Skip to content

Commit

Permalink
Revert nats jetstream (nameserver-systems#401)
Browse files Browse the repository at this point in the history
* Revert "fix: make nats consumer durable with cleanup after one week (nameserver-systems#363)"

This reverts commit 824712b.

* Revert "fix: consumer listener and topic (nameserver-systems#362)"

This reverts commit 4d938fb.

* Revert "fix: use unique consumer id (nameserver-systems#361)"

This reverts commit c79800c.

* Revert "test: remove duplicate mocks (nameserver-systems#345)"

This reverts commit 2e39e84.

* Revert "BREAKING CHANGE: Remove consul as dependency and replacing it by nats jetstream (nameserver-systems#342)"

This reverts commit f7eafc2
  • Loading branch information
linxside authored Jul 13, 2024
1 parent bd07d8f commit 3acc97e
Show file tree
Hide file tree
Showing 55 changed files with 1,242 additions and 1,638 deletions.
4 changes: 1 addition & 3 deletions .golangci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -32,11 +32,9 @@ linters:
- dupl
- exportloopref
- govet
disable:
- errcheck
disable-all: false
presets:
- bugs
- format
- unused
- complexity
- performance
Expand Down
13 changes: 9 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,16 +27,21 @@ Microservices:
- contains zone information
- Nx secondary (public authoritative nameserver)
- serves zone data
- Nx nats with jetstream (message broker)
- complete communication between microservices will use handled by broker
- Nx consul (service discovery)
- used for discovering active healthy secondaries
- healthchecks
- after a defined interval without a ping a secondary will be marked as inactive
- every microservice pings consul in a configurable interval
- after three times interval without a ping from a microservice, this service will be unhealthy
- after ten times interval without a ping the service will be deregistered
- if the systemload is greater than 10 the service will be in a warn state
- Nx nats (message broker)
- complete communication between microservices will use handled by broker

## Techstack

* written in Go
* NATS as Message Broker
* Consul for Service Discovery
* NATS as Message Broker for the biggest amount of communication

## Dependencies

Expand Down
6 changes: 6 additions & 0 deletions build/ci/services/config/pdns-api-proxy/config.toml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,12 @@ DEBUG = true
[Prometheus]
Address = "0.0.0.0:9502" # turn off by set empty string

[ServiceDiscovery]
URL = "http://consul:8500"
HealthPingIntervall = "5s"
Username = "" # optional
Password = "" # optional

[MessageBroker]
URL = "nats://nats:4222"
Username = "" # optional
Expand Down
8 changes: 7 additions & 1 deletion build/ci/services/config/pdns-health-checker/config.toml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,12 @@ DEBUG = true
[Prometheus]
Address = "0.0.0.0:9501" # turn off by set empty string

[ServiceDiscovery]
URL = "http://consul:8500"
HealthPingIntervall = "5s"
Username = "" # optional
Password = "" # optional

[MessageBroker]
URL = "nats://nats:4222"
Username = "" # optional
Expand All @@ -26,7 +32,7 @@ Mod = "zone.modified"
Del = "zone.delete"

[ZoneStateTopics]
Prefix = "zonestate.>"
Prefix = "zonestate."

[HealthChecks]
EventCheckWaitTime = "20s"
Expand Down
10 changes: 8 additions & 2 deletions build/ci/services/config/pdns-secondary-syncer/config.toml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,12 @@ DEBUG = true
[Prometheus]
Address = "0.0.0.0:9503" # turn off by set empty string

[ServiceDiscovery]
URL = "http://consul:8500"
HealthPingIntervall = "5s"
Username = "" # optional
Password = "" # optional

[MessageBroker]
URL = "nats://nats:4222"
Username = "" # optional
Expand All @@ -23,7 +29,7 @@ EventDelay = "0s"
APIWorker = 4

[AXFRPrimary]
Address = "10.89.1.54:20102"
Address = "0.0.0.0:20102"

[ZoneEventTopics]
Add = "zone.add"
Expand All @@ -34,4 +40,4 @@ Del = "zone.delete"
Prefix = "zonedata."

