Which DNS record types are available

author: Håkon Hallingstad <hakon@yahooinc.com> 2023-06-19 15:47:28 +0200
committer: Håkon Hallingstad <hakon@yahooinc.com> 2023-06-19 15:47:28 +0200
commit: ebb8e318bbaafb85472d29765fae9772c97aadd4 (patch)
tree: aa5701ace39742adfab18f210c64b33f81fd8d07
parent: 316d672042b9159cf3f19fefcbcb81472d9b1bda (diff)
4 files changed, 39 insertions, 23 deletions
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/maintenance/HostResumeProvisioner.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/maintenance/HostResumeProvisioner.java
index aa014de58b1..26b83b37b9c 100644
--- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/maintenance/HostResumeProvisioner.java
+++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/maintenance/HostResumeProvisioner.java
@@ -1,7 +1,6 @@
 // Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
 package com.yahoo.vespa.hosted.provision.maintenance;
 
-import com.yahoo.config.provision.CloudName;
 import com.yahoo.config.provision.NodeType;
 import com.yahoo.jdisc.Metric;
 import com.yahoo.vespa.hosted.provision.Node;
@@ -78,24 +77,9 @@ public class HostResumeProvisioner extends NodeRepositoryMaintainer {
 
     /** Verify DNS configuration of given node */
     private void verifyDns(Node node, IP.Config ipConfig) {
-        boolean exclave = node.cloudAccount().isEnclave(nodeRepository().zone());
-        boolean gcp = nodeRepository().zone().cloud().name().equals(CloudName.GCP);
         for (String ipAddress : ipConfig.primary()) {
-            IP.verifyDns(node.hostname(), ipAddress, nodeRepository().nameResolver(),
-                         hasForwardRecord(exclave, gcp, ipAddress),
-                         hasReverseRecord(exclave, gcp, ipAddress));
+            IP.verifyDns(node.hostname(), ipAddress, node.type(), nodeRepository().nameResolver(), node.cloudAccount(), nodeRepository().zone());
         }
     }
 
-    public static boolean hasForwardRecord(boolean exclave, boolean gcp, String address) {
-        if (exclave && gcp && IP.isV4(address)) return false;
-        return true;
-    }
-
-    public static boolean hasReverseRecord(boolean exclave, boolean gcp, String address) {
-        if (exclave) return false;
-        if (gcp && IP.isV6(address)) return false;
-        return true;
-    }
-
 }
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/IP.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/IP.java
index 3f236b9d8a5..ecc73456490 100644
--- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/IP.java
+++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/node/IP.java
@@ -3,7 +3,11 @@ package com.yahoo.vespa.hosted.provision.node;
 
 import com.google.common.net.InetAddresses;
 import com.google.common.primitives.UnsignedBytes;
+import com.yahoo.config.provision.CloudAccount;
+import com.yahoo.config.provision.CloudName;
 import com.yahoo.config.provision.HostName;
+import com.yahoo.config.provision.NodeType;
+import com.yahoo.config.provision.Zone;
 import com.yahoo.vespa.hosted.provision.LockedNodeList;
 import com.yahoo.vespa.hosted.provision.Node;
 import com.yahoo.vespa.hosted.provision.NodeList;
@@ -13,6 +17,7 @@ import com.yahoo.vespa.hosted.provision.persistence.NameResolver.RecordType;
 import java.net.InetAddress;
 import java.util.Collections;
 import java.util.Comparator;
+import java.util.EnumSet;
 import java.util.HashSet;
 import java.util.LinkedHashSet;
 import java.util.List;
@@ -394,9 +399,35 @@ public record IP() {
         }
     }
 
+    public enum DnsRecordType { FORWARD, PUBLIC_FORWARD, REVERSE }
+
+    public static Set<DnsRecordType> dnsRecordTypesFor(String hostAddress, NodeType hostType, CloudName cloudName, boolean exclave) {
+        if (cloudName == CloudName.AWS)
+            return exclave ?
+                   EnumSet.of(DnsRecordType.FORWARD, DnsRecordType.PUBLIC_FORWARD) :
+                   EnumSet.of(DnsRecordType.FORWARD, DnsRecordType.PUBLIC_FORWARD, DnsRecordType.REVERSE);
+
+        if (cloudName == CloudName.GCP) {
+            if (exclave) {
+                return isV6(hostAddress) ?
+                       EnumSet.of(DnsRecordType.FORWARD, DnsRecordType.PUBLIC_FORWARD) :
+                       EnumSet.noneOf(DnsRecordType.class);
+            } else {
+                return hostType == confighost && isV6(hostAddress) ?
+                       EnumSet.of(DnsRecordType.FORWARD, DnsRecordType.REVERSE, DnsRecordType.PUBLIC_FORWARD) :
+                       EnumSet.of(DnsRecordType.FORWARD, DnsRecordType.REVERSE);
+            }
+        }
+
+        throw new IllegalArgumentException("Does not manage DNS for cloud " + cloudName);
+    }
+
     /** Verify DNS configuration of given hostname and IP address */
-    public static void verifyDns(String hostname, String ipAddress, NameResolver resolver, boolean hasForward, boolean hasPtr) {
-        if (hasForward) {
+    public static void verifyDns(String hostname, String ipAddress, NodeType nodeType, NameResolver resolver,
+                                 CloudAccount cloudAccount, Zone zone) {
+        Set<DnsRecordType> recordTypes = dnsRecordTypesFor(ipAddress, nodeType, zone.cloud().name(), cloudAccount.isEnclave(zone));
+
+        if (recordTypes.contains(DnsRecordType.FORWARD)) {
             RecordType recordType = isV6(ipAddress) ? RecordType.AAAA : RecordType.A;
             Set<String> addresses = resolver.resolve(hostname, recordType);
             if (!addresses.equals(Set.of(ipAddress)))
@@ -404,7 +435,7 @@ public record IP() {
                                                    ", but got " + addresses);
         }
 
