def test_executes_rndc_command(self):
self.patch_autospec(actions, "execute_rndc_command")
actions.bind_reload()
self.assertThat(
actions.execute_rndc_command,
MockCalledOnceWith(("reload",), timeout=2),
)
def dns_update_all_zones(reload_retry=False):
"""Update all zone files for all domains.
Serving these zone files means updating BIND's configuration to include
them, then asking it to load the new configuration.
:param reload_retry: Should the DNS server reload be retried in case
of failure? Defaults to `False`.
:type reload_retry: bool
"""
if not is_dns_enabled():
return
domains = Domain.objects.filter(authoritative=True)
subnets = Subnet.objects.exclude(rdns_mode=RDNS_MODE.DISABLED)
default_ttl = Config.objects.get_config('default_dns_ttl')
serial = current_zone_serial()
zones = ZoneGenerator(domains,
subnets,
default_ttl,
serial,
internal_domains=[get_internal_domain()]).as_list()
bind_write_zones(zones)
# We should not be calling bind_write_options() here; call-sites should be
# making a separate call. It's a historical legacy, where many sites now
# expect this side-effect from calling dns_update_all_zones_now(), and
# some that call it for this side-effect alone. At present all it does is
# set the upstream DNS servers, nothing to do with serving zones at all!
bind_write_options(upstream_dns=get_upstream_dns(),
dnssec_validation=get_dnssec_validation())
# Nor should we be rewriting ACLs that are related only to allowing
# recursive queries to the upstream DNS servers. Again, this is legacy,
# where the "trusted" ACL ended up in the same configuration file as the
# zone stanzas, and so both need to be rewritten at the same time.
bind_write_configuration(zones, trusted_networks=get_trusted_networks())
# Reloading with retries may be a legacy from Celery days, or it may be
# necessary to recover from races during start-up. We're not sure if it is
# actually needed but it seems safer to maintain this behaviour until we
# have a better understanding.
if reload_retry:
bind_reload_with_retries()
else:
bind_reload()
# Return the current serial and list of domain names.
return serial, [domain.name for domain in domains]
def test__logs_subprocess_error(self):
erc = self.patch_autospec(actions, "execute_rndc_command")
erc.side_effect = factory.make_CalledProcessError()
with FakeLogger("maas") as logger:
self.assertFalse(actions.bind_reload())
self.assertDocTestMatches(
"Reloading BIND failed (is it running?): "
"Command ... returned non-zero exit status ...", logger.output)
def test_false_on_subprocess_error(self):
erc = self.patch_autospec(actions, "execute_rndc_command")
erc.side_effect = factory.make_CalledProcessError()
self.assertFalse(actions.bind_reload())
