root / dnshook @ 1bdc9427
History | View | Annotate | Download (6 kB)
| 1 | ad5c908a | Dimitris Aragiorgis | #!/bin/bash |
|---|---|---|---|
| 2 | c7006a9f | Dimitris Aragiorgis | |
| 3 | ad5c908a | Dimitris Aragiorgis | # Configuration Fallbacks. All can(must for some of them) be overwritten by /etc/default/snf-network |
| 4 | c7006a9f | Dimitris Aragiorgis | TTL=300 |
| 5 | ad5c908a | Dimitris Aragiorgis | # the bind server IP/FQDN |
| 6 | c7006a9f | Dimitris Aragiorgis | SERVER="" |
| 7 | ad5c908a | Dimitris Aragiorgis | # this is the .vm.synnefo.live. |
| 8 | ad5c908a | Dimitris Aragiorgis | # Leave empty if only reverse dns management is needed. |
| 9 | ad5c908a | Dimitris Aragiorgis | # TODO: make this zone to be instance specific!!! |
| 10 | ad5c908a | Dimitris Aragiorgis | FZONE="" |
| 11 | ad5c908a | Dimitris Aragiorgis | # the file with dns authorization keys |
| 12 | c7006a9f | Dimitris Aragiorgis | KEYFILE="" |
| 13 | c7006a9f | Dimitris Aragiorgis | MAC2EUI64="/usr/bin/mac2eui64" |
| 14 | c7006a9f | Dimitris Aragiorgis | |
| 15 | ad5c908a | Dimitris Aragiorgis | source /etc/default/snf-network |
| 16 | 1bdc9427 | Dimitris Aragiorgis | source /usr/lib/snf-network/common.sh |
| 17 | ad5c908a | Dimitris Aragiorgis | |
| 18 | 48122640 | Dimitris Aragiorgis | if [ -z "$SERVER" -o -z "$FZONE" -o ! -e "$KEYFILE" ]; then |
| 19 | ad5c908a | Dimitris Aragiorgis | exit 0 |
| 20 | c7006a9f | Dimitris Aragiorgis | fi |
| 21 | c7006a9f | Dimitris Aragiorgis | |
| 22 | c7006a9f | Dimitris Aragiorgis | update () {
|
| 23 | c7006a9f | Dimitris Aragiorgis | local ZONE=$1 |
| 24 | c7006a9f | Dimitris Aragiorgis | local action="$2" |
| 25 | c7006a9f | Dimitris Aragiorgis | nsupdate -k $KEYFILE > /dev/null << EOF |
| 26 | c7006a9f | Dimitris Aragiorgis | server $SERVER |
| 27 | c7006a9f | Dimitris Aragiorgis | zone $ZONE |
| 28 | c7006a9f | Dimitris Aragiorgis | $action |
| 29 | c7006a9f | Dimitris Aragiorgis | send |
| 30 | c7006a9f | Dimitris Aragiorgis | EOF |
| 31 | c7006a9f | Dimitris Aragiorgis | } |
| 32 | c7006a9f | Dimitris Aragiorgis | |
| 33 | ad5c908a | Dimitris Aragiorgis | |
| 34 | ad5c908a | Dimitris Aragiorgis | # ommit zone statement |
| 35 | ad5c908a | Dimitris Aragiorgis | # nsupdate will attempt determine the correct zone to update based on the rest of the input |
| 36 | ad5c908a | Dimitris Aragiorgis | send_command () {
|
| 37 | ad5c908a | Dimitris Aragiorgis | |
| 38 | 48122640 | Dimitris Aragiorgis | local command="$1" |
| 39 | 48122640 | Dimitris Aragiorgis | hooks-log dnshook "$command" |
| 40 | 48122640 | Dimitris Aragiorgis | nsupdate -k $KEYFILE > /dev/null << EOF |
| 41 | 48122640 | Dimitris Aragiorgis | server $SERVER |
| 42 | 48122640 | Dimitris Aragiorgis | $command |
| 43 | 48122640 | Dimitris Aragiorgis | send |
| 44 | ad5c908a | Dimitris Aragiorgis | EOF |
