From bb1b24c25a8b289d312f5551f36b69e6303e3d30 Mon Sep 17 00:00:00 2001
From: Christian Berendt <berendt@b1-systems.de>
Date: Thu, 8 Oct 2015 18:20:16 +0200
Subject: [PATCH] Migrate existing Devstack integration into a Devstack plugin

This patch will not remove the existing Devstack integration
in contrib/devstack.

Change-Id: I23ef00bb136e92abc5e69a9bbe1093cad9d2a362
Closes-bug: #1504214
---
 contrib/devstack/gate_hook.sh                |  22 +-
 contrib/devstack/post_test_hook.sh           |   7 +-
 contrib/devstack/run_tempest_tests.sh        |  34 +-
 contrib/vagrant/Vagrantfile                  |   9 -
 contrib/vagrant/localrc                      |   3 +
 devstack/README.rst                          |  16 +
 devstack/designate_plugins/backend-akamai    | 116 +++++++
 devstack/designate_plugins/backend-bind9     | 153 +++++++++
 devstack/designate_plugins/backend-designate | 135 ++++++++
 devstack/designate_plugins/backend-dynect    | 130 +++++++
 devstack/designate_plugins/backend-fake      |  58 ++++
 devstack/designate_plugins/backend-infoblox  |  98 ++++++
 devstack/designate_plugins/backend-ipa       |  77 +++++
 devstack/designate_plugins/backend-powerdns  | 147 ++++++++
 devstack/exercise.sh                         | 318 +++++++++++++++++
 devstack/gate/gate_hook.sh                   |  24 ++
 devstack/gate/post_test_hook.sh              |   9 +
 devstack/gate/run_tempest_tests.sh           |  32 ++
 devstack/plugin.sh                           | 342 +++++++++++++++++++
 devstack/settings                            |  58 ++++
 tox.ini                                      |   2 +-
 21 files changed, 1725 insertions(+), 65 deletions(-)
 create mode 100644 devstack/README.rst
 create mode 100644 devstack/designate_plugins/backend-akamai
 create mode 100644 devstack/designate_plugins/backend-bind9
 create mode 100644 devstack/designate_plugins/backend-designate
 create mode 100644 devstack/designate_plugins/backend-dynect
 create mode 100644 devstack/designate_plugins/backend-fake
 create mode 100644 devstack/designate_plugins/backend-infoblox
 create mode 100644 devstack/designate_plugins/backend-ipa
 create mode 100644 devstack/designate_plugins/backend-powerdns
 create mode 100755 devstack/exercise.sh
 create mode 100755 devstack/gate/gate_hook.sh
 create mode 100755 devstack/gate/post_test_hook.sh
 create mode 100755 devstack/gate/run_tempest_tests.sh
 create mode 100755 devstack/plugin.sh
 create mode 100644 devstack/settings

diff --git a/contrib/devstack/gate_hook.sh b/contrib/devstack/gate_hook.sh
index 0a93cc6e1..0cef3c968 100755
--- a/contrib/devstack/gate_hook.sh
+++ b/contrib/devstack/gate_hook.sh
@@ -2,23 +2,5 @@
 
 set -ex
 
-pushd $BASE/new/devstack
-
-DEVSTACK_GATE_DESIGNATE_DRIVER=${DEVSTACK_GATE_DESIGNATE_DRIVER:-powerdns}
-
-export KEEP_LOCALRC=1
-export ENABLED_SERVICES=designate,designate-api,designate-central,designate-sink,designate-mdns,designate-pool-manager,designate-zone-manager
-
-echo "DESIGNATE_SERVICE_PORT_DNS=5322" >> $BASE/new/devstack/localrc
-echo "DESIGNATE_BACKEND_DRIVER=$DEVSTACK_GATE_DESIGNATE_DRIVER" >> $BASE/new/devstack/localrc
-echo "DESIGNATE_PERIODIC_RECOVERY_INTERVAL=20" >> $BASE/new/devstack/localrc
-echo "DESIGNATE_PERIODIC_SYNC_INTERVAL=20" >> $BASE/new/devstack/localrc
-
-
-# Pass through any DESIGNATE_ env vars to the localrc file
-env | grep -E "^DESIGNATE_" >> $BASE/new/devstack/localrc || :
-
-popd
-
-# Run DevStack Gate
-$BASE/new/devstack-gate/devstack-vm-gate.sh
+cd /opt/stack/new/designate/devstack/gate
+./gate_hook.sh
diff --git a/contrib/devstack/post_test_hook.sh b/contrib/devstack/post_test_hook.sh
index 12f5c6e7e..f182a2749 100755
--- a/contrib/devstack/post_test_hook.sh
+++ b/contrib/devstack/post_test_hook.sh
@@ -2,8 +2,5 @@
 
 set -ex
 
-# Run the Designate DevStack exercises
-$BASE/new/devstack/exercises/designate.sh
-
-# Run the Designate Tempest tests
-sudo ./run_tempest_tests.sh
+cd /opt/stack/new/designate/devstack/gate
+./post_test_hook.sh
diff --git a/contrib/devstack/run_tempest_tests.sh b/contrib/devstack/run_tempest_tests.sh
index c6cd1e6c4..4edbb6b83 100755
--- a/contrib/devstack/run_tempest_tests.sh
+++ b/contrib/devstack/run_tempest_tests.sh
@@ -1,32 +1,6 @@
-#!/bin/bash -e
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
+#!/bin/bash
 
-# How many seconds to wait for the API to be responding before giving up
-API_RESPONDING_TIMEOUT=20
+set -ex
 
-if ! timeout ${API_RESPONDING_TIMEOUT} sh -c "while ! curl -s http://127.0.0.1:9001/ 2>/dev/null | grep -q 'v1' ; do sleep 1; done"; then
-    echo "The Designate API failed to respond within ${API_RESPONDING_TIMEOUT} seconds"
-    exit 1
-fi
-
-echo "Successfully contacted the Designate API"
-
-# Where Designate and Tempest code lives
-DESIGNATE_DIR=${DESIGNATE_DIR:-/opt/stack/new/designate}
-TEMPEST_DIR=${TEMPEST_DIR:-/opt/stack/new/tempest}
-
-
-pushd $DESIGNATE_DIR
-export TEMPEST_CONFIG=$TEMPEST_DIR/etc/tempest.conf
-tox -e functional
+cd /opt/stack/new/designate/devstack/gate
+./run_tempest_tests.sh
diff --git a/contrib/vagrant/Vagrantfile b/contrib/vagrant/Vagrantfile
index d19d1124e..a2d7bf50c 100644
--- a/contrib/vagrant/Vagrantfile
+++ b/contrib/vagrant/Vagrantfile
@@ -78,15 +78,6 @@ if [ ! -f "/home/vagrant/devstack/localrc" ]; then
