Project

General

Profile

Actions

Bug #4442

closed

cf-serverd looks up reverse DNS for ALL nodes at start up

Added by Christophe Nowicki about 10 years ago. Updated about 10 years ago.

Status:
Released
Priority:
N/A
Category:
Performance and scalability
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:

Description

Hi,

The /var/rudder/cfengine-community/inputs/common/1.0/cf-served.cf file is managed by rudder.

Every directory in "/var/rudder/share/*UUID*" is protected like that :

any::
   "/var/rudder/share/*UUID*" 
   maproot => { host2ip("HOSTNAME"), escape("HOSTNAME") };
   admit => { host2ip("HOSTNAME"), escape("HOSTNAME") };

When the cf-served process startup it will look up for the reverse DNS for HOSTNAME.

  • If you have only 10 hosts, it doesn't matter ;
  • If you have 100 hosts, you are flooding the DNS server ;
  • If you have 50k hosts, you are benchmarking DNS root servers ;-) ;

If the DNS server is down or the HOSTNAME is wrong, the cf-served process will never start.

Could the host2ip("HOSTNAME") be replaced by the node ip address from the inventory in order to avoid DNS lookup at startup ?

Best Regards,


Related issues 2 (0 open2 closed)

Related to Rudder - Bug #4429: duplicated IP addresses across nodes are not accepted, preventing to handle NATReleasedNicolas CHARLES2014-01-31Actions
Has duplicate Rudder - Bug #3912: (Unecessary) Use of host-to-ip cause major slowdown of cf-promises on the rudder server when used with many nodesRejectedNicolas CHARLES2013-09-06Actions
Actions

Also available in: Atom PDF