Mercurial > code > home > repos > infra
diff dns_check.py @ 59:fa7a71b8a97f
more dns checks, including from inside containers in k8s`
| author | drewp@bigasterisk.com |
|---|---|
| date | Sun, 01 May 2022 23:30:09 -0700 |
| parents | 8945bf71da22 |
| children | 5ad4b4c712d9 |
line wrap: on
line diff
--- a/dns_check.py Sun May 01 23:27:33 2022 -0700 +++ b/dns_check.py Sun May 01 23:30:09 2022 -0700 @@ -1,18 +1,19 @@ # run key dns lookups everywhere -import subprocess import tempfile import requests from pyinfra import host from pyinfra.operations import apt, files, server, systemd + def check(name, addr): server.shell(commands=[ # note: one big string f"out=`dnsget -q {name}`; " f'[ -n "$out" ] || exit 1; ' f"if [ $out != {addr} ]; then echo got $out >&2 ; exit 1; fi" - ]) + ]) + ''' idea: read a file that looks like this: @@ -22,30 +23,32 @@ bang 127.0.1.1 10.1.0.1 10.1.0.1 10.5.0.1 bang5 10.5.0.1 10.5.0.1 10.5.0.1 10.5.0.1 dash 10.1.0.5 127.0.1.1 10.1.0.5 10.5.0.5 +bang.bigasterisk.com +bang.bigasterisk.com. +prime +projects.bigasterisk.com etc (or another idea: wireguard everywhere all the time) ''' -# outside k8s if host.name in ['dash', 'bang', 'slash']: - check('dash', '10.1.0.5') + check('dash', '10.2.0.77') + check('projects.bigasterisk.com', '10.2.0.1') elif host.name in ['prime']: check('dash', '10.5.0.5') check('projects.bigasterisk.com', '10.2.0.1') # expected the public addr, but fine else: - check('dash', '10.1.0.5') + check('dash', '10.2.0.77') check('projects.bigasterisk.com', '10.2.0.1') -if host.name in ['bang']: - check('bang', '10.2.0.1') -elif host.name in ['prime']: +if host.name in ['prime']: check('bang', '10.5.0.1') + check('slash', '10.5.0.6') else: check('bang', '10.2.0.1') + check('slash', '10.2.0.138') check('bang5', '10.5.0.1') check('prime', '10.5.0.2') -check('slash', '10.1.0.6') -# inside k8s \ No newline at end of file