| 45 | ad5c908a | Dimitris Aragiorgis | |
| 46 | c7006a9f | Dimitris Aragiorgis | } |
| 47 | c7006a9f | Dimitris Aragiorgis | |
| 48 | ad5c908a | Dimitris Aragiorgis | |
| 49 | 48122640 | Dimitris Aragiorgis | update_arecord () {
|
| 50 | ad5c908a | Dimitris Aragiorgis | |
| 51 | ad5c908a | Dimitris Aragiorgis | local action=$1 |
| 52 | ad5c908a | Dimitris Aragiorgis | local command= |
| 53 | ad5c908a | Dimitris Aragiorgis | if [ -n "$IP" ]; then |
| 54 | ad5c908a | Dimitris Aragiorgis | command="update $action $GANETI_INSTANCE_NAME.$FZONE $TTL A $IP" |
| 55 | ad5c908a | Dimitris Aragiorgis | send_command "$command" |
| 56 | ad5c908a | Dimitris Aragiorgis | fi |
| 57 | 48122640 | Dimitris Aragiorgis | |
| 58 | 48122640 | Dimitris Aragiorgis | } |
| 59 | 48122640 | Dimitris Aragiorgis | |
| 60 | 48122640 | Dimitris Aragiorgis | |
| 61 | 48122640 | Dimitris Aragiorgis | update_aaaarecord () {
|
| 62 | 48122640 | Dimitris Aragiorgis | |
| 63 | 48122640 | Dimitris Aragiorgis | local action=$1 |
| 64 | 48122640 | Dimitris Aragiorgis | local command= |
| 65 | ad5c908a | Dimitris Aragiorgis | if [ -n "$EUI64" ]; then |
| 66 | ad5c908a | Dimitris Aragiorgis | command="update $action $GANETI_INSTANCE_NAME.$FZONE $TTL AAAA $EUI64" |
| 67 | ad5c908a | Dimitris Aragiorgis | send_command "$command" |
| 68 | ad5c908a | Dimitris Aragiorgis | fi |
| 69 | ad5c908a | Dimitris Aragiorgis | |
| 70 | ad5c908a | Dimitris Aragiorgis | } |
| 71 | ad5c908a | Dimitris Aragiorgis | |
| 72 | 48122640 | Dimitris Aragiorgis | |
| 73 | 48122640 | Dimitris Aragiorgis | update_ptrrecord () {
|
| 74 | ad5c908a | Dimitris Aragiorgis | |
| 75 | ad5c908a | Dimitris Aragiorgis | local action=$1 |
| 76 | ad5c908a | Dimitris Aragiorgis | local command= |
| 77 | ad5c908a | Dimitris Aragiorgis | if [ -n "$IP" ]; then |
| 78 | 48122640 | Dimitris Aragiorgis | command="update $action $RLPART.$RZONE. $TTL PTR $GANETI_INSTANCE_NAME.$FZONE" |
| 79 | ad5c908a | Dimitris Aragiorgis | send_command "$command" |
| 80 | ad5c908a | Dimitris Aragiorgis | fi |
| 81 | 48122640 | Dimitris Aragiorgis | |
| 82 | 48122640 | Dimitris Aragiorgis | } |
| 83 | 48122640 | Dimitris Aragiorgis | |
| 84 | 48122640 | Dimitris Aragiorgis | update_ptr6record () {
|
| 85 | 48122640 | Dimitris Aragiorgis | |
| 86 | 48122640 | Dimitris Aragiorgis | local action=$1 |
| 87 | 48122640 | Dimitris Aragiorgis | local command= |
| 88 | ad5c908a | Dimitris Aragiorgis | if [ -n "$EUI64" ]; then |
| 89 | 48122640 | Dimitris Aragiorgis | command="update $action $R6LPART$R6ZONE. $TTL PTR $GANETI_INSTANCE_NAME.$FZONE" |
| 90 | ad5c908a | Dimitris Aragiorgis | send_command "$command" |
| 91 | ad5c908a | Dimitris Aragiorgis | fi |
| 92 | ad5c908a | Dimitris Aragiorgis | |
| 93 | ad5c908a | Dimitris Aragiorgis | } |
| 94 | ad5c908a | Dimitris Aragiorgis | |