     cp localrc /home/vagrant/devstack/localrc
 fi
 
-# Install Designate DevStack extension
-cd /opt/stack/designate/contrib/devstack
-
-for f in lib/* extras.d/* exercises/*; do
-    if [ ! -f "/home/vagrant/devstack/$f" ]; then
-        ln -fs /opt/stack/designate/contrib/devstack/$f -t /home/vagrant/devstack/$(dirname $f)
-    fi
-done
-
 # Link in any Rally Plugins
 mkdir /home/vagrant/.rally
 ln -s /opt/stack/designate/rally-scenarios/plugins /home/vagrant/.rally/plugins
diff --git a/contrib/vagrant/localrc b/contrib/vagrant/localrc
index a3d0bd00b..bdcbf32d8 100644
--- a/contrib/vagrant/localrc
+++ b/contrib/vagrant/localrc
@@ -18,6 +18,9 @@ LOG_COLOR=True
 # Enable the basic services we require
 ENABLED_SERVICES=rabbit,mysql,key
 
+# Enable designate
+enable_plugin designate https://git.openstack.org/openstack/designate
+
 # Designate Devstack Config
 # =========================
 # Enable core Designate services
diff --git a/devstack/README.rst b/devstack/README.rst
new file mode 100644
index 000000000..2634579d5
--- /dev/null
+++ b/devstack/README.rst
@@ -0,0 +1,16 @@
+====================
+Enabling in Devstack
+====================
+
+1. Download DevStack::
+
+    git clone https://git.openstack.org/openstack-dev/devstack.git
+    cd devstack
+
+2. Add this repo as an external repository::
+
+     > cat local.conf
+     [[local|localrc]]
+     enable_plugin designate https://git.openstack.org/openstack/designate
+
+3. run ``stack.sh``
diff --git a/devstack/designate_plugins/backend-akamai b/devstack/designate_plugins/backend-akamai
new file mode 100644
index 000000000..3f9b9dee6
--- /dev/null
+++ b/devstack/designate_plugins/backend-akamai
@@ -0,0 +1,116 @@
+# Configure the Akamai backend
+
+# Requirements:
+# An active Akamai account / contract will be requied to use this DevStack
+# plugin.
+
+# Enable with:
+# DESIGNATE_BACKEND_DRIVER=akamai
+
+# Dependencies:
+# ``functions`` file
+# ``designate`` configuration
+
+# install_designate_backend - install any external requirements
+# configure_designate_backend - make configuration changes, including those to other services
+# init_designate_backend - initialize databases, etc.
+# start_designate_backend - start any external services
+# stop_designate_backend - stop any external services
+# cleanup_designate_backend - remove transient data and cache
+
+# Save trace setting
+DP_AKAMAI_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+# Defaults
+# --------
+
+DESIGNATE_AKAMAI_USERNAME=${DESIGNATE_AKAMAI_USERNAME:-username}
+DESIGNATE_AKAMAI_PASSWORD=${DESIGNATE_AKAMAI_PASSWORD:-password}
+DESIGNATE_AKAMAI_MASTERS=${DESIGNATE_AKAMAI_MASTERS:-"$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT_MDNS"}
+DESIGNATE_AKAMAI_NAMESERVERS=${DESIGNATE_AKAMAI_NAMESERVERS:-""}
+DESIGNATE_AKAMAI_ALSO_NOTIFIES=${DESIGNATE_AKAMAI_ALSO_NOTIFIES:-"193.108.155.34:53,23.73.134.141:53,80.67.64.148:53,23.73.134.237:53,23.73.133.141:53,23.73.133.237:53,80.67.64.10:53,72.246.0.10:53,72.247.45.157:53,72.246.192.168:53,193.108.152.143:53,60.254.128.45:53,72.247.45.110:53,72.247.45.65:53,72.247.45.25:53"}
+
+# Pull in DESIGNATE_3RDPARTY_CREDS user/pass if set
+if [ -n "$DESIGNATE_3RDPARTY_CREDS" ]; then
+    DESIGNATE_AKAMAI_USERNAME=`echo $DESIGNATE_3RDPARTY_CREDS | cut -f1 -d:`
+    DESIGNATE_AKAMAI_PASSWORD=`echo $DESIGNATE_3RDPARTY_CREDS | cut -f2- -d:`
+fi
+
+# Sanity Checks
+# -------------
+if [ -z "$DESIGNATE_AKAMAI_NAMESERVERS" ]; then
+    die $LINENO "You must configure DESIGNATE_AKAMAI_NAMESERVERS"
+fi
+
+if [ "$DESIGNATE_SERVICE_PORT_MDNS" != "53" ]; then
+    die $LINENO "Akamai requires DESIGNATE_SERVICE_PORT_MDNS is set to '53'"
+fi
+
+# Entry Points
+# ------------
+
+# install_designate_backend - install any external requirements
+function install_designate_backend {
+    :
+}
+
+# configure_designate_backend - make configuration changes, including those to other services
+function configure_designate_backend {
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID type akamai
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID masters $DESIGNATE_AKAMAI_MASTERS
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID options "username: $DESIGNATE_AKAMAI_USERNAME, password: $DESIGNATE_AKAMAI_PASSWORD"
+
+    # Create a Pool Nameserver for each of the Akamai nameservers
+    local nameserver_ids=""
+    IFS=',' read -a nameservers <<< "$DESIGNATE_AKAMAI_NAMESERVERS"
+
+    for nameserver in "${nameservers[@]}"; do
+        local nameserver_id=`uuidgen`
+        iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id host $(dig +short A $nameserver | head -n 1)
+        iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id port 53
+
+        # Append the Nameserver ID to the list
+        nameserver_ids+=${nameserver_id},
+    done
+
+    # Configure the Pool for the set of nameserver IDs, minus the trailing comma
+    iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID nameservers "${nameserver_ids:0:-1}"
+
+    # Configure the Pool to Notify Akamai's Transfer Agents
+    iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID also_notifies "$DESIGNATE_AKAMAI_ALSO_NOTIFIES"
+}
+
+# create_designate_ns_records - Create Pool NS Records
+function create_designate_ns_records_backend {
+    # Build an array of the Akamai nameservers.
