From bb1b24c25a8b289d312f5551f36b69e6303e3d30 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Thu, 8 Oct 2015 18:20:16 +0200 Subject: [PATCH] Migrate existing Devstack integration into a Devstack plugin This patch will not remove the existing Devstack integration in contrib/devstack. Change-Id: I23ef00bb136e92abc5e69a9bbe1093cad9d2a362 Closes-bug: #1504214 --- contrib/devstack/gate_hook.sh | 22 +- contrib/devstack/post_test_hook.sh | 7 +- contrib/devstack/run_tempest_tests.sh | 34 +- contrib/vagrant/Vagrantfile | 9 - contrib/vagrant/localrc | 3 + devstack/README.rst | 16 + devstack/designate_plugins/backend-akamai | 116 +++++++ devstack/designate_plugins/backend-bind9 | 153 +++++++++ devstack/designate_plugins/backend-designate | 135 ++++++++ devstack/designate_plugins/backend-dynect | 130 +++++++ devstack/designate_plugins/backend-fake | 58 ++++ devstack/designate_plugins/backend-infoblox | 98 ++++++ devstack/designate_plugins/backend-ipa | 77 +++++ devstack/designate_plugins/backend-powerdns | 147 ++++++++ devstack/exercise.sh | 318 +++++++++++++++++ devstack/gate/gate_hook.sh | 24 ++ devstack/gate/post_test_hook.sh | 9 + devstack/gate/run_tempest_tests.sh | 32 ++ devstack/plugin.sh | 342 +++++++++++++++++++ devstack/settings | 58 ++++ tox.ini | 2 +- 21 files changed, 1725 insertions(+), 65 deletions(-) create mode 100644 devstack/README.rst create mode 100644 devstack/designate_plugins/backend-akamai create mode 100644 devstack/designate_plugins/backend-bind9 create mode 100644 devstack/designate_plugins/backend-designate create mode 100644 devstack/designate_plugins/backend-dynect create mode 100644 devstack/designate_plugins/backend-fake create mode 100644 devstack/designate_plugins/backend-infoblox create mode 100644 devstack/designate_plugins/backend-ipa create mode 100644 devstack/designate_plugins/backend-powerdns create mode 100755 devstack/exercise.sh create mode 100755 devstack/gate/gate_hook.sh create mode 100755 devstack/gate/post_test_hook.sh create mode 100755 devstack/gate/run_tempest_tests.sh create mode 100755 devstack/plugin.sh create mode 100644 devstack/settings diff --git a/contrib/devstack/gate_hook.sh b/contrib/devstack/gate_hook.sh index 0a93cc6e1..0cef3c968 100755 --- a/contrib/devstack/gate_hook.sh +++ b/contrib/devstack/gate_hook.sh @@ -2,23 +2,5 @@ set -ex -pushd $BASE/new/devstack - -DEVSTACK_GATE_DESIGNATE_DRIVER=${DEVSTACK_GATE_DESIGNATE_DRIVER:-powerdns} - -export KEEP_LOCALRC=1 -export ENABLED_SERVICES=designate,designate-api,designate-central,designate-sink,designate-mdns,designate-pool-manager,designate-zone-manager - -echo "DESIGNATE_SERVICE_PORT_DNS=5322" >> $BASE/new/devstack/localrc -echo "DESIGNATE_BACKEND_DRIVER=$DEVSTACK_GATE_DESIGNATE_DRIVER" >> $BASE/new/devstack/localrc -echo "DESIGNATE_PERIODIC_RECOVERY_INTERVAL=20" >> $BASE/new/devstack/localrc -echo "DESIGNATE_PERIODIC_SYNC_INTERVAL=20" >> $BASE/new/devstack/localrc - - -# Pass through any DESIGNATE_ env vars to the localrc file -env | grep -E "^DESIGNATE_" >> $BASE/new/devstack/localrc || : - -popd - -# Run DevStack Gate -$BASE/new/devstack-gate/devstack-vm-gate.sh +cd /opt/stack/new/designate/devstack/gate +./gate_hook.sh diff --git a/contrib/devstack/post_test_hook.sh b/contrib/devstack/post_test_hook.sh index 12f5c6e7e..f182a2749 100755 --- a/contrib/devstack/post_test_hook.sh +++ b/contrib/devstack/post_test_hook.sh @@ -2,8 +2,5 @@ set -ex -# Run the Designate DevStack exercises -$BASE/new/devstack/exercises/designate.sh - -# Run the Designate Tempest tests -sudo ./run_tempest_tests.sh +cd /opt/stack/new/designate/devstack/gate +./post_test_hook.sh diff --git a/contrib/devstack/run_tempest_tests.sh b/contrib/devstack/run_tempest_tests.sh index c6cd1e6c4..4edbb6b83 100755 --- a/contrib/devstack/run_tempest_tests.sh +++ b/contrib/devstack/run_tempest_tests.sh @@ -1,32 +1,6 @@ -#!/bin/bash -e -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. +#!/bin/bash -# How many seconds to wait for the API to be responding before giving up -API_RESPONDING_TIMEOUT=20 +set -ex -if ! timeout ${API_RESPONDING_TIMEOUT} sh -c "while ! curl -s http://127.0.0.1:9001/ 2>/dev/null | grep -q 'v1' ; do sleep 1; done"; then - echo "The Designate API failed to respond within ${API_RESPONDING_TIMEOUT} seconds" - exit 1 -fi - -echo "Successfully contacted the Designate API" - -# Where Designate and Tempest code lives -DESIGNATE_DIR=${DESIGNATE_DIR:-/opt/stack/new/designate} -TEMPEST_DIR=${TEMPEST_DIR:-/opt/stack/new/tempest} - - -pushd $DESIGNATE_DIR -export TEMPEST_CONFIG=$TEMPEST_DIR/etc/tempest.conf -tox -e functional +cd /opt/stack/new/designate/devstack/gate +./run_tempest_tests.sh diff --git a/contrib/vagrant/Vagrantfile b/contrib/vagrant/Vagrantfile index d19d1124e..a2d7bf50c 100644 --- a/contrib/vagrant/Vagrantfile +++ b/contrib/vagrant/Vagrantfile @@ -78,15 +78,6 @@ if [ ! -f "/home/vagrant/devstack/localrc" ]; then cp localrc /home/vagrant/devstack/localrc fi -# Install Designate DevStack extension -cd /opt/stack/designate/contrib/devstack - -for f in lib/* extras.d/* exercises/*; do - if [ ! -f "/home/vagrant/devstack/$f" ]; then - ln -fs /opt/stack/designate/contrib/devstack/$f -t /home/vagrant/devstack/$(dirname $f) - fi -done - # Link in any Rally Plugins mkdir /home/vagrant/.rally ln -s /opt/stack/designate/rally-scenarios/plugins /home/vagrant/.rally/plugins diff --git a/contrib/vagrant/localrc b/contrib/vagrant/localrc index a3d0bd00b..bdcbf32d8 100644 --- a/contrib/vagrant/localrc +++ b/contrib/vagrant/localrc @@ -18,6 +18,9 @@ LOG_COLOR=True # Enable the basic services we require ENABLED_SERVICES=rabbit,mysql,key +# Enable designate +enable_plugin designate https://git.openstack.org/openstack/designate + # Designate Devstack Config # ========================= # Enable core Designate services diff --git a/devstack/README.rst b/devstack/README.rst new file mode 100644 index 000000000..2634579d5 --- /dev/null +++ b/devstack/README.rst @@ -0,0 +1,16 @@ +==================== +Enabling in Devstack +==================== + +1. Download DevStack:: + + git clone https://git.openstack.org/openstack-dev/devstack.git + cd devstack + +2. Add this repo as an external repository:: + + > cat local.conf + [[local|localrc]] + enable_plugin designate https://git.openstack.org/openstack/designate + +3. run ``stack.sh`` diff --git a/devstack/designate_plugins/backend-akamai b/devstack/designate_plugins/backend-akamai new file mode 100644 index 000000000..3f9b9dee6 --- /dev/null +++ b/devstack/designate_plugins/backend-akamai @@ -0,0 +1,116 @@ +# Configure the Akamai backend + +# Requirements: +# An active Akamai account / contract will be requied to use this DevStack +# plugin. + +# Enable with: +# DESIGNATE_BACKEND_DRIVER=akamai + +# Dependencies: +# ``functions`` file +# ``designate`` configuration + +# install_designate_backend - install any external requirements +# configure_designate_backend - make configuration changes, including those to other services +# init_designate_backend - initialize databases, etc. +# start_designate_backend - start any external services +# stop_designate_backend - stop any external services +# cleanup_designate_backend - remove transient data and cache + +# Save trace setting +DP_AKAMAI_XTRACE=$(set +o | grep xtrace) +set +o xtrace + +# Defaults +# -------- + +DESIGNATE_AKAMAI_USERNAME=${DESIGNATE_AKAMAI_USERNAME:-username} +DESIGNATE_AKAMAI_PASSWORD=${DESIGNATE_AKAMAI_PASSWORD:-password} +DESIGNATE_AKAMAI_MASTERS=${DESIGNATE_AKAMAI_MASTERS:-"$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT_MDNS"} +DESIGNATE_AKAMAI_NAMESERVERS=${DESIGNATE_AKAMAI_NAMESERVERS:-""} +DESIGNATE_AKAMAI_ALSO_NOTIFIES=${DESIGNATE_AKAMAI_ALSO_NOTIFIES:-"193.108.155.34:53,23.73.134.141:53,80.67.64.148:53,23.73.134.237:53,23.73.133.141:53,23.73.133.237:53,80.67.64.10:53,72.246.0.10:53,72.247.45.157:53,72.246.192.168:53,193.108.152.143:53,60.254.128.45:53,72.247.45.110:53,72.247.45.65:53,72.247.45.25:53"} + +# Pull in DESIGNATE_3RDPARTY_CREDS user/pass if set +if [ -n "$DESIGNATE_3RDPARTY_CREDS" ]; then + DESIGNATE_AKAMAI_USERNAME=`echo $DESIGNATE_3RDPARTY_CREDS | cut -f1 -d:` + DESIGNATE_AKAMAI_PASSWORD=`echo $DESIGNATE_3RDPARTY_CREDS | cut -f2- -d:` +fi + +# Sanity Checks +# ------------- +if [ -z "$DESIGNATE_AKAMAI_NAMESERVERS" ]; then + die $LINENO "You must configure DESIGNATE_AKAMAI_NAMESERVERS" +fi + +if [ "$DESIGNATE_SERVICE_PORT_MDNS" != "53" ]; then + die $LINENO "Akamai requires DESIGNATE_SERVICE_PORT_MDNS is set to '53'" +fi + +# Entry Points +# ------------ + +# install_designate_backend - install any external requirements +function install_designate_backend { + : +} + +# configure_designate_backend - make configuration changes, including those to other services +function configure_designate_backend { + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID type akamai + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID masters $DESIGNATE_AKAMAI_MASTERS + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID options "username: $DESIGNATE_AKAMAI_USERNAME, password: $DESIGNATE_AKAMAI_PASSWORD" + + # Create a Pool Nameserver for each of the Akamai nameservers + local nameserver_ids="" + IFS=',' read -a nameservers <<< "$DESIGNATE_AKAMAI_NAMESERVERS" + + for nameserver in "${nameservers[@]}"; do + local nameserver_id=`uuidgen` + iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id host $(dig +short A $nameserver | head -n 1) + iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id port 53 + + # Append the Nameserver ID to the list + nameserver_ids+=${nameserver_id}, + done + + # Configure the Pool for the set of nameserver IDs, minus the trailing comma + iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID nameservers "${nameserver_ids:0:-1}" + + # Configure the Pool to Notify Akamai's Transfer Agents + iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID also_notifies "$DESIGNATE_AKAMAI_ALSO_NOTIFIES" +} + +# create_designate_ns_records - Create Pool NS Records +function create_designate_ns_records_backend { + # Build an array of the Akamai nameservers. + IFS=',' read -a ns_records <<< "$DESIGNATE_AKAMAI_NAMESERVERS" + + # Create a NS Record for each of the Akamai nameservers + for ns_record in "${ns_records[@]}"; do + designate server-create --name "${ns_record%%.}." + done +} + +# init_designate_backend - initialize databases, etc. +function init_designate_backend { + : +} + +# start_designate_backend - start any external services +function start_designate_backend { + : +} + +# stop_designate_backend - stop any external services +function stop_designate_backend { + : +} + +# cleanup_designate_backend - remove transient data and cache +function cleanup_designate_backend { + : +} + +# Restore xtrace +$DP_AKAMAI_XTRACE diff --git a/devstack/designate_plugins/backend-bind9 b/devstack/designate_plugins/backend-bind9 new file mode 100644 index 000000000..1de63f936 --- /dev/null +++ b/devstack/designate_plugins/backend-bind9 @@ -0,0 +1,153 @@ +# Configure the bind9 pool backend + +# Enable with: +# DESIGNATE_BACKEND_DRIVER=bind9 + +# Dependencies: +# ``functions`` file +# ``designate`` configuration + +# install_designate_backend - install any external requirements +# configure_designate_backend - make configuration changes, including those to other services +# init_designate_backend - initialize databases, etc. +# start_designate_backend - start any external services +# stop_designate_backend - stop any external services +# cleanup_designate_backend - remove transient data and cache + +# Save trace setting +DP_BIND9_XTRACE=$(set +o | grep xtrace) +set +o xtrace + +# Defaults +# -------- +BIND_SERVICE_NAME=bind9 +BIND_CFG_DIR=/etc/bind +BIND_VAR_DIR=/var/cache/bind +BIND_CFG_FILE=$BIND_CFG_DIR/named.conf.options +BIND_USER=bind +BIND_GROUP=bind +DESIGNATE_SERVICE_PORT_RNDC=${DESIGNATE_SERVICE_PORT_RNDC:-953} + +if is_fedora; then + BIND_SERVICE_NAME=named + BIND_CFG_DIR=/etc/named + BIND_CFG_FILE=/etc/named.conf + BIND_VAR_DIR=/var/named + BIND_USER=named + BIND_GROUP=named +fi + +# Entry Points +# ------------ + +# install_designate_backend - install any external requirements +function install_designate_backend { + if is_ubuntu; then + install_package bind9 + elif is_fedora; then + install_package named + fi + + # The user that designate runs as needs to be member of **$BIND_GROUP** group. + # The designate bind9 backend needs read/write access to $BIND_VAR_DIR + if ! getent group $BIND_GROUP >/dev/null; then + sudo groupadd $BIND_GROUP + fi + add_user_to_group $STACK_USER $BIND_GROUP + if [[ ! -d $BIND_CFG_DIR ]]; then + sudo mkdir -p $BIND_CFG_DIR + sudo chown $BIND_USER:$BIND_GROUP $BIND_CFG_DIR + fi + + sudo chown -R $BIND_USER:$BIND_GROUP $BIND_CFG_DIR $BIND_VAR_DIR + sudo chmod -R g+r $BIND_CFG_DIR + sudo chmod -R g+rw $BIND_VAR_DIR + + # Customize Bind9 apparmor profile if installed + if [[ -d /etc/apparmor.d ]]; then + sudo tee /etc/apparmor.d/local/usr.sbin.named > /dev/null << EOF +$DESIGNATE_STATE_PATH/bind9/** rw, +EOF + restart_service apparmor + fi +} + +# configure_designate_backend - make configuration changes, including those to other services +function configure_designate_backend { + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID type bind9 + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID masters $DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT_MDNS + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID options "rndc_host: $DESIGNATE_SERVICE_HOST, rndc_port: $DESIGNATE_SERVICE_PORT_RNDC, rndc_config_file: $BIND_CFG_DIR/rndc.conf, rndc_key_file: $BIND_CFG_DIR/rndc.key, host: $DESIGNATE_SERVICE_HOST, port: $DESIGNATE_SERVICE_PORT_DNS" + + # DevStack Managed BIND NameServer + local nameserver_id=`uuidgen` + iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID nameservers $nameserver_id + iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id host $DESIGNATE_SERVICE_HOST + iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id port $DESIGNATE_SERVICE_PORT_DNS + + sudo chown $STACK_USER $BIND_CFG_DIR + + # create rndc key and config + sudo rndc-confgen -a -c $BIND_CFG_DIR/rndc.key + sudo chown $BIND_USER:$BIND_GROUP $BIND_CFG_DIR/rndc.key + sudo chmod g+r $BIND_CFG_DIR/rndc.key + + # Configure Bind + sudo tee $BIND_CFG_FILE > /dev/null < /dev/null << EOF +include "$BIND_CFG_DIR/rndc.key"; + +options { + default-key "rndc-key"; + default-server $DESIGNATE_SERVICE_HOST; + default-port $DESIGNATE_SERVICE_PORT_RNDC; +}; +EOF + + sudo chown $BIND_USER:$BIND_GROUP $BIND_CFG_FILE $BIND_CFG_DIR/rndc.conf + sudo chmod g+r $BIND_CFG_FILE $BIND_CFG_DIR/rndc.conf + + restart_service $BIND_SERVICE_NAME +} + +# init_designate_backend - initialize databases, etc. +function init_designate_backend { + : +} + +# start_designate_backend - start any external services +function start_designate_backend { + start_service bind9 +} + +# stop_designate_backend - stop any external services +function stop_designate_backend { + stop_service bind9 +} + +# cleanup_designate_backend - remove transient data and cache +function cleanup_designate_backend { + sudo sh -c "rm -rf $BIND_VAR_DIR/*.nzf" + sudo sh -c "rm -rf $BIND_VAR_DIR/slave.