[ZoneStateTopics]
Prefix = "zonestate.>"
Prefix = "zonestate."
10 changes: 8 additions & 2 deletions build/ci/services/config/pdns-zone-provider/config.toml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,12 @@ DEBUG = true
[Prometheus]
Address = "0.0.0.0:9500" # turn off by set empty string

[ServiceDiscovery]
URL = "http://consul:8500"
HealthPingIntervall = "5s"
Username = "" # optional
Password = "" # optional

[MessageBroker]
URL = "nats://nats:4222"
Username = "" # optional
Expand All @@ -20,7 +26,7 @@ URL = "http://pdns-primary:8081"
APIToken = "0000"
ServerID = "localhost"
AXFRTimeout = "2s"
AXFRAddress = "pdns-primary:5301"
AXFRAddress = "127.0.0.1:53"

[ZoneDataTopics]
Wildcard = "zonedata.>"
Wildcard = "zonedata.*"
4 changes: 1 addition & 3 deletions cmd/example-microservice/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -40,9 +40,7 @@ func main() {

go startHealthServiceEndpoint(xd)

if err := xd.MessageBroker.SubscribeAsync("test.test", waitformessage); err != nil {
logger.FatalErrLog(err)
}
xd.MessageBroker.SubscribeAsync("test.test", waitformessage)

servutils.WaitToShutdownServer(&xd, func() {
closeMicroservice(xd)
Expand Down
6 changes: 6 additions & 0 deletions configs/example-microservice/config.toml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,12 @@ DEBUG = true
[Prometheus]
Address = "localhost:9499" # turn off by set empty string

[ServiceDiscovery]
URL = "http://localhost:8500"
HealthPingIntervall = "5s"
Username = "" # optional
Password = "" # optional

[MessageBroker]
URL = "nats://localhost:4222"
Username = "" # optional
Expand Down
6 changes: 6 additions & 0 deletions configs/pdns-api-proxy/config.toml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,12 @@ DEBUG = true
[Prometheus]
Address = "localhost:9502" # turn off by set empty string

[ServiceDiscovery]
URL = "http://localhost:8500"
HealthPingIntervall = "5s"
Username = "" # optional
Password = "" # optional

[MessageBroker]
URL = "nats://localhost:4222"
Username = "" # optional
Expand Down
8 changes: 7 additions & 1 deletion configs/pdns-health-checker/config.toml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,12 @@ DEBUG = true
[Prometheus]
Address = "localhost:9501" # turn off by set empty string

[ServiceDiscovery]
URL = "http://localhost:8500"
HealthPingIntervall = "5s"
Username = "" # optional
Password = "" # optional

[MessageBroker]
URL = "nats://localhost:4222"
Username = "" # optional
Expand All @@ -26,7 +32,7 @@ Mod = "zone.modified"
Del = "zone.delete"

[ZoneStateTopics]
Prefix = "zonestate.>"
Prefix = "zonestate."

[HealthChecks]
EventCheckWaitTime = "20s"
Expand Down
8 changes: 7 additions & 1 deletion configs/pdns-secondary-syncer/config.toml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,12 @@ DEBUG = true
[Prometheus]
Address = "localhost:9503" # turn off by set empty string

[ServiceDiscovery]
URL = "http://localhost:8500"
HealthPingIntervall = "5s"
Username = "" # optional
Password = "" # optional

[MessageBroker]
URL = "nats://localhost:4222"
Username = "" # optional
Expand All @@ -34,4 +40,4 @@ Del = "zone.delete"
Prefix = "zonedata."

[ZoneStateTopics]
Prefix = "zonestate.>"
Prefix = "zonestate."
8 changes: 7 additions & 1 deletion configs/pdns-zone-provider/config.toml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,12 @@ DEBUG = true
[Prometheus]
Address = "localhost:9500" # turn off by set empty string

[ServiceDiscovery]
URL = "http://localhost:8500"
HealthPingIntervall = "5s"
Username = "" # optional
Password = "" # optional

[MessageBroker]
URL = "nats://localhost:4222"
Username = "" # optional
Expand All @@ -23,4 +29,4 @@ AXFRTimeout = "2s"
AXFRAddress = "127.0.0.1:53"