+    IFS=',' read -a ns_records <<< "$DESIGNATE_AKAMAI_NAMESERVERS"
+
+    # Create a NS Record for each of the Akamai nameservers
+    for ns_record in "${ns_records[@]}"; do
+        designate server-create --name "${ns_record%%.}."
+    done
+}
+
+# init_designate_backend - initialize databases, etc.
+function init_designate_backend {
+    :
+}
+
+# start_designate_backend - start any external services
+function start_designate_backend {
+    :
+}
+
+# stop_designate_backend - stop any external services
+function stop_designate_backend {
+    :
+}
+
+# cleanup_designate_backend - remove transient data and cache
+function cleanup_designate_backend {
+    :
+}
+
+# Restore xtrace
+$DP_AKAMAI_XTRACE
diff --git a/devstack/designate_plugins/backend-bind9 b/devstack/designate_plugins/backend-bind9
new file mode 100644
index 000000000..1de63f936
--- /dev/null
+++ b/devstack/designate_plugins/backend-bind9
@@ -0,0 +1,153 @@
+# Configure the bind9 pool backend
+
+# Enable with:
+# DESIGNATE_BACKEND_DRIVER=bind9
+
+# Dependencies:
+# ``functions`` file
+# ``designate`` configuration
+
+# install_designate_backend - install any external requirements
+# configure_designate_backend - make configuration changes, including those to other services
+# init_designate_backend - initialize databases, etc.
+# start_designate_backend - start any external services
+# stop_designate_backend - stop any external services
+# cleanup_designate_backend - remove transient data and cache
+
+# Save trace setting
+DP_BIND9_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+# Defaults
+# --------
+BIND_SERVICE_NAME=bind9
+BIND_CFG_DIR=/etc/bind
+BIND_VAR_DIR=/var/cache/bind
+BIND_CFG_FILE=$BIND_CFG_DIR/named.conf.options
+BIND_USER=bind
+BIND_GROUP=bind
+DESIGNATE_SERVICE_PORT_RNDC=${DESIGNATE_SERVICE_PORT_RNDC:-953}
+
+if is_fedora; then
+    BIND_SERVICE_NAME=named
+    BIND_CFG_DIR=/etc/named
+    BIND_CFG_FILE=/etc/named.conf
+    BIND_VAR_DIR=/var/named
+    BIND_USER=named
+    BIND_GROUP=named
+fi
+
+# Entry Points
+# ------------
+
+# install_designate_backend - install any external requirements
+function install_designate_backend {
+    if is_ubuntu; then
+        install_package bind9
+    elif is_fedora; then
+        install_package named
+    fi
+
+    # The user that designate runs as needs to be member of **$BIND_GROUP** group.
+    # The designate bind9 backend needs read/write access to $BIND_VAR_DIR
+    if ! getent group $BIND_GROUP >/dev/null; then
+        sudo groupadd $BIND_GROUP
+    fi
+    add_user_to_group $STACK_USER $BIND_GROUP
+    if [[ ! -d $BIND_CFG_DIR ]]; then
+        sudo mkdir -p $BIND_CFG_DIR
+        sudo chown $BIND_USER:$BIND_GROUP $BIND_CFG_DIR
+    fi
+
+    sudo chown -R $BIND_USER:$BIND_GROUP $BIND_CFG_DIR $BIND_VAR_DIR
+    sudo chmod -R g+r $BIND_CFG_DIR
+    sudo chmod -R g+rw $BIND_VAR_DIR
+
+    # Customize Bind9 apparmor profile if installed
+    if [[ -d /etc/apparmor.d ]]; then
+        sudo tee /etc/apparmor.d/local/usr.sbin.named > /dev/null << EOF
+$DESIGNATE_STATE_PATH/bind9/** rw,
+EOF
+        restart_service apparmor
+    fi
+}
+
+# configure_designate_backend - make configuration changes, including those to other services
+function configure_designate_backend {
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID type bind9
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID masters $DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT_MDNS
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID options "rndc_host: $DESIGNATE_SERVICE_HOST, rndc_port: $DESIGNATE_SERVICE_PORT_RNDC, rndc_config_file: $BIND_CFG_DIR/rndc.conf, rndc_key_file: $BIND_CFG_DIR/rndc.key, host: $DESIGNATE_SERVICE_HOST, port: $DESIGNATE_SERVICE_PORT_DNS"
+
+    # DevStack Managed BIND NameServer
+    local nameserver_id=`uuidgen`
+    iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID nameservers $nameserver_id
+    iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id host $DESIGNATE_SERVICE_HOST
+    iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id port $DESIGNATE_SERVICE_PORT_DNS
+
+    sudo chown $STACK_USER $BIND_CFG_DIR
+
+    # create rndc key and config
+    sudo rndc-confgen -a -c $BIND_CFG_DIR/rndc.key
+    sudo chown $BIND_USER:$BIND_GROUP $BIND_CFG_DIR/rndc.key
+    sudo chmod g+r $BIND_CFG_DIR/rndc.key
+
+    # Configure Bind
+    sudo tee $BIND_CFG_FILE > /dev/null <<EOF
+include "$BIND_CFG_DIR/rndc.key";
+
+options {
+    directory "$BIND_VAR_DIR";
+    allow-new-zones yes;
+    dnssec-validation auto;
+    auth-nxdomain no;    # conform to RFC1035
+    listen-on port $DESIGNATE_SERVICE_PORT_DNS { $DESIGNATE_SERVICE_HOST; };
+    recursion no;
+    minimal-responses yes;
+};
+
+controls {
+    inet $DESIGNATE_SERVICE_HOST port $DESIGNATE_SERVICE_PORT_RNDC allow { $DESIGNATE_SERVICE_HOST; } keys { "rndc-key"; };
+};
+EOF
+
+    # Configure RNDC
+    sudo tee $BIND_CFG_DIR/rndc.conf > /dev/null << EOF
+include "$BIND_CFG_DIR/rndc.key";
+
+options {
+    default-key "rndc-key";
+    default-server $DESIGNATE_SERVICE_HOST;
+    default-port $DESIGNATE_SERVICE_PORT_RNDC;
+};
+EOF
+
+    sudo chown $BIND_USER:$BIND_GROUP $BIND_CFG_FILE $BIND_CFG_DIR/rndc.conf
+    sudo chmod g+r $BIND_CFG_FILE $BIND_CFG_DIR/rndc.conf
+
+    restart_service $BIND_SERVICE_NAME
+}
+
+# init_designate_backend - initialize databases, etc.
