Page MenuHomeSoftware Heritage

Add dbreplica CNAME
AbandonedPublic

Authored by ardumont on May 28 2019, 12:05 PM.

Details

Reviewers
ftigeot
olasd
zack
Group Reviewers
Reviewers
Summary

Related T1234

Test Plan
$ bin/octocatalog-diff ... pergamon
Found host pergamon.softwareheritage.org
*** Running octocatalog-diff on host pergamon.softwareheritage.org
diff origin/production/pergamon.softwareheritage.org current/pergamon.softwareheritage.org
*******************************************
  File[/etc/bind/keys/local-update] =>
   parameters =>
     content =>
      @@ -2,4 +2,4 @@
       key local-update {
       	algorithm hmac-sha256;
      -	secret "redacted";
      +	secret "redacted";
       };
*******************************************
  File[/etc/bind/rndc.key] =>
   parameters =>
     content =>
      @@ -2,4 +2,4 @@
       key rndc-key {
       	algorithm hmac-md5;
      -	secret "redacted";
      +	secret "redacted";
       };
*******************************************
+ Resource_record[dbreplica/CNAME] =>
   parameters =>
      "data": "somerset.internal.softwareheritage.org"
      "keyfile": "/etc/bind/keys/local-update"
      "record": "dbreplica.internal.softwareheritage.org"
      "type": "CNAME"
*******************************************
*** End octocatalog-diff on pergamon.softwareheritage.org

Diff Detail

Repository
rSPSITE puppet-swh-site
Branch
update_configuration
Lint
No Linters Available
Unit
No Unit Test Coverage
Build Status
Buildable 5943
Build 8145: arc lint + arc unit

Event Timeline

ardumont added a project: Staff.
ardumont edited the test plan for this revision. (Show Details)

I'm not convinced this is such a good idea; this machine is way more than a "db replica" server (it only has one replica, most its databases are actually primary) and I don't think DNS provides the appropriate granularity level to record this information.

I think configuring pgbouncer to have transparent access to read-only/read-write databases would be more appropriate and flexible than doing dns hacks.

In D1516#34010, @olasd wrote:

I'm not convinced this is such a good idea; this machine is way more than a "db replica" server (it only has one replica, most its databases are actually primary) and I don't think DNS provides the appropriate granularity level to record this information.

Right, the machine does multiple things, but CNAMEs are not mutually exclusive.

I think configuring pgbouncer to have transparent access to read-only/read-write databases would be more appropriate and flexible than doing dns hacks.

Can we have both?

Branch diff to another branch

See T1234's amended description