Skip to content

[WIP] DNS provider framework - PowerDNS plugin #12737

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
sudo87 wants to merge 51 commits into
base: main
Choose a base branch
from
+13,891 −16
Draft

[WIP] DNS provider framework - PowerDNS plugin #12737

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
51 commits
Select commit Hold shift + click to select a range
7b9fc0e
wip: dns provider framework
sudo87 Feb 4, 2026
b2d597c
add db schema, vo and dao classes
sudo87 Feb 10, 2026
6ef7f9b
add powerdns module in plugins
sudo87 Feb 11, 2026
9911c28
Changes done to AddDnsServer, ListDnsServer, DeleteDnsServer and Upda…
sudo87 Feb 12, 2026
df21318
1. Setup Dns zone schema
sudo87 Feb 13, 2026
f29b8be
following dns zone apis are integrated:
sudo87 Feb 15, 2026
9b77c37
Tested following flow:
sudo87 Feb 16, 2026
c5972ae
Add associate and disassociate zone to network APIs
sudo87 Feb 16, 2026
99f8c7d
following things are done:
sudo87 Feb 17, 2026
e011ce1
add missing license, cleanup, log std
sudo87 Feb 18, 2026
4a9f66d
following changes are done:
sudo87 Feb 19, 2026
c64cf81
include:
sudo87 Feb 20, 2026
4df11a4
normalize dns zone and record in svc layer, always use dotless data i…
sudo87 Feb 21, 2026
857436e
enable apis for all roles
sudo87 Feb 21, 2026
582b687
add ACL annotation, entitytype, minor cleanup
sudo87 Feb 21, 2026
add7763
acl related changes, fixes, mistakes
sudo87 Feb 25, 2026
1fe79bd
fixes related to acl, dao
sudo87 Feb 25, 2026
6ca9d5a
add views for dns_server and dns_zone
sudo87 Feb 26, 2026
1c1eef3
Add Listener for VM lifecycle to add dnsrecords for associated dns zone
sudo87 Mar 2, 2026
caf8533
1. implement event processing for vm start/stop/destroy, nic create/d…
sudo87 Mar 3, 2026
856158c
starting on ui work
sudo87 Mar 3, 2026
928db65
resolve merge conflict with main
sudo87 Mar 3, 2026
369bb16
fix lint issue
sudo87 Mar 3, 2026
0df50ce
fix list dnsservers api, ui screens for dns servers, generate events
sudo87 Mar 4, 2026
a9afbce
UI related work and fixes in updateDnsServer cmd
sudo87 Mar 10, 2026
6bcfbc6
resolve conflict with main
sudo87 Mar 13, 2026
c74a579
resolve build and licensefailure issue
sudo87 Mar 14, 2026
7f5e2a7
continue UI component work, fix minor issue with apis
sudo87 Mar 17, 2026
d8cca73
resolve conflict with main
sudo87 Mar 17, 2026
a1eca74
work on updateDnsServer ui screen, fixed acl issue for dns server and…
sudo87 Mar 18, 2026
981bb64
add associate and disassociate dns zone to network ui screens, networ…
sudo87 Mar 19, 2026
af7ce8e
fix addDnsRecord and deleteDnsRecord flow for automatic registration …
sudo87 Mar 20, 2026
bde9fd9
improve cleanup logic for DNS zone and server
sudo87 Mar 23, 2026
5682a5a
modify delete flow for dns zone and server, ask to key in name
sudo87 Mar 23, 2026
c6abed1
Following changes are part of this commit:
sudo87 Mar 25, 2026
f1dcd00
add unit tests
sudo87 Apr 1, 2026
f524bbe
resolve conflict with main
sudo87 Apr 1, 2026
9d4e141
unit tests
sudo87 Apr 1, 2026
8d10ae1
Following changes are done:
sudo87 Apr 6, 2026
3567819
fix automatic dns record registration based on vm and nic lifecycle
sudo87 Apr 9, 2026
883dc32
changes:
sudo87 Apr 10, 2026
3ae9834
fix normalizing dns record values for mx, srv and other type
sudo87 Apr 11, 2026
a036281
split cleanup of old dns urls and new record registration
sudo87 Apr 13, 2026
6466362
unit tests
sudo87 Apr 14, 2026
9d0884a
add marvin test for powerdns
sudo87 Apr 15, 2026
30566d1
merge main changes
sudo87 Apr 15, 2026
f96d4cd
trim trailing space
sudo87 Apr 15, 2026
2d14c26
rename credentials param in dns server vue files to apikey
sudo87 Apr 16, 2026
001a197
rename apikey to dnsapikey, refactor ui and add dig verification in i…
sudo87 Apr 17, 2026
172ac67
rename dnsrecordurl -> nicdnsname, DnsNicJoinView -> nicDnsJoinVo
sudo87 Apr 20, 2026
5f627aa
changes in this commit:
sudo87 Apr 24, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
improve cleanup logic for DNS zone and server
  • Loading branch information
@sudo87
sudo87 committed Mar 23, 2026
commit bde9fd906231eef14c1d0b96cb49f22ddc04f42f
8 changes: 4 additions & 4 deletions ...rc/main/java/org/apache/cloudstack/api/command/user/dns/AssociateDnsZoneToNetworkCmd.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,13 +29,13 @@
import org.apache.cloudstack.api.response.DnsZoneNetworkMapResponse;
import org.apache.cloudstack.api.response.DnsZoneResponse;
import org.apache.cloudstack.api.response.NetworkResponse;
import org.apache.cloudstack.dns.DnsZone;

