Skip to content

Commit

Permalink
Add option to check dns with custom dns server, fix gcp ipv6
Browse files Browse the repository at this point in the history
  • Loading branch information
@GrigoryPervakov
GrigoryPervakov committed Jul 22, 2024
1 parent 6619922 commit a0b63d2
Showing 1 changed file with 19 additions and 4 deletions.
23 changes: 19 additions & 4 deletions ch_tools/monrun_checks/dns.py
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import ipaddress
import json
import socket
from functools import lru_cache
Expand Down Expand Up @@ -37,34 +38,48 @@ def __init__(self, fqdn: str, private: bool, strict: bool):
@click.option(
"--imdsv2", "imdsv2", is_flag=True, help="Use imdsv2 token for non gcp hosts"
)
@click.option(
"--nameserver",
"nameserver",
type=str,
help="Custom nameserver to query records from",
)
def dns_command(
cluster: bool,
private: bool,
ipv4: bool,
ipv6: bool,
imdsv2: bool,
nameserver: str = None,
) -> Result:
"""
Check presence and correctness of DNS records.
"""
err = []
for record in _get_host_dns(cluster, private):
err.extend(_check_fqdn(record, ipv4, ipv6, imdsv2))
err.extend(_check_fqdn(record, ipv4, ipv6, imdsv2, nameserver))

if not err:
return Result(OK)

return Result(CRIT, ", ".join(err))


def _check_fqdn(target: _TargetRecord, ipv4: bool, ipv6: bool, imdsv2: bool) -> list:
def _check_fqdn(
target: _TargetRecord, ipv4: bool, ipv6: bool, imdsv2: bool, nameserver: str
) -> list:
err = []
resolver = dns.resolver.Resolver()
if nameserver:
resolver.nameservers = [nameserver]

def _compare(record_type: str, ip_type: str) -> Tuple[bool, set, set]:
try:
actual_addr = set(
map(lambda a: a.to_text(), resolver.resolve(target.fqdn, record_type))
map(
lambda a: ipaddress.ip_address(a.to_text()),
resolver.resolve(target.fqdn, record_type),
)
)
except dns.resolver.NXDOMAIN:
actual_addr = set()
Expand Down Expand Up @@ -103,7 +118,7 @@ def _get_host_ip(addr_type: str, imdsv2: bool) -> str:
headers["X-aws-ec2-metadata-token"] = _get_imdsv2_token()
resp = requests.get(IP_METADATA_PATHS[addr_type], headers=headers)
resp.raise_for_status()
return resp.text.strip()
return ipaddress.ip_network(resp.text.strip())[0]


@lru_cache(maxsize=None)
Expand Down

0 comments on commit a0b63d2

Please sign in to comment.