openstack/designate
Code Issues Proposed changes

Install Guide Plugin

Browse Source 
Change-Id: If85c856cd1bbdeb0a528ac2747b168cbafcd3c31
Closes-Bug: #1602746
Related-Bug: #1590937
This commit is contained in:
Graham Hayes 2016-07-13 16:35:47 +01:00
parent b3be9380ca
commit 0efcd596af
11 changed files with 786 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
install-guide/source/common_prerequisites.rst Normal file
View File

@ -0,0 +1,39 @@
Prerequisites
-------------
Before you install and configure the DNS service,
you must create service credentials and API endpoints.
#. Source the ``admin`` credentials to gain access to
admin-only CLI commands:
.. code-block:: console
$ source admin-openrc
#. To create the service credentials, complete these steps:
* Create the ``designate`` user:
.. code-block:: console
$ openstack user create --domain default --password-prompt designate
* Add the ``admin`` role to the ``designate`` user:
.. code-block:: console
$ openstack role add --project service --user designate admin
* Create the designate service entities:
.. code-block:: console
$ openstack service create --name designate --description "DNS" dns
#. Create the DNS service API endpoint:
.. code-block:: console
$ openstack endpoint create --region RegionOne \
dns public http://controller:9001/

302
install-guide/source/conf.py Normal file
View File

@ -0,0 +1,302 @@
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This file is execfile()d with the current directory set to its
# containing dir.
#
# Note that not all possible configuration values are present in this
# autogenerated file.
#
# All configuration values have a default; values that are commented out
# serve to show the default.
import os
# import sys
import openstackdocstheme
# If extensions (or modules to document with autodoc) are in another directory,
# add these directories to sys.path here. If the directory is relative to the
# documentation root, use os.path.abspath to make it absolute, like shown here.
# sys.path.insert(0, os.path.abspath('.'))
# -- General configuration ------------------------------------------------
# If your documentation needs a minimal Sphinx version, state it here.
# needs_sphinx = '1.0'
# Add any Sphinx extension module names here, as strings. They can be
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
# ones.
# TODO(ajaeger): enable PDF building, for example add 'rst2pdf.pdfbuilder'
# extensions =
# Add any paths that contain templates here, relative to this directory.
# templates_path = ['_templates']
# The suffix of source filenames.
source_suffix = '.rst'
# The encoding of source files.
# source_encoding = 'utf-8-sig'
# The master toctree document.
master_doc = 'index'
# General information about the project.
project = u'Installation Guide for DNS Service'
bug_tag = u'install-guide'
copyright = u'2016, OpenStack contributors'
# The version info for the project you're documenting, acts as replacement for
# |version| and |release|, also used in various other places throughout the
# built documents.
#
# The short X.Y version.
version = '0.1'
# The full version, including alpha/beta/rc tags.
release = '0.1'
# A few variables have to be set for the log-a-bug feature.
# giturl: The location of conf.py on Git. Must be set manually.
# gitsha: The SHA checksum of the bug description. Automatically extracted
# from git log.
# bug_tag: Tag for categorizing the bug. Must be set manually.
# These variables are passed to the logabug code via html_context.
giturl = u'http://git.openstack.org/cgit/openstack/designate/tree/'\
u'install-guide/source'
git_cmd = "/usr/bin/git log | head -n1 | cut -f2 -d' '"
gitsha = os.popen(git_cmd).read().strip('\n')
html_context = {"gitsha": gitsha, "bug_tag": bug_tag,
"giturl": giturl,
"bug_project": "designate"}
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
# language = None
# There are two options for replacing |today|: either, you set today to some
# non-false value, then it is used:
# today = ''
# Else, today_fmt is used as the format for a strftime call.
# today_fmt = '%B %d, %Y'
# List of patterns, relative to source directory, that match files and
# directories to ignore when looking for source files.
exclude_patterns = ["common_prerequisites.rst", "common_configure.rst"]
# The reST default role (used for this markup: `text`) to use for all
# documents.
# default_role = None
# If true, '()' will be appended to :func: etc. cross-reference text.
# add_function_parentheses = True
# If true, the current module name will be prepended to all description
# unit titles (such as .. function::).
# add_module_names = True
# If true, sectionauthor and moduleauthor directives will be shown in the
# output. They are ignored by default.
# show_authors = False
# The name of the Pygments (syntax highlighting) style to use.
pygments_style = 'sphinx'
# A list of ignored prefixes for module index sorting.
# modindex_common_prefix = []
# If true, keep warnings as "system message" paragraphs in the built documents.
# keep_warnings = False
# -- Options for HTML output ----------------------------------------------
# The theme to use for HTML and HTML Help pages. See the documentation for
# a list of builtin themes.
html_theme = 'openstackdocs'