| 95 | 48122640 | Dimitris Aragiorgis | update_all () {
|
| 96 | 48122640 | Dimitris Aragiorgis | |
| 97 | 48122640 | Dimitris Aragiorgis | local action=$1 |
| 98 | 48122640 | Dimitris Aragiorgis | update_arecord $action |
| 99 | 48122640 | Dimitris Aragiorgis | update_aaaarecord $action |
| 100 | 48122640 | Dimitris Aragiorgis | update_ptrrecord $action |
| 101 | 48122640 | Dimitris Aragiorgis | update_ptr6record $action |
| 102 | 48122640 | Dimitris Aragiorgis | |
| 103 | 48122640 | Dimitris Aragiorgis | } |
| 104 | 48122640 | Dimitris Aragiorgis | |
| 105 | ad5c908a | Dimitris Aragiorgis | |
| 106 | ad5c908a | Dimitris Aragiorgis | # first argument is an eui64 (IPv6) |
| 107 | ad5c908a | Dimitris Aragiorgis | # sets GLOBAL args R6REC, R6ZONE, R6LPART |
| 108 | 48122640 | Dimitris Aragiorgis | # lets assume eui64=2001:648:2ffc:1::1 |
| 109 | ad5c908a | Dimitris Aragiorgis | # the following commands produce: |
| 110 | ad5c908a | Dimitris Aragiorgis | # R6REC=1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.c.f.f.2.8.4.6.0.1.0.0.2.ip6.arpa |
| 111 | ad5c908a | Dimitris Aragiorgis | # R6ZONE=1.0.0.0.c.f.f.2.8.4.6.0.1.0.0.2.ip6.arpa |
| 112 | ad5c908a | Dimitris Aragiorgis | # R6LPART=1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0. |
| 113 | ad5c908a | Dimitris Aragiorgis | get_rev6_info () {
|
| 114 | ad5c908a | Dimitris Aragiorgis | |
| 115 | ad5c908a | Dimitris Aragiorgis | local eui64=$1 |
| 116 | ad5c908a | Dimitris Aragiorgis | if [ -z "$eui64" ]; then |
| 117 | ad5c908a | Dimitris Aragiorgis | R6REC= ; R6ZONE= ; R6LPART= ; |
| 118 | ad5c908a | Dimitris Aragiorgis | else |
| 119 | ad5c908a | Dimitris Aragiorgis | R6REC=$(host $eui64 | egrep -o '([[:alnum:]]\.){32}ip6.arpa' )
|
| 120 | ad5c908a | Dimitris Aragiorgis | R6ZONE=$(echo $R6REC | awk -F. 'BEGIN{rpart="";} { for (i=32;i>16;i=i-1) rpart=$i "." rpart; } END{print rpart "ip6.arpa";}')
|
| 121 | ad5c908a | Dimitris Aragiorgis | R6LPART=$(echo $R6REC | awk -F. 'BEGIN{lpart="";} { for (i=16;i>0;i=i-1) lpart=$i "." lpart; } END{print lpart;}')
|
| 122 | ad5c908a | Dimitris Aragiorgis | fi |
| 123 | ad5c908a | Dimitris Aragiorgis | |
| 124 | ad5c908a | Dimitris Aragiorgis | } |
| 125 | ad5c908a | Dimitris Aragiorgis | |
| 126 | ad5c908a | Dimitris Aragiorgis | |
| 127 | ad5c908a | Dimitris Aragiorgis | # first argument is an ipv4 |
| 128 | ad5c908a | Dimitris Aragiorgis | # sets args RZONE, RLPART |
| 129 | ad5c908a | Dimitris Aragiorgis | # lets assume IP=203.0.113.1 |
| 130 | ad5c908a | Dimitris Aragiorgis | # RZONE="113.0.203.in-add.arpa" |
| 131 | ad5c908a | Dimitris Aragiorgis | # RLPART="1" |
| 132 | ad5c908a | Dimitris Aragiorgis | get_rev4_info () {
|
| 133 | ad5c908a | Dimitris Aragiorgis | |
| 134 | ad5c908a | Dimitris Aragiorgis | local ip=$1 |
| 135 | ad5c908a | Dimitris Aragiorgis | if [ -z "$ip" ]; then |
