Resolved DigitalOcean DNS Extension Doesn't Actually Sync

[Mark Bailey]

We've found a huge problem with this extension: performing a sync (to sync the DNS records between Plesk and DigitalOcean's DNS system) doesn't actually sync any changes!

Example to reproduce:

1. Create a subscription in Plesk.
2. Manually initiate a sync to add the domain zone to DO (although I really wish this step was automatic).
3. Check the domain in DO. At this point everything matches.
4. Make any changes or additons in the DNS zone in Plesk.
5. Click "Sync all zones" to "Synchronize the information about all zones between Plesk and DigitalOcean."
6. Check the zone in DigitalOcean. It remains exactly as it was before. The changes aren't there. So it looks like this extension only syncs when a zone is created.

I'm not sure why an extension like this wouldn't actually sync any changes. To us as a hosting provider, that makes it unusable (along with the fact that it doesn't sync automatically when a new subscription is created).

I'd really love to see this extension work as it's implied to, for example the description says it "automatically" syncs, whereas a sync only happens when "Sync all zones" is clicked manually.

I know there is a Slave DNS extension, but this one has several advantages and would be a better choice for some people if not for these shortcomings.

Cheers,

Mark

 

[AYamshanov]

Hi Mark Bailey,

Did you see my answer in thread Issue - Make DigitalOcean DNS Extension Automatic ?

Could you please vote for this improvement on UserVoice?
DigitalOcean DNS Extension updates DNS zones automatically

 

[Mark Bailey]

Hi,

Yes, I saw the answer in that thread, but this is a different issue and a huge bug IMHO.

The other thread referred to the behavior when a new subscription is created on the Plesk server. At that time the new DNS zone is NOT sent to the DigitalOcean DNS servers. That only happens when a sync is initiated manually. I was surprised that it was necessary to request that this happen automatically because that is not just a feature, it is the expected behavior of any typical DNS clustering situation...when a domain is created, it is mirrored automatically to the other servers in the cluster. (And the description of the DigitalOcean DNS extension says that it does it "automatically".)

However, the new thread refers to what happens when a DNS zone is modified. Even if you initiate a sync manually, the modifications are NOT reflected on DigitalOcean. The only time that a zone is actually synced is the first time after it is created (and then only when a sync is initiated manually). But any further modifications to the zone on the Plesk server are not synced to DO. So, of course, a DNS cluster isn't very useful if DNS changes are never, ever synced to the other servers in the cluster.

To explain further, a typical DNS cluster situation happens this way:

1. Subscription is created, including needed DNS records, on the Plesk server.
2. That zone is mirrored/synced automatically to all DNS servers in the cluster.
3. Any subsequent changes made to the zone on the Plesk server are also synced to the other servers.

What happens with this extension is:

1. Subscription is created, including needed DNS records, on the Plesk server.
2. That zone is only mirrored/synced to DO when a "Sync All Zones" action is triggered manually.
3. Any subsequent changes made to the zone are never synced to the other servers.

If changes are never synced, a DNS cluster isn't effective.

I hope this explains better what I'm saying.

Thanks,

Mark

 

[AYamshanov]

Thank you for the explanation, but I can't reproduce this.

That what I did:
1. My Plesk contains one domain.
2. In Digitalocean, I created API token. In Plesk, I installed DO extension, I configured the extension with the token.
3. I activated exist domain in the extension. I checked, that DNS records from Plesk sync to DO. All looks good.
4. I created new A-record for the domain without any other actions. I checked, that DNS records from Plesk sync automatically to DO. All looks good too.

I have created a new subscription:
1. I created a new subscription, I set domain "ayamshanov-test.org".
2. I activate sync for the domain in the extension. I checked, that DNS records from Plesk sync to DO. All looks good.
3. I created new A-record. I checked, that DNS records from Plesk sync automatically to DO. All looks good too.

Could you provide steps to reproduce your issue?

 

[Mark Bailey]

Hi,

Thanks for looking into this. I've gone through the steps again, this time with an additional domain, with the same results:

1. I created a new subscription for the domain "savinggals.com".
2. I created a text TXT record with the value "Testing123".
3. I activated sync for the domain in the extension. I checked in DO and the domain records from Plesk were there.
4. I changed the TXT record value to "Testing123456" AND I added an A record for guys.savinggals.com.
5. I initiated sync by clicking "Sync All," then I checked in DO and there is no change in the domain records from before. The changes I made are not there.
6. I tried initiating/activating sync for that domain again and the problem persits.
7. To test further, I disabled sync for the domain, which removed its records from DO. Then I re-enabled sync for the domain. At that point the current records are there. This echoes my observation that sync only works on the initial activation of the domain with DO, but not on any further syncs. Of course it's not practical to ask customers to do any of this manually, much less disable and re-enable the domain in DO.

Normally I would think that maybe a firewall issue is interfering with communications to DO. But things work sometimes, just not always.