*" + sudo rm -f $BIND_CFG_DIR/rndc.key +} + +# Restore xtrace +$DP_BIND9_XTRACE diff --git a/devstack/designate_plugins/backend-designate b/devstack/designate_plugins/backend-designate new file mode 100644 index 000000000..d9da65cf9 --- /dev/null +++ b/devstack/designate_plugins/backend-designate @@ -0,0 +1,135 @@ +# Configure the designate backend + +# Requirements: +# Another Designate service is needed in order to install the SECONDARY zones in it. + +# Enable with: +# DESIGNATE_BACKEND_DRIVER=designate + +# Dependencies: +# ``functions`` file +# ``designate`` configuration + +# install_designate_backend - install any external requirements +# configure_designate_backend - make configuration changes, including those to other services +# init_designate_backend - initialize databases, etc. +# start_designate_backend - start any external services +# stop_designate_backend - stop any external services +# cleanup_designate_backend - remove transient data and cache + +# Save trace setting +DP_D2D_XTRACE=$(set +o | grep xtrace) +set +o xtrace + +# Defaults +# -------- + +# This is the Primary Designate MDNS servers. +DESIGNATE_D2D_MASTERS=${DESIGNATE_D2D_MASTERS:-""} + +# DNS server to notify (MiniDNS ip:port) +DESIGNATE_D2D_ALSO_NOTIES=${DESIGNATE_D2D_ALSO_NOTIES:-""} + +# DNS server to check SOA etc against +DESIGNATE_D2D_NAMESERVERS=${DESIGNATE_D2D_NAMESERVERS:-""} + +# Destination openstack credentials +DESIGNATE_D2D_KS_VERSION=${DESIGNATE_D2D_KS_VERSION:-3} + +DESIGNATE_D2D_AUTH_URL=${DESIGNATE_D2D_AUTH_URL:-} +DESIGNATE_D2D_USERNAME=${DESIGNATE_D2D_USERNAME:-} +DESIGNATE_D2D_PASSWORD=${DESIGNATE_D2D_PASSWORD:-} + +# Keystone V2 +DESIGNATE_D2D_TENANT_NAME=${DESIGNATE_D2D_TENANT_NAME:-} +DESIGNATE_D2D_TENANT_NAME=${DESIGNATE_D2D_TENANT_ID:-} + +# Keystone V3 +DESIGNATE_D2D_PROJECT_NAME=${DESIGNATE_D2D_PROJECT_NAME:-} +DESIGNATE_D2D_PROJECT_DOMAIN_NAME=${DESIGNATE_D2D_PROJECT_DOMAIN_NAME:-} +DESIGNATE_D2D_USER_DOMAIN_NAME=${DESIGNATE_D2D_USER_DOMAIN_NAME:-} + + +# Entry Points +# ------------ + +# install_designate_backend - install any external requirements +function install_designate_backend { + : +} + +# configure_designate_backend - make configuration changes, including those to other services +function configure_designate_backend { + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID type designate + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID masters $DESIGNATE_D2D_MASTERS + + options="auth_url: $DESIGNATE_D2D_AUTH_URL, username: $DESIGNATE_D2D_USERNAME, password: $DESIGNATE_D2D_PASSWORD," + if [ "$DESIGNATE_D2D_KS_VERSION" == "2" ]; then + if [ ! -z "$DESIGNATE_D2D_TENANT_NAME" ]; then + options="$options tenant_name=$DESIGNATE_D2D_TENANT_NAME," + fi + + if [ ! -z "$DESIGNATE_D2D_TENANT_ID" ]; then + options="$options tenant_id=$DESIGNATE_D2D_TENANT_ID," + fi + fi + + if [ ! -z "$DESIGNATE_D2D_KS_VERSION" == "3" ]; then + options="$options project_name: $DESIGNATE_D2D_PROJECT_NAME, project_domain_name=$DESIGNATE_D2D_PROJECT_DOMAIN_NAME, user_domain_name=$DESIGNATE_D2D_USER_DOMAIN_NAME" + fi + + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID options $options + + # Create a Pool Nameserver for each of the Designate nameservers + local nameserver_ids="" + IFS=',' read -a nameservers <<< "$DESIGNATE_D2D_NAMESERVERS" + + for nameserver in "${nameservers[@]}"; do + local nameserver_id=`uuidgen` + iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id host $(dig +short A $nameserver | head -n 1) + iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id port 53 + + # Append the Nameserver ID to the list + nameserver_ids+=${nameserver_id}, + done + + # Configure the Pool for the set of nameserver IDs, minus the trailing comma + iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID nameservers "${nameserver_ids:0:-1}" + + # Configure the Pool to Notify the destination Mdns + iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID also_notifies "$DESIGNATE_D2D_ALSO_NOTIFIES" +} + +# create_designate_ns_records - Create Pool NS Records +function create_designate_ns_records_backend { + # Build an array of the Designate nameservers. + IFS=',' read -a ns_records <<< "$DESIGNATE_D2D_NAMESERVERS" + + # Create a NS Record for each of the Designate nameservers + for ns_record in "${ns_records[@]}"; do + designate server-create --name "${ns_record%%.}." + done +} + +# init_designate_backend - initialize databases, etc. +function init_designate_backend { + : +} + +# start_designate_backend - start any external services +function start_designate_backend { + : +} + +# stop_designate_backend - stop any external services +function stop_designate_backend { + : +} + +# cleanup_designate_backend - remove transient data and cache +function cleanup_designate_backend { + : +} + +# Restore xtrace +$DP_D2D_XTRACE diff --git a/devstack/designate_plugins/backend-dynect b/devstack/designate_plugins/backend-dynect new file mode 100644 index 000000000..d53b022e3 --- /dev/null +++ b/devstack/designate_plugins/backend-dynect @@ -0,0 +1,130 @@ +# Configure the dynect backend + +# Requirements: +# An active DynECT account / contract will be requied to use this DevStack +# plugin. + +# Enable with: +# DESIGNATE_BACKEND_DRIVER=dynect + +# Dependencies: +# ``functions`` file +# ``designate`` configuration + +# install_designate_backend - install any external requirements +# configure_designate_backend - make configuration changes, including those to other services +# init_designate_backend - initialize databases, etc. +# start_designate_backend - start any external services +# stop_designate_backend - stop any external services +# cleanup_designate_backend - remove transient data and cache + +# Save trace setting +DP_DYNECT_XTRACE=$(set +o | grep xtrace) +set +o xtrace + +# Defaults +# -------- + +DESIGNATE_DYNECT_CUSTOMER=${DESIGNATE_DYNECT_CUSTOMER:-customer} +DESIGNATE_DYNECT_USERNAME=${DESIGNATE_DYNECT_USERNAME:-username} +DESIGNATE_DYNECT_PASSWORD=${DESIGNATE_DYNECT_PASSWORD:-password} +DESIGNATE_DYNECT_CONTACT_NICKNAME=${DESIGNATE_DYNECT_CONTACT_NICKNAME:-} +DESIGNATE_DYNECT_JOB_TIMEOUT=${DESIGNATE_DYNECT_JOB_TIMEOUT:-} +DESIGNATE_DYNECT_TIMEOUT=${DESIGNATE_DYNECT_TIMEOUT:-} +DESIGNATE_DYNECT_MASTERS=${DESIGNATE_DYNECT_MASTERS:-"$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT_MDNS"} +DESIGNATE_DYNECT_NAMESERVERS=${DESIGNATE_DYNECT_NAMESERVERS:-""} +DESIGNATE_DYNECT_ALSO_NOTIFIES=${DESIGNATE_DYNECT_ALSO_NOTIFIES:-"204.13.249.65:53,208.78.68.65:53"} + +# Pull in DESIGNATE_3RDPARTY_CREDS user/pass if set +if [ -n "$DESIGNATE_3RDPARTY_CREDS" ]; then + DESIGNATE_DYNECT_CUSTOMER=`echo $DESIGNATE_3RDPARTY_CREDS | cut -f1 -d:` + DESIGNATE_DYNECT_USERNAME=`echo $DESIGNATE_3RDPARTY_CREDS | cut -f2 -d:` + DESIGNATE_DYNECT_PASSWORD=`echo $DESIGNATE_3RDPARTY_CREDS | cut -f3- -d:` +fi + +# Sanity Checks +# ------------- +if [ -z "$DESIGNATE_DYNECT_NAMESERVERS" ]; then + die $LINENO "You must configure