Sign in Subscribe

If humans do stuff that computers can do, computers gather at night and laugh at the human

Klaus Hebsgaard

2 min read

Sometimes we have to do really boring work as software developers.

For instance today we are working on moving a domain from our internal DNS servers to AWS route53.

This domain has been in our hands for 25 years - we have a lot of DNS records.

We naturally have to make sure every record exists in the new DNS - otherwise people can't receive mails or other important stuff.

The natural thing to do is compare the two DNS servers. Unfortunately I don't know of a way to compare two dns servers.

And I promise you I am not going to do the boring work of comparing every DNS record I know of (I actually lied in the beginning - we are moving 3 domains).

But I am a human who knows programming.

So instead of sitting down and do dull comparison work - I will sit down and do interesting programming work.

Using the AWS cli for route53 I can get all the DNS records like so (if you don't know about jq and you do json stuff - you will love it!)

prod aws route53 list-resource-record-sets --hosted-zone-id $ZONE_ID | jq '.ResourceRecordSets[] | {Name: .Name, Type: .Type, Value: .ResourceRecords[].Value}'

I put this into a file and I do some manual mangling (I should automate that, but hey this is a one off - right [it never is]) I put it into a file called input.json

I then parse the file like to

jq -c '.[]' input.json | while read i; do
    echo "========================================="
    # Name, Type, Value
    name=`echo $i | jq '.Name' | tr -d "\"" `
    ttype=`echo $i | jq '.Type' | tr -d "\""`
    value=`echo $i | jq '.Value' | tr -d "\""`
    
    echo $name $ttype $value
    dig_options=( $ttype +noall +answer )

    existing=`dig "${dig_options[@]}" $name @8.8.8.8 | sed 's/[0-9]*//g' | sort -u`
    new=`dig "${dig_options[@]}" $name @$AWS_DNS_SERVER | sed 's/[0-9]*//g' | sort -u`
    if [[ "$existing" == "$new" ]]; then

      echo -e "\e[01;32mstrings are equal\e[0m"
    else
      echo -e "\e[01;31mstrings are not equal\e[0m"

      echo "from existing dns"
      echo $existing

      echo "from new dns"
      echo $new
    fi

done

This script will loop over all the records from route53 and look it up in dig from googles DNS server and the new AWS route53 server and it will give me a nice output, where red mean I made a mistake and green means OK.

Now all I have to do is run the script and look out for the red lines (and ignore NS and SOA records since the should be different)

What do I want to say with this? - well of course I am proud of what I did and want to brag about it.

But I also want you to think: When you have your next dull task with maybe a dash of repetitive work on top - "how can I automate this".

We know how to program - lets put it to good use!

As Mary Poppins would have said "Just a spoon full of sugar makes the medicine go down!"

Sign up for more like this.

Enter your email
Subscribe