How to generate good serials for DNS zones with Puppet?
My tradition is to set all zone serials to the timestamp at modification. Now that Puppet is my new religion, I want to set serial timestamps when building zone files from exported resources. A somewhat trivialized example may look like this:
file { "/tmp/dafile": content = inline_template("<%= Time.now.to_i %>"), }
The problem with this approach is that content will be different all the time, which will (ultimately) provoke rebuilding of zone files on each puppet config poll.
Is there some way I can insert a timestamp without it being included in the data that is compared against previous state?
Don't use a template, if you try to use a serial number there the problem is your going to keep making changes each time.
I have two ideas:
- Create a proper type that can manage DNS using DNS updates via the standard API. Then let BIND do the serial number increments itself.
- Use a file fragment pattern on each element within your DNS zone, and have it so that the main zone file only gets updated when these change. You do this by having a 'zone refresh' exec that concats your parts into the final zone including the header. The difference between most file fragment solutions would be that you generate your zone serial from a timestamp or some such, which should only ever get triggered when the parts are changed thus avoiding the constant serial number changes you would get from a template.
Some examples of the file fragment pattern are here:
http://projects.puppetlabs.com/projects/puppet/wiki/Generating_a_config_file_from_fragments
https://github.com/ripienaar/puppet-concat
How about using the timestamp of the file:
file { "/tmp/dafile": content = inline_template("<%= File.mtime("/tmp/dafile").to_i %>"), }
The only thing is that this will probably run on each client and may update the timestamp of the file for every run. If it doesn't, it should suit your requirement.