Adds ability to disable nrpe nameserver checks and

ability to modify the host against which the check is performed. Implements: nrpe nameserver check host Closes-Bug: #2111229 Change-Id: I3a0e8a13fd72297bebb98ef852211cede0719c71
2025-06-11 17:23:39 +02:00
parent 1f108816d6
commit 4652c8312d
5 changed files with 87 additions and 3 deletions
--- a/src/config.yaml
+++ b/src/config.yaml
@@ -74,6 +74,14 @@ options:
    type: boolean
    default: false
    description: Enables experimental admin API for Designate.
+  nrpe-nameserver-check-host:
+    type: string
+    default: canonical.com
+    description: |
+      The host to use for the NRPE nameserver checks. This is useful if you
+      are deploying in a constrained environment where some domain are not resolvable,
+      allowing you to use a known resolvable domain. To disable the check set this
+      configuration option to an empty string.
  default-soa-expire:
    type: int
    default: 86400
--- a/src/lib/charm/openstack/designate.py
+++ b/src/lib/charm/openstack/designate.py
@@ -663,7 +663,8 @@ class DesignateCharm(ch_plugins.PolicydOverridePlugin,
        config = hookenv.config()
        hostname = nrpe.get_nagios_hostname()
        charm_nrpe = nrpe.NRPE(hostname=hostname)
-        if 'nameservers' in config:
+        if (config['nrpe-nameserver-check-host'] and
+                'nameservers' in config):
            nameservers = config['nameservers'].split()
            for nameserver in nameservers:
                if nameserver[-1] == '.':
@@ -671,7 +672,9 @@ class DesignateCharm(ch_plugins.PolicydOverridePlugin,
                charm_nrpe.add_check(
                    "nameserver-{}".format(nameserver),
                    'Check the upstream DNS server.',
-                    "check_dns -H canonical.com -s {}".format(nameserver),
+                    "check_dns -H {0} -s {1}".format(
+                        config['nrpe-nameserver-check-host'],
+                        nameserver),
                )
        charm_nrpe.write()

@@ -681,7 +684,8 @@ class DesignateCharm(ch_plugins.PolicydOverridePlugin,
        hostname = nrpe.get_nagios_hostname()
        charm_nrpe = nrpe.NRPE(hostname=hostname)

-        if config.changed('nameservers'):
+        if (config.changed('nameservers') or
+                config.changed('nrpe-nameserver-check-host')):
            for nameserver in config.previous('nameservers').split():
                if nameserver[-1] == '.':
                    nameserver = nameserver[:-1]
--- a/src/reactive/designate_handlers.py
+++ b/src/reactive/designate_handlers.py
@@ -313,6 +313,7 @@ def reset_shared_db():
@reactive.when_any('config.changed.nagios_context',
                   'config.changed.nagios_servicegroups',
                   'config.changed.nameservers',
+                   'config.changed.nrpe-nameserver-check-host',
                   'endpoint.nrpe-external-master.changed',
                   'nrpe-external-master.available')
 def configure_nrpe():
--- a/unit_tests/test_designate_handlers.py
+++ b/unit_tests/test_designate_handlers.py
@@ -76,6 +76,7 @@ class TestRegisteredHooks(test_utils.TestRegisteredHooks):
                    'config.changed.nagios_context',
                    'config.changed.nagios_servicegroups',
                    'config.changed.nameservers',
+                    'config.changed.nrpe-nameserver-check-host',
                    'endpoint.nrpe-external-master.changed',
                    'nrpe-external-master.available',
                ),
--- a/unit_tests/test_lib_charm_openstack_designate.py
+++ b/unit_tests/test_lib_charm_openstack_designate.py
@@ -425,6 +425,7 @@ class TestDesignateCharm(Helper):
    def test_add_nrpe_nameserver_checks(self):
        test_config = {
            'nameservers': '8.8.8.8. 9.9.9.9. ns1-example.com.',
+            'nrpe-nameserver-check-host': 'canonical.com',
        }
        charm_instance = designate.DesignateCharm(release='queens')
        self.patch_object(designate.hookenv, 'config')
@@ -452,6 +453,75 @@ class TestDesignateCharm(Helper):
        ])
        nrpe_mock.write.assert_called_once_with()

+    def test_disable_add_nrpe_nameserver_checks(self):
+        test_config = {
+            'nameservers': '8.8.8.8. 9.9.9.9. ns1-example.com.',
+            'nrpe-nameserver-check-host': '',
+        }
+        charm_instance = designate.DesignateCharm(release='queens')
+        self.patch_object(designate.hookenv, 'config')
+        self.config.return_value = test_config
+        self.patch_object(designate.nrpe, 'NRPE')
+        nrpe_mock = mock.MagicMock()
+        self.NRPE.return_value = nrpe_mock
+        charm_instance.add_nrpe_nameserver_checks()
+        nrpe_mock.add_check.assert_has_calls([
+        ])
+        nrpe_mock.write.assert_called_once_with()
+
+    def test_add_nrpe_nameserver_checks_custom_host(self):
+        test_config = {
+            'nameservers': '8.8.8.8. 9.9.9.9. ns1-example.com.',
+            'nrpe-nameserver-check-host': 'test.xyz',
+        }
+        charm_instance = designate.DesignateCharm(release='queens')
+        self.patch_object(designate.hookenv, 'config')
+        self.config.return_value = test_config
+        self.patch_object(designate.nrpe, 'NRPE')
+        nrpe_mock = mock.MagicMock()
+        self.NRPE.return_value = nrpe_mock
+        charm_instance.add_nrpe_nameserver_checks()
+        nrpe_mock.add_check.assert_has_calls([
+            mock.call(
+                'nameserver-8.8.8.8',
+                'Check the upstream DNS server.',
+                'check_dns -H test.xyz -s 8.8.8.8',
+            ),
+            mock.call(
+                'nameserver-9.9.9.9',
+                'Check the upstream DNS server.',
+                'check_dns -H test.xyz -s 9.9.9.9',
+            ),
+            mock.call(
+                'nameserver-ns1-example.com',
+                'Check the upstream DNS server.',
+                'check_dns -H test.xyz -s ns1-example.com',
+            ),
+        ])
+        nrpe_mock.write.assert_called_once_with()
+
+    def test_remove_nrpe_nameserver_checks_only_host_changed(self):
+        charm_instance = designate.DesignateCharm(release='queens')
+        self.patch_object(designate.hookenv, 'config')
+        config_mock = mock.MagicMock()
+        config_mock.changed.side_effect = (
+            lambda key: key == 'nrpe-nameserver-check-host')
+        config_mock.previous.return_value = 'previous-ns-1 previous-ns-2.'
+        self.config.return_value = config_mock
+        self.patch_object(designate.nrpe, 'NRPE')
+        nrpe_mock = mock.MagicMock()
+        self.NRPE.return_value = nrpe_mock
+        charm_instance.remove_nrpe_nameserver_checks()
+        nrpe_mock.remove_check.assert_has_calls([
+            mock.call(
+                shortname='nameserver-previous-ns-1'
+            ),
+            mock.call(
+                shortname='nameserver-previous-ns-2'
+            ),
+        ])
+        nrpe_mock.write.assert_called_once_with()
+
    def test_remove_nrpe_nameserver_checks(self):
        charm_instance = designate.DesignateCharm(release='queens')
        self.patch_object(designate.hookenv, 'config')