Merge pull request 'neoloc/dns_master_multiregion' (#169) from neoloc/dns_master_multiregion into develop

Reviewed-on: unkinben/puppet-prod#169
2024-04-24 18:29:27 +09:30 · 2024-04-24 18:29:27 +09:30 · 4149d89dc0
commit 4149d89dc0
parent 2bae42fa31 99d3dcf4d8
2 changed files with 22 additions and 6 deletions
--- a/hieradata/roles/infra/dns/master.yaml
+++ b/hieradata/roles/infra/dns/master.yaml
@ -1,8 +1,6 @@
 ---
-profiles::dns::master::nameservers:
-  - prodinf01n23.main.unkin.net
-  - prodinf01n24.main.unkin.net
-
+profiles::dns::master::ns_role: roles::infra::dns::master
+profiles::dns::master::use_ns: region
 profiles::dns::master::acls:
  acl-main.unkin.net:
    addresses:
--- a/site/profiles/manifests/dns/master.pp
+++ b/site/profiles/manifests/dns/master.pp
@ -1,6 +1,5 @@
 # profiles::dns::master authoritative service
 class profiles::dns::master (
-  Array[String] $nameservers,
  Stdlib::AbsolutePath $basedir,
  Hash    $acls  = {},
  Hash    $zones = {},
@ -13,8 +12,27 @@ class profiles::dns::master (
  String  $owner = 'root',
  String  $group = 'named',
  Boolean $dnssec = false,
+  Variant[String, Undef]            $ns_role = undef,
+  Enum['all', 'region', 'country']  $use_ns  = 'all',
 ){

+  # if ns_role is set, find all hosts matching that enc_role, otherwise use the current host
+  $nameservers_array = $ns_role ? {
+    undef   => [$facts['networking']['fqdn']],
+    default => $use_ns ? {
+      'all'     => query_nodes("enc_role='${ns_role}'", 'networking.fqdn'),
+      'region'  => query_nodes("enc_role='${ns_role}' and region=${facts['region']}", 'networking.fqdn'),
+      'country' => query_nodes("enc_role='${ns_role}' and country=${facts['country']}", 'networking.fqdn'),
+    }
+  }
+
+  # if nameservers is empty, use the current host, otherwise use nameservers_array as nameservers
+  $nameservers = empty($nameservers_array) ? {
+    true  => [$facts['networking']['fqdn']],
+    false => $nameservers_array,
+    default => [$facts['networking']['fqdn']],
+  }
+
  class {'profiles::dns::server':
    acls       => $acls,
    zones      => $zones,
@ -37,7 +55,7 @@ class profiles::dns::master (
      profiles::dns::zone { $name:
        zone        => $data['domain'],
        basedir     => $basedir,
-        nameservers => $nameservers,
+        nameservers => sort($nameservers),
        owner       => $owner,
        group       => $group,
        before      => Bind::Zone[$name]