[ZoneDataTopics]
Wildcard = "zonedata.>"
Wildcard = "zonedata.*"
22 changes: 13 additions & 9 deletions container-compose.yaml → docker-compose.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,7 @@ services:
depends_on:
- pdns-secondary
networks:
pdns-distribute-net:
ipv4_address: 10.89.1.54
- pdns-distribute-net
ports:
- "9503:9503"
pdns-zone-provider:
Expand All @@ -43,15 +42,15 @@ services:
depends_on:
- pdns-secondary
networks:
pdns-distribute-net:
ipv4_address: 10.89.1.55
- pdns-distribute-net
ports:
- "9500:9500"
pdns-primary:
build:
context: ./build/ci/pdns-primary
dockerfile: Containerfile
depends_on:
- consul
- nats
networks:
- pdns-distribute-net
Expand All @@ -63,22 +62,30 @@ services:
context: ./build/ci/pdns-secondary
dockerfile: Containerfile
depends_on:
- consul
- nats
networks:
- pdns-distribute-net
ports:
- "5300:53"
- "8082:8082"
consul:
image: docker.io/hashicorp/consul:1.17.2
networks:
- pdns-distribute-net
ports:
- "8500:8500"
- "8501:8501"
nats:
image: docker.io/library/nats:2.10.11
image: docker.io/library/nats:2.10.10
command: ["--config", "nats-server.conf", "--jetstream", "--server_name", "nats-js-test", "--routes", "nats://ruser:T0pS3cr3t@nats2:6223"]
networks:
- pdns-distribute-net
ports:
- "4222:4222"
- "8222:8222"
nats2:
image: docker.io/library/nats:2.10.11
image: docker.io/library/nats:2.10.10
command: ["--config", "nats-server.conf", "--jetstream", "--server_name", "nats-js-test2", "--routes", "nats://ruser:T0pS3cr3t@nats:6222", "--port", "4223", "--http_port", "8223", "--cluster", "nats://nats2:6223"]
networks:
- pdns-distribute-net
Expand All @@ -88,6 +95,3 @@ services:
networks:
pdns-distribute-net:
enable_ipv6: false
ipam:
config:
- subnet: 10.89.1.0/24
5 changes: 3 additions & 2 deletions docs/development/release.md
Original file line number Diff line number Diff line change
Expand Up @@ -18,14 +18,15 @@ make snapshot-release
```git
git describe --tags --abbrev=0
```
1. Increment the version, create the tag and push to main repository. Commit tags use the format

2. Increment the version, create the tag and push to main repository. Commit tags use the format
[Semantic Versioning](https://semver.org/). The tag description can be the semantic version.
```git
git tag -a v0.0.0 -m "v0.0.0"
git push
```

1. Build release.
3. Build release.

!!! caution
The build and deployment of the production release / binaries is part of the GitHub pipeline.
Expand Down
5 changes: 4 additions & 1 deletion docs/development/test.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,13 @@ The local test environment consist of one container per pdns-distribute microser

*Container Overview:*

??? note "consul"
The service discovery tool consul exposes the ports 8500 and 8501 to the host. Consul runs in standalone mode.
??? note "nats"
The message broker service nats exposes the ports 4222 and 8222 to the host. Nats runs in cluster mode. Every service connects to this nats instance.
??? note "nats2"
The message broker service nats exposes the ports 4223 and 8223 to the host. This instance is part of the two node cluster which is necessary to activate jetstream and has no other function.
The message broker service nats exposes the ports 4223 and 8223 to the host. This instance is part of the two node
cluster which is necessary to activate Jetstream and has no other function.
??? note "pdns-primary"
This container contains a powerdns server with a sqlite3 database as backend. It is the source
of zonedata for the synchronization process. This container exposes port 8081 for the api and port 5301 for DNS (like port 53).
Expand Down
26 changes: 16 additions & 10 deletions docs/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,14 +11,14 @@ features.

## Features
* event based architecture (hidden primary, public secondary) for fast and scalable sync
* self-healing of outdated secondaries
* self healing of outdated secondaries
* message driven
* most events parallelized
* easy deployment by providing .deb packages and systemd configs for automatic restart
* security by keeping it simple
* security: transport encryption with by nats
* security: and encryption provided by consul and nats
* security: secondaries doesn't have dnssec private keys
* security: if system load is too high the health check will be show a warning
* security: if system load is too high the health check will be show an warning
* full ipv6 support (ipv4 is optional)

* self-healing
Expand All @@ -40,31 +40,37 @@ Microservices:
## Architecture

- 1x primary (internal data management)
- clients can use the primary through the powerdns api
- clients can using the primary through the powerdns api
- contains zone information
- Nx secondary (public authoritative nameserver)
- serves zone data
- Nx nats with jetstream (message broker)
- complete communication between microservices will use handled by broker
- Nx consul (service discovery)
- used for discovering active healthy secondaries
- healthchecks
- after a defined interval without a ping a secondary will be marked as inactive
- every microservice pings consul in a configurable interval
- after three times interval without a ping from a microservice, this service will be unhealthy
- after ten times interval without a ping the service will be deregistered
- if the systemload is greater than 10 the service will be in a warn state
- Nx nats (message broker)
- complete communication between microservices will use handled by broker

### Security

Sensitive data for dnssec signing is kept only on the primary server. The signed zone data - without the secret keys - will be
transferred to every secondary server. All microservices will connect to nats, it's responsible for secure access
transferred to every secondary server. All microservices will connect to consul and nats, they are responsible for
secure access
to the infrastructure and encryption of server to server connections. This has the advantage of not having to care about certificates
for each microservice.

## Techstack

* written in Go
* NATS as Message Broker
* Consul for Service Discovery
* NATS as Message Broker for the biggest amount of communication

## Dependencies

* go (>= 1.22)
* go (>= 1.17)
* podman
* golangci-lint
* goreleaser
Expand Down
Loading

0 comments on commit 3acc97e

Please sign in to comment.