Denis Machard

My technical gists

Infrastructure background, developer mindset. I build things for pleasure.
    @github @mastodon @rss
    dns powerdns terraform

    How to manage LUA records from PowerDNS software with terraform

    This post details how to manage LUA records with dynamic updates and terraform with your authoritative server.

    Requirements

    Enable LUA records and DNS update to your pdns.conf

    enable-lua-records=yes
dnsupdate=yes

    Create a Tsig key and set metadata to your zone to authorize DNSUPDATE and AXFR with TSIG authentication.

    TSIG-ALLOW-DNSUPDATE
TSIG-ALLOW-AXFR

    Provider configuration

    The documentation of the provider powerdns-gslb is available in the terraform registry

    1. Create a main.tf file

    2. Install the provider “powerdns-glsb” then, run terraform init.

    terraform {
  required_providers {
    powerdns-gslb = {
      source = "dmachard/powerdns-gslb"
      version = "1.3.0"
    }
  }
}
    1. Configure your provider with address of the DNS server to send updates to and TSIG authentication parameters
    provider "powerdns-gslb" {
    server        = "10.0.0.210"
    key_name      = "test."
    key_algo      = "hmac-sha256"
    key_secret    = "SxEKov9vWTM+c7k9G6ho5nK.....n5nND5BOHzE6ybvy0+dw=="
}

    Create custom LUA record

    Create the source powerdns-gslb_lua then, run terraform apply.

    resource "powerdns-gslb_lua" "svc1" {
  zone = "home.internal."
  name = "test_lua"
  record {
    rrtype = "A"
    ttl = 5
    snippet = "ifportup(8082, {'10.0.0.1', '10.0.0.2'})"
  }
}

    You can removed the record by running terraform destroy.

    Create pre-configured record

    Some resources are available for ifurlup, ifportup, pickrandom and wpickrandom

    resource "powerdns-gslb_pickrandom" "foo" {
  zone = "home.internal."
  name = "test_pickrandom"
  record {
    rrtype = "A"
    ttl = 5
    addresses = [ 
      "127.0.0.1",
      "127.0.0.2",
    ]
  }
}
    propulsed by hugo and hugo-theme-gists