| 136 | ad5c908a | Dimitris Aragiorgis | RZONE= ; RLPART= ; |
| 137 | ad5c908a | Dimitris Aragiorgis | else |
| 138 | ad5c908a | Dimitris Aragiorgis | OLDIFS=$IFS |
| 139 | ad5c908a | Dimitris Aragiorgis | IFS=". " |
| 140 | ad5c908a | Dimitris Aragiorgis | set -- $ip |
| 141 | ad5c908a | Dimitris Aragiorgis | a=$1 ; b=$2; c=$3; d=$4; |
| 142 | ad5c908a | Dimitris Aragiorgis | IFS=$OLDIFS |
| 143 | ad5c908a | Dimitris Aragiorgis | RZONE="$c.$b.$a.in-addr.arpa" |
| 144 | ad5c908a | Dimitris Aragiorgis | RLPART="$d" |
| 145 | ad5c908a | Dimitris Aragiorgis | fi |
| 146 | ad5c908a | Dimitris Aragiorgis | |
| 147 | ad5c908a | Dimitris Aragiorgis | } |
| 148 | ad5c908a | Dimitris Aragiorgis | |
| 149 | ad5c908a | Dimitris Aragiorgis | |
| 150 | ad5c908a | Dimitris Aragiorgis | update_dns () {
|
| 151 | ad5c908a | Dimitris Aragiorgis | |
| 152 | ad5c908a | Dimitris Aragiorgis | if [ "x$GANETI_OP_CODE" = "xOP_INSTANCE_CREATE" ]; then |
| 153 | 48122640 | Dimitris Aragiorgis | update_all add |
| 154 | ad5c908a | Dimitris Aragiorgis | elif [ "x$GANETI_OP_CODE" = "xOP_INSTANCE_REMOVE" ]; then |
| 155 | 48122640 | Dimitris Aragiorgis | update_all delete |
| 156 | ad5c908a | Dimitris Aragiorgis | elif [ "x$GANETI_OP_CODE" = "xOP_INSTANCE_RENAME" ]; then |
| 157 | 48122640 | Dimitris Aragiorgis | update_all delete |
| 158 | ad5c908a | Dimitris Aragiorgis | # Let's override a variable and add ourselves |
| 159 | ad5c908a | Dimitris Aragiorgis | GANETI_INSTANCE_NAME=$GANETI_INSTANCE_NEW_NAME |
| 160 | 48122640 | Dimitris Aragiorgis | update_all add |
| 161 | ad5c908a | Dimitris Aragiorgis | elif [ "x$GANETI_OP_CODE" = "xOP_INSTANCE_STARTUP" ]; then |
| 162 | 48122640 | Dimitris Aragiorgis | update_all add |
| 163 | ad5c908a | Dimitris Aragiorgis | elif [ "x$GANETI_OP_CODE" = "xOP_INSTANCE_SHUTDOWN" ]; then |
| 164 | 48122640 | Dimitris Aragiorgis | update_all delete |
| 165 | ad5c908a | Dimitris Aragiorgis | elif [ "x$GANETI_OP_CODE" = "xOP_INSTANCE_REBOOT" ]; then |
| 166 | 48122640 | Dimitris Aragiorgis | update_all add |
| 167 | ad5c908a | Dimitris Aragiorgis | elif [ "x$GANETI_OP_CODE" = "xOP_INSTANCE_SET_PARAMS" ]; then |
| 168 | 48122640 | Dimitris Aragiorgis | update_all add |
| 169 | ad5c908a | Dimitris Aragiorgis | fi |
| 170 | ad5c908a | Dimitris Aragiorgis | |
| 171 | ad5c908a | Dimitris Aragiorgis | } |
| 172 | ad5c908a | Dimitris Aragiorgis | |
| 173 | ad5c908a | Dimitris Aragiorgis | |
| 174 | ad5c908a | Dimitris Aragiorgis | # Query nameserver for entries related to the specific instance |
| 175 | ad5c908a | Dimitris Aragiorgis | # An example output is the following: |
| 176 | ad5c908a | Dimitris Aragiorgis | # www.google.com has address 173.194.113.114 |
| 177 | ad5c908a | Dimitris Aragiorgis | # www.google.com has address 173.194.113.115 |
