Skip to content

change DNS configuration to use proxy and update EIP state for subql #410

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 30, 2025
Merged

change DNS configuration to use proxy and update EIP state for subql #410

merged 1 commit into from
Jan 30, 2025

Conversation

@DaMandal0rian
Copy link
Contributor

@DaMandal0rian DaMandal0rian commented Jan 30, 2025
edited by github-actions bot
Loading

PR Type

Enhancement

Description

  • Updated DNS TTL values to 1 for faster propagation.

  • Enabled proxying for Cloudflare DNS records for added security.

  • Applied changes across multiple Cloudflare DNS records configurations.

Changes walkthrough 📝

Relevant files
Enhancement
dns.tf
Adjusted DNS TTL and enabled proxying                                       

templates/terraform/subql/base/dns.tf

  • Changed TTL value from 3600 to 1 for faster updates.
  • Added proxied = true to enable Cloudflare proxying.
  • Applied changes to multiple DNS records (blue, green, live, nova).
    		• +12/-6   
    Need help?
  • Type /help how to ... in the comments thread for any questions about PR-Agent usage.
  • Check out the documentation for more information.
    •

    @github-actions
    Copy link

    github-actions bot commented Jan 30, 2025

    PR Reviewer Guide 🔍

    Here are some key observations to aid the review process:

    ⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪
    🧪 No relevant tests
    🔒 No security concerns identified
    ⚡ Recommended focus areas for review

    TTL Configuration

    The TTL value for all DNS records has been reduced to 1. This change should be reviewed to ensure it aligns with the desired DNS propagation behavior and does not introduce unnecessary overhead or performance issues.

      ttl     = "1"
  proxied = true
}

resource "cloudflare_record" "subql-green" {
  count   = var.green-subql-node-config.instance-count-green > 0 ? var.green-subql-node-config.instance-count-green : 0
  zone_id = data.cloudflare_zone.cloudflare_zone.id
  name    = "${var.green-subql-node-config.domain-prefix}.${var.green-subql-node-config.network-name}"
  value   = local.green_subql_node_ip_v4[count.index]
  type    = "A"
  ttl     = "1"
  proxied = true
}

resource "cloudflare_record" "subql-live" {
  count   = var.blue-subql-node-config.instance-count-blue > 0 ? var.blue-subql-node-config.instance-count-blue : 0
  zone_id = data.cloudflare_zone.cloudflare_zone.id
  name    = "subql.${var.network_name}"
  value   = local.blue_subql_node_ip_v4[count.index]
  type    = "A"
  ttl     = "1"
  proxied = true
}

resource "cloudflare_record" "nova-subql-blue" {
  count   = var.nova-blue-subql-node-config.instance-count-blue > 0 ? var.nova-blue-subql-node-config.instance-count-blue : 0
  zone_id = data.cloudflare_zone.cloudflare_zone.id
  name    = "${var.nova-blue-subql-node-config.domain-prefix}.${var.network_name}"
  value   = local.blue_subql_node_ip_v4[count.index]
  type    = "A"
  ttl     = "1"
  proxied = true
}

resource "cloudflare_record" "nova-subql-green" {
  count   = var.nova-green-subql-node-config.instance-count-green > 0 ? var.nova-green-subql-node-config.instance-count-green : 0
  zone_id = data.cloudflare_zone.cloudflare_zone.id
  name    = "${var.nova-green-subql-node-config.domain-prefix}.${var.network_name}"
  value   = local.nova_green_subql_node_ip_v4[count.index]
  type    = "A"
  ttl     = "1"
  proxied = true
}

resource "cloudflare_record" "nova-subql-live" {
  count   = var.nova-blue-subql-node-config.instance-count-blue > 0 ? var.nova-blue-subql-node-config.instance-count-blue : 0
  zone_id = data.cloudflare_zone.cloudflare_zone.id
  name    = "nova.subql.${var.network_name}"
  value   = local.nova_blue_subql_node_ip_v4[count.index]
  type    = "A"
  ttl     = "1"
  proxied = true
    Proxying Enabled

    Proxying has been enabled for all DNS records. This change should be validated to ensure it does not conflict with the intended functionality or introduce unexpected behavior.