import com.cloud.exception.ConcurrentOperationException;
import com.cloud.exception.InsufficientCapacityException;
import com.cloud.exception.NetworkRuleConflictException;
import com.cloud.exception.ResourceAllocationException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.Network;
import com.cloud.user.Account;

@APICommand(name = "associateDnsZoneToNetwork",
Expand Down Expand Up @@ -73,9 +73,9 @@ public void execute() throws ResourceUnavailableException, InsufficientCapacityE

@Override
public long getEntityOwnerId() {
DnsZone zone = _entityMgr.findById(DnsZone.class, dnsZoneId);
if (zone != null) {
return zone.getAccountId();
Network network = _entityMgr.findById(Network.class, networkId);
if (network != null) {
return network.getAccountId();
}
return Account.ACCOUNT_ID_SYSTEM;
}
Expand Down
4 changes: 4 additions & 0 deletions engine/schema/src/main/java/com/cloud/vm/dao/NicDetailsDao.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,14 @@
// under the License.
package com.cloud.vm.dao;

import java.util.List;

import org.apache.cloudstack.resourcedetail.ResourceDetailsDao;

import com.cloud.utils.db.GenericDao;
import com.cloud.vm.NicDetailVO;

public interface NicDetailsDao extends GenericDao<NicDetailVO, Long>, ResourceDetailsDao<NicDetailVO> {

void removeDetailsForValuesIn(String resourceName, List<String> values);
}
23 changes: 23 additions & 0 deletions engine/schema/src/main/java/com/cloud/vm/dao/NicDetailsDaoImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,17 +17,40 @@
package com.cloud.vm.dao;


import java.util.List;

import org.apache.cloudstack.api.ApiConstants;
import org.springframework.stereotype.Component;

import org.apache.cloudstack.resourcedetail.ResourceDetailsDaoBase;

import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
import com.cloud.vm.NicDetailVO;

@Component
public class NicDetailsDaoImpl extends ResourceDetailsDaoBase<NicDetailVO> implements NicDetailsDao {
private final SearchBuilder<NicDetailVO> NameValuesSearch;

public NicDetailsDaoImpl() {
super();
NameValuesSearch = createSearchBuilder();
NameValuesSearch.and(ApiConstants.NAME, NameValuesSearch.entity().getName(), SearchCriteria.Op.EQ);
NameValuesSearch.and(ApiConstants.VALUE, NameValuesSearch.entity().getValue(), SearchCriteria.Op.IN);
NameValuesSearch.done();
}


@Override
public void addDetail(long resourceId, String key, String value, boolean display) {
super.addDetail(new NicDetailVO(resourceId, key, value, display));
}