DESIGNATE_DYNECT_NAMESERVERS" +fi + +if [ "$DESIGNATE_SERVICE_PORT_MDNS" != "53" ]; then + die $LINENO "DynECT requires DESIGNATE_SERVICE_PORT_MDNS is set to '53'" +fi + +# Entry Points +# ------------ + +# install_designate_backend - install any external requirements +function install_designate_backend { + : +} + +# configure_designate_backend - make configuration changes, including those to other services +function configure_designate_backend { + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID type dynect + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID masters $DESIGNATE_DYNECT_MASTERS + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID options "customer_name: $DESIGNATE_DYNECT_CUSTOMER, username: $DESIGNATE_DYNECT_USERNAME, password: $DESIGNATE_DYNECT_PASSWORD" + + # Create a Pool Nameserver for each of the DynECT nameservers + local nameserver_ids="" + IFS=',' read -a nameservers <<< "$DESIGNATE_DYNECT_NAMESERVERS" + + for nameserver in "${nameservers[@]}"; do + local nameserver_id=`uuidgen` + iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id host $(dig +short A $nameserver | head -n 1) + iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id port 53 + + # Append the Nameserver ID to the list + nameserver_ids+=${nameserver_id}, + done + + # Configure the Pool for the set of nameserver IDs, minus the trailing comma + iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID nameservers "${nameserver_ids:0:-1}" + + # Configure the Pool to Notify DynECT's Transfer Agents + iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID also_notifies "$DESIGNATE_DYNECT_ALSO_NOTIFIES" + + # Global DynECT Backend Settings + if [ ! -z $DESIGNATE_DYNECT_JOB_TIMEOUT ]; then + iniset $DESIGNATE_CONF backend:dynect job_timeout "$DESIGNATE_DYNECT_JOB_TIMEOUT" + fi + + if [ ! -z $DESIGNATE_DYNECT_TIMEOUT ]; then + iniset $DESIGNATE_CONF backend:dynect timeout "$DESIGNATE_DYNECT_TIMEOUT" + fi +} + +# create_designate_ns_records - Create Pool NS Records +function create_designate_ns_records_backend { + # Build an array of the DynECT nameservers. + IFS=',' read -a ns_records <<< "$DESIGNATE_DYNECT_NAMESERVERS" + + # Create a NS Record for each of the DynECT nameservers + for ns_record in "${ns_records[@]}"; do + designate server-create --name "${ns_record%%.}." + done +} + +# init_designate_backend - initialize databases, etc. +function init_designate_backend { + : +} + +# start_designate_backend - start any external services +function start_designate_backend { + : +} + +# stop_designate_backend - stop any external services +function stop_designate_backend { + : +} + +# cleanup_designate_backend - remove transient data and cache +function cleanup_designate_backend { + : +} + +# Restore xtrace +$DP_DYNECT_XTRACE diff --git a/devstack/designate_plugins/backend-fake b/devstack/designate_plugins/backend-fake new file mode 100644 index 000000000..8d9ea4f48 --- /dev/null +++ b/devstack/designate_plugins/backend-fake @@ -0,0 +1,58 @@ +# Configure the fake backend + +# Enable with: +# DESIGNATE_BACKEND_DRIVER=fake + +# Dependencies: +# ``functions`` file +# ``designate`` configuration + +# install_designate_backend - install any external requirements +# configure_designate_backend - make configuration changes, including those to other services +# init_designate_backend - initialize databases, etc. +# start_designate_backend - start any external services +# stop_designate_backend - stop any external services +# cleanup_designate_backend - remove transient data and cache + +# Save trace setting +DP_FAKE_XTRACE=$(set +o | grep xtrace) +set +o xtrace + +# Defaults +# -------- + +# Entry Points +# ------------ + +# install_designate_backend - install any external requirements +function install_designate_backend { + : +} + +# configure_designate_backend - make configuration changes, including those to other services +function configure_designate_backend { + : +} + +# init_designate_backend - initialize databases, etc. +function init_designate_backend { + : +} + +# start_designate_backend - start any external services +function start_designate_backend { + : +} + +# stop_designate_backend - stop any external services +function stop_designate_backend { + : +} + +# cleanup_designate_backend - remove transient data and cache +function cleanup_designate_backend { + : +} + +# Restore xtrace +$DP_FAKE_XTRACE diff --git a/devstack/designate_plugins/backend-infoblox b/devstack/designate_plugins/backend-infoblox new file mode 100644 index 000000000..8519990d4 --- /dev/null +++ b/devstack/designate_plugins/backend-infoblox @@ -0,0 +1,98 @@ +# Configure the infoblox backend + +# Requirements: +# A NIOS Grid Master or Cloud Network Automation appliance (virtual or otherwise) is required +# to use this DevStack plugin. + +# Enable with: +# DESIGNATE_BACKEND_DRIVER=infoblox + +# Dependencies: +# ``functions`` file +# ``designate`` configuration + +# install_designate_backend - install any external requirements +# configure_designate_backend - make configuration changes, including those to other services +# init_designate_backend - initialize databases, etc. +# start_designate_backend - start any external services +# stop_designate_backend - stop any external services +# cleanup_designate_backend - remove transient data and cache + +# Save trace setting +DP_INFOBLOX_XTRACE=$(set +o | grep xtrace) +set +o xtrace + +# Defaults +# -------- + +DESIGNATE_INFOBLOX_USERNAME=${DESIGNATE_INFOBLOX_USERNAME:-admin} +DESIGNATE_INFOBLOX_PASSWORD=${DESIGNATE_INFOBLOX_PASSWORD:-infoblox} +DESIGNATE_INFOBLOX_NAMESERVER_IP=${DESIGNATE_INFOBLOX_NAMESERVER_IP:-172.16.98.200} +DESIGNATE_INFOBLOX_API_IP=${DESIGNATE_INFOBLOX_API_IP:-$DESIGNATE_INFOBLOX_NAMESERVER_IP} +DESIGNATE_INFOBLOX_WAPI_URL=${DESIGNATE_INFOBLOX_WAPI_URL:-https://$DESIGNATE_INFOBLOX_API_IP/wapi/v2.0/} +DESIGNATE_INFOBLOX_SSLVERIFY=${DESIGNATE_INFOBLOX_SSLVERIFY:-False} +DESIGNATE_INFOBLOX_MULTI_TENANT=${DESIGNATE_INFOBLOX_MULTI_TENANT:-False} +DESIGNATE_INFOBLOX_HTTP_POOL_CONNECTIONS=${DESIGNATE_INFOBLOX_HTTP_POOL_CONNECTIONS:-100} +DESIGNATE_INFOBLOX_HTTP_POOL_MAXSIZE=${DESIGNATE_INFOBLOX_HTTP_POOL_MAXSIZE:-100} +DESIGNATE_INFOBLOX_DNS_VIEW=${DESIGNATE_INFOBLOX_DNS_VIEW:-default} +DESIGNATE_INFOBLOX_NET_VIEW=${DESIGNATE_INFOBLOX_NET_VIEW:-default} +DESIGNATE_INFOBLOX_NS_GROUP=${DESIGNATE_INFOBLOX_NS_GROUP:-Designate} + +# Entry Points +# ------------ + + +# install_designate_backend - install any external requirements +function install_designate_backend { + if is_ubuntu; then + install_package python-dev libxslt1-dev libxslt1.1 libxml2-dev libxml2 libssl-dev + elif is_fedora; then + install_package python-devel libxslt1-devel libxslt1.1 libxml2-devel libxml2 libssl-devel + fi +} + +# configure_designate_backend - make configuration changes, including those to other services +function configure_designate_backend { + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID type infoblox + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID masters $DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT_MDNS + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID options "host: $DESIGNATE_INFOBLOX_NAMESERVER_IP, port: $DESIGNATE_SERVICE_PORT_DNS" + + local nameserver_id=`uuidgen` + iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID nameservers $nameserver_id + iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id host $DESIGNATE_INFOBLOX_NAMESERVER_IP + iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id port $DESIGNATE_SERVICE_PORT_DNS + + iniset $DESIGNATE_CONF backend:infoblox wapi_url $DESIGNATE_INFOBLOX_WAPI_URL + iniset $DESIGNATE_CONF backend:infoblox username $DESIGNATE_INFOBLOX_USERNAME + iniset $DESIGNATE_CONF backend:infoblox password $DESIGNATE_INFOBLOX_PASSWORD + iniset $DESIGNATE_CONF backend:infoblox sslverify $DESIGNATE_INFOBLOX_SSLVERIFY + iniset $DESIGNATE_CONF backend:infoblox multi_tenant $DESIGNATE_INFOBLOX_MULTI_TENANT + iniset $DESIGNATE_CONF backend:infoblox http_pool_connections $DESIGNATE_INFOBLOX_HTTP_POOL_CONNECTIONS + iniset $DESIGNATE_CONF backend:infoblox http_pool_maxsize $DESIGNATE_INFOBLOX_HTTP_POOL_MAXSIZE + iniset $DESIGNATE_CONF backend:infoblox dns_view $DESIGNATE_INFOBLOX_DNS_VIEW + iniset $DESIGNATE_CONF backend:infoblox net_view $DESIGNATE_INFOBLOX_NET_VIEW + iniset $DESIGNATE_CONF backend:infoblox ns_group $DESIGNATE_INFOBLOX_NS_GROUP +} + +# init_designate_backend - initialize databases, etc. +function init_designate_backend { + : +} + +# start_designate_backend - start any external services +function start_designate_backend { + : +} + +# stop_designate_backend - stop any external services +function stop_designate_backend { + : +} + +# cleanup_designate_backend - remove transient data and cache +function cleanup_designate_backend { + : +} + +# Restore xtrace +$DP_INFOBLOX_XTRACE diff --git a/devstack/designate_plugins/backend-ipa b/devstack/designate_plugins/backend-ipa new file mode 100644 index 000000000..8b41bc12c --- /dev/null +++ b/devstack/designate_plugins/backend-ipa @@ -0,0 +1,77 @@ +# Configure the ipa backend + +# Enable with: +# DESIGNATE_BACKEND_DRIVER=ipa + +# Dependencies: +# ``functions`` file +# ``designate`` configuration + +# install_designate_backend - install any external requirements +# configure_designate_backend - make configuration changes, including those to other services +# init_designate_backend - initialize databases, etc. +# start_designate_backend - start any external services +# stop_designate_backend - stop any external services +# cleanup_designate_backend - remove transient data and cache + +# Save trace setting +DP_IPA_XTRACE=$(set +o | grep xtrace) +set +o xtrace + +# Defaults +# -------- +DESIGNATE_IPA_HOST=${DESIGNATE_IPA_HOST:-$(hostname)} +DESIGNATE_IPA_CA_CERT=${DESIGNATE_IPA_CA_CERT:-/etc/ipa/ca.crt} +DESIGNATE_IPA_CLIENT_KEYTAB=${DESIGNATE_IPA_CLIENT_KEYTAB:-$HOME/ipaadmin.keytab} + +# Entry Points +# ------------ + +# install_designate_backend - install any external requirements +function install_designate_backend { + : +} + +# configure_designate_backend - make configuration changes, including those to other services +function configure_designate_backend { + rc=0 + if [[ ! -f $DESIGNATE_IPA_CA_CERT ]]; then + echo ERROR: IPA CA cert file $DESIGNATE_IPA_CA_CERT not found + rc=1 + fi + if [[ ! -f $DESIGNATE_IPA_CLIENT_KEYTAB ]]; then + echo ERROR: IPA client keytab file $DESIGNATE_IPA_CLIENT_KEYTAB not found + rc=1 + fi + if [[ $rc = 1 ]]; then + die $LINENO "Error with IPA configuration" + fi + iniset $DESIGNATE_CONF backend:ipa ipa_host $DESIGNATE_IPA_HOST + iniset $DESIGNATE_CONF backend:ipa ipa_ca_cert $DESIGNATE_IPA_CA_CERT + iniset $DESIGNATE_CONF backend:ipa ipa_client_keytab $DESIGNATE_IPA_CLIENT_KEYTAB + # devstack tests use dummy NS records, so tell IPA to allow this + iniset $DESIGNATE_CONF backend:ipa ipa_force_ns_use True +} + +# init_designate_backend - initialize databases, etc. +function init_designate_backend { + : +} + +# start_designate_backend - start any external services +function start_designate_backend { + : +} + +# stop_designate_backend - stop any external services +function stop_designate_backend { + : +} + +# cleanup_designate_backend - remove transient data and cache +function cleanup_designate_backend { + : +} + +# Restore xtrace +$DP_IPA_XTRACE diff --git a/devstack/designate_plugins/backend-powerdns b/devstack/designate_plugins/backend-powerdns new file mode 100644 index 000000000..719cc4d27 --- /dev/null +++ b/devstack/designate_plugins/backend-powerdns @@ -0,0 +1,147 @@ +# Configure the powerdns backend + +# Enable with: +# DESIGNATE_BACKEND_DRIVER=powerdns + +# Dependencies: +# ``functions`` file +# ``designate`` configuration + +# install_designate_backend - install any external requirements +# configure_designate_backend - make configuration changes, including those to other services +# init_designate_backend - initialize databases, etc. +# start_designate_backend - start any external services +# stop_designate_backend - stop any external services +# cleanup_designate_backend - remove transient data and cache + +# Save trace setting +DP_PDNS_XTRACE=$(set +o | grep xtrace) +set +o xtrace + +# Defaults +# -------- +if is_fedora; then + POWERDNS_CFG_DIR=/etc/pdns +else + POWERDNS_CFG_DIR=/etc/powerdns +fi + +# Entry Points +# ------------ + +# install_designate_backend - install any external requirements +function install_designate_backend { + if is_ubuntu; then + PDNS=pdns-server + elif is_fedora || is_suse; then + PDNS=pdns + else + PDNS=pdns-server + fi + + if is_service_enabled mysql; then + PDNS+=" pdns-backend-mysql" + elif is_service_enabled postgresql; then + PDNS+=" pdns-backend-pgsql" + else + die $LINENO "PowerDNS backend only supports MySQL / PostgreSQL" + fi + + install_package $PDNS + sudo rm -rf $POWERDNS_CFG_DIR/pdns.d +} + +# configure_designate_backend - make configuration changes, including those to other services +function configure_designate_backend { + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID type powerdns + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID masters $DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT_MDNS + iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID options "connection: `database_connection_url designate_pdns`, host: $DESIGNATE_SERVICE_HOST, port: $DESIGNATE_SERVICE_PORT_DNS" + + # DevStack Managed PDNS NameServer + local nameserver_id=`uuidgen` + iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID nameservers $nameserver_id + iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id host $DESIGNATE_SERVICE_HOST + iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id port $DESIGNATE_SERVICE_PORT_DNS + + sudo tee $POWERDNS_CFG_DIR/pdns.conf > /dev/null < /dev/null < /dev/null <&2 + domainid=$(designate domain-list | grep "$1" | get_field 1) + fi + echo $domainid +} + +# get the record id (uuid) given the record name and domain id +# if REQUIRED is set, die with an error if name not found +function get_record_id { + local domain_id=$1 + local record_name=$2 + local record_type=$3 + local required=$4 + local record_id=$(designate record-list $domain_id | egrep " $record_name " | egrep " $record_type " | get_field 1) + if [ "$required" = "1" ] ; then + die_if_not_set $LINENO record_id "Failure retrieving RECORD_ID" + fi + echo "$record_id" +} + +# Testing Servers +# =============== +designate server-list + +# NUMBER_OF_RECORDS keeps track of the records we need to get for AXFR +# We start with the number of NS lines returned from server list +# (Header line makes up for SOA + Number of NS record lines) +NUMBER_OF_RECORDS=$(designate server-list -f csv | wc -l) + +# Add 1 extra to account for the additional SOA at the end of the AXFR +((NUMBER_OF_RECORDS+=1)) + +# Testing Domains +# =============== + +# List domains +designate domain-list + +# Create random domain name +DOMAIN_NAME="exercise-$(openssl rand -hex 4).com." + +# Create the domain +designate domain-create --name $DOMAIN_NAME --email devstack@example.org + +DOMAIN_ID=$(get_domain_id $DOMAIN_NAME 1) + +# Fetch the domain +designate domain-get $DOMAIN_ID + +# List the nameservers hosting the domain +designate domain-servers-list $DOMAIN_ID + +# Testing Records +# =============== + +# Create random record name +A_RECORD_NAME="$(openssl rand -hex 4).