Skip to content

Terraform: manage LUA records

Josh Soref edited this page Aug 29, 2021 · 2 revisions

How to manage LUA records with dynamic updates and terraform with your authoritative server.

Requirements

Enable LUA records and DNS update to your pdns.conf

enable-lua-records=yes
dnsupdate=yes

Create a Tsig key and set metadata to your zone to authorize DNSUPDATE and AXFR with TSIG authentication.

TSIG-ALLOW-DNSUPDATE
TSIG-ALLOW-AXFR

Provider configuration

  1. Create a main.tf file

  2. Install the provider "powerdns-glsb" then, run terraform init.

terraform {
  required_providers {
    powerdns-gslb = {
      source = "dmachard/powerdns-gslb"
      version = "1.3.0"
    }
  }
}
  1. Configure your provider with address of the DNS server to send updates to and TSIG authentication parameters
provider "powerdns-gslb" {
    server        = "10.0.0.210"
    key_name      = "test."
    key_algo      = "hmac-sha256"
    key_secret    = "SxEKov9vWTM+c7k9G6ho5nK.....n5nND5BOHzE6ybvy0+dw=="
}

Create custom LUA record

Create the source powerdns-gslb_lua then, run terraform apply.

resource "powerdns-gslb_lua" "svc1" {
  zone = "home.internal."
  name = "test_lua"
  record {
    rrtype = "A"
    ttl = 5
    snippet = "ifportup(8082, {'10.0.0.1', '10.0.0.2'})"
  }
}

You can removed the record by running terraform destroy.

Create pre-configured record

Some resources are available for ifurlup, ifportup, pickrandom and wpickrandom

resource "powerdns-gslb_pickrandom" "foo" {
  zone = "home.internal."
  name = "test_pickrandom"
  record {
    rrtype = "A"
    ttl = 5
    addresses = [ 
      "127.0.0.1",
      "127.0.0.2",
    ]
  }
}