dnscontrol/providers/route53/route53Provider.go

412 lines
10 KiB
Go
Raw Normal View History

2016-08-23 08:31:50 +08:00
package route53
import (
"encoding/json"
"fmt"
"sort"
2016-08-23 08:31:50 +08:00
"strings"
"time"
"github.com/StackExchange/dnscontrol/models"
"github.com/StackExchange/dnscontrol/providers"
"github.com/StackExchange/dnscontrol/providers/diff"
2016-08-23 08:31:50 +08:00
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/private/waiter"
2016-08-23 08:31:50 +08:00
r53 "github.com/aws/aws-sdk-go/service/route53"
r53d "github.com/aws/aws-sdk-go/service/route53domains"
"github.com/pkg/errors"
2016-08-23 08:31:50 +08:00
)
type route53Provider struct {
client *r53.Route53
registrar *r53d.Route53Domains
zones map[string]*r53.HostedZone
2016-08-23 08:31:50 +08:00
}
func newRoute53Reg(conf map[string]string) (providers.Registrar, error) {
return newRoute53(conf, nil)
}
func newRoute53Dsp(conf map[string]string, metadata json.RawMessage) (providers.DNSServiceProvider, error) {
return newRoute53(conf, metadata)
}
func newRoute53(m map[string]string, metadata json.RawMessage) (*route53Provider, error) {
2016-08-23 08:31:50 +08:00
keyId, secretKey := m["KeyId"], m["SecretKey"]
// Route53 uses a global endpoint and route53domains
// currently only has a single regional endpoint in us-east-1
// http://docs.aws.amazon.com/general/latest/gr/rande.html#r53_region
config := &aws.Config{
Region: aws.String("us-east-1"),
}
if keyId != "" || secretKey != "" {
config.Credentials = credentials.NewStaticCredentials(keyId, secretKey, "")
2016-08-23 08:31:50 +08:00
}
sess := session.New(config)
2016-08-23 08:31:50 +08:00
api := &route53Provider{client: r53.New(sess), registrar: r53d.New(sess)}
err := api.getZones()
if err != nil {
return nil, err
}
2016-08-23 08:31:50 +08:00
return api, nil
}
func init() {
providers.RegisterDomainServiceProviderType("ROUTE53", newRoute53Dsp, providers.CanUsePTR, providers.CanUseSRV)
providers.RegisterRegistrarType("ROUTE53", newRoute53Reg)
2016-08-23 08:31:50 +08:00
}
2016-08-23 08:31:50 +08:00
func sPtr(s string) *string {
return &s
}
2016-08-23 08:31:50 +08:00
func (r *route53Provider) getZones() error {
var nextMarker *string
r.zones = make(map[string]*r53.HostedZone)
for {
if nextMarker != nil {
fmt.Println(*nextMarker)
}
inp := &r53.ListHostedZonesInput{Marker: nextMarker}
2016-08-23 08:31:50 +08:00
out, err := r.client.ListHostedZones(inp)
if err != nil && strings.Contains(err.Error(), "is not authorized") {
return errors.New("Check your credentials, your not authorized to perform actions on Route 53 AWS Service")
} else if err != nil {
2016-08-23 08:31:50 +08:00
return err
}
for _, z := range out.HostedZones {
domain := strings.TrimSuffix(*z.Name, ".")
