0

What is the business impact you are facing?

Hi , We have domains say mildev.com and it has it original 4 NS assigned while creation. I want to append a few more name servers to it (my secondary NS).

but when i try to update the NS list using terraform it fails with Error: Error creating ResourceDnsRecordSet: googleapi: Error 409: The resource 'entity.rrset' named 'mildev.com. (NS)' already exists, alreadyExists

Of-course, the name mildev.com NS [[NS_list_origina_]] is there but is there a way i can update? I see update is allowed using UI but why isnt it allowed via APIs?

Any guidance will be helpfull.

Thanks

  type       = string
  default    = "mildev.com."
}


resource "google_dns_managed_zone" "selected" {
  name        = format("d-%s",replace(trim(var.domain_name , "."),".","-"))
  dns_name    = var.domain_name
  visibility  = "public"
}


locals {
 sec_name_servers = [
     "pdns93.net.",
     "pdns94.biz.",
     "pdns93.com.",
     "pdns93.org.",
  ]
}

resource "google_dns_record_set" "add_ns_records" {
  name            =  google_dns_managed_zone.selected.dns_name
  rrdatas         = concat(local.sec_name_servers,google_dns_managed_zone.selected.name_servers)
  ttl             = 86400
  type            = "NS"
  managed_zone    = google_dns_managed_zone.selected.name
}
Devi Ojha
  • 191
  • 1
  • 2
  • 1
    If a resource already exists, you must import the resource first and recreate the existing configuration. Then you can manage that resource under Terraform. https://www.terraform.io/docs/cli/import/index.html – John Hanley May 12 '21 at 17:00
  • nope the resource doesn't exist, its being create as part of this script. whats happening is when the domain gets created it gets is default set of NS. and I'm as part of this requirement trying to update that default set of NS with a few more NS and thats when it says the record already exist, ofcourse the default set will be there. This isnt a problem with aws as aws has allow_overwrite flag. – Devi Ojha May 13 '21 at 08:55
  • Although it is possible to add additional name servers to your domain, only do this if you are an expert with DNS, and you understand masters/slaves/replication/etc. This must be done at the registrar also. Hint: do not do this. – John Hanley May 20 '21 at 22:15

2 Answers2

1

When Terraform creates a google_dns_managed_zone, the zone automatically gets created with NS records specific to Google Cloud (nameservers they provide that the zone will live on). Terraform does not import these NS records into state, so all future attempts to add or manipulate NS records in any Google Cloud Zone will fail, citing that the record set already exists: 1 2

  • google_dns_record_set.clouddns_ns: Error creating DNS RecordSet: googleapi: Error 409: The resource 'entity.change.additions[0]' named 'domain.com. (NS)' already exists, alreadyExists.

Additionally make sure you are using the latest terraform version.

$ terraform -v

Siva Mannani
  • 141
  • 2
  • Thanks Siva, so does that mean you can’t append default set of NS? I am sure it was working because my whole pipeline was created that way. It’s only been failing with recent google provider. I am using terraform 12.31 , have tried with latter version too but same error. And in aws this isn’t a issue as you have option to overwrite. – Devi Ojha May 15 '21 at 10:40
0

You will not change the name servers there, as the NS records (usually) are being configured at the domain registrar - not in Cloud DNS. Unless the registrar would be Google Domains, your code might be running against the wrong site. When updating NS in Cloud DNS (in case this may even be possible), but not the registrar, you might end up with broken DNS resolution.

Adding / removing NS is generally a strange concept, as one may add this type of record once and then forgets about it... besides, Cloud DNS has 100% guaranteed uptime and it distributes quickly.

The default NS to use would be eg:

ns-cloud-c1.googledomains.com.
ns-cloud-c2.googledomains.com.
ns-cloud-c3.googledomains.com.
ns-cloud-c4.googledomains.com.
Martin Zeitler
  • 1
  • 19
  • 155
  • 216