def test_calls_bind_reload_count_times(self): self.patch_autospec(actions, "sleep") # Disable. bind_reload = self.patch_autospec(actions, "bind_reload") bind_reload.return_value = False attempts = randint(3, 13) actions.bind_reload_with_retries(attempts=attempts) expected_calls = [call(timeout=2)] * attempts self.assertThat(actions.bind_reload, MockCallsMatch(*expected_calls))
def test__sleeps_interval_seconds_between_attempts(self): self.patch_autospec(actions, "sleep") # Disable. bind_reload = self.patch_autospec(actions, "bind_reload") bind_reload.return_value = False attempts = randint(3, 13) actions.bind_reload_with_retries(attempts=attempts, interval=sentinel.interval) expected_sleep_calls = [call(sentinel.interval)] * (attempts - 1) self.assertThat(actions.sleep, MockCallsMatch(*expected_sleep_calls))
def test_returns_on_success(self): self.patch_autospec(actions, "sleep") # Disable. bind_reload = self.patch(actions, "bind_reload") bind_reload_return_values = [False, False, True] bind_reload.side_effect = lambda *args, **kwargs: ( bind_reload_return_values.pop(0)) actions.bind_reload_with_retries(attempts=5) expected_calls = [call(timeout=2), call(timeout=2), call(timeout=2)] self.assertThat(actions.bind_reload, MockCallsMatch(*expected_calls))
def dns_update_all_zones(reload_retry=False): """Update all zone files for all domains. Serving these zone files means updating BIND's configuration to include them, then asking it to load the new configuration. :param reload_retry: Should the DNS server reload be retried in case of failure? Defaults to `False`. :type reload_retry: bool """ if not is_dns_enabled(): return domains = Domain.objects.filter(authoritative=True) subnets = Subnet.objects.exclude(rdns_mode=RDNS_MODE.DISABLED) default_ttl = Config.objects.get_config('default_dns_ttl') serial = current_zone_serial() zones = ZoneGenerator(domains, subnets, default_ttl, serial, internal_domains=[get_internal_domain()]).as_list() bind_write_zones(zones) # We should not be calling bind_write_options() here; call-sites should be # making a separate call. It's a historical legacy, where many sites now # expect this side-effect from calling dns_update_all_zones_now(), and # some that call it for this side-effect alone. At present all it does is # set the upstream DNS servers, nothing to do with serving zones at all! bind_write_options(upstream_dns=get_upstream_dns(), dnssec_validation=get_dnssec_validation()) # Nor should we be rewriting ACLs that are related only to allowing # recursive queries to the upstream DNS servers. Again, this is legacy, # where the "trusted" ACL ended up in the same configuration file as the # zone stanzas, and so both need to be rewritten at the same time. bind_write_configuration(zones, trusted_networks=get_trusted_networks()) # Reloading with retries may be a legacy from Celery days, or it may be # necessary to recover from races during start-up. We're not sure if it is # actually needed but it seems safer to maintain this behaviour until we # have a better understanding. if reload_retry: bind_reload_with_retries() else: bind_reload() # Return the current serial and list of domain names. return serial, [domain.name for domain in domains]
def _configure(self, upstream_dns, trusted_networks): """Update the DNS configuration for the rack. Possible node was converted from a region to a rack-only, so we always ensure that all zones are removed. """ # We allow the region controller to do the dnssec validation, if # enabled. On the rack controller we just let it pass through. bind_write_options( upstream_dns=list(sorted(upstream_dns)), dnssec_validation='no') # No zones on the rack controller. bind_write_configuration([], list(sorted(trusted_networks))) # Reloading with retries to ensure that it actually works. bind_reload_with_retries()
def _bindReload(self): """Reload bind for the rack controller.""" # Reloading with retries to ensure that it actually works. bind_reload_with_retries()