Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
38625 commits 9 branches 0 tags 111 MiB
Commit graph

156 commits

Author SHA1 Message Date
Kevin Fenzi
db012e0f94 add proyectofedora.org domain to dns and proxies 
This domain is already in the dns repo (unsigned).
So, this adds it to named.conf and adds it as an alias on the
fedoraproject.org site for now.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2023-03-01 15:12:06 -08:00
Patrick Uiterwijk
3f79919102
Add distro.builders zone to zones.conf 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2022-08-24 11:58:00 +02:00
Stephen Smoogen
16b5e17c19 Fix DNS issues in IAD2 
Problem: Fedora Infrastructure has used various DNS servers in
PHX2. Those no longer exist. This is causing breakage in DNS and many
other internal services.

Fix: Work with Red Hat IT
     - to get new DNS servers which are infoblox devices.
     - get firewall rules fixed to that
     - update named.conf to have new ips
     - remove old ips which no longer exist.

Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>
 2022-07-20 09:45:04 -04:00
Kevin Fenzi
56d9be2bf3 dns: named.conf use /var/named for dir instead of / 
I think this is leftover from chroot named days. New bind requires a
writable directory for this and default is /var/named.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-01 13:42:02 -07:00
Kevin Fenzi
0071a5e9c7 named.conf: drop specifying port on transfer-source as it fails on new bind 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-01 13:03:46 -07:00
Kevin Fenzi
b7a031c9fd fedoraloveskde.org: add site and pipeline to deploy it and dns zone 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-06-14 12:49:11 -07:00
Stephen Smoogen
a67c6ed272 Did not read pspaceks comment correctly. If we were running fedora on nameservers we could go to 100k. For EL8/7 we can go to 1000 
Signed-off-by: Stephen Smoogen <smooge@smoogespace.com>
 2021-04-07 10:40:45 -04:00
Stephen Smoogen
a81783e13e Update per pspacek to 100k TCP connections 
Signed-off-by: Stephen Smoogen <smooge@smoogespace.com>
 2021-04-07 10:32:16 -04:00
Stephen Smoogen
764ef65e98 Change named settings for tcp connections 
In order to try and fix the number of TCP connections allowed to get
to the dns servers by increasing from the default 100 to 1000. This
will hopefully help fix the issue in
https://pagure.io/fedora-infrastructure/issue/9850 where the name
servers are not able to answer TCP connections after a while.

Signed-off-by: Stephen Smoogen <smooge@smoogespace.com>
 2021-04-07 14:27:29 +00:00
Stephen Smoogen
2bb54719ba add fedora.im zone so that we can answer whois for the zone. 
Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>
 2020-12-09 17:53:35 -05:00
Stephen Smoogen
2d05b68fd4 remove the UK from the EU so that DNS for the continent works again. 2020-11-17 15:41:36 -05:00
Mark O'Brien
921b1df1ae dns: add more countries to zones 2020-11-17 19:05:46 +00:00
Stephen Smoogen
6de5698aa6 Add in signed keys for iad2 and rdu-cc zones. 
Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>
 2020-11-03 16:56:36 -05:00
Mark O'Brien
8e7dcdbf8d dns - add SA zone to named.conf 2020-10-01 14:46:28 +01:00
Stephen Smoogen
b6e0d92552 add in an RDU-CC zone for the public ip addresses we have there (since we have a lot) 2020-08-24 16:29:44 -04:00
Kevin Fenzi
7eede0312f Revert "[dns] add South America(SA) region for proxies" 
This reverts commit 8c3d08396b.