I think I'll have to give up on this extension. Even if we can work around this issue, without automatic syncing on creation of a subscription, it still isn't usable for us in a web hosting environment where people sign up 24 hours a day and expect their domain to work right away. I had hoped to utilize DO instead of slave servers, but we'll go that route instead. Does the slave server extension sync automatically upon subscription creation, and modification of DNS records?

Thanks,

Mark

 

[AYamshanov]

It is strange. And you needn't click Sync All on step 5, it should be done automatically. But anyway I can't reproduce this.

Could you say more detail about your environment?
- OS, version?
- Plesk version? What number of installed micro-update?
- How many domains hosted in your Plesk?
- How many Plesk use the same account on DO?
- Did you check `plesk.log` file for any warnings from the extension?

You can send this information to me directly if you want.

 

[Mark Bailey]

Hi,

Sorry for the delay, we're setting up a new test server to make sure we haven't missed anything that could be causing this. Will reply when it's set up and tested.

Thanks,

Mark

 

[Mark Bailey]

In a new test environment running the Plesk preview, changes to DNS are synced to DigitalOcean. However the original addition of the DNS is not. The domain must be manually added to the DO DNS system, which makes it unusable for us as a hosting company that requires automated setup. I really wish the developers would make this extension truly automatic, working like the Slave DNS extension. I still think that's the expected behavior.

 

[Mark Bailey]

Hello again,

In additional testing, the extension seems to work as I originally hoped. A new subscription's domain is automatically synced to DigitalOcean. However, I don't see anything about this change in the changelog, so I wanted to confirm whether it is an official change that will remain in the extension?

Thanks,

Mark

 

[AYamshanov]

Hi Mark Bailey,

I have checked, nothing was changed since January'18. Also, I couldn't reproduce this in February. So, it can be an unknown bug or some issue with an environment.
If someone faced with this issue, please provide detailed steps to reproduce in the Reports (Reports).

 

[Gerinho]

In a new test environment running the Plesk preview, changes to DNS are synced to DigitalOcean. However the original addition of the DNS is not. The domain must be manually added to the DO DNS system, which makes it unusable for us as a hosting company that requires automated setup. I really wish the developers would make this extension truly automatic, working like the Slave DNS extension. I still think that's the expected behavior.

Hello Mark,

Hope you'll read this!

I'm running into the exact same problem with exactly the same symptoms as you did. So you describing how you went through it a year and a half ago is helping me a lot right now. However, I've not (yet) succeeded to get the DO DNS server working as slave server - unless I deactivate & activate a domain in the DO extension I just can't get any changes synced to DO. Not even when I create it as a new subscription in Plesk.

Unfortunately I'm not able to have/get an extra (test) server or environment running with Plesk, so I'm already a couple of days & nights busy troubleshooting to get it to work with my current server (running on CentOS7 + Plesk Obsidian 18.0.21 currently). At least I already found I'm pointing to the DO nameservers correctly with the domains' DNS records (nsX.digitalocean.com), so that isn't the issue.

So, a few questions to you that might point me in the right direction to look for:

- in your explanation above, what do you mean by "However the original addition of the DNS is not"?
- by "must be manually added to the DO DNS system", did you mean I have to deactivate a domain in the extension first, then manually add a new domain in DO and then activate that domain through the extension?
- in the end, have you still been using this solution with DO and the extension, or did use an alternative way to setup slave DNS? (I'm so fed up I can't get it to work with DO that I'm already thinking ahead for some acceptable alternatives).

In the end I have the same goal as you mentioned: creating a fully automated setup - and I really hoped doing that with the DO extension would achieve that!

 

[AYamshanov]

Hi Gerinho,

- Could you please write what version of DO DNS do you use?
- ...and exact steps for reproducing the issue? It could help to investigate the issue.

- Is your account a part of an organization account (DigitalOcean Teams :: DigitalOcean Product Documentation)?
- Have you tried to create the same domain in the DigitalOcean web-interface? As an example: if it already used by anyone, you will see an error message.
- Could you please check "/var/log/plesk/panel.log" log-file for any errors from the DigitalOcean DNS extension?

 

[Gerinho]

Hi Gerinho,

- Could you please write what version of DO DNS do you use?
- ...and exact steps for reproducing the issue? It could help to investigate the issue.

- Is your account a part of an organization account (DigitalOcean Teams :: DigitalOcean Product Documentation)?
- Have you tried to create the same domain in the DigitalOcean web-interface? As an example: if it already used by anyone, you will see an error message.
- Could you please check "/var/log/plesk/panel.log" log-file for any errors from the DigitalOcean DNS extension?

Hi AYamshanov,

Thank you for responding!

- Could you please write what version of DO DNS do you use?
The version of the DO DNS extension in Plesk is 1.1.4-43

Also have checked for available updates in the Extensions section of Plesk for updates under the Updates tab, no updates found. Auto-update is active and all extensions are up-to-date.



- Is your account a part of an organization account
No, just an individual account which I signed up for when I started trying out the DO extension in Plesk.



