我们使用PowerDNS REST API来管理客户的区域。从权威名称服务器的版本4.0.x升级到4.1.x后,似乎有冲突的记录,API要求我们在替换之前发送rrset删除。这是一个示例(这是实际的JSON,仅修改了一些客户主机和IP)。
首先,是更新之前的区域GET:
{
"account": "admin",
"api_rectify": false,
"dnssec": false,
"id": "example.com.",
"kind": "Master",
"last_check": 1438206353,
"masters": [],
"name": "example.com.",
"notified_serial": 1440009663,
"nsec3narrow": false,
"nsec3param": "",
"rrsets": [
{
"comments": [],
"name": "www.example.com.",
"records": [
{
"content": "77.77.77.77",
"disabled": false
}
],
"ttl": 21600,
"type": "A"
},
{
"comments": [],
"name": "example.com.",
"records": [
{
"content": "5 mailer.example.com.",
"disabled": false
}
],
"ttl": 21600,
"type": "MX"
},
{
"comments": [],
"name": "example.com.",
"records": [
{
"content": "hosting.webnames.ca. postmaster.webnames.ca. 1440009663 21600 180 1209600 3600",
"disabled": false
}
],
"ttl": 21600,
"type": "SOA"
},
{
"comments": [],
"name": "example.com.",
"records": [
{
"content": "ns1.webnames.ca.",
"disabled": false
},
{
"content": "ns2.webnames.ca.",
"disabled": false
},
{
"content": "ns3.webnames.ca.",
"disabled": false
}
],
"ttl": 21600,
"type": "NS"
},
{
"comments": [],
"name": "example.com.",
"records": [
{
"content": "77.77.77.77",
"disabled": false
}
],
"ttl": 21600,
"type": "A"
}
],
"serial": 1440009663,
"soa_edit": "",
"soa_edit_api": "",
"url": "/api/v1/servers/localhost/zones/example.com."
}
接下来,补丁更新失败:
{
"rrsets": [
{
"name": "example.com.",
"type": "A",
"ttl": 900,
"records": [
{
"content": "209.15.37.6",
"disabled": false,
"set-ptr": false
}
],
"comments": null,
"changetype": "REPLACE"
},
{
"name": "example.com.",
"type": "NS",
"ttl": 900,
"records": [
{
"content": "ns1.webnames.ca.",
"disabled": false,
"set-ptr": false
},
{
"content": "ns2.webnames.ca.",
"disabled": false,
"set-ptr": false
},
{
"content": "ns3.webnames.ca.",
"disabled": false,
"set-ptr": false
}
],
"comments": null,
"changetype": "REPLACE"
},
{
"name": "example.com.",
"type": "SOA",
"ttl": 21600,
"records": [
{
"content": "ns1.webnames.ca. postmaster.webnames.ca. 1531346965 21600 180 1209600 3600",
"disabled": false,
"set-ptr": false
}
],
"comments": null,
"changetype": "REPLACE"
},
{
"name": "www.example.com.",
"type": "CNAME",
"ttl": 900,
"records": [
{
"content": "example.com.",
"disabled": false,
"set-ptr": false
}
],
"comments": null,
"changetype": "REPLACE"
},
{
"name": "www.example.com.",
"type": "A",
"records": [],
"comments": [],
"changetype": "DELETE"
},
{
"name": "example.com.",
"type": "MX",
"records": [],
"comments": [],
"changetype": "DELETE"
}
]
}
返回的错误是:
{"error": "RRset www.example.com. IN CNAME: Conflicts with pre-existing non-CNAME RRset"}
这显然是因为www.example.com上的A记录仅在rrset列表的末尾删除。因此,如果我们再次进行PATCH更新,但是这次以开头的DELETE rrsets为例,它将起作用:
{
"rrsets": [
{
"name": "www.example.com.",
"type": "A",
"records": [],
"comments": [],
"changetype": "DELETE"
},
{
"name": "example.com.",
"type": "MX",
"records": [],
"comments": [],
"changetype": "DELETE"
},
{
"name": "example.com.",
"type": "A",
"ttl": 900,
"records": [
{
"content": "209.15.37.6",
"disabled": false,
"set-ptr": false
}
],
"comments": null,
"changetype": "REPLACE"
},
{
"name": "example.com.",
"type": "NS",
"ttl": 900,
"records": [
{
"content": "ns1.webnames.ca.",
"disabled": false,
"set-ptr": false
},
{
"content": "ns2.webnames.ca.",
"disabled": false,
"set-ptr": false
},
{
"content": "ns3.webnames.ca.",
"disabled": false,
"set-ptr": false
}
],
"comments": null,
"changetype": "REPLACE"
},
{
"name": "example.com.",
"type": "SOA",
"ttl": 21600,
"records": [
{
"content": "ns1.webnames.ca. postmaster.webnames.ca. 1531346965 21600 180 1209600 3600",
"disabled": false,
"set-ptr": false
}
],
"comments": null,
"changetype": "REPLACE"
},
{
"name": "www.example.com.",
"type": "CNAME",
"ttl": 900,
"records": [
{
"content": "example.com.",
"disabled": false,
"set-ptr": false
}
],
"comments": null,
"changetype": "REPLACE"
}
]
}
我没有在文档中看到这一点,这对于我们的用例来说是一个相当大的重大变化。对于我来说,API首先处理DELETE rrset以避免这种冲突对我来说很有意义。也许这与https://doc.powerdns.com/authoritative/changelog/4.1.html#change-4.1.0-rc1中的以下两项之一或全部有关:
所以我想我的问题是:这是预期的行为吗?我错过的其他任何地方都有记录吗?我应该为此提交错误,还是我的解决方法只是每个人都应该实施的常识?