Landing this before changes in DNS repo left the SA region with
no proxies. ;( Reverting it until we can land it all (nearly) at
once.
 2020-08-22 09:52:06 -07:00
Mark O'Brien
8c3d08396b [dns] add South America(SA) region for proxies 2020-08-21 14:54:08 +01:00
Mark O'Brien
c920b83596 [dns] add new africa region for proxies 2020-08-13 12:43:27 +00:00
Stephen Smoogen
b24456a0fb go through old git diff of named.conf and put in values we had before move happened on IAD2 for the RDU2 entwork 2020-07-14 17:42:55 -04:00
Stephen Smoogen
d058b29071 remove duplicate declarations of 10.6.0 zone.. just becuase you had 0 before does not mean you should have 2 afterwords 2020-06-18 13:58:55 -04:00
Stephen Smoogen
f2132cc28b update DNS to remove zones no longer in existance to RDU view and to add in 10.16.0 to IAD2 where it should have been in the first place. This should fix the unused DNS 2020-06-18 13:32:07 -04:00
Stephen Smoogen
25796c2fd6 make sure phx2 zone is in the correct view 2020-06-16 16:50:00 -04:00
Stephen Smoogen
ed6534c0cf remove phx2 zones from nameservers. thank you again phx2 2020-06-15 15:53:02 -04:00
Stephen Smoogen
97dd621b88 named.conf: fix missing named.conf semicolon to allow rhit transfers 2020-06-11 10:42:45 -04:00
Stephen Smoogen
3e41c7388a named.conf: add more RH internal hosts for transfer 2020-06-11 10:40:05 -04:00
Stephen Smoogen
37fc7a1eea move iad2net from phx2 to iad2 2020-06-09 20:07:51 -04:00
Stephen Smoogen
1e8fccfc88 fix named.conf match zones for iad2/phx2 dns. dear past self from 3-4 hours ago. named.conf cant have an match for the zone you want and expect it to work 2020-06-08 18:04:07 -04:00
Stephen Smoogen
a88b9adcf7 fix a missing semicolon in named.conf 2020-06-08 16:33:17 -04:00
Stephen Smoogen
56caf84ce5 add stub zones for 177 and 178 network so internal dns does not have problems 2020-06-08 16:13:25 -04:00
Stephen Smoogen
e59e61ac6a fix IAD2 zone so it will work with internal DNS servers 2020-06-08 15:04:52 -04:00
Stephen Smoogen
1ef32c2da5 put the forwarders in the right zone 2020-06-08 14:41:33 -04:00
Stephen Smoogen
985f3add05 remove zone for access.redhat.com. ips no longer work 2020-06-07 16:05:04 -04:00
Stephen Smoogen
5204a7aa34 remove old system no longer running dns. simplify iad2net 2020-06-07 16:00:57 -04:00
Kevin Fenzi
f60844b5b0 dns: add s390 dns zone to iad2 view 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-06-06 16:05:34 -07:00
Nick Bebout
bf9b27d6b8 IAD2 view should use IAD2 version of zones 2020-05-27 17:57:18 -05:00
Stephen Smoogen
3329c4f2e3 fix named for IAD2 zone to use NA for fedoraproject.org 2020-05-20 13:32:04 -04:00
Kevin Fenzi
df21841eb2 dns: drop duplicate iad2 zone in phx2 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-20 10:06:46 -07:00
Kevin Fenzi
41e167c36b dns / iad2: update iad2 zone with more stuff and let iad2/phx2 cross resolve 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-20 09:48:55 -07:00
Nick Bebout
54cb28e1c6 Add ci.fedoraproject.org to zones.conf 2020-05-19 12:50:39 -05:00
Nick Bebout
78c6972992 Revert "Add ci.fedoraproject.org zone" 
This reverts commit 7f610d8695.
 2020-05-19 12:50:06 -05:00
Nick Bebout
7f610d8695 Add ci.fedoraproject.org zone 2020-05-19 12:04:13 -05:00
Stephen Smoogen
4e9b4e9b12 BIND: rethink having a seperate dns zone for build and qa 2020-05-07 15:27:28 -04:00
Kevin Fenzi
6d595ddf74 dns / iad2: add a IAD2 view to dns 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-06 16:39:41 -07:00
Kevin Fenzi
2c31e220fb dns: drop libsemanage-pythong and policycoreutils-python from dns since they are not in rhel8 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-05-06 16:07:28 -07:00
Stephen Smoogen
97a7a51c7b Put in reverse zones for bind. 2020-05-06 12:52:59 -04:00
Stephen Smoogen
3a0208e11f Named: Add in forward zones for IAD2 zones so that dns kind of works. 2020-05-06 12:48:29 -04:00
Stephen Smoogen
d9cf4bbca7 FBR fix: missed a ; on the config 2020-04-27 10:41:56 +00:00
Stephen Smoogen
29b94278dd Approved FBR: Move various countries in DNS from Asia zone to Europe. Move Europe zones in also 2020-04-27 10:13:28 +00:00
Stephen Smoogen
b8e445bfc7 turns out redhat and internal reverse dns must come from other dns servers. external dns like softwarefactory from otehrs. 2020-04-24 21:34:28 +02:00
Stephen Smoogen
bdaef22681 And this should allow softwarefactory-project.io to resolve in phx2 2020-04-24 21:34:28 +02:00