Code Monkey home page Code Monkey logo

Comments (9)

zachfi avatar zachfi commented on June 25, 2024

Can I see the manifest you used to get into the situation you mentioned?

from puppet-unbound.

F00baer avatar F00baer commented on June 25, 2024

On 2015-07-23 17:35, Zach Leslie wrote:

Can I see the manifest you used to get into the situation you mentioned?


Reply to this email directly or view it on GitHub
#102 (comment).

Sure,

I manage my stubs as hiera data, like this:

recursor::stubs:
domain1.com:
address:
- "121.120.1.64"
- "121.120.6.5"
- "121.120.6.6"
- "2001:123:4:6::88:5"
- "2001:123:4:6::88:6"
insecure: true
domain2.com:
address:
- "121.121.1.64"
- "121.130.6.11"
- "121.130.6.12"
- "2001:132:4:6::88:11"
- "2001:123:4:6::88:12"
insecure: true

The class is defined in a profile:

class { "unbound":
interface => $ips,
access => $access,
do_ip6 => $do_ip6,
do_ip4 => "yes",
hide_identity => false,
hide_version => false,
val_clean_additional => false,
control_enable => true,
num_threads => $processorcount,
msg_cache_slabs => $processorcount_2,
rrset_cache_slabs => $processorcount_2,
infra_cache_slabs => $processorcount_2,
key_cache_slabs => $processorcount_2,
outgoing_interface => $ipaddress,
prefetch => "yes",
so_rcvbuf => "4m",
num_queries_per_thread => "4096",
outgoing_range => 8192,
rrset_cache_size => "${rcache}m",
msg_cache_size => "${mcache}m",
edns_buffer_size => "4096",
outgoing_port_avoid => "0-1024",
outgoing_port_permit => "1025-65535",
val_permissive_mode => $permissive_mode,
module_config => $module_config,
interface_automatic => $interface_automatic,
chroot => $chroot,
custom_server_conf => [
"so-sndbuf: 4m",
"identity: $identity",
"version: $version",
"val-clean-additional: no",
],
}

$stubs=hiera_hash('recursor::stubs',{})
create_resources('unbound::stub',$stubs,{})

This resulted in just the V6 addresses beeing stub-addr, while the V4
addresses seemed to gotten matched as valid hostnames and were added as
stub-host.
I am using the latest version from git, puppetlabs-concat 1.2.3,
puppetlabs-stdlib 4.5.1, puppet 3.7.5.

Regards,
Markus

from puppet-unbound.

zachfi avatar zachfi commented on June 25, 2024

Ah, sounds like we just need to improve our address validation.

from puppet-unbound.

zachfi avatar zachfi commented on June 25, 2024

#104

I'll test shortly.

from puppet-unbound.

zachfi avatar zachfi commented on June 25, 2024

After testing, my configs looks good and my servers are online. Are you in a position to test? I'm prepared to merge #104 to correct this.

from puppet-unbound.

F00baer avatar F00baer commented on June 25, 2024

Hi,

On 2015-07-28 16:56, Zach Leslie wrote:

After testing, my configs looks good and my servers are online. Are you
in a position to test? I'm prepared to merge #104
#104 to correct this.


Reply to this email directly or view it on GitHub
#102 (comment).

The patch looks good, still there is a minor issue with the parser.
My puppet agent was not able to find the puppet_x path:

Error: Could not retrieve catalog from remote server: Error 400 on
SERVER: Could not autoload
puppet/parser/functions/validate_unbound_addr: cannot load such file --
puppet_x/unbound/validate_addrs on node uni-resolver-test-ns.puppet-test
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run

However, I found a similar workaround in another module and adapted it:

diff --git a/lib/puppet/parser/functions/validate_unbound_addr.rb
b/lib/puppet/parser/functions/validate_unbound_addr.rb
index d8c5d7b..4b1b4cf 100644
--- a/lib/puppet/parser/functions/validate_unbound_addr.rb
+++ b/lib/puppet/parser/functions/validate_unbound_addr.rb
@@ -1,4 +1,6 @@
-require 'puppet_x/unbound/validate_addrs'
+require File.expand_path(File.join(File.dirname(FILE), '..', '..',
'..',

  •                              'puppet_x', 'unbound',
    

    'validate_addrs.rb'))
    +

    Puppet::Parser::Functions.newfunction(:validate_unbound_addr) do |args|
    if (args.size != 1) then

Using this, the IPs were generated quite fine as "stub-addr" and
hostnames as "stub-host" entries as they should.
Thanks!

-Markus

from puppet-unbound.

zachfi avatar zachfi commented on June 25, 2024

That puppet_x code is missing on the master it looks like. So now that we rely on functions, and functions are executed on the master.

If you have an environment that contains this code, you can do puppet plugin download --environment $e -v on the master to ensure that the function and the rest of the lib code are available on the master side.

from puppet-unbound.

F00baer avatar F00baer commented on June 25, 2024

On 2015-07-29 00:33, Zach Leslie wrote:

That puppet_x code is missing on the master it looks like. So now that
we rely on functions, and functions are executed on the master.

If you have an environment that contains this code, you can do |puppet
plugin download --environment $e -v| on the master to ensure that the
function and the rest of the lib code are available on the master side.


Reply to this email directly or view it on GitHub
#102 (comment).

Thanks for the hint, just downloaded the plugins using your command and
now the module works as it was.

-Markus

from puppet-unbound.

zachfi avatar zachfi commented on June 25, 2024

#104 has been merged and 1.2.0 has been released for this effort. Thank you for the report.

from puppet-unbound.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.