r.zones[domain] = z
}
if out.NextMarker != nil {
nextMarker = out.NextMarker
} else {
break
}
}
return nil
}
//map key for grouping records
type key struct {
Name, Type string
}
func getKey(r *models.RecordConfig) key {
return key{r.NameFQDN, r.Type}
2016-08-23 08:31:50 +08:00
}
type errNoExist struct {
domain string
}
func (e errNoExist) Error() string {
return fmt.Sprintf("Domain %s not found in your route 53 account", e.domain)
}
func (r *route53Provider) GetNameservers(domain string) ([]*models.Nameserver, error) {
zone, ok := r.zones[domain]
if !ok {
return nil, errNoExist{domain}
}
z, err := r.client.GetHostedZone(&r53.GetHostedZoneInput{Id: zone.Id})
if err != nil {
return nil, err
}
ns := []*models.Nameserver{}
if z.DelegationSet != nil {
for _, nsPtr := range z.DelegationSet.NameServers {
ns = append(ns, &models.Nameserver{Name: *nsPtr})
}
}
return ns, nil
}
2016-08-23 08:31:50 +08:00
func (r *route53Provider) GetDomainCorrections(dc *models.DomainConfig) ([]*models.Correction, error) {
dc.Punycode()
2016-08-23 08:31:50 +08:00
var corrections = []*models.Correction{}
zone, ok := r.zones[dc.Name]
// add zone if it doesn't exist
if !ok {
return nil, errNoExist{dc.Name}
2016-08-23 08:31:50 +08:00
}
records, err := r.fetchRecordSets(zone.Id)
if err != nil {
return nil, err
}
var existingRecords = []*models.RecordConfig{}
2016-08-23 08:31:50 +08:00
for _, set := range records {
for _, rec := range set.ResourceRecords {
if *set.Type == "SOA" {
continue
}
r := &models.RecordConfig{
NameFQDN: unescape(set.Name),
Type: *set.Type,
Target: *rec.Value,
TTL: uint32(*set.TTL),
CombinedTarget: true,
2016-08-23 08:31:50 +08:00
}
existingRecords = append(existingRecords, r)
}
}
for _, want := range dc.Records {
want.MergeToTarget()
2016-08-23 08:31:50 +08:00
}
//diff
differ := diff.New(dc)
_, create, delete, modify := differ.IncrementalDiff(existingRecords)
2016-08-23 08:31:50 +08:00
namesToUpdate := map[key][]string{}
2016-08-23 08:31:50 +08:00
for _, c := range create {
namesToUpdate[getKey(c.Desired)] = append(namesToUpdate[getKey(c.Desired)], c.String())
2016-08-23 08:31:50 +08:00
}
for _, d := range delete {
namesToUpdate[getKey(d.Existing)] = append(namesToUpdate[getKey(d.Existing)], d.String())
2016-08-23 08:31:50 +08:00
}
for _, m := range modify {
namesToUpdate[getKey(m.Desired)] = append(namesToUpdate[getKey(m.Desired)], m.String())
2016-08-23 08:31:50 +08:00
}
if len(namesToUpdate) == 0 {
return nil, nil
}
updates := map[key][]*models.RecordConfig{}
//for each name we need to update, collect relevant records from dc
for k := range namesToUpdate {
updates[k] = nil
for _, rc := range dc.Records {
if getKey(rc) == k {
updates[k] = append(updates[k], rc)
}
}
}
dels := []*r53.Change{}
2016-08-23 08:31:50 +08:00
changes := []*r53.Change{}
changeDesc := ""
delDesc := ""
2016-08-23 08:31:50 +08:00
for k, recs := range updates {
chg := &r53.Change{}
var rrset *r53.ResourceRecordSet
if len(recs) == 0 {
dels = append(dels, chg)
2016-08-23 08:31:50 +08:00
chg.Action = sPtr("DELETE")
delDesc += strings.Join(namesToUpdate[k], "\n") + "\n"
2016-08-23 08:31:50 +08:00
// on delete just submit the original resource set we got from r53.
for _, r := range records {
if *r.Name == k.Name+"." && *r.Type == k.Type {
rrset = r
break
}
}
} else {
changes = append(changes, chg)
changeDesc += strings.Join(namesToUpdate[k], "\n") + "\n"
2016-08-23 08:31:50 +08:00
//on change or create, just build a new record set from our desired state
chg.Action = sPtr("UPSERT")
rrset = &r53.ResourceRecordSet{
Name: sPtr(k.Name),
Type: sPtr(k.Type),
ResourceRecords: []*r53.ResourceRecord{},
}
for _, r := range recs {
val := r.Target
rr := &r53.ResourceRecord{
Value: &val,
}
rrset.ResourceRecords = append(rrset.ResourceRecords, rr)
i := int64(r.TTL)
rrset.TTL = &i //TODO: make sure that ttls are consistent within a set
}
}
chg.ResourceRecordSet = rrset
}
changeReq := &r53.ChangeResourceRecordSetsInput{
ChangeBatch: &r53.ChangeBatch{Changes: changes},