+function init_designate_backend {
+    :
+}
+
+# start_designate_backend - start any external services
+function start_designate_backend {
+    start_service bind9
+}
+
+# stop_designate_backend - stop any external services
+function stop_designate_backend {
+    stop_service bind9
+}
+
+# cleanup_designate_backend - remove transient data and cache
+function cleanup_designate_backend {
+    sudo sh -c "rm -rf $BIND_VAR_DIR/*.nzf"
+    sudo sh -c "rm -rf $BIND_VAR_DIR/slave.*"
+    sudo rm -f $BIND_CFG_DIR/rndc.key
+}
+
+# Restore xtrace
+$DP_BIND9_XTRACE
diff --git a/devstack/designate_plugins/backend-designate b/devstack/designate_plugins/backend-designate
new file mode 100644
index 000000000..d9da65cf9
--- /dev/null
+++ b/devstack/designate_plugins/backend-designate
@@ -0,0 +1,135 @@
+# Configure the designate backend
+
+# Requirements:
+# Another Designate service is needed in order to install the SECONDARY zones in it.
+
+# Enable with:
+# DESIGNATE_BACKEND_DRIVER=designate
+
+# Dependencies:
+# ``functions`` file
+# ``designate`` configuration
+
+# install_designate_backend - install any external requirements
+# configure_designate_backend - make configuration changes, including those to other services
+# init_designate_backend - initialize databases, etc.
+# start_designate_backend - start any external services
+# stop_designate_backend - stop any external services
+# cleanup_designate_backend - remove transient data and cache
+
+# Save trace setting
+DP_D2D_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+# Defaults
+# --------
+
+# This is the Primary Designate MDNS servers.
+DESIGNATE_D2D_MASTERS=${DESIGNATE_D2D_MASTERS:-""}
+
+# DNS server to notify (MiniDNS ip:port)
+DESIGNATE_D2D_ALSO_NOTIES=${DESIGNATE_D2D_ALSO_NOTIES:-""}
+
+# DNS server to check SOA etc against
+DESIGNATE_D2D_NAMESERVERS=${DESIGNATE_D2D_NAMESERVERS:-""}
+
+# Destination openstack credentials
+DESIGNATE_D2D_KS_VERSION=${DESIGNATE_D2D_KS_VERSION:-3}
+
+DESIGNATE_D2D_AUTH_URL=${DESIGNATE_D2D_AUTH_URL:-}
+DESIGNATE_D2D_USERNAME=${DESIGNATE_D2D_USERNAME:-}
+DESIGNATE_D2D_PASSWORD=${DESIGNATE_D2D_PASSWORD:-}
+
+# Keystone V2
+DESIGNATE_D2D_TENANT_NAME=${DESIGNATE_D2D_TENANT_NAME:-}
+DESIGNATE_D2D_TENANT_NAME=${DESIGNATE_D2D_TENANT_ID:-}
+
+# Keystone V3
+DESIGNATE_D2D_PROJECT_NAME=${DESIGNATE_D2D_PROJECT_NAME:-}
+DESIGNATE_D2D_PROJECT_DOMAIN_NAME=${DESIGNATE_D2D_PROJECT_DOMAIN_NAME:-}
+DESIGNATE_D2D_USER_DOMAIN_NAME=${DESIGNATE_D2D_USER_DOMAIN_NAME:-}
+
+
+# Entry Points
+# ------------
+
+# install_designate_backend - install any external requirements
+function install_designate_backend {
+    :
+}
+
+# configure_designate_backend - make configuration changes, including those to other services
+function configure_designate_backend {
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID type designate
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID masters $DESIGNATE_D2D_MASTERS
+
+    options="auth_url: $DESIGNATE_D2D_AUTH_URL, username: $DESIGNATE_D2D_USERNAME, password: $DESIGNATE_D2D_PASSWORD,"
+    if [ "$DESIGNATE_D2D_KS_VERSION" == "2" ]; then
+        if [ ! -z "$DESIGNATE_D2D_TENANT_NAME" ]; then
+        options="$options tenant_name=$DESIGNATE_D2D_TENANT_NAME,"
+        fi
+
+        if [ ! -z "$DESIGNATE_D2D_TENANT_ID" ]; then
+            options="$options tenant_id=$DESIGNATE_D2D_TENANT_ID,"
+        fi
+    fi
+
+    if [ ! -z "$DESIGNATE_D2D_KS_VERSION" == "3" ]; then
+        options="$options project_name: $DESIGNATE_D2D_PROJECT_NAME, project_domain_name=$DESIGNATE_D2D_PROJECT_DOMAIN_NAME, user_domain_name=$DESIGNATE_D2D_USER_DOMAIN_NAME"
+    fi
+
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID options $options
+
+    # Create a Pool Nameserver for each of the Designate nameservers
+    local nameserver_ids=""
+    IFS=',' read -a nameservers <<< "$DESIGNATE_D2D_NAMESERVERS"
+
+    for nameserver in "${nameservers[@]}"; do
+        local nameserver_id=`uuidgen`
+        iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id host $(dig +short A $nameserver | head -n 1)
+        iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id port 53
+
+        # Append the Nameserver ID to the list
+        nameserver_ids+=${nameserver_id},
+    done
+
+    # Configure the Pool for the set of nameserver IDs, minus the trailing comma
+    iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID nameservers "${nameserver_ids:0:-1}"
+
+    # Configure the Pool to Notify the destination Mdns
+    iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID also_notifies "$DESIGNATE_D2D_ALSO_NOTIFIES"
+}
+
+# create_designate_ns_records - Create Pool NS Records
+function create_designate_ns_records_backend {
+    # Build an array of the Designate nameservers.