      ttl     = "1"
  proxied = true
}

resource "cloudflare_record" "subql-green" {
  count   = var.green-subql-node-config.instance-count-green > 0 ? var.green-subql-node-config.instance-count-green : 0
  zone_id = data.cloudflare_zone.cloudflare_zone.id
  name    = "${var.green-subql-node-config.domain-prefix}.${var.green-subql-node-config.network-name}"
  value   = local.green_subql_node_ip_v4[count.index]
  type    = "A"
  ttl     = "1"
  proxied = true
}

resource "cloudflare_record" "subql-live" {
  count   = var.blue-subql-node-config.instance-count-blue > 0 ? var.blue-subql-node-config.instance-count-blue : 0
  zone_id = data.cloudflare_zone.cloudflare_zone.id
  name    = "subql.${var.network_name}"
  value   = local.blue_subql_node_ip_v4[count.index]
  type    = "A"
  ttl     = "1"
  proxied = true
}

resource "cloudflare_record" "nova-subql-blue" {
  count   = var.nova-blue-subql-node-config.instance-count-blue > 0 ? var.nova-blue-subql-node-config.instance-count-blue : 0
  zone_id = data.cloudflare_zone.cloudflare_zone.id
  name    = "${var.nova-blue-subql-node-config.domain-prefix}.${var.network_name}"
  value   = local.blue_subql_node_ip_v4[count.index]
  type    = "A"
  ttl     = "1"
  proxied = true
}

resource "cloudflare_record" "nova-subql-green" {
  count   = var.nova-green-subql-node-config.instance-count-green > 0 ? var.nova-green-subql-node-config.instance-count-green : 0
  zone_id = data.cloudflare_zone.cloudflare_zone.id
  name    = "${var.nova-green-subql-node-config.domain-prefix}.${var.network_name}"
  value   = local.nova_green_subql_node_ip_v4[count.index]
  type    = "A"
  ttl     = "1"
  proxied = true
}

resource "cloudflare_record" "nova-subql-live" {
  count   = var.nova-blue-subql-node-config.instance-count-blue > 0 ? var.nova-blue-subql-node-config.instance-count-blue : 0
  zone_id = data.cloudflare_zone.cloudflare_zone.id
  name    = "nova.subql.${var.network_name}"
  value   = local.nova_blue_subql_node_ip_v4[count.index]
  type    = "A"
  ttl     = "1"
  proxied = true

    @github-actions
    Copy link

    github-actions bot commented Jan 30, 2025

    PR Code Suggestions ✨

    Explore these optional code suggestions:

    CategorySuggestion                                                                                                                                    Score
    General
    Increase TTL to reduce DNS load

    Setting the TTL to "1" may result in excessive DNS queries and increased load on the
    DNS server. Consider using a higher TTL value to reduce the frequency of DNS lookups
    while balancing the need for quick updates.

    templates/terraform/subql/base/dns.tf [11]

    -ttl     = "1"
+ttl     = "300"
    Suggestion importance[1-10]: 9

    Why: The suggestion addresses a critical issue where a TTL value of "1" could lead to excessive DNS queries, increasing server load and potentially causing performance issues. Increasing the TTL to "300" is a reasonable compromise between reducing DNS load and maintaining timely updates.

    		9
    Make proxying behavior configurable

    Ensure that enabling the proxied option aligns with the intended behavior, as it
    routes traffic through Cloudflare's proxy, potentially affecting latency and
    caching.

    templates/terraform/subql/base/dns.tf [12]

    -proxied = true
+proxied = var.enable_proxy
    Suggestion importance[1-10]: 7

    Why: The suggestion to make the proxied option configurable improves flexibility and ensures that the behavior aligns with the intended use case. However, it requires additional context to verify if var.enable_proxy is defined and used correctly in the configuration.

    		7

    marc-aurele-besner
    marc-aurele-besner approved these changes Jan 30, 2025
    View reviewed changes
    Copy link

    @marc-aurele-besner marc-aurele-besner left a comment

    Choose a reason for hiding this comment

    The reason will be displayed to describe this comment to others. Learn more.

    LGTM

    @DaMandal0rian DaMandal0rian merged commit 50378c6 into main Jan 30, 2025
    1 check passed
    @DaMandal0rian DaMandal0rian deleted the subql-indexer-ip-changes branch January 30, 2025 14:09
    @DaMandal0rian DaMandal0rian changed the title change DNS configuration to use proxy and update EIP state change DNS configuration to use proxy and update EIP state for subql Feb 15, 2025
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

    Reviewers

    1 more reviewer

    @marc-aurele-besner marc-aurele-besner marc-aurele-besner approved these changes

    Reviewers whose approvals may not affect merge requirements

    Assignees

    No one assigned

    Labels

    Review effort [1-5]: 2

    Projects

    None yet

    Milestone

    No milestone

    Development

    Successfully merging this pull request may close these issues.

    3 participants

    @DaMandal0rian @marc-aurele-besner