}
delReq := &r53.ChangeResourceRecordSetsInput{
ChangeBatch: &r53.ChangeBatch{Changes: dels},
}
addCorrection := func(msg string, req *r53.ChangeResourceRecordSetsInput) {
corrections = append(corrections,
&models.Correction{
Msg: msg,
F: func() error {
req.HostedZoneId = zone.Id
_, err := r.client.ChangeResourceRecordSets(req)
return err
},
})
}
if len(dels) > 0 {
addCorrection(delDesc, delReq)
}
if len(changes) > 0 {
addCorrection(changeDesc, changeReq)
}
2016-08-23 08:31:50 +08:00
return corrections, nil
}
func (r *route53Provider) GetRegistrarCorrections(dc *models.DomainConfig) ([]*models.Correction, error) {
corrections := []*models.Correction{}
actualSet, err := r.getRegistrarNameservers(&dc.Name)
if err != nil {
return nil, err
}
sort.Strings(actualSet)
actual := strings.Join(actualSet, ",")
expectedSet := []string{}
for _, ns := range dc.Nameservers {
expectedSet = append(expectedSet, ns.Name)
}
sort.Strings(expectedSet)
expected := strings.Join(expectedSet, ",")
if actual != expected {
return []*models.Correction{
{
Msg: fmt.Sprintf("Update nameservers %s -> %s", actual, expected),
F: func() error {
operationId, err := r.updateRegistrarNameservers(dc.Name, expectedSet)
if err != nil {
return err
}
return r.waitUntilNameserversUpdate(operationId)
},
},
}, nil
}
return corrections, nil
}
func (r *route53Provider) getRegistrarNameservers(domainName *string) ([]string, error) {
domainDetail, err := r.registrar.GetDomainDetail(&r53d.GetDomainDetailInput{DomainName: domainName})
if err != nil {
return nil, err
}
nameservers := []string{}
for _, ns := range domainDetail.Nameservers {
nameservers = append(nameservers, *ns.Name)
}
return nameservers, nil
}
func (r *route53Provider) updateRegistrarNameservers(domainName string, nameservers []string) (*string, error) {
servers := []*r53d.Nameserver{}
for i := range nameservers {
servers = append(servers, &r53d.Nameserver{Name: &nameservers[i]})
}
domainUpdate, err := r.registrar.UpdateDomainNameservers(&r53d.UpdateDomainNameserversInput{DomainName: &domainName, Nameservers: servers})
if err != nil {
return nil, err
}
return domainUpdate.OperationId, nil
}
2016-08-23 08:31:50 +08:00
func (r *route53Provider) fetchRecordSets(zoneID *string) ([]*r53.ResourceRecordSet, error) {
if zoneID == nil || *zoneID == "" {
return nil, nil
}
var next *string
var nextType *string
var records []*r53.ResourceRecordSet
for {
listInput := &r53.ListResourceRecordSetsInput{
HostedZoneId: zoneID,
StartRecordName: next,
StartRecordType: nextType,
MaxItems: sPtr("100"),
}
list, err := r.client.ListResourceRecordSets(listInput)
if err != nil {
return nil, err
}
records = append(records, list.ResourceRecordSets...)
if list.NextRecordName != nil {
next = list.NextRecordName
nextType = list.NextRecordType
} else {
break
}
}
return records, nil
}
//we have to process names from route53 to match what we expect and to remove their odd octal encoding
func unescape(s *string) string {
if s == nil {
return ""
}
name := strings.TrimSuffix(*s, ".")
name = strings.Replace(name, `\052`, "*", -1) //TODO: escape all octal sequences
return name
}
func (r *route53Provider) EnsureDomainExists(domain string) error {
if _, ok := r.zones[domain]; ok {
return nil
}
fmt.Printf("Adding zone for %s to route 53 account\n", domain)
in := &r53.CreateHostedZoneInput{
Name: &domain,
CallerReference: sPtr(fmt.Sprint(time.Now().UnixNano())),
}
_, err := r.client.CreateHostedZone(in)
return err
}
func (r *route53Provider) waitUntilNameserversUpdate(operationId *string) error {
fmt.Print("Waiting for registrar update to complete...")
waiterCfg := waiter.Config{
Operation: "GetOperationDetail",
Delay: 30,
MaxAttempts: 10,
Acceptors: []waiter.WaitAcceptor{
{
State: "success",
Matcher: "path",
Argument: "Status",
Expected: "SUCCESSFUL",
},
},
}
w := waiter.Waiter{
Client: r.registrar,
Input: &r53d.GetOperationDetailInput{
OperationId: operationId,
},
Config: waiterCfg,
}
return w.Wait()
}