+    IFS=',' read -a ns_records <<< "$DESIGNATE_D2D_NAMESERVERS"
+
+    # Create a NS Record for each of the Designate nameservers
+    for ns_record in "${ns_records[@]}"; do
+        designate server-create --name "${ns_record%%.}."
+    done
+}
+
+# init_designate_backend - initialize databases, etc.
+function init_designate_backend {
+    :
+}
+
+# start_designate_backend - start any external services
+function start_designate_backend {
+    :
+}
+
+# stop_designate_backend - stop any external services
+function stop_designate_backend {
+    :
+}
+
+# cleanup_designate_backend - remove transient data and cache
+function cleanup_designate_backend {
+    :
+}
+
+# Restore xtrace
+$DP_D2D_XTRACE
diff --git a/devstack/designate_plugins/backend-dynect b/devstack/designate_plugins/backend-dynect
new file mode 100644
index 000000000..d53b022e3
--- /dev/null
+++ b/devstack/designate_plugins/backend-dynect
@@ -0,0 +1,130 @@
+# Configure the dynect backend
+
+# Requirements:
+# An active DynECT account / contract will be requied to use this DevStack
+# plugin.
+
+# Enable with:
+# DESIGNATE_BACKEND_DRIVER=dynect
+
+# Dependencies:
+# ``functions`` file
+# ``designate`` configuration
+
+# install_designate_backend - install any external requirements
+# configure_designate_backend - make configuration changes, including those to other services
+# init_designate_backend - initialize databases, etc.
+# start_designate_backend - start any external services
+# stop_designate_backend - stop any external services
+# cleanup_designate_backend - remove transient data and cache
+
+# Save trace setting
+DP_DYNECT_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+# Defaults
+# --------
+
+DESIGNATE_DYNECT_CUSTOMER=${DESIGNATE_DYNECT_CUSTOMER:-customer}
+DESIGNATE_DYNECT_USERNAME=${DESIGNATE_DYNECT_USERNAME:-username}
+DESIGNATE_DYNECT_PASSWORD=${DESIGNATE_DYNECT_PASSWORD:-password}
+DESIGNATE_DYNECT_CONTACT_NICKNAME=${DESIGNATE_DYNECT_CONTACT_NICKNAME:-}
+DESIGNATE_DYNECT_JOB_TIMEOUT=${DESIGNATE_DYNECT_JOB_TIMEOUT:-}
+DESIGNATE_DYNECT_TIMEOUT=${DESIGNATE_DYNECT_TIMEOUT:-}
+DESIGNATE_DYNECT_MASTERS=${DESIGNATE_DYNECT_MASTERS:-"$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT_MDNS"}
+DESIGNATE_DYNECT_NAMESERVERS=${DESIGNATE_DYNECT_NAMESERVERS:-""}
+DESIGNATE_DYNECT_ALSO_NOTIFIES=${DESIGNATE_DYNECT_ALSO_NOTIFIES:-"204.13.249.65:53,208.78.68.65:53"}
+
+# Pull in DESIGNATE_3RDPARTY_CREDS user/pass if set
+if [ -n "$DESIGNATE_3RDPARTY_CREDS" ]; then
+    DESIGNATE_DYNECT_CUSTOMER=`echo $DESIGNATE_3RDPARTY_CREDS | cut -f1 -d:`
+    DESIGNATE_DYNECT_USERNAME=`echo $DESIGNATE_3RDPARTY_CREDS | cut -f2 -d:`
+    DESIGNATE_DYNECT_PASSWORD=`echo $DESIGNATE_3RDPARTY_CREDS | cut -f3- -d:`
+fi
+
+# Sanity Checks
+# -------------
+if [ -z "$DESIGNATE_DYNECT_NAMESERVERS" ]; then
+    die $LINENO "You must configure DESIGNATE_DYNECT_NAMESERVERS"
+fi
+
+if [ "$DESIGNATE_SERVICE_PORT_MDNS" != "53" ]; then
+    die $LINENO "DynECT requires DESIGNATE_SERVICE_PORT_MDNS is set to '53'"
+fi
+
+# Entry Points
+# ------------
+
+# install_designate_backend - install any external requirements
+function install_designate_backend {
+    :
+}
+
+# configure_designate_backend - make configuration changes, including those to other services
+function configure_designate_backend {
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID type dynect
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID masters $DESIGNATE_DYNECT_MASTERS
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID options "customer_name: $DESIGNATE_DYNECT_CUSTOMER, username: $DESIGNATE_DYNECT_USERNAME, password: $DESIGNATE_DYNECT_PASSWORD"
+
+    # Create a Pool Nameserver for each of the DynECT nameservers
+    local nameserver_ids=""
+    IFS=',' read -a nameservers <<< "$DESIGNATE_DYNECT_NAMESERVERS"
+
+    for nameserver in "${nameservers[@]}"; do
+        local nameserver_id=`uuidgen`
+        iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id host $(dig +short A $nameserver | head -n 1)
+        iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id port 53
+
+        # Append the Nameserver ID to the list
+        nameserver_ids+=${nameserver_id},
+    done
+
+    # Configure the Pool for the set of nameserver IDs, minus the trailing comma
+    iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID nameservers "${nameserver_ids:0:-1}"
+
+    # Configure the Pool to Notify DynECT's Transfer Agents
+    iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID also_notifies "$DESIGNATE_DYNECT_ALSO_NOTIFIES"
+
+    # Global DynECT Backend Settings
+    if [ ! -z $DESIGNATE_DYNECT_JOB_TIMEOUT ]; then
+        iniset $DESIGNATE_CONF backend:dynect job_timeout "$DESIGNATE_DYNECT_JOB_TIMEOUT"
+    fi
+
+    if [ ! -z $DESIGNATE_DYNECT_TIMEOUT ]; then
+        iniset $DESIGNATE_CONF backend:dynect timeout "$DESIGNATE_DYNECT_TIMEOUT"
+    fi
+}
+
+# create_designate_ns_records - Create Pool NS Records
+function create_designate_ns_records_backend {
+    # Build an array of the DynECT nameservers.