@Override
public void removeDetailsForValuesIn(String resourceName, List<String> values) {
SearchCriteria<NicDetailVO> sc = NameValuesSearch.create();
sc.setParameters(ApiConstants.NAME, resourceName);
sc.setParameters(ApiConstants.VALUE, values.toArray());
remove(sc);
}
}
59 changes: 41 additions & 18 deletions server/src/main/java/org/apache/cloudstack/dns/DnsProviderManagerImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;

Expand Down Expand Up @@ -59,6 +60,7 @@
import org.apache.cloudstack.dns.vo.DnsZoneJoinVO;
import org.apache.cloudstack.dns.vo.DnsZoneNetworkMapVO;
import org.apache.cloudstack.dns.vo.DnsZoneVO;
import org.apache.commons.collections.CollectionUtils;
import org.apache.logging.log4j.util.Strings;
import org.springframework.stereotype.Component;

Expand Down Expand Up @@ -280,10 +282,11 @@ public boolean deleteDnsServer(DeleteDnsServerCmd cmd) {
if (cmd.getCleanup()) {
List<DnsZoneVO> dnsZones = dnsZoneDao.findDnsZonesByServerId(dnsServerId);
for (DnsZoneVO dnsZone : dnsZones) {
long dnsZoneId = dnsZone.getId();
dnsZoneNetworkMapDao.removeNetworkMappingByZoneId(dnsZoneId);
// ToDo: delete nic_record_urls from vm_details if present before removing dnsZone
dnsZoneDao.remove(dnsZoneId);
try {
deleteDnsZone(dnsZone.getId());
} catch (Exception ex) {
logger.error("Error cleaning up DNS zone: {} during DNS server: {} deletion", dnsZone.getName(), dnsServer.getName());
}
}
}
return dnsServerDao.remove(dnsServerId);
Expand All @@ -304,22 +307,39 @@ public boolean deleteDnsZone(Long zoneId) {
if (server == null) {
throw new CloudRuntimeException(String.format("The DNS server not found for DNS zone: %s", dnsZoneName));
}
try {
DnsProvider provider = getProviderByType(server.getProviderType());
provider.deleteZone(server, dnsZone);
logger.debug("Deleted DNS zone: {} from provider", dnsZoneName);
} catch (DnsNotFoundException ex) {
logger.warn("DNS zone: {} is not present in the provider, proceeding with cleanup", dnsZoneName);
} catch (Exception ex) {
logger.error("Failed to delete DNS zone from provider", ex);
throw new CloudRuntimeException(String.format("Failed to delete DNS zone: %s.", dnsZoneName));
}

boolean dbResult = Transaction.execute((TransactionCallback<Boolean>) status -> {
dnsZoneNetworkMapDao.removeNetworkMappingByZoneId(zoneId);
// ToDo: delete nic_record_urls from vm_details if present before removing dnsZone
DnsZoneNetworkMapVO networkMapVO = dnsZoneNetworkMapDao.findByZoneId(zoneId);
if (networkMapVO != null) {
// Remove DNS records from nic_details if there are any
try {
DnsProvider provider = getProviderByType(server.getProviderType());
List<DnsRecord> records = provider.listRecords(server, dnsZone);
if (CollectionUtils.isNotEmpty(records)) {
List<String> dnsRecordNames = records.stream().map(DnsRecord::getName).filter(Objects::nonNull)
.map(name -> name.replaceAll("\\.+$", ""))
.collect(Collectors.toList());
nicDetailsDao.removeDetailsForValuesIn(ApiConstants.NIC_DNS_RECORD, dnsRecordNames);
}
} catch (Exception ex) {
logger.warn("Failed to fetch DNS records for dnsZone: {}, perform manual cleanup.", dnsZoneName, ex);
}
// Remove DNS zone from provider and cleanup DB
try {
DnsProvider provider = getProviderByType(server.getProviderType());
provider.deleteZone(server, dnsZone);
logger.debug("Deleted DNS zone: {} from provider", dnsZoneName);
} catch (DnsNotFoundException ex) {
logger.warn("DNS zone: {} is not present in the provider, proceeding with cleanup", dnsZoneName);
} catch (Exception ex) {
logger.error("Failed to delete DNS zone from provider", ex);
throw new CloudRuntimeException(String.format("Failed to delete DNS zone: %s.", dnsZoneName));
}
dnsZoneNetworkMapDao.removeNetworkMappingByZoneId(zoneId);
}
return dnsZoneDao.remove(zoneId);
});