# Theme options are theme-specific and customize the look and feel of a theme
# further. For a list of options available for each theme, see the
# documentation.
# html_theme_options = {}
# Add any paths that contain custom themes here, relative to this directory.
html_theme_path = [openstackdocstheme.get_html_theme_path()]
# The name for this set of Sphinx documents. If None, it defaults to
# "<project> v<release> documentation".
# html_title = None
# A shorter title for the navigation bar. Default is the same as html_title.
# html_short_title = None
# The name of an image file (relative to this directory) to place at the top
# of the sidebar.
# html_logo = None
# The name of an image file (within the static path) to use as favicon of the
# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32
# pixels large.
# html_favicon = None
# Add any paths that contain custom static files (such as style sheets) here,
# relative to this directory. They are copied after the builtin static files,
# so a file named "default.css" will overwrite the builtin "default.css".
# html_static_path = []
# Add any extra paths that contain custom files (such as robots.txt or
# .htaccess) here, relative to this directory. These files are copied
# directly to the root of the documentation.
# html_extra_path = []
# If not '', a 'Last updated on:' timestamp is inserted at every page bottom,
# using the given strftime format.
# So that we can enable "log-a-bug" links from each output HTML page, this
# variable must be set to a format that includes year, month, day, hours and
# minutes.
html_last_updated_fmt = '%Y-%m-%d %H:%M'
# If true, SmartyPants will be used to convert quotes and dashes to
# typographically correct entities.
# html_use_smartypants = True
# Custom sidebar templates, maps document names to template names.
# html_sidebars = {}
# Additional templates that should be rendered to pages, maps page names to
# template names.
# html_additional_pages = {}
# If false, no module index is generated.
# html_domain_indices = True
# If false, no index is generated.
html_use_index = False
# If true, the index is split into individual pages for each letter.
# html_split_index = False
# If true, links to the reST sources are added to the pages.
html_show_sourcelink = False
# If true, "Created using Sphinx" is shown in the HTML footer. Default is True.
# html_show_sphinx = True
# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True.
# html_show_copyright = True
# If true, an OpenSearch description file will be output, and all pages will
# contain a <link> tag referring to it. The value of this option must be the
# base URL from which the finished HTML is served.
# html_use_opensearch = ''
# This is the file name suffix for HTML files (e.g. ".xhtml").
# html_file_suffix = None
# Output file base name for HTML help builder.
htmlhelp_basename = 'install-guide'
# If true, publish source files
html_copy_source = False
# -- Options for LaTeX output ---------------------------------------------
latex_elements = {
# The paper size ('letterpaper' or 'a4paper').
# 'papersize': 'letterpaper',
# The font size ('10pt', '11pt' or '12pt').
# 'pointsize': '10pt',
# Additional stuff for the LaTeX preamble.
# 'preamble': '',
}
# Grouping the document tree into LaTeX files. List of tuples
# (source start file, target name, title,
# author, documentclass [howto, manual, or own class]).
latex_documents = [
('index', 'InstallGuide.tex', u'Install Guide',
u'OpenStack contributors', 'manual'),
]
# The name of an image file (relative to this directory) to place at the top of
# the title page.
# latex_logo = None
# For "manual" documents, if this is true, then toplevel headings are parts,
# not chapters.
# latex_use_parts = False
# If true, show page references after internal links.
# latex_show_pagerefs = False
# If true, show URL addresses after external links.
# latex_show_urls = False
# Documents to append as an appendix to all manuals.
# latex_appendices = []
# If false, no module index is generated.
# latex_domain_indices = True
# -- Options for manual page output ---------------------------------------
# One entry per manual page. List of tuples
# (source start file, name, description, authors, manual section).
man_pages = [
('index', 'installguide', u'Install Guide',
[u'OpenStack contributors'], 1)
]
# If true, show URL addresses after external links.
# man_show_urls = False
# -- Options for Texinfo output -------------------------------------------
# Grouping the document tree into Texinfo files. List of tuples
# (source start file, target name, title, author,
# dir menu entry, description, category)
texinfo_documents = [
('index', 'InstallGuide', u'Install Guide',
u'OpenStack contributors', 'InstallGuide',
'This guide shows OpenStack end users how to install '
'an OpenStack cloud.', 'Miscellaneous'),
]
# Documents to append as an appendix to all manuals.
# texinfo_appendices = []
# If false, no module index is generated.
# texinfo_domain_indices = True
# How to display URL addresses: 'footnote', 'no', or 'inline'.
# texinfo_show_urls = 'footnote'
# If true, do not generate a @detailmenu in the "Top" node's menu.
# texinfo_no_detailmenu = False
# -- Options for Internationalization output ------------------------------
locale_dirs = ['locale/']
# -- Options for PDF output --------------------------------------------------
pdf_documents = [
('index', u'InstallGuide', u'Install Guide',
u'OpenStack contributors')
]