+    IFS=',' read -a ns_records <<< "$DESIGNATE_DYNECT_NAMESERVERS"
+
+    # Create a NS Record for each of the DynECT nameservers
+    for ns_record in "${ns_records[@]}"; do
+        designate server-create --name "${ns_record%%.}."
+    done
+}
+
+# init_designate_backend - initialize databases, etc.
+function init_designate_backend {
+    :
+}
+
+# start_designate_backend - start any external services
+function start_designate_backend {
+    :
+}
+
+# stop_designate_backend - stop any external services
+function stop_designate_backend {
+    :
+}
+
+# cleanup_designate_backend - remove transient data and cache
+function cleanup_designate_backend {
+    :
+}
+
+# Restore xtrace
+$DP_DYNECT_XTRACE
diff --git a/devstack/designate_plugins/backend-fake b/devstack/designate_plugins/backend-fake
new file mode 100644
index 000000000..8d9ea4f48
--- /dev/null
+++ b/devstack/designate_plugins/backend-fake
@@ -0,0 +1,58 @@
+# Configure the fake backend
+
+# Enable with:
+# DESIGNATE_BACKEND_DRIVER=fake
+
+# Dependencies:
+# ``functions`` file
+# ``designate`` configuration
+
+# install_designate_backend - install any external requirements
+# configure_designate_backend - make configuration changes, including those to other services
+# init_designate_backend - initialize databases, etc.
+# start_designate_backend - start any external services
+# stop_designate_backend - stop any external services
+# cleanup_designate_backend - remove transient data and cache
+
+# Save trace setting
+DP_FAKE_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+# Defaults
+# --------
+
+# Entry Points
+# ------------
+
+# install_designate_backend - install any external requirements
+function install_designate_backend {
+    :
+}
+
+# configure_designate_backend - make configuration changes, including those to other services
+function configure_designate_backend {
+    :
+}
+
+# init_designate_backend - initialize databases, etc.
+function init_designate_backend {
+    :
+}
+
+# start_designate_backend - start any external services
+function start_designate_backend {
+    :
+}
+
+# stop_designate_backend - stop any external services
+function stop_designate_backend {
+    :
+}
+
+# cleanup_designate_backend - remove transient data and cache
+function cleanup_designate_backend {
+    :
+}
+
+# Restore xtrace
+$DP_FAKE_XTRACE
diff --git a/devstack/designate_plugins/backend-infoblox b/devstack/designate_plugins/backend-infoblox
new file mode 100644
index 000000000..8519990d4
--- /dev/null
+++ b/devstack/designate_plugins/backend-infoblox
@@ -0,0 +1,98 @@
+# Configure the infoblox backend
+
+# Requirements:
+# A NIOS Grid Master or Cloud Network Automation appliance (virtual or otherwise) is required
+# to use this DevStack plugin.
+
+# Enable with:
+# DESIGNATE_BACKEND_DRIVER=infoblox
+
+# Dependencies:
+# ``functions`` file
+# ``designate`` configuration
+
+# install_designate_backend - install any external requirements
+# configure_designate_backend - make configuration changes, including those to other services
+# init_designate_backend - initialize databases, etc.
+# start_designate_backend - start any external services
+# stop_designate_backend - stop any external services
+# cleanup_designate_backend - remove transient data and cache
+
+# Save trace setting
+DP_INFOBLOX_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+# Defaults
+# --------
+
+DESIGNATE_INFOBLOX_USERNAME=${DESIGNATE_INFOBLOX_USERNAME:-admin}
+DESIGNATE_INFOBLOX_PASSWORD=${DESIGNATE_INFOBLOX_PASSWORD:-infoblox}
+DESIGNATE_INFOBLOX_NAMESERVER_IP=${DESIGNATE_INFOBLOX_NAMESERVER_IP:-172.16.98.200}
+DESIGNATE_INFOBLOX_API_IP=${DESIGNATE_INFOBLOX_API_IP:-$DESIGNATE_INFOBLOX_NAMESERVER_IP}
+DESIGNATE_INFOBLOX_WAPI_URL=${DESIGNATE_INFOBLOX_WAPI_URL:-https://$DESIGNATE_INFOBLOX_API_IP/wapi/v2.0/}
+DESIGNATE_INFOBLOX_SSLVERIFY=${DESIGNATE_INFOBLOX_SSLVERIFY:-False}
+DESIGNATE_INFOBLOX_MULTI_TENANT=${DESIGNATE_INFOBLOX_MULTI_TENANT:-False}
+DESIGNATE_INFOBLOX_HTTP_POOL_CONNECTIONS=${DESIGNATE_INFOBLOX_HTTP_POOL_CONNECTIONS:-100}
+DESIGNATE_INFOBLOX_HTTP_POOL_MAXSIZE=${DESIGNATE_INFOBLOX_HTTP_POOL_MAXSIZE:-100}
+DESIGNATE_INFOBLOX_DNS_VIEW=${DESIGNATE_INFOBLOX_DNS_VIEW:-default}
+DESIGNATE_INFOBLOX_NET_VIEW=${DESIGNATE_INFOBLOX_NET_VIEW:-default}
+DESIGNATE_INFOBLOX_NS_GROUP=${DESIGNATE_INFOBLOX_NS_GROUP:-Designate}
+
+# Entry Points
+# ------------
+
+
+# install_designate_backend - install any external requirements
+function install_designate_backend {
+    if is_ubuntu; then
+        install_package python-dev libxslt1-dev libxslt1.1 libxml2-dev libxml2 libssl-dev
+    elif is_fedora; then
+        install_package python-devel libxslt1-devel libxslt1.1 libxml2-devel libxml2 libssl-devel
+    fi
+}
+
+# configure_designate_backend - make configuration changes, including those to other services
+function configure_designate_backend {
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID type infoblox
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID masters $DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT_MDNS
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID options "host: $DESIGNATE_INFOBLOX_NAMESERVER_IP, port: $DESIGNATE_SERVICE_PORT_DNS"
+
+    local nameserver_id=`uuidgen`
+    iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID nameservers $nameserver_id
+    iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id host $DESIGNATE_INFOBLOX_NAMESERVER_IP
+    iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id port $DESIGNATE_SERVICE_PORT_DNS
+
+    iniset $DESIGNATE_CONF backend:infoblox wapi_url $DESIGNATE_INFOBLOX_WAPI_URL
+    iniset $DESIGNATE_CONF backend:infoblox username $DESIGNATE_INFOBLOX_USERNAME
+    iniset $DESIGNATE_CONF backend:infoblox password $DESIGNATE_INFOBLOX_PASSWORD
+    iniset $DESIGNATE_CONF backend:infoblox sslverify $DESIGNATE_INFOBLOX_SSLVERIFY
+    iniset $DESIGNATE_CONF backend:infoblox multi_tenant $DESIGNATE_INFOBLOX_MULTI_TENANT
+    iniset $DESIGNATE_CONF backend:infoblox http_pool_connections $DESIGNATE_INFOBLOX_HTTP_POOL_CONNECTIONS
+    iniset $DESIGNATE_CONF backend:infoblox http_pool_maxsize $DESIGNATE_INFOBLOX_HTTP_POOL_MAXSIZE
+    iniset $DESIGNATE_CONF backend:infoblox dns_view $DESIGNATE_INFOBLOX_DNS_VIEW
+    iniset $DESIGNATE_CONF backend:infoblox net_view $DESIGNATE_INFOBLOX_NET_VIEW
+    iniset $DESIGNATE_CONF backend:infoblox ns_group $DESIGNATE_INFOBLOX_NS_GROUP
+}
+
+# init_designate_backend - initialize databases, etc.