| 178 | ad5c908a | Dimitris Aragiorgis | # www.google.com has address 173.194.113.116 |
| 179 | ad5c908a | Dimitris Aragiorgis | # www.google.com has address 173.194.113.112 |
| 180 | ad5c908a | Dimitris Aragiorgis | # www.google.com has address 173.194.113.113 |
| 181 | ad5c908a | Dimitris Aragiorgis | # www.google.com has IPv6 address 2a00:1450:4001:80b::1012 |
| 182 | ad5c908a | Dimitris Aragiorgis | query_dns () {
|
| 183 | ad5c908a | Dimitris Aragiorgis | |
| 184 | ad5c908a | Dimitris Aragiorgis | HOSTQ="host -s -R 3 -W 3" |
| 185 | ad5c908a | Dimitris Aragiorgis | HOST_IP_ALL=$($HOSTQ $GANETI_INSTANCE_NAME.$FZONE $SERVER | sed -n 's/.*has address //p') |
| 186 | ad5c908a | Dimitris Aragiorgis | HOST_IP6_ALL=$($HOSTQ $GANETI_INSTANCE_NAME.$FZONE $SERVER | sed -n 's/.*has IPv6 address //p') |
| 187 | ad5c908a | Dimitris Aragiorgis | |
| 188 | ad5c908a | Dimitris Aragiorgis | } |
| 189 | ad5c908a | Dimitris Aragiorgis | |
| 190 | ad5c908a | Dimitris Aragiorgis | |
| 191 | ad5c908a | Dimitris Aragiorgis | # Reset all entries related to the specific instance |
| 192 | ad5c908a | Dimitris Aragiorgis | # This should be invoced only during instance modification |
| 193 | ad5c908a | Dimitris Aragiorgis | # because we do not know which nics have been modify |
| 194 | ad5c908a | Dimitris Aragiorgis | reset_dns () {
|
| 195 | ad5c908a | Dimitris Aragiorgis | |
| 196 | ad5c908a | Dimitris Aragiorgis | if [ "x$GANETI_OP_CODE" = "xOP_INSTANCE_SET_PARAMS" ]; then |
| 197 | ad5c908a | Dimitris Aragiorgis | query_dns |
| 198 | ad5c908a | Dimitris Aragiorgis | # This should remove the A, AAAA, CNAME entries |
| 199 | 48122640 | Dimitris Aragiorgis | send_command "update delete $GANETI_INSTANCE_NAME.$FZONE" |
| 200 | ad5c908a | Dimitris Aragiorgis | for ip in $HOST_IP_ALL; do |
| 201 | ad5c908a | Dimitris Aragiorgis | get_rev4_info $ip |
| 202 | ad5c908a | Dimitris Aragiorgis | # This should remove the IPv4 reverse entry |
| 203 | 48122640 | Dimitris Aragiorgis | send_command "update delete $RLPART.$RZONE" |
| 204 | ad5c908a | Dimitris Aragiorgis | done |
| 205 | ad5c908a | Dimitris Aragiorgis | for ip6 in $HOST_IP6_ALL; do |
| 206 | ad5c908a | Dimitris Aragiorgis | get_rev6_info $ip6 |
| 207 | ad5c908a | Dimitris Aragiorgis | # This should remove the IPv6 reverse entry |
| 208 | 48122640 | Dimitris Aragiorgis | send_command "update delete $R6LPART$R6ZONE." |
| 209 | ad5c908a | Dimitris Aragiorgis | done |
| 210 | ad5c908a | Dimitris Aragiorgis | fi |
| 211 | ad5c908a | Dimitris Aragiorgis | |
| 212 | ad5c908a | Dimitris Aragiorgis | } |
| 213 | ad5c908a | Dimitris Aragiorgis | |
| 214 | ad5c908a | Dimitris Aragiorgis | |
| 215 | c7006a9f | Dimitris Aragiorgis | # Main starts here |
| 216 | c7006a9f | Dimitris Aragiorgis | |
| 217 | 48122640 | Dimitris Aragiorgis | |