81
install-guide/source/create-zone.rst Normal file
View File

@ -0,0 +1,81 @@
.. _create-zone:
Create a Zone
~~~~~~~~~~~~~
In environments that include the DNS service, you can create a DNS Zone.
#. Source the ``demo`` credentials to perform
the following steps as a non-administrative project:
.. code-block:: console
$ . demo-openrc
#. Create a Zone called ``example.com.``:
.. code-block:: console
$ openstack zone create --email dnsmaster@example.com. example.com.
+----------------+--------------------------------------+
| Field | Value |
+----------------+--------------------------------------+
| action | CREATE |
| attributes | {} |
| created_at | 2016-07-13T14:54:16.000000 |
| description | None |
| email | dnsmaster@example.com |
| id | 14093115-0f0f-497a-ac69-42235e46c26f |
| masters | |
| name | example.com. |
| pool_id | 794ccc2c-d751-44fe-b57f-8894c9f5c842 |
| project_id | 656bc359067844fba6005d400f19df76 |
| serial | 1468421656 |
| status | PENDING |
| transferred_at | None |
| ttl | 3600 |
| type | PRIMARY |
| updated_at | None |
| version | 1 |
+----------------+--------------------------------------+
#. After a short time, verify successful creation of the zone
.. code-block:: console
$ openstack zone list
+--------------------------------------+--------------+---------+------------+--------+--------+
| id | name | type | serial | status | action |
+--------------------------------------+--------------+---------+------------+--------+--------+
| 14093115-0f0f-497a-ac69-42235e46c26f | example.com. | PRIMARY | 1468421656 | ACTIVE | NONE |
+--------------------------------------+--------------+---------+------------+--------+--------+
#. We can now create RecordSets in this zone
.. code-block:: console
$ openstack recordset create --records '10.0.0.1' --type A example.com. www
+-------------+--------------------------------------+
| Field | Value |
+-------------+--------------------------------------+
| action | CREATE |
| created_at | 2016-07-13T14:59:32.000000 |
| description | None |
| id | 07e6f5af-783e-481f-b8df-5972a6174c94 |
| name | www.example.com. |
| project_id | 656bc359067844fba6005d400f19df76 |
| records | 10.0.0.1 |
| status | PENDING |
| ttl | None |
| type | A |
| updated_at | None |
| version | 1 |
| zone_id | 14093115-0f0f-497a-ac69-42235e46c26f |
| zone_name | example.com. |
+-------------+--------------------------------------+
#. Delete the zone.
.. code-block:: console
$ openstack zone delete example.com.

48
install-guide/source/get_started.rst Normal file
View File

@ -0,0 +1,48 @@
====================
DNS service overview
====================
The DNS service provides DNS Zone and RecordSet management for OpenStack
clouds. The DNS Service includes a REST API, a command-line client, and a
Horizon Dashboard plugin.
The DNS service consists of the following components:
``openstack`` command-line client plugin
A plugin for the OpenStack Client CLI that communicates with the REST API
``designate-api`` component
An OpenStack-native REST API that processes API requests by sending
them to the ``designate-central`` over Remote Procedure Call (RPC).
``designate-central`` component
Orchestrates the creation, deletion and update of Zones and RecordSets, and
delegates work to ``designate-pool-manager`` for interaction with the DNS
servers
``designate-producer`` component
Orchestrates periodic tasks that are run by designate.
``designate-worker`` component
Is a generic task runner, that runs both zone create / update and deletes,
and periodic tasks, from ``designate-producer``
``designate-mdns`` component
A small DNS Server that is responsible for pushing DNS Zone information to
the customer facing DNS Servers. Can also pull in DNS information about
DNS Zones hosted outside of the Designate infrastructure
``designate-agent`` component
A small python daemon that can be used for a limited sub set of DNS Servers
Some DNS Servers requrire commands be run locally, and to do this we use
this component.
.. note:: The majority of Designate installs will not need this component.
``Customer Facing DNS Servers``
Serves DNS requests to end users. They are orchestreated by the
``designate-worker``, and the supported list is maintained `here`_
.. _here: http://docs.openstack.org/developer/designate/support-matrix.html

16
install-guide/source/index.rst Normal file
View File

@ -0,0 +1,16 @@
===========
DNS service
===========
.. toctree::
:maxdepth: 2
get_started
install
verify
create-zone
next-steps
This chapter assumes a working setup of OpenStack following the
`OpenStack Installation Tutorial <http://docs.openstack.org/#install-guides>`_.

224
install-guide/source/install-ubuntu.rst Normal file
View File

@ -0,0 +1,224 @@
.. _install-ubuntu:
Install and configure for Ubuntu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This section describes how to install and configure the DNS
service for Ubuntu 14.04 (LTS).
.. include:: common_prerequisites.rst
Install and configure components
--------------------------------
.. note::
Default configuration files vary by distribution. You might need
