Bug #34675
open
Allow suppression of record_conflicts
Description
When provisioning a new host, a DNS record is created if a DNS smart proxy is created. During this process, the smart proxy pings the address to verify it is not assigned:
However, in the right configuration, such as the use of a PowerDNS recursor in front of an Authoritative Server (AS) (if using the Power DNS smart proxy for example: https://github.com/theforeman/smart_proxy_dns_powerdns), this caches a negative response. Subsequent requests to the cache will then report that this record does not exist and if the caching period is less than the build time. This can cause later issues with post-install tasks like joining a FreeIPA domain (which checks records are properly configured for security purposes)or Puppet/Ansible/Salt attachment & formulas.
A settings option to suppress these checks would allow a workaround for this problem as a solution on the DNS server side can be non-trivial.
No data to display