Page MenuHomePhabricator
Create Task
Maniphest T9578

What about implementing a DNS Almanac service
Closed, WontfixPublic
Actions

Description

Basically looking at the development of Harbormaster, of Drydock and the potential development of Chuckr (or whatever name the future of releeph would have) I was wondering if it was ever thought to have a DNS almanac service.

Could be self made or just connect to power DNS (https://doc.powerdns.com/md/authoritative/backend-remote/ with http or pipe through ssh) !

Basically that would help for two things :

  • once hm build one website for one diff, dev can have access to a long-hash.build.example.com and test the site lives
  • when one cut a release, and harbormaster successfully deploy it to a new instance, change the DNS from old release to new one

If you think it is easy enough, I would be found too implement this.

Event Timeline

tycho.tatitscheff created this task.Oct 15 2015, 3:07 PM
tycho.tatitscheff updated the task description. (Show Details)
tycho.tatitscheff added a project: Almanac.
tycho.tatitscheff added a subscriber: tycho.tatitscheff.
revi added a subscriber: revi.Oct 15 2015, 4:02 PM
joshuaspence added a subscriber: joshuaspence.Oct 15 2015, 7:43 PM
epriestley closed this task as Wontfix.Oct 16 2015, 12:37 AM
epriestley claimed this task.
epriestley added a subscriber: epriestley.

It's vaguely possible we'll pursue this eventually, but I doubt it, and any such support is years away.

I don't think DNS is well-suited to the problems you describe. Generally, I think the unpredictable TTL behavior of DNS makes it undesirable for most operations where you have significant control over the response chain. In both situations, it would be better to point wildcard DNS at a loadbalancer and have the loadbalancer know or go look up the correct request destination and route the request there.

This fixes a lot of problems: stuff will work instantly, you can fix stuff instantly (or control the TTL policy for caches), you can switch traffic between releases instantly instead of bleeding it between them gradually as client TTLs expire, you can serve a meaningful response when a sandbox or service doesn't exist, etc.

In the past, I also vaguely entertained DNS as a tool to help with bootstrapping problems. At Facebook, the equivalent of Almanac was called "SMC" ("Service Management Console"), and boostrapping it was complex because the SMC, cache, and configuration layers were intertwined. But I tend to think more careful design is a better solution here, particularly after having deployed the cluster with most of the same mechanisms and none of the boostrapping problems.

Another possible advantage of DNS is simpler access from non-PHP clients, but I think a JSON plain HTTP interface is more promising here, and in modern Phabricator the Conduit API is simple enough that this is reasonable (the older flavors of the API required more work, but the modern one is cURL-able).

I'm just going to close this since I currently don't anticipate ever integrating Almanac with DNS, and if we do such integration is years away.

tycho.tatitscheff added a comment.Oct 16 2015, 9:13 AM

First thank you very much for writting this long explanation.

For the second use case the concern seems right. For generating long-hash.example.com, if hash is unique, then the ttl issue don't apply.

Anyway, your solution is surely mote scalable. There is already some code (private source for phacility) so you can boostrap server. How do you process, did you manage to remotely control nginx/varnish/pound? Is it easy to do?

Phabricator · Built by Phacility