-        if (hasPtr) {
+        if (recordTypes.contains(DnsRecordType.REVERSE)) {
             Optional<String> reverseHostname = resolver.resolveHostname(ipAddress);
             if (reverseHostname.isEmpty())
                 throw new IllegalArgumentException(ipAddress + " did not resolve to a hostname");
diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/maintenance/HostCapacityMaintainerTest.java b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/maintenance/HostCapacityMaintainerTest.java
index 8c9d43eb164..66d4b67c7c2 100644
--- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/maintenance/HostCapacityMaintainerTest.java
+++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/maintenance/HostCapacityMaintainerTest.java
@@ -380,7 +380,7 @@ public class HostCapacityMaintainerTest {
             default -> throw new IllegalArgumentException("Unexpected config server host like node type: " + hostType);
         }
 
-        Cloud cloud = Cloud.builder().dynamicProvisioning(true).build();
+        Cloud cloud = Cloud.builder().name(CloudName.AWS).dynamicProvisioning(true).build();
         DynamicProvisioningTester dynamicProvisioningTester = new DynamicProvisioningTester(cloud, new MockNameResolver().mockAnyLookup());
         ProvisioningTester tester = dynamicProvisioningTester.provisioningTester;
         dynamicProvisioningTester.hostProvisioner.setHostFlavor("default");
@@ -686,7 +686,7 @@ public class HostCapacityMaintainerTest {
         private final InfraDeployerImpl infraDeployer;
 
         public DynamicProvisioningTester() {
-            this(Cloud.builder().dynamicProvisioning(true).build(), new MockNameResolver());
+            this(Cloud.builder().name(CloudName.AWS).dynamicProvisioning(true).build(), new MockNameResolver());
         }
 
         public DynamicProvisioningTester(Cloud cloud, MockNameResolver nameResolver) {
diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/maintenance/HostResumeProvisionerTest.java b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/maintenance/HostResumeProvisionerTest.java
index 8280c0e33fc..f7c9d46801c 100644
--- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/maintenance/HostResumeProvisionerTest.java
+++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/maintenance/HostResumeProvisionerTest.java
@@ -4,6 +4,7 @@ package com.yahoo.vespa.hosted.provision.maintenance;
 import com.yahoo.component.Version;
 import com.yahoo.config.provision.Capacity;
 import com.yahoo.config.provision.Cloud;
+import com.yahoo.config.provision.CloudName;
 import com.yahoo.config.provision.ClusterResources;
 import com.yahoo.config.provision.ClusterSpec;
 import com.yahoo.config.provision.Environment;
@@ -38,7 +39,7 @@ public class HostResumeProvisionerTest {
 
     private final List<Flavor> flavors = FlavorConfigBuilder.createDummies("default").getFlavors();
     private final MockNameResolver nameResolver = new MockNameResolver();
-    private final Zone zone = new Zone(Cloud.builder().dynamicProvisioning(true).allowHostSharing(false).build(),
+    private final Zone zone = new Zone(Cloud.builder().name(CloudName.AWS).dynamicProvisioning(true).allowHostSharing(false).build(),
                                        SystemName.defaultSystem(),
                                        Environment.dev,
                                        RegionName.defaultName());
author	Håkon Hallingstad <hakon@yahooinc.com>	2023-06-19 15:47:28 +0200
committer	Håkon Hallingstad <hakon@yahooinc.com>	2023-06-19 15:47:28 +0200
commit	ebb8e318bbaafb85472d29765fae9772c97aadd4 (patch)
tree	aa5701ace39742adfab18f210c64b33f81fd8d07
parent	316d672042b9159cf3f19fefcbcb81472d9b1bda (diff)