Table of Contents generated with DocToc

• Role Name
  • Requirements
  • Role Variables
  • Dependencies
  • Example Playbook
  • License
  • Author Information

Role Name

An Ansible role to install PowerDNS DNSDist.

Requirements

None

Role Variables

---
# defaults file for ansible-powerdns-dnsdist
pdns_dnsdist_config: true

pdns_dnsdist_acls:
  - 10.0.0.0/8
  # - 100.64.0.0/10
  - 169.254.0.0/16
  - 192.168.0.0/16
  - 172.16.0.0/12
  - ::1/128
  - fc00::/7
  - fe80::/10

pdns_dnsdist_cache:
  - name: pc
    # Required
    max_entries: 10000
    # Not required
    max_lifetime: 86400
    # Not required
    min_ttl: 0
    # Required...the default is blank as it creates a cache for the default pool
    # otherwise define a pool name
    pool: ""
    # Not required
    ttl_server_failure_response: 60
    # Not required
    ttl_stale_cache: 60

pdns_dnsdist_carbon_metrics_info:
  # Defines the interval in which to send metrics
  interval: 30
  # Defines the hostname which shows in metrics collection
  reporting_hostname: "{{ ansible_hostname }}"
  # Defines the server to send metrics to
  server: "graphite.{{ pdns_dnsdist_pri_domain_name }}"

pdns_dnsdist_debian_pre_reqs:
  - libsystemd-dev

pdns_dnsdist_debian_repo: "deb [arch=amd64] {{ pdns_dnsdist_repo_url }}/{{ ansible_distribution|lower }} {{ ansible_distribution_release|lower }}"
pdns_dnsdist_debian_repo_key: https://repo.powerdns.com/FD380FBB-pub.asc

# Defines domains in which to block inbound traffic from
pdns_dnsdist_domain_blocks:
  - ezdns.it.
  - sh43354.cn.

pdns_dnsdist_downstream_servers:
  # - address: 192.168.202.201
    # # Define order if order based selection is desired
    # order: 1
    # # Defines a pool name to assign the server to
    # pool: test
    # # Defines a different port for downstream server
    # port: 5300
    # # Defines the Queries Per Second limit
    # qps: 1000
    # # Defines receive timeout (default is 2)
    # recv_timeout: 2
    # # Defines send timeout (default is 2)
    # send_timeout: 2
  - address: 8.8.8.8
    pool: google
  - address: 8.8.4.4
    pool: google
  - address: 208.67.222.222
    pool: opendns
  - address: 208.67.220.220
    pool: opendns

# http://dnsdist.org/README/#acl-who-can-use-dnsdist
pdns_dnsdist_enable_acls: true

# http://dnsdist.org/README/#caching
pdns_dnsdist_enable_cache: true

# http://dnsdist.org/README/#carbongraphitemetronome
pdns_dnsdist_enable_carbon_metrics: false

pdns_dnsdist_enable_control_socket: true
pdns_dnsdist_enable_domain_blocks: false
pdns_dnsdist_enable_pool_rules: true

# http://dnsdist.org/README/#webserver
pdns_dnsdist_enable_webserver: true

pdns_dnsdist_local_address: 0.0.0.0

pdns_dnsdist_pool_rules: []
  # - query:
  #     - conviva.com
  #   pool: google
  # - query:
  #     - facebook.com.
  #   pool: opendns

pdns_dnsdist_pri_domain_name: example.org

pdns_dnsdist_redhat_pre_reqs:
  - epel-release
  - yum-plugin-priorities

pdns_dnsdist_repo_url: http://repo.powerdns.com

# firstAvailable|RoundRobin|whashed|wrandom|leastOutstanding
pdns_dnsdist_server_policy: leastOutstanding

# Make sure to change this key...generate a new one by running the following
# on your dnsdist server as I have not been able to get Ansible to automate
# the capturing of a generated key
# echo "makeKey()" | sudo dnsdist
pdns_dnsdist_setkey: "bKKPxcw4ieTkt29PenVFRcXzt1Nwc78TK+hHdUvqMCo="

# Define version to install...(1.0.x|1.1.x|1.2.x)
pdns_dnsdist_ver: 1.2.x

pdns_dnsdist_webserver_info:
  address: 0.0.0.0
  api_key: changeme
  port: 8083
  password: changeme

Dependencies

None

Example Playbook

- hosts: all
  become: true
  vars:
  roles:
    - role: ansible-powerdns-dnsdist
  tasks:

License

BSD

Author Information

Larry Smith Jr.

• @mrlesmithjr
• EverythingShouldBeVirtual
• mrlesmithjr [at] gmail.com