if (!dbResult) {
logger.error("Failed to remove DNS zone {} from DB after provider deletion", dnsZoneName);
}
Expand Down Expand Up @@ -612,7 +632,10 @@ public DnsZoneNetworkMapResponse associateZoneToNetwork(AssociateDnsZoneToNetwor
throw new InvalidParameterValueException("DNS zone not found.");
}
accountMgr.checkAccess(caller, null, true, dnsZone);

DnsServerVO dnsServer = dnsServerDao.findById(dnsZone.getDnsServerId());
if (dnsServer == null) {
throw new CloudRuntimeException("The underlying DNS server for this DNS zone is missing.");
}
NetworkVO network = networkDao.findById(cmd.getNetworkId());
if (network == null) {
throw new InvalidParameterValueException("Network not found.");
Expand All @@ -621,11 +644,11 @@ public DnsZoneNetworkMapResponse associateZoneToNetwork(AssociateDnsZoneToNetwor
throw new CloudRuntimeException(String.format("Operation is not permitted for network type: %s", network.getGuestType()));
}
accountMgr.checkAccess(caller, null, true, network);

DnsZoneNetworkMapVO existing = dnsZoneNetworkMapDao.findByNetworkId(network.getId());
if (existing != null) {
throw new InvalidParameterValueException("Network has existing DNS zone associated to it.");
}

DnsZoneNetworkMapVO mapping = new DnsZoneNetworkMapVO(dnsZone.getId(), network.getId(), cmd.getSubDomain());
dnsZoneNetworkMapDao.persist(mapping);
DnsZoneNetworkMapResponse response = new DnsZoneNetworkMapResponse();
Expand Down
2 changes: 0 additions & 2 deletions server/src/main/java/org/apache/cloudstack/dns/dao/DnsServerDao.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,5 @@ public interface DnsServerDao extends GenericDao<DnsServerVO, Long> {

List<Long> listDnsServerIdsByAccountId(Long accountId);

Pair<List<DnsServerVO>, Integer> searchDnsServers(Long id, String keyword, String provider, Long accountId, Filter filter);

Pair<List<DnsServerVO>, Integer> searchDnsServer(Long dnsServerId, Long accountId, Set<Long> domainIds, DnsProviderType providerType, String keyword, Filter filter);
}
18 changes: 0 additions & 18 deletions server/src/main/java/org/apache/cloudstack/dns/dao/DnsServerDaoImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,24 +82,6 @@ public List<Long> listDnsServerIdsByAccountId(Long accountId) {
return customSearch(sc, null);
}

@Override
public Pair<List<DnsServerVO>, Integer> searchDnsServers(Long id, String keyword, String provider, Long accountId, Filter filter) {
SearchCriteria<DnsServerVO> sc = AllFieldsSearch.create();
if (id != null) {
sc.setParameters(ApiConstants.ID, id);
}
if (keyword != null) {
sc.setParameters(ApiConstants.NAME, "%" + keyword + "%");
}
if (provider != null) {
sc.setParameters(ApiConstants.PROVIDER_TYPE, provider);
}
if (accountId != null) {
sc.setParameters(ApiConstants.ACCOUNT_ID, accountId);
}
return searchAndCount(sc, filter);
}

@Override
public Pair<List<DnsServerVO>, Integer> searchDnsServer(Long dnsServerId, Long accountId, Set<Long> domainIds, DnsProviderType providerType,
String keyword, Filter filter) {
Expand Down
2 changes: 1 addition & 1 deletion server/src/main/java/org/apache/cloudstack/dns/dao/DnsZoneDaoImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ public DnsZoneDaoImpl() {
super();