${DOMAIN_NAME}" + +# Create an A record +designate record-create $DOMAIN_ID --name $A_RECORD_NAME --type A --data 127.0.0.1 +((NUMBER_OF_RECORDS++)) +A_RECORD_ID=$(get_record_id $DOMAIN_ID $A_RECORD_NAME A) + +# Fetch the record +designate record-get $DOMAIN_ID $A_RECORD_ID + +# Verify the record is published in DNS +ensure_record_present $A_RECORD_NAME A 127.0.0.1 + +# ----- + +# Create random record name +AAAA_RECORD_NAME="$(openssl rand -hex 4).${DOMAIN_NAME}" + +# Create an AAAA record +designate record-create $DOMAIN_ID --name $AAAA_RECORD_NAME --type AAAA --data "2607:f0d0:1002:51::4" +((NUMBER_OF_RECORDS++)) +AAAA_RECORD_ID=$(get_record_id $DOMAIN_ID $AAAA_RECORD_NAME AAAA) + +# Fetch the record +designate record-get $DOMAIN_ID $AAAA_RECORD_ID + +# Verify the record is published in DNS +ensure_record_present $AAAA_RECORD_NAME AAAA 2607:f0d0:1002:51::4 + +# ----- + +# Create a MX record +designate record-create $DOMAIN_ID --name $DOMAIN_NAME --type MX --priority 5 --data "mail.example.com." +((NUMBER_OF_RECORDS++)) +MX_RECORD_ID=$(get_record_id $DOMAIN_ID $DOMAIN_NAME MX) + +# Fetch the record +designate record-get $DOMAIN_ID $MX_RECORD_ID + +# Verify the record is published in DNS +ensure_record_present $DOMAIN_NAME MX "5 mail.example.com." + +# ----- + +# Create a SRV record +designate record-create $DOMAIN_ID --name _sip._tcp.$DOMAIN_NAME --type SRV --priority 10 --data "5 5060 sip.example.com." +((NUMBER_OF_RECORDS++)) +SRV_RECORD_ID=$(get_record_id $DOMAIN_ID _sip._tcp.$DOMAIN_NAME SRV) + +# Fetch the record +designate record-get $DOMAIN_ID $SRV_RECORD_ID + +# Verify the record is published in DNS +ensure_record_present _sip._tcp.$DOMAIN_NAME SRV "10 5 5060 sip.example.com." + +# ----- + +# Create random record name +CNAME_RECORD_NAME="$(openssl rand -hex 4).${DOMAIN_NAME}" + +# Create a CNAME record +designate record-create $DOMAIN_ID --name $CNAME_RECORD_NAME --type CNAME --data $DOMAIN_NAME +((NUMBER_OF_RECORDS++)) +CNAME_RECORD_ID=$(get_record_id $DOMAIN_ID $CNAME_RECORD_NAME CNAME) + +# Fetch the record +designate record-get $DOMAIN_ID $CNAME_RECORD_ID + +# Verify the record is published in DNS +ensure_record_present $CNAME_RECORD_NAME CNAME $DOMAIN_NAME + +# ----- + +# List Records +designate record-list $DOMAIN_ID + +# Send an AXFR to MDNS and check for the records returned +verify_axfr_in_mdns $DOMAIN_NAME $NUMBER_OF_RECORDS + +# ----- + +# Delete a Record +designate record-delete $DOMAIN_ID $CNAME_RECORD_ID + +# List Records +designate record-list $DOMAIN_ID + +# Fetch the record - should be gone +designate record-get $DOMAIN_ID $CNAME_RECORD_ID || echo "good - record was removed" + +# verify not in DNS anymore +ensure_record_absent $CNAME_RECORD_NAME CNAME $DOMAIN_NAME + +# Testing Domains Delete +# ====================== + +# Delete the domain +designate domain-delete $DOMAIN_ID + +# Fetch the domain - should be gone +designate domain-get $DOMAIN_ID || echo "good - domain was removed" + +set +o xtrace +echo "*********************************************************************" +echo "SUCCESS: End DevStack Exercise: $0" +echo "*********************************************************************" diff --git a/devstack/gate/gate_hook.sh b/devstack/gate/gate_hook.sh new file mode 100755 index 000000000..0a93cc6e1 --- /dev/null +++ b/devstack/gate/gate_hook.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +set -ex + +pushd $BASE/new/devstack + +DEVSTACK_GATE_DESIGNATE_DRIVER=${DEVSTACK_GATE_DESIGNATE_DRIVER:-powerdns} + +export KEEP_LOCALRC=1 +export ENABLED_SERVICES=designate,designate-api,designate-central,designate-sink,designate-mdns,designate-pool-manager,designate-zone-manager + +echo "DESIGNATE_SERVICE_PORT_DNS=5322" >> $BASE/new/devstack/localrc +echo "DESIGNATE_BACKEND_DRIVER=$DEVSTACK_GATE_DESIGNATE_DRIVER" >> $BASE/new/devstack/localrc +echo "DESIGNATE_PERIODIC_RECOVERY_INTERVAL=20" >> $BASE/new/devstack/localrc +echo "DESIGNATE_PERIODIC_SYNC_INTERVAL=20" >> $BASE/new/devstack/localrc + + +# Pass through any DESIGNATE_ env vars to the localrc file +env | grep -E "^DESIGNATE_" >> $BASE/new/devstack/localrc || : + +popd + +# Run DevStack Gate +$BASE/new/devstack-gate/devstack-vm-gate.sh diff --git a/devstack/gate/post_test_hook.sh b/devstack/gate/post_test_hook.sh new file mode 100755 index 000000000..d815d9a49 --- /dev/null +++ b/devstack/gate/post_test_hook.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +set -ex + +# Run the Designate DevStack exercises +$BASE/new/designate/devstack/exercise.sh + +# Run the Designate Tempest tests +sudo ./run_tempest_tests.sh diff --git a/devstack/gate/run_tempest_tests.sh b/devstack/gate/run_tempest_tests.sh new file mode 100755 index 000000000..c6cd1e6c4 --- /dev/null +++ b/devstack/gate/run_tempest_tests.sh @@ -0,0 +1,32 @@ +#!/bin/bash -e +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +# How many seconds to wait for the API to be responding before giving up +API_RESPONDING_TIMEOUT=20 + +if ! timeout ${API_RESPONDING_TIMEOUT} sh -c "while ! curl -s http://127.0.0.1:9001/ 2>/dev/null | grep -q 'v1' ; do sleep 1; done"; then + echo "The Designate API failed to respond within ${API_RESPONDING_TIMEOUT} seconds" + exit 1 +fi + +echo "Successfully contacted the Designate API" + +# Where Designate and Tempest code lives +DESIGNATE_DIR=${DESIGNATE_DIR:-/opt/stack/new/designate} +TEMPEST_DIR=${TEMPEST_DIR:-/opt/stack/new/tempest} + + +pushd $DESIGNATE_DIR +export TEMPEST_CONFIG=$TEMPEST_DIR/etc/tempest.conf +tox -e functional diff --git a/devstack/plugin.sh b/devstack/plugin.sh new file mode 100755 index 000000000..e3fb7b65a --- /dev/null +++ b/devstack/plugin.sh @@ -0,0 +1,342 @@ +# Install and start **Designate** service in Devstack + +# Save trace setting +XTRACE=$(set +o | grep xtrace) +set +o xtrace + +# Get backend configuration +# ---------------------------- +if is_service_enabled designate && [[ -r $DESIGNATE_PLUGINS/backend-$DESIGNATE_BACKEND_DRIVER ]]; then + # Load plugin + source $DESIGNATE_PLUGINS/backend-$DESIGNATE_BACKEND_DRIVER +fi + +# Helper Functions +# ---------------- +function setup_colorized_logging_designate { + local conf_file=$1 + local conf_section=$2 + local project_var=${3:-"project_name"} + local user_var=${4:-"user_name"} + + setup_colorized_logging $conf_file $conf_section $project_var $user_var + + # Override the logging_context_format_string value chosen by + # setup_colorized_logging. + iniset $conf_file $conf_section logging_context_format_string "%(asctime)s.