to add these sections and options rather than modifying existing
sections and options. Also, an ellipsis (``...``) in the configuration
snippets indicates potential default configuration options that you
should retain.
#. Install the packages:
.. code-block:: console
# apt-get install designate
#. Create the databases:
.. code-block:: console
# mysql
.. code-block:: sql
CREATE DATABASE `designate`
GRANT ALL PRIVILEGES ON designate.* TO 'designate'@'localhost' \
IDENTIFIED BY 'DESIGNATE_DBPASS';
#. Install the BIND9 packages:
.. code-block:: console
# apt-get install bind9
#. Add the following options in the ``/etc/bind/named.conf.options`` file:
.. code-block:: none
options {
...
allow-new-zones yes;
request-ixfr no;
recursion no;
};
#. Create an RNDC Key:
.. code-block:: console
# rndc-confgen -a -k designate -c /etc/designate/rndc.key
#. Add the key to ``/etc/bind/named.conf``
.. code-block:: none
...
# This should be the contents of ``/etc/designate/rndc.key``
key "designate" {
algorithm hmac-md5;
secret "OAkHNQy0m6UPcv55fiVAPw==";
};
# End of content from ``/etc/designate/rndc.key``
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "designate"; };
};
#. Restart the DNS service:
.. code-block:: console
# service bind9 restart
#. Edit the ``/etc/designate/designate.conf`` file and
complete the following actions:
* In the ``[service:api]`` section, configure ``auth_strategy``:
.. code-block:: ini
[service:api]
api_host = 0.0.0.0
api_port = 9001
auth_strategy = keystone
enable_api_v1 = True
enabled_extensions_v1 = quotas, reports
enable_api_v2 = True
* In the ``[keystone_authtoken]`` section, configure the following options:
.. code-block:: ini
[keystone_authtoken]
auth_host = controller
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = designate
admin_password = DESIGNATE_PASS
Replace DESIGNATE_PASS with the password you chose for the ``designate``
user in the Identity service.
* In the ``[service:worker]`` section, enable the worker model:
.. code-block:: ini
enabled = True
notify = True
* In the ``[storage:sqlalchemy]`` section, configure database access:
.. code-block:: ini
[storage:sqlalchemy]
connection = mysql+pymysql://designate:DESIGNATE_DBPASS@controller/designate
``DESIGNATE_DBPASS`` is automatically set to the password
you chose for the Designate database.
* Populate the designate database
.. code-block:: console
# su -s /bin/sh -c "designate-manage database sync" designate
#. Restart the Designate central and API services:
.. code-block:: console
# service designate-central restart
# service designate-api restart
#. Create a pools.yaml file in ``/etc/designate/pools.yaml``
.. code-block:: console
# editor /etc/designate/pools.yaml
.. code-block:: yaml
- name: default
# The name is immutable. There will be no option to change the name after
# creation and the only way will to change it will be to delete it
# (and all zones associated with it) and recreate it.
description: Default Pool
attributes: {}
# List out the NS records for zones hosted within this pool
# This should be a record that is created outside of designate, that
# points to the public IP of the controller node.
ns_records:
- hostname: ns1-1.example.org.
priority: 1
# List out the nameservers for this pool. These are the actual BIND servers.
# We use these to verify changes have propagated to all nameservers.
nameservers:
- host: 127.0.0.1
port: 53
# List out the targets for this pool. For BIND there will be one
# entry for each BIND server, as we have to run rndc command on each server
targets:
- type: bind
description: BIND9 Server 1
# List out the designate-mdns servers from which BIND servers should
# request zone transfers (AXFRs) from.
# This should be the IP of the controller node.
# If you have multiple controllers you can add multiple masters
# by running designate-mdns on them, and adding them here.
masters:
- host: 127.0.0.1
port: 5354
# BIND Configuration options
options:
host: 127.0.0.1
port: 53
rndc_host: 127.0.0.1
rndc_port: 953
rndc_key_file: /etc/designate/rndc.key
#. Ensure the output file is correct (reference sample file for each value)
#. Run
.. code-block:: console
sudo su -s /bin/sh -c "designate-manage pools update" designate
#. Install Designate Worker, producer and mini-dns
.. code-block:: console
# apt install designate-worker
# apt install designate-producer
# apt install designate-mdns
#. Restart Designate services and mDNS services:
.. code-block:: console
# service designate-worker restart
# service designate-producer restart
# service designate-mdns restart

18
install-guide/source/install.rst Normal file
View File

@ -0,0 +1,18 @@
.. _install:
Install and configure
~~~~~~~~~~~~~~~~~~~~~
This section describes how to install and configure the
DNS service, code-named designate, on the controller node.
This section assumes that you already have a working OpenStack
environment with at least the following components installed:
.. (add the appropriate services here and further notes)
Note that installation and configuration vary by distribution.
.. toctree::
:maxdepth: 2
install-ubuntu.rst