DnsServerSearch = createSearchBuilder();
DnsServerSearch.selectFields(DnsServerSearch.entity().getDnsServerId());
DnsServerSearch.selectFields(DnsServerSearch.entity().getId());
DnsServerSearch.and(ApiConstants.DNS_SERVER_ID, DnsServerSearch.entity().getDnsServerId(), SearchCriteria.Op.EQ);
DnsServerSearch.done();

Expand Down
2 changes: 2 additions & 0 deletions server/src/main/java/org/apache/cloudstack/dns/dao/DnsZoneNetworkMapDao.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,4 +24,6 @@
public interface DnsZoneNetworkMapDao extends GenericDao<DnsZoneNetworkMapVO, Long> {
void removeNetworkMappingByZoneId(long dnsZoneId);
DnsZoneNetworkMapVO findByNetworkId(long networkId);

DnsZoneNetworkMapVO findByZoneId(long networkId);
}
7 changes: 7 additions & 0 deletions server/src/main/java/org/apache/cloudstack/dns/dao/DnsZoneNetworkMapDaoImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,4 +54,11 @@ public DnsZoneNetworkMapVO findByNetworkId(long networkId) {
sc.setParameters(ApiConstants.NETWORK_ID, networkId);
return findOneBy(sc);
}

@Override
public DnsZoneNetworkMapVO findByZoneId(long dnsZoneId) {
SearchCriteria<DnsZoneNetworkMapVO> sc = ZoneNetworkSearch.create();
sc.setParameters(ApiConstants.DNS_ZONE_ID, dnsZoneId);
return findOneBy(sc);
}
}
13 changes: 7 additions & 6 deletions ui/src/config/section/network.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1528,7 +1528,7 @@ export default {
{
name: 'dnsserver',
title: 'label.dns.server',
icon: 'global-outlined',
icon: 'cloud-server-outlined',
permission: ['listDnsServers'],
columns: ['name', 'url', 'provider', 'ispublic', 'port', 'nameservers', 'publicdomainsuffix'],
details: ['name', 'url', 'provider', 'ispublic', 'port', 'nameservers', 'publicdomainsuffix', 'domain', 'account'],
Expand All @@ -1555,6 +1555,7 @@ export default {
label: 'label.dns.update.server',
dataView: true,
popup: true,
show: (record, store) => { return record.account === store.userInfo.account || isAdminOrDomainAdmin(store.userInfo.roletype) },
component: shallowRef(defineAsyncComponent(() => import('@/views/network/dns/UpdateDnsServer.vue')))
},
{
Expand All @@ -1564,6 +1565,7 @@ export default {
message: 'message.action.delete.dns.server',
dataView: true,
popup: true,
show: (record, store) => { return record.account === store.userInfo.account || isAdminOrDomainAdmin(store.userInfo.roletype) },
groupAction: false,
groupMap: (selection) => { return selection.map(x => { return { id: x } }) }
}
Expand All @@ -1572,7 +1574,7 @@ export default {
{
name: 'dnszone',
title: 'label.dns.zones',
icon: 'global-outlined',
icon: 'apartment-outlined',
permission: ['listDnsZones'],
columns: ['name', 'state', 'dnsservername', 'account', 'description'],
details: ['name', 'id', 'state', 'dnsservername', 'dnsserverid', 'account', 'domainpath', 'description'],
Expand Down Expand Up @@ -1603,8 +1605,8 @@ export default {
label: 'label.dns.update.zone',
dataView: true,
popup: true,
component: shallowRef(defineAsyncComponent(() => import('@/views/network/dns/UpdateDnsZone.vue'))),
show: (record) => { return true }
show: (record, store) => { return record.account === store.userInfo.account || isAdminOrDomainAdmin(store.userInfo.roletype) },
component: shallowRef(defineAsyncComponent(() => import('@/views/network/dns/UpdateDnsZone.vue')))
},
{
api: 'deleteDnsZone',
Expand All @@ -1614,8 +1616,7 @@ export default {
dataView: true,
popup: true,
groupAction: false,
disabled: (record) => false,
show: (record) => { return true },
show: (record, store) => { return record.account === store.userInfo.account || isAdminOrDomainAdmin(store.userInfo.roletype) },
groupMap: (selection) => { return selection.map(x => { return { id: x } }) }
}
]
Expand Down
Loading