%(msecs)03d %(color)s%(levelname)s %(name)s [%(request_id)s %(user_identity)s%(color)s] %(instance)s%(color)s%(message)s" +} + +# DevStack Plugin +# --------------- + +# cleanup_designate - Remove residual data files, anything left over from previous +# runs that a clean run would need to clean up +function cleanup_designate { + sudo rm -rf $DESIGNATE_STATE_PATH $DESIGNATE_AUTH_CACHE_DIR + cleanup_designate_backend +} + +# configure_designate - Set config files, create data dirs, etc +function configure_designate { + [ ! -d $DESIGNATE_CONF_DIR ] && sudo mkdir -m 755 -p $DESIGNATE_CONF_DIR + sudo chown $STACK_USER $DESIGNATE_CONF_DIR + + [ ! -d $DESIGNATE_LOG_DIR ] && sudo mkdir -m 755 -p $DESIGNATE_LOG_DIR + sudo chown $STACK_USER $DESIGNATE_LOG_DIR + + # (Re)create ``designate.conf`` + rm -f $DESIGNATE_CONF + + # General Configuration + iniset_rpc_backend designate $DESIGNATE_CONF DEFAULT + + iniset $DESIGNATE_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL + iniset $DESIGNATE_CONF DEFAULT verbose True + iniset $DESIGNATE_CONF DEFAULT state_path $DESIGNATE_STATE_PATH + iniset $DESIGNATE_CONF DEFAULT root-helper sudo designate-rootwrap $DESIGNATE_ROOTWRAP_CONF + iniset $DESIGNATE_CONF storage:sqlalchemy connection `database_connection_url designate` + + # Coordination Configuration + if [[ -n "$DESIGNATE_COORDINATION_URL" ]]; then + iniset $DESIGNATE_CONF coordination backend_url $DESIGNATE_COORDINATION_URL + fi + + # Install the policy file for the API server + cp $DESIGNATE_DIR/etc/designate/policy.json $DESIGNATE_CONF_DIR/policy.json + iniset $DESIGNATE_CONF DEFAULT policy_file $DESIGNATE_CONF_DIR/policy.json + + # Pool Manager Configuration + iniset $DESIGNATE_CONF service:pool_manager pool_id $DESIGNATE_POOL_ID + iniset $DESIGNATE_CONF service:pool_manager cache_driver $DESIGNATE_POOL_MANAGER_CACHE_DRIVER + iniset $DESIGNATE_CONF service:pool_manager periodic_recovery_interval $DESIGNATE_PERIODIC_RECOVERY_INTERVAL + iniset $DESIGNATE_CONF service:pool_manager periodic_sync_interval $DESIGNATE_PERIODIC_SYNC_INTERVAL + + # Pool Manager Cache + if [ "$DESIGNATE_POOL_MANAGER_CACHE_DRIVER" == "sqlalchemy" ]; then + iniset $DESIGNATE_CONF pool_manager_cache:sqlalchemy connection `database_connection_url designate_pool_manager` + fi + + # Pool Options + iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID targets $DESIGNATE_TARGET_ID + + # API Configuration + sudo cp $DESIGNATE_DIR/etc/designate/api-paste.ini $DESIGNATE_APIPASTE_CONF + iniset $DESIGNATE_CONF service:api enabled_extensions_v1 $DESIGNATE_ENABLED_EXTENSIONS_V1 + iniset $DESIGNATE_CONF service:api enabled_extensions_v2 $DESIGNATE_ENABLED_EXTENSIONS_V2 + iniset $DESIGNATE_CONF service:api enabled_extensions_admin $DESIGNATE_ENABLED_EXTENSIONS_ADMIN + iniset $DESIGNATE_CONF service:api api_host $DESIGNATE_SERVICE_HOST + iniset $DESIGNATE_CONF service:api api_base_uri $DESIGNATE_SERVICE_PROTOCOL://$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT/ + iniset $DESIGNATE_CONF service:api enable_api_v1 True + iniset $DESIGNATE_CONF service:api enable_api_v2 True + iniset $DESIGNATE_CONF service:api enable_api_admin True + + # mDNS Configuration + iniset $DESIGNATE_CONF service:mdns host $DESIGNATE_SERVICE_HOST + iniset $DESIGNATE_CONF service:mdns port $DESIGNATE_SERVICE_PORT_MDNS + + # Set up Notifications/Ceilometer Integration + iniset $DESIGNATE_CONF DEFAULT notification_driver "$DESIGNATE_NOTIFICATION_DRIVER" + iniset $DESIGNATE_CONF DEFAULT notification_topics "$DESIGNATE_NOTIFICATION_TOPICS" + + # Root Wrap + sudo cp $DESIGNATE_DIR/etc/designate/rootwrap.conf.sample $DESIGNATE_ROOTWRAP_CONF + iniset $DESIGNATE_ROOTWRAP_CONF DEFAULT filters_path $DESIGNATE_DIR/etc/designate/rootwrap.d root-helper + + # Oslo Concurrency + iniset $DESIGNATE_CONF oslo_concurrency lock_path "$DESIGNATE_STATE_PATH" + + # Set up the rootwrap sudoers for designate + local rootwrap_sudoer_cmd="$DESIGNATE_BIN_DIR/designate-rootwrap $DESIGNATE_ROOTWRAP_CONF *" + local tempfile=`mktemp` + echo "$STACK_USER ALL=(root) NOPASSWD: $rootwrap_sudoer_cmd" >$tempfile + chmod 0440 $tempfile + sudo chown root:root $tempfile + sudo mv $tempfile /etc/sudoers.d/designate-rootwrap + + # TLS Proxy Configuration + if is_service_enabled tls-proxy; then + # Set the service port for a proxy to take the original + iniset $DESIGNATE_CONF service:api api_port $DESIGNATE_SERVICE_PORT_INT + else + iniset $DESIGNATE_CONF service:api api_port $DESIGNATE_SERVICE_PORT + fi + + # Setup the Keystone Integration + if is_service_enabled key; then + iniset $DESIGNATE_CONF service:api auth_strategy keystone + configure_auth_token_middleware $DESIGNATE_CONF designate $DESIGNATE_AUTH_CACHE_DIR + fi + + # Logging Configuration + if [ "$SYSLOG" != "False" ]; then + iniset $DESIGNATE_CONF DEFAULT use_syslog True + fi + + # Format logging + if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ]; then + setup_colorized_logging_designate $DESIGNATE_CONF DEFAULT "tenant" "user" + fi + + # Backend Plugin Configuation + configure_designate_backend +} + +# Configure the needed tempest options +function configure_designate_tempest() { + if is_service_enabled tempest; then + nameservers=$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT_DNS + case $DESIGNATE_BACKEND_DRIVER in + bind9|powerdns) + nameservers="$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT_DNS" + ;; + akamai) + nameservers="$DESIGNATE_AKAMAI_NAMESERVERS" + ;; + dynect) + nameservers="$DESIGNATE_DYNECT_NAMESERVERS" + ;; + esac + + if [ ! -z "$DESIGNATE_NAMESERVERS" ]; then + nameservers=$DESIGNATE_NAMESERVERS + fi + + iniset $TEMPEST_CONFIG designate nameservers $nameservers + fi +} + +# create_designate_accounts - Set up common required designate accounts + +# Tenant User Roles +# ------------------------------------------------------------------ +# service designate admin # if enabled +function create_designate_accounts { + if is_service_enabled designate-api; then + create_service_user "designate" + + if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then + get_or_create_service "designate" "dns" "Designate DNS Service" + get_or_create_endpoint "dns" \ + "$REGION_NAME" \ + "$DESIGNATE_SERVICE_PROTOCOL://$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT/" \ + "$DESIGNATE_SERVICE_PROTOCOL://$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT/" \ + "$DESIGNATE_SERVICE_PROTOCOL://$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT/" + fi + fi +} + +# create_designate_ns_records - Create Pool NS Records +function create_designate_ns_records { + # Allow Backends to install their own NS Records rather than the default + if function_exists create_designate_ns_records_backend; then + create_designate_ns_records_backend + else + designate server-create --name $DESIGNATE_DEFAULT_NS_RECORD + fi +} + +# init_designate - Initialize etc. +function init_designate { + # Create cache dir + sudo mkdir -p $DESIGNATE_AUTH_CACHE_DIR + sudo chown $STACK_USER $DESIGNATE_AUTH_CACHE_DIR + rm -f $DESIGNATE_AUTH_CACHE_DIR/* + + # Some Designate Backends require mdns be bound to port 53, make that + # doable. + sudo setcap 'cap_net_bind_service=+ep' $(readlink -f /usr/bin/python) + + # (Re)create designate database + recreate_database designate utf8 + + # Init and migrate designate database + designate-manage database sync + + if [ "$DESIGNATE_POOL_MANAGER_CACHE_DRIVER" == "sqlalchemy" ]; then + # (Re)create designate_pool_manager cache + recreate_database designate_pool_manager utf8 + + # Init and migrate designate pool-manager-cache + designate-manage pool-manager-cache sync + fi + + init_designate_backend +} + +# install_designate - Collect source and prepare +function install_designate { + if is_fedora; then + # This package provides `dig` + install_package bind-utils + fi + + git_clone $DESIGNATE_REPO $DESIGNATE_DIR $DESIGNATE_BRANCH + setup_develop $DESIGNATE_DIR + + install_designate_backend +} + +# install_designateclient - Collect source and prepare +function install_designateclient { + if use_library_from_git "python-designateclient"; then + git_clone_by_name "python-designateclient" + setup_dev_lib "python-designateclient" + else + pip_install_gr "python-designateclient" + fi +} + +# install_designatedashboard - Collect source and prepare +function install_designatedashboard { + git_clone $DESIGNATEDASHBOARD_REPO $DESIGNATEDASHBOARD_DIR $DESIGNATEDASHBOARD_BRANCH + setup_develop $DESIGNATEDASHBOARD_DIR + ln -fs $DESIGNATEDASHBOARD_DIR/designatedashboard/enabled/_70_dns_add_group.py $HORIZON_DIR/openstack_dashboard/local/enabled/70_dns_add_group.py + ln -fs $DESIGNATEDASHBOARD_DIR/designatedashboard/enabled/_71_dns_project.py $HORIZON_DIR/openstack_dashboard/local/enabled/71_dns_project.py +} + +# start_designate - Start running processes, including screen +function start_designate { + start_designate_backend + + run_process designate-central "$DESIGNATE_BIN_DIR/designate-central --config-file $DESIGNATE_CONF" + run_process designate-api "$DESIGNATE_BIN_DIR/designate-api --config-file $DESIGNATE_CONF" + run_process designate-pool-manager "$DESIGNATE_BIN_DIR/designate-pool-manager --config-file $DESIGNATE_CONF" + run_process designate-zone-manager "$DESIGNATE_BIN_DIR/designate-zone-manager --config-file $DESIGNATE_CONF" + run_process designate-mdns "$DESIGNATE_BIN_DIR/designate-mdns --config-file $DESIGNATE_CONF" + run_process designate-agent "$DESIGNATE_BIN_DIR/designate-agent --config-file $DESIGNATE_CONF" + run_process designate-sink "$DESIGNATE_BIN_DIR/designate-sink --config-file $DESIGNATE_CONF" + + # Start proxies if enabled + if is_service_enabled designate-api && is_service_enabled tls-proxy; then + start_tls_proxy '*' $DESIGNATE_SERVICE_PORT $DESIGNATE_SERVICE_HOST $DESIGNATE_SERVICE_PORT_INT & + fi + + if ! timeout $SERVICE_TIMEOUT sh -c "while ! wget --no-proxy -q -O- $DESIGNATE_SERVICE_PROTOCOL://$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT; do sleep 1; done"; then + die $LINENO "Designate did not start" + fi +} + +# stop_designate - Stop running processes +function stop_designate { + # Kill the designate screen windows + stop_process designate-central + stop_process designate-api + stop_process designate-pool-manager + stop_process designate-zone-manager + stop_process designate-mdns + stop_process designate-agent + stop_process designate-sink + + stop_designate_backend +} + +# This is the main for plugin.sh +if is_service_enabled designate; then + + if [[ "$1" == "stack" && "$2" == "install" ]]; then + echo_summary "Installing Designate" + install_designate + + echo_summary "Installing Designate client" + install_designateclient + + if is_service_enabled horizon; then + echo_summary "Installing Designate dashboard" + install_designatedashboard + fi + + elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then + echo_summary "Configuring Designate" + configure_designate + + if is_service_enabled key; then + echo_summary "Creating Designate Keystone accounts" + create_designate_accounts + fi + + elif [[ "$1" == "stack" && "$2" == "extra" ]]; then + echo_summary "Initializing Designate" + init_designate + + echo "Configuring Tempest options for Designate" + configure_designate_tempest + + echo_summary "Starting Designate" + start_designate + + echo_summary "Creating pool NS records" + create_designate_ns_records + fi + + if [[ "$1" == "unstack" ]]; then + stop_designate + fi + + if [[ "$1" == "clean" ]]; then + echo_summary "Cleaning Designate" + cleanup_designate + fi +fi + +# Restore xtrace +$XTRACE diff --git a/devstack/settings b/devstack/settings new file mode 100644 index 000000000..60e00c6a5 --- /dev/null +++ b/devstack/settings @@ -0,0 +1,58 @@ +# Default options +DESIGNATE_BACKEND_DRIVER=${DESIGNATE_BACKEND_DRIVER:=powerdns} +DESIGNATE_POOL_MANAGER_CACHE_DRIVER=${DESIGNATE_POOL_MANAGER_CACHE_DRIVER:-memcache} +DESIGNATE_POOL_ID=${DESIGNATE_POOL_ID:-794ccc2c-d751-44fe-b57f-8894c9f5c842} +DESIGNATE_TARGET_ID=${DESIGNATE_TARGET_ID:-f26e0b32-736f-4f0a-831b-039a415c481e} +DESIGNATE_DEFAULT_NS_RECORD=${DESIGNATE_DEFAULT_NS_RECORD:-ns1.devstack.org.} +DESIGNATE_NOTIFICATION_DRIVER=${DESIGNATE_NOTIFICATION_DRIVER:-} +DESIGNATE_NOTIFICATION_TOPICS=${DESIGNATE_NOTIFICATION_TOPICS:-notifications} +DESIGNATE_PERIODIC_RECOVERY_INTERVAL=${DESIGNATE_PERIODIC_RECOVERY_INTERVAL:-120} +DESIGNATE_PERIODIC_SYNC_INTERVAL=${DESIGNATE_PERIODIC_SYNC_INTERVAL:-1800} +DESIGNATE_COORDINATION_URL=${DESIGNATE_COORDINATION_URL:-} + +# Default extensions +DESIGNATE_ENABLED_EXTENSIONS_V1=${DESIGNATE_ENABLED_EXTENSIONS_V1:-"quotas"} +DESIGNATE_ENABLED_EXTENSIONS_V2=${DESIGNATE_ENABLED_EXTENSIONS_V2:-""} +DESIGNATE_ENABLED_EXTENSIONS_ADMIN=${DESIGNATE_ENABLED_EXTENSIONS_ADMIN:-"quotas"} + +# Default IP/port settings +DESIGNATE_SERVICE_PROTOCOL=${DESIGNATE_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL} +DESIGNATE_SERVICE_HOST=${DESIGNATE_SERVICE_HOST:-$SERVICE_HOST} +DESIGNATE_SERVICE_PORT=${DESIGNATE_SERVICE_PORT:-9001} +DESIGNATE_SERVICE_PORT_INT=${DESIGNATE_SERVICE_PORT_INT:-19001} +DESIGNATE_SERVICE_PORT_DNS=${DESIGNATE_SERVICE_PORT_DNS:-53} +DESIGNATE_SERVICE_PORT_MDNS=${DESIGNATE_SERVICE_PORT_MDNS:-5354} + +# Default directories +DESIGNATE_BIN_DIR=$(get_python_exec_prefix) +DESIGNATE_DIR=$DEST/designate +DESIGNATEDASHBOARD_DIR=$DEST/designate-dashboard +DESIGNATE_CONF_DIR=/etc/designate +DESIGNATE_STATE_PATH=${DESIGNATE_STATE_PATH:=$DATA_DIR/designate} +DESIGNATE_CONF=$DESIGNATE_CONF_DIR/designate.conf +DESIGNATE_LOG_DIR=/var/log/designate +DESIGNATE_AUTH_CACHE_DIR=${DESIGNATE_AUTH_CACHE_DIR:-/var/cache/designate} +DESIGNATE_ROOTWRAP_CONF=$DESIGNATE_CONF_DIR/rootwrap.conf +DESIGNATE_APIPASTE_CONF=$DESIGNATE_CONF_DIR/api-paste.ini +DESIGNATE_PLUGINS=$DESIGNATE_DIR/devstack/designate_plugins + +# Default repositories +DESIGNATE_REPO=${DESIGNATE_REPO:-${GIT_BASE}/openstack/designate.git} +DESIGNATE_BRANCH=${DESIGNATE_BRANCH:-master} +DESIGNATEDASHBOARD_REPO=${DESIGNATEDASHBOARD_REPO:-${GIT_BASE}/openstack/designate-dashboard.git} +DESIGNATEDASHBOARD_BRANCH=${DESIGNATEDASHBOARD_BRANCH:-master} +GITDIR["python-designateclient"]=$DEST/python-designateclient + +# Tell Tempest this project is present +TEMPEST_SERVICES+=,designate + +# Turn on all Designate services by default + +enable_service designate +enable_service designate-central +enable_service designate-api +enable_service designate-pool-manager +enable_service designate-zone-manager +enable_service designate-mdns +enable_service designate-agent +enable_service designate-sink diff --git a/tox.ini b/tox.ini index 25a8e2ac9..cb5decfcf 100644 --- a/tox.ini +++ b/tox.ini @@ -42,7 +42,7 @@ commands = sh tools/pretty_flake8.sh [testenv:bashate] deps = bashate whitelist_externals = bash -commands = bash -c "find {toxinidir}/contrib/devstack \ +commands = bash -c "find {toxinidir}/devstack \ -not \( -type d -name .?\* -prune \) \ # prune all 'dot' dirs -not \( -type d -name doc -prune \) \ # skip documentation -type f \ # only files