnsrecord-mx-find) so that UI can for example populate text fields for
> > all (MX) records for one DNS name?
> 
> Depending on the UI design, it might not be needed. But it won't hurt to 
> have one in case the UI changes, for example suppose we want to have 
> separate tabs for each record type.

Lets start just with -show commands and implement -find if it is really
needed. I want to keep the number of DNS commands as small as possible.

> 
> > 4) -mod commands shall be implemented for structured RR types:
> > API would be almost the same as with -add commands. User (WebUI) would
> > just have to identify which record should be modified:
> > a) by copy&passing the raw DNS value directly to the command:
> >
> >> dnsrecord-mx-mod example.com @ "1 mx1.example.com." --preference=0
> 
> The Web UI will use the JSON-RPC version of this command. As discussed 
> already, the non-interactive mode for CLI will be useful for writing 
> scripts or other applications that will invoke the CLI/API.
> 
> Being able to specify the attributes in separate parameters means that 
> the client doesn't have to figure out how to encode the attributes into 
> a single raw data. They will be encoded consistently by the server.

Yes, there shouldn't be problems to script it.

> 
> > b) (CLI only) by using an interactive wizard that would let user choose
> > the modified record like this way:
> >
> >> dnsrecord-mx-mod example.com @ --preference=0
> > Which record would you like to change?
> > [1] 1 mx1.example.com.
> > [2] 10 mx2.example.com.
> > DNS record:<user enters the number>
> 
> The interactive mode will be useful for people who have to use 
> text-based terminal.
> 

Yep.

Thanks,
Martin

More information about the Freeipa-devel mailing list