+function init_designate_backend {
+    :
+}
+
+# start_designate_backend - start any external services
+function start_designate_backend {
+    :
+}
+
+# stop_designate_backend - stop any external services
+function stop_designate_backend {
+    :
+}
+
+# cleanup_designate_backend - remove transient data and cache
+function cleanup_designate_backend {
+    :
+}
+
+# Restore xtrace
+$DP_INFOBLOX_XTRACE
diff --git a/devstack/designate_plugins/backend-ipa b/devstack/designate_plugins/backend-ipa
new file mode 100644
index 000000000..8b41bc12c
--- /dev/null
+++ b/devstack/designate_plugins/backend-ipa
@@ -0,0 +1,77 @@
+# Configure the ipa backend
+
+# Enable with:
+# DESIGNATE_BACKEND_DRIVER=ipa
+
+# Dependencies:
+# ``functions`` file
+# ``designate`` configuration
+
+# install_designate_backend - install any external requirements
+# configure_designate_backend - make configuration changes, including those to other services
+# init_designate_backend - initialize databases, etc.
+# start_designate_backend - start any external services
+# stop_designate_backend - stop any external services
+# cleanup_designate_backend - remove transient data and cache
+
+# Save trace setting
+DP_IPA_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+# Defaults
+# --------
+DESIGNATE_IPA_HOST=${DESIGNATE_IPA_HOST:-$(hostname)}
+DESIGNATE_IPA_CA_CERT=${DESIGNATE_IPA_CA_CERT:-/etc/ipa/ca.crt}
+DESIGNATE_IPA_CLIENT_KEYTAB=${DESIGNATE_IPA_CLIENT_KEYTAB:-$HOME/ipaadmin.keytab}
+
+# Entry Points
+# ------------
+
+# install_designate_backend - install any external requirements
+function install_designate_backend {
+    :
+}
+
+# configure_designate_backend - make configuration changes, including those to other services
+function configure_designate_backend {
+    rc=0
+    if [[ ! -f $DESIGNATE_IPA_CA_CERT ]]; then
+        echo ERROR: IPA CA cert file $DESIGNATE_IPA_CA_CERT not found
+        rc=1
+    fi
+    if [[ ! -f $DESIGNATE_IPA_CLIENT_KEYTAB ]]; then
+        echo ERROR: IPA client keytab file $DESIGNATE_IPA_CLIENT_KEYTAB not found
+        rc=1
+    fi
+    if [[ $rc = 1 ]]; then
+        die $LINENO "Error with IPA configuration"
+    fi
+    iniset $DESIGNATE_CONF backend:ipa ipa_host $DESIGNATE_IPA_HOST
+    iniset $DESIGNATE_CONF backend:ipa ipa_ca_cert $DESIGNATE_IPA_CA_CERT
+    iniset $DESIGNATE_CONF backend:ipa ipa_client_keytab $DESIGNATE_IPA_CLIENT_KEYTAB
+    # devstack tests use dummy NS records, so tell IPA to allow this
+    iniset $DESIGNATE_CONF backend:ipa ipa_force_ns_use True
+}
+
+# init_designate_backend - initialize databases, etc.
+function init_designate_backend {
+    :
+}
+
+# start_designate_backend - start any external services
+function start_designate_backend {
+    :
+}
+
+# stop_designate_backend - stop any external services
+function stop_designate_backend {
+    :
+}
+
+# cleanup_designate_backend - remove transient data and cache
+function cleanup_designate_backend {
+    :
+}
+
+# Restore xtrace
+$DP_IPA_XTRACE
diff --git a/devstack/designate_plugins/backend-powerdns b/devstack/designate_plugins/backend-powerdns
new file mode 100644
index 000000000..719cc4d27
--- /dev/null
+++ b/devstack/designate_plugins/backend-powerdns
@@ -0,0 +1,147 @@
+# Configure the powerdns backend
+
+# Enable with:
+# DESIGNATE_BACKEND_DRIVER=powerdns
+
+# Dependencies:
+# ``functions`` file
+# ``designate`` configuration
+
+# install_designate_backend - install any external requirements
+# configure_designate_backend - make configuration changes, including those to other services
+# init_designate_backend - initialize databases, etc.