- Have you tried to create the same domain in the DigitalOcean web-interface
Yes, I did try that in two different ways:

Method 1. First I deactivated a domain in the Plesk extension, which automatically removes the domain from DO. The extension now clearly indicates DigitalOcean DNS Zone for that domain is Disabled. Then I manually added that domain as a new domain in DO, via the DO web panel (Manage > Networking > Add a domain).

Results: DO adds the new domain and only adds 3 NS records to point to ns[1,2,3].digitalocean.com. The records living in Plesk are not being synced. However, when I go back to the extension in Plesk after manually adding the domain in DO, the extensions picks it up and sets the DigitalOcean DNS Zone status back to Active (without me activating or manually syncing, just by refreshing the page).

Method 2. The other way around; starting with the domain existing in DO and Active status in the extension. When trying manually adding the domain as a new domain in DO, an error message pops up, stating that the domain already exists. So that's the expected error message you described.



- Could you please check "/var/log/plesk/panel.log" log-file for any errors from the DigitalOcean DNS extension?
Yes, I did find an error - and it's the single one entry found in the log about the DO extension:

[2019-11-27 01:31:34.572] ERR [extension/digitaloceandns] creating dns records failed with the error Operation timed out after 5000 milliseconds with 0 out of -1 bytes received

However, I couldn't find anything regarding this error after looking it up. Also the error seems very generic: 'just' a timeout, but nothing about why it timed out unfortunately. Also, as it seems to be the only entry regarding the extension and the extension is able to at least deploy & remove the DNS zones from Plesk to DO, I think this error is just a single timeout incident.



- ...and exact steps for reproducing the issue? It could help to investigate the issue.
Of course. Going back 3 days in time when I started working with the extension for the first time:

1. Installed the extensions in Plesks Extensions section and created an account in DO
2. Tried a single domain first, by checking its checkbox and activating it >> a DNS zone is succesfully deployed in DO and the status in the extenion is set to Active
3. In Plesk's DNS zone I added some A and TXT records >> changes are not auto synced to DO
4. I deactivated and (re)activated the same domain in the extension >> the A and TXT records from previous step now are found in DO
5. After noticing this I suspected the auto sync doesn't work and to be sure of it I repeated steps 1 to 4 >> same results >> now I'm certain it doesn't auto sync
6. Went to try something different: in the extension I went to DNS Management (2nd tab) and now activated all domains by doing a Synchronize all zones >> all domains of my server are now newly added to DO and in the extension all domains are set to Active
7. Added test TXT records in several domains >> no auto sync to DO, the test TXT records are missing there
8. Did a manual Synchronize all zones as in step no. 6 >> also no manual sync! records in DO still missing >> however per domain I got a warning notification in Plesk, which were stating that the DNS zone for the domain is already activated (which at this point was correct, they already were)
9. Repeated step no. 4 >> now the records are found in DO
10. Played around with setting other primary nameservers in the SOA (for the zone in Plesk), maybe with some trial & error with the nameservers I could get it to work >> couldn't get it to work

The nameservers used in Plesk are [ns1, ns2, ns3].digitalocean.com, with an NS record for each respective ns and with ns1.digitalocean.com set as the primary in the SOA. I believe this is the correct way to set it up.

Until today manually deactivating and reactivating a domain in the Plesk DO extension is the only way with which I can get DNS records copied from Plesk to DO.

 

[AYamshanov]

Gerinho, thank you for the steps, I will check and return with results.

 

[AYamshanov]

Unfortunately, in our environment, everything works as expected. Looks like there is existing an environment-specific thing that is important for correct steps-to-reproduce and we can't find it by ourselves.

Could you please contact the Plesk Support team (Plesk Help Center) and provide a link to this forum thread for details?

 

[Gerinho]

No problem, thanks for testing in your environment.

Sorry from my end; I haven't checked back here in a month as I have another workaround working (not with DO). However, getting it synced with DO DNS is still on the wish list.

In the next 7 days, my VPS provider is going to work on their infrastructure, which might affect the VPS (need for reboot, performance, etc.) so I'll wait that out first. After that's done, I'll update to latest Plesk version if needed and try the DO DNS extension again (you never know). If that still doesn't work, I'll contact Plesk Support.

Either way, I'll post relevant details back here, in case it might help fellow Pleskians.

 

[Gerinho]

So as I had promised:

Fortunately, it works now! I've tested it and now the DO Extension syncs my changes to the DO DNS server. It's hard to exactly trace back to what was causing the DO Extension not syncing, as these factors could have affected it:

1. The DO Extension was updated December 24th, 2019, it didn't sync for me in the period before this update. See attached image or below for changes made; it seems they have fixed some fundamental issues:
   
   
   
   
2. Since last time it didn't sync, I have updated to a newer Plesk version 18.0.23 and the DO DNS Extension was updated to version 1.1.5-51 as well.
   
   
3. The big infrastructure overhaul of my VPS provider may have affected it somehow (in a positive way).

Very glad it works now, thanks AYamshanov for all your support and time!

 

[AYamshanov]

Hi Gerinho,

I am glad to hear this and will say thank you to the team who worked on a bug-fix release for the DigitalOcean extension. Thank you for your feedback!