| 218 | ad5c908a | Dimitris Aragiorgis | # Exit if we do not have instance name. |
| 219 | ad5c908a | Dimitris Aragiorgis | # It should be exported to hooks for instance related opcodes. |
| 220 | 48122640 | Dimitris Aragiorgis | if [ -z "$GANETI_INSTANCE_NAME" ]; then |
| 221 | ad5c908a | Dimitris Aragiorgis | exit 0 |
| 222 | c7006a9f | Dimitris Aragiorgis | fi |
| 223 | c7006a9f | Dimitris Aragiorgis | |
| 224 | ad5c908a | Dimitris Aragiorgis | # This runs only for instance modification |
| 225 | ad5c908a | Dimitris Aragiorgis | reset_dns |
| 226 | ad5c908a | Dimitris Aragiorgis | |
| 227 | ad5c908a | Dimitris Aragiorgis | # If GANETI_INSTANCE_NIC_COUNT is not set then nothing happens |
| 228 | ad5c908a | Dimitris Aragiorgis | FIRST=0 |
| 229 | ad5c908a | Dimitris Aragiorgis | LAST=$((GANETI_INSTANCE_NIC_COUNT - 1)) |
| 230 | ad5c908a | Dimitris Aragiorgis | for idx in $(seq $FIRST $LAST); do |
| 231 | ad5c908a | Dimitris Aragiorgis | ip=GANETI_INSTANCE_NIC${idx}_IP
|
| 232 | ad5c908a | Dimitris Aragiorgis | mac=GANETI_INSTANCE_NIC${idx}_MAC
|
| 233 | ad5c908a | Dimitris Aragiorgis | mode=GANETI_INSTANCE_NIC${idx}_MODE
|
| 234 | ad5c908a | Dimitris Aragiorgis | link=GANETI_INSTANCE_NIC${idx}_LINK
|
| 235 | ad5c908a | Dimitris Aragiorgis | subnet=GANETI_INSTANCE_NIC${idx}_NETWORK_SUBNET
|
| 236 | ad5c908a | Dimitris Aragiorgis | subnet6=GANETI_INSTANCE_NIC${idx}_NETWORK_SUBNET6
|
| 237 | ad5c908a | Dimitris Aragiorgis | tags=GANETI_INSTANCE_NIC${idx}_NETWORK_TAGS
|
| 238 | ad5c908a | Dimitris Aragiorgis | eval IP=\$$ip |
| 239 | ad5c908a | Dimitris Aragiorgis | eval MAC=\$$mac |
| 240 | ad5c908a | Dimitris Aragiorgis | eval MODE=\$$mode |
| 241 | ad5c908a | Dimitris Aragiorgis | eval LINK=\$$link |
| 242 | ad5c908a | Dimitris Aragiorgis | eval SUBNET=\$$subnet |
| 243 | ad5c908a | Dimitris Aragiorgis | eval SUBNET6=\$$subnet6 |
| 244 | ad5c908a | Dimitris Aragiorgis | eval TAGS=\$$tags |
| 245 | ad5c908a | Dimitris Aragiorgis | |
| 246 | ad5c908a | Dimitris Aragiorgis | for tag in $TAGS; do |
| 247 | ad5c908a | Dimitris Aragiorgis | case $tag in |
| 248 | ad5c908a | Dimitris Aragiorgis | $DNS_TAG) |
| 249 | ad5c908a | Dimitris Aragiorgis | |
| 250 | ad5c908a | Dimitris Aragiorgis | get_rev4_info "$IP" |
| 251 | ad5c908a | Dimitris Aragiorgis | get_eui64 "$MAC" "$SUBNET6" |
| 252 | ad5c908a | Dimitris Aragiorgis | get_rev6_info "$EUI64" |
| 253 | 48122640 | Dimitris Aragiorgis | hooks-log dnshook "update dns for $GANETI_INSTANCE_NAME $IP $EUI64" |
| 254 | ad5c908a | Dimitris Aragiorgis | update_dns |
| 255 | ad5c908a | Dimitris Aragiorgis | |
| 256 | ad5c908a | Dimitris Aragiorgis | ;; |
| 257 | ad5c908a | Dimitris Aragiorgis | esac |
| 258 | ad5c908a | Dimitris Aragiorgis | |
| 259 | ad5c908a | Dimitris Aragiorgis | done |
| 260 | ad5c908a | Dimitris Aragiorgis | |
| 261 | ad5c908a | Dimitris Aragiorgis | done |