[Freeipa-devel] Structured DNS record API proposal

Martin Kosek mkosek at redhat.com
Fri Sep 16 12:25:14 UTC 2011 

On Fri, 2011-09-16 at 08:12 -0400, Simo Sorce wrote:
> On Fri, 2011-09-16 at 14:04 +0200, Martin Kosek wrote:
...
> > How would that work? We are designing -add -show -mod commands for
> > mutlivalued LDAP attribute values, we should have some reference what
> > value we are modifying. Or did you mean the following command sequence
> > for mod operation?
> > 
> > dnsrecord-del example.com @ --mx-rec="0 mx1.example.com.", "1 mx2.example.com."
> > dnsrecord-mx-add example.com @ --priority=0 --mailserver=mx1.example.com.
> > dnsrecord-mx-add example.com @ --priority=1 --mailserver=mx2.example.com.
> 
> Oh I see, I thought we could add multuple values at the same time, but
> with this syntax it is not possible.
> 
> Perhaps something like this:
> 
> dnsrecord-mod example.com @ --replace --mx-rec="0 mx1.example.com., 1 mx2.example.com."

We have something similar already. Current implementation of
dnsrecord-mod jus replaces whatever was in the multivalued attribute now
with the new values. That's what WebUI uses now. Now, if you modify MX
record priority in "raw" record, this is what is sent to IPA:

dnsrecord-mod example.com @ --mx-rec="0 mx1.example.com.","1 mx2.example.com."

> 
> This would replace any existing record with the list of 'raw' records provided.

Yes, that is current state. The motivation for this new API, however, is
an ability to edit the structured DNS records, not the raw ones. WebUI
shouldn't generate raw DNS records from structured WebUI form and send
them to server, server should do it. That was my motivation for the
proposed API.

> 
> Whatever you do do not split this operation into a DEL+ADD, we want an
> atomic modify operation in any case. as you do not want to have a race
> where named may query the MX records and find them empty. That'd be much
> worse than returning one of them outdated.
> 
> This means whatever the API we need to support a way to add all values
> at the same time. We can also have the more verbose API to make things
> more understandable, but we need this "bulk" API for the WebUI IMHO.

I agree, the change shouldn't be split to del+add. My proposed API:

dnsrecord-mx-mod example.com --dnsrecord="1 mx1.example.com." --preference=0

would do just one write to LDAP. Unfortunately, this is not so pretty
for CLI, one would have to copy&paste raw DNS value to be able to edit
its components, but it should be simple for WebUI. Right now, I don't
see some better way.

Martin

More information about the Freeipa-devel mailing list