Enforce a minimum TTL for DNS records in TripleO jobs

We have reasons to believe there is a correlation between DNS lookup
failures we are seeing in the gate and the very low TTL of some
domains.

Since jobs are running on ephemeral nodes which wouldn't be impacted
by stale cache, enforce a minimum TTL of 900 (15 minutes) for DNS
records in the local Unbound configuration.
This means that a domain with a TTL of 60 seconds will be cached for
15 minutes instead.

This will lead to less queries which is less prone to failure and rate
limiting by recursive DNS providers.

Change-Id: Iab9f4426304fab6b9e6f0920ad5c4e3b94d74954
This commit is contained in:
David Moreau Simard 2017-11-29 18:09:30 -05:00
parent 3ac0fa0b5d
commit 11c8e9f263
No known key found for this signature in database
GPG Key ID: 33A07694CBB71ECC
1 changed files with 4 additions and 0 deletions

View File

@ -6,6 +6,10 @@
Base job template for TripleO jobs that leverage devstack-gate/dsvm
parent: legacy-dsvm-base
pre-run: playbooks/nodepool-provider/pre.yaml
vars:
# Note (dmsimard): This enforces a minimum TTL for DNS records, see
# https://review.openstack.org/#/c/523178/ for context
unbound_cache_min_ttl: 900
required-projects:
- openstack/aodh
- openstack/barbican