Cloudflare/Dreamhost: Least surprise, maximum confusion indeed.


tl;dr – In summary

Dreamhost isn’t pointing domain nameservers at Cloudflare. They’re using an system of CNAMEs to redirect people to Cloudflare, hence the necessity of “Add WWW”. Dreamhost is still your nameserver. If you’re using Cloudflare and you’re moving back to Dreamhost, or were using Cloudflare, change your nameservers back to ns1.dreamhost.com and ns2.dreamhost.com to keep your sites working!

Also, if you’ve got subdomains, expect to have to edit each one and choose “Use Cloudflare”, if it works. (Subdomains currently aren’t showing as being delivered through Cloudflare as of 3am 8 April.)

A bit about Cloudflare

I like the idea of Cloudflare. A free global CDN that’s simple to use, and pools the data from all the users of the service to detect bots and malicious users. (Just like Project Honeypot, which I joined a long time ago. I’d say ’07, but I’m not certain.)

And I kinda like the implementation of Cloudflare. Mucking with DNS was a bit annoying (why wasn’t the automatic pull from my Dreamhost account the default?), but my main complaint? Subdomains are thrown together with the main domain for the purposes of apps and analytics.  Which is bad because I don’t get a breakdown on a per-domain basis, and the apps are applied across everything – eg. Google Analytics app adds the Analytics code to each and every page when it’s activated.

But I’ve been using Cloudflare since Jan 22nd, and was quite happy with it, aside from worrying about Dreamhost changing IPs on me.

So when I saw the email from Dreamhost about Cloudflare now being integrated? Oh, yay! Now I don’t have to worry about Dreamhost changing my servers in the background, they can handle all of that for me! Awesome! Happy days!

Setting up Cloudflare through Dreamhost

So I went ahead and logged into the Dreamhost panel, and took a look. And what do I see, but what looks to be enabling Cloudflare on a per-domain basis. And the key thing is that Dreamhost treats sub-domains and domains equally in their panel. So, in a perfect world, I’d be able to selectively enable Cloudflare on certain domains! Was this an answer to my main problem?

Visions of per-subdomain stats danced in my head as I edited the kyl191.net entry. Ticked the shiny new check box labelled “Enable Cloudflare on this domain?”. Clicked ‘change settings’. “Wow, that was easy!” I thought.

Then I got dumped back to the edit page. What’s that? I need to delete my domain from Cloudflare to be able to add it here? You can’t handle merging? Eh, I suppose Cloudflare’s API doesn’t support it. Hmm. Might want to try with a different domain first then.

Let’s try lightweaver.ca – my eventual landing page, but currently mirroring kyl191.net (this blog)! Oh, wait, I’m using Dreamhost’s mirroring function. And there’s no Cloudflare option listed under mirror, despite the fact that I’ve been using it in Cloudflare for almost 3 months!  That should have been my first warning that support from the Dreamhost panel wasn’t good.

But I figured, “Eh. My site’s not crucial, so, yeah, I’ll muck around with it. Besides, the Cloudflare Plus thing looks interesting.” So, one deletion of domains in the Cloudflare panel later, I’m back in the Dreamhost panel and clicking ‘change settings’ again. Except, another error: This time, it seems that Cloudflare needs the ‘add WWW’ option. Despite the fact that, again, I’ve been using kyl191.net just fine since Jan 22nd.

Oh well, I’ve committed myself to trying it out. So select the ‘add WWW’ option, and let’s see the magic. I flip over to the Cloudflare page, and lo and behold, all my stats are still there! Flip back to the blog, reload. Everything’s working fine!

So, one might think everything’s nice and done, right?

Wrong.

DNS screwyness – or rather, how my expectations failed to match reality.

My first clue that something was wrong was that my photo upload in Filezilla died with

Command: open "[email protected]" 22
Error: ssh_init: Host not found

“Oh dear,” I thought. “DNS hasn’t propagated yet. Ok, let’s see the other sites…” code.kyl191.net got me a “Server not found” error. As did photography.kyl191.net. “Ok, FF’s visited those sites recently, and it’s probably pointing to Cloudflare in the DNS cache, which won’t serve it right now. And I guess they don’t proxy it anymore.”

Alright, try a site that FF hasn’t visited. Nope, aperture.kyl191.net isn’t loading either. And pinging it gets a host not found error. Oh dear… something’s gone wrong.

Ok, backup plan: revert the changes. Back everything out. Uncheck “Use Cloudflare” in Dreamhost, and readd the domain to Cloudflare. But… scanning turned up no domains. Cue moment of WTF?! And, even worse, there’s no option to have Cloudflare scrape the details out of my Dreamhost account, so I can’t fall back to that. (Which makes sense – that’s the official path to add domains from Dreamhost now!) Which led to this relatively incoherent Twitter post.

I really didn’t want to retype everything into Cloudflare, so, I gave re-adding kyl191.net to Cloudflare through Dreamhost a shot. Except… it still failed, as I expected. Hosts other than www.kyl191.net aren’t found. So I fell back to adding domains one by one.

Realization & Understanding

Which was, in retrospect, completely wrong. Scanning turned up no domains because I was still using the Cloudflare nameserver. Disabling Cloudflare in Dreamhost reverted my nameservers to the original setting – which happened to be the Cloudflare nameservers.

In fact, this was the source of all my trouble. The moment I deleted my domain from Cloudflare and didn’t point the nameservers back to Dreamhost, I screwed everything up. kyl191.net still resolved because the IP address was in the cache – and Cloudflare knew about my site, because Dreamhost told them about it. The other sites didn’t resolve because DNS never resolved – the Cloudflare nameserver would just come back with domain not found, which is the exact error Firefox showed me.

Now, even though I know what happened, I’m still not going to use Cloudflare through Dreamhost until they fix the requirement to add the WWW to the domain names. And fix the subdomains – I’m looking at a test subdomain, and even though I’ve enabled Cloudflare, the selection isn’t sticking. And the DNS confirms that there’s no CNAME created to point the subdomain to Cloudflare’s servers.

And here’s a tip if you’ve changed to using Dreamhost’s panel but want to go back to using Cloudflare directly instead: change your nameservers back to ns1.dreamhost.com/ns2.dreamhost.com. Cloudflare will query the Dreamhost nameservers for the more common subdomains and pick up any. I had to add my less common domains, but the automated queries picked up at least half of my subdomains, so that’s a lot less to type in, thankfully. (I do miss the automated adding though, Cloudflare.)

In summary

Sigh. Not how I wanted to spend the past few hours.

Did manage to see a few things that made me go WTF though:

Cloudflare wants me to set my nameservers... to the current value.

Dreamhost says Cloudflare's enabled... but disabled at the same time.

 

, , ,

  1. No comments yet.
(will not be published)