12
install-guide/source/next-steps.rst Normal file
View File

@ -0,0 +1,12 @@
.. _next-steps:
Next steps
~~~~~~~~~~
Your OpenStack environment now includes the designate service.
To add additional services, see
docs.openstack.org/install-guides/index.html .
To learn more about the designate service, read the `Designate developer documentation
<http://docs.openstack.org/developer/designate/index.html>`__.

38
install-guide/source/verify.rst Normal file
View File

@ -0,0 +1,38 @@
.. _verify:
Verify operation
~~~~~~~~~~~~~~~~
Verify operation of the DNS service.
.. note::
Perform these commands on the controller node.
#. Source the ``admin`` tenant credentials:
.. code-block:: console
$ . admin-openrc
#. List service components to verify successful launch and
registration of each process:
.. code-block:: console
$ openstack dns service list
+--------------------------------------+--------------------------+--------------+--------+-------+--------------+
| id | hostname | service_name | status | stats | capabilities |
+--------------------------------------+--------------------------+--------------+--------+-------+--------------+
| 14283849-ff64-4467-9cbb-d9050ffa08c0 | vagrant-ubuntu-trusty-64 | central | UP | - | - |
| eb7d938f-5b24-4c9b-b4f7-05b9a8ea45f2 | vagrant-ubuntu-trusty-64 | api | UP | - | - |
| 5dca293e-5fa2-4a3d-b486-4debad920da3 | vagrant-ubuntu-trusty-64 | zone_manager | UP | - | - |
| 487e7215-6f61-495d-87b3-86be09406750 | vagrant-ubuntu-trusty-64 | mdns | UP | - | - |
| 6b1d1de6-c820-4843-993b-663fca73f905 | vagrant-ubuntu-trusty-64 | pool_manager | UP | - | - |
+--------------------------------------+--------------------------+--------------+--------+-------+--------------+
.. note::
This output should indicate at least one of each of the ``central``,
``api``, ``zone_manager``, ``mdns`` and ``pool_manager`` components
on the controller node.

1
test-requirements.txt
View File

@ -23,3 +23,4 @@ reno>=1.8.0 # Apache-2.0
bandit>=1.1.0 # Apache-2.0 bandit>=1.1.0 # Apache-2.0
os-api-ref>=1.0.0 # Apache-2.0 os-api-ref>=1.0.0 # Apache-2.0
zake>=0.1.6 # Apache-2.0 zake>=0.1.6 # Apache-2.0
openstackdocstheme>=1.5.0 # Apache-2.0

7
tox.ini
View File

@ -112,6 +112,13 @@ commands =
[testenv:releasenotes] [testenv:releasenotes]
commands = sphinx-build -a -E -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html commands = sphinx-build -a -E -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
[testenv:install-guide]
# NOTE(jaegerandi): this target does not use constraints because
# upstream infra does not yet support it. Once that's fixed, we can
# drop the install_command.
install_command = pip install {opts} {packages}
commands = sphinx-build -a -E -d install-guide/build/doctrees -b html install-guide/source install-guide/build/html
[testenv:venv] [testenv:venv]
commands = {posargs} commands = {posargs}