+# start_designate_backend - start any external services
+# stop_designate_backend - stop any external services
+# cleanup_designate_backend - remove transient data and cache
+
+# Save trace setting
+DP_PDNS_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+# Defaults
+# --------
+if is_fedora; then
+    POWERDNS_CFG_DIR=/etc/pdns
+else
+    POWERDNS_CFG_DIR=/etc/powerdns
+fi
+
+# Entry Points
+# ------------
+
+# install_designate_backend - install any external requirements
+function install_designate_backend {
+    if is_ubuntu; then
+        PDNS=pdns-server
+    elif is_fedora || is_suse; then
+        PDNS=pdns
+    else
+        PDNS=pdns-server
+    fi
+
+    if is_service_enabled mysql; then
+        PDNS+=" pdns-backend-mysql"
+    elif is_service_enabled postgresql; then
+        PDNS+=" pdns-backend-pgsql"
+    else
+        die $LINENO "PowerDNS backend only supports MySQL / PostgreSQL"
+    fi
+
+    install_package $PDNS
+    sudo rm -rf $POWERDNS_CFG_DIR/pdns.d
+}
+
+# configure_designate_backend - make configuration changes, including those to other services
+function configure_designate_backend {
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID type powerdns
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID masters $DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT_MDNS
+    iniset $DESIGNATE_CONF pool_target:$DESIGNATE_TARGET_ID options "connection: `database_connection_url designate_pdns`, host: $DESIGNATE_SERVICE_HOST, port: $DESIGNATE_SERVICE_PORT_DNS"
+
+    # DevStack Managed PDNS NameServer
+    local nameserver_id=`uuidgen`
+    iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID nameservers $nameserver_id
+    iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id host $DESIGNATE_SERVICE_HOST
+    iniset $DESIGNATE_CONF pool_nameserver:$nameserver_id port $DESIGNATE_SERVICE_PORT_DNS
+
+    sudo tee $POWERDNS_CFG_DIR/pdns.conf > /dev/null <<EOF
+# General Config
+setgid=pdns
+setuid=pdns
+config-dir=$POWERDNS_CFG_DIR
+socket-dir=/var/run
+guardian=yes
+daemon=yes
+disable-axfr=no
+local-address=$DESIGNATE_SERVICE_HOST
+local-port=$DESIGNATE_SERVICE_PORT_DNS
+master=no
+slave=yes
+cache-ttl=0
+query-cache-ttl=0
+negquery-cache-ttl=0
+out-of-zone-additional-processing=no
+EOF
+
+    if is_service_enabled mysql; then
+        sudo tee -a $POWERDNS_CFG_DIR/pdns.conf > /dev/null <<EOF
+# Launch gmysql backend
+launch=gmysql
+
+# gmysql parameters
+gmysql-host=$DATABASE_HOST
+gmysql-user=$DATABASE_USER
+gmysql-password=$DATABASE_PASSWORD
+gmysql-dbname=designate_pdns
+gmysql-dnssec=yes
+EOF
+    elif is_service_enabled postgresql; then
+        sudo tee -a $POWERDNS_CFG_DIR/pdns.conf > /dev/null <<EOF
+# Launch gpgsql backend
+launch=gpgsql
+
+# gmysql parameters
+gpgsql-host=$DATABASE_HOST
+gpgsql-user=$DATABASE_USER
+gpgsql-password=$DATABASE_PASSWORD
+gpgsql-dbname=designate_pdns
+gpgsql-dnssec=yes
+EOF
+    else
+        die $LINENO "PowerDNS backend only supports MySQL / PostgreSQL"
+    fi
+
+    restart_service pdns
+}
+
+# init_designate_backend - initialize databases, etc.
+function init_designate_backend {
+    # Stop pdns so that the migration succeeds, if not you get a error
+    # that the schema is still in use.
+    if is_service_enabled postgresql; then
+        stop_designate_backend
+    fi
+
+    # (Re)create designate_pdns database
+    recreate_database designate_pdns utf8
+
+    # Init and migrate designate_pdns database
+    designate-manage powerdns sync $DESIGNATE_TARGET_ID
+}
+
+# start_designate_backend - start any external services
+function start_designate_backend {
+    start_service pdns
+}
+
+# stop_designate_backend - stop any external services
+function stop_designate_backend {
+    stop_service pdns
+}
+
+# cleanup_designate_backend - remove transient data and cache
+function cleanup_designate_backend {
+    :
+}
+
+# Restore xtrace
+$DP_PDNS_XTRACE
diff --git a/devstack/exercise.sh b/devstack/exercise.sh
new file mode 100755
index 000000000..e5f8e10ac
--- /dev/null
+++ b/devstack/exercise.sh
@@ -0,0 +1,318 @@
+#!/usr/bin/env bash
+
+# **designate.sh**
+
+# Simple Tests to verify designate is running
+
+echo "*********************************************************************"
+echo "Begin DevStack Exercise: $0"
+echo "*********************************************************************"
+
+# This script exits on an error so that errors don't compound and you see
+# only the first error that occurred.
+set -o errexit
+
+# Print the commands being run so that we can see the command that triggers
+# an error.  It is also useful for following allowing as the install occurs.
+set -o xtrace
+
+
+# Keep track of the current directory
+SCRIPT_DIR=$(cd $(dirname "$0") && pwd)
+
+DEVSTACK_DIR=$(cd $SCRIPT_DIR/../..; pwd)/devstack
+if [ -x "$HOME/devstack/stack.sh" ]; then
+  DEVSTACK_DIR=$HOME/devstack/
+fi
+
+# Import common functions
+source $DEVSTACK_DIR/functions
+
+# Import configuration
+source $DEVSTACK_DIR/openrc admin admin
+
+# Import exercise configuration
+source $DEVSTACK_DIR/exerciserc
+
+# Skip if designate is not enabled
+is_service_enabled designate || exit 55
+
+# Import settings + designate library
+source $SCRIPT_DIR/plugin.sh
+
+# Settings
+# ========
+source $SCRIPT_DIR/settings
+
+# Used with dig to look up in DNS
+DIG_TIMEOUT=30
+
+if [ "$DESIGNATE_BACKEND_DRIVER" == "akamai" ]; then
+    # Akamai can be slow to propagate changes out
+    DIG_TIMEOUT=300
+fi
+
+# used with dig to look up in DNS
+DIG_FLAGS="-p $DESIGNATE_SERVICE_PORT_DNS @$DESIGNATE_SERVICE_HOST"
+
+# used with dig to do an AXFR against MDNS
+DIG_AXFR_FLAGS="-p $DESIGNATE_SERVICE_PORT_MDNS @$DESIGNATE_SERVICE_HOST AXFR +tcp +nocmd"
+
+# Functions
+# =========
+
+function cleanup {
+    # Try to cleanup any domains, this is important for backends like
+    # Akamai/Dyn, where state is not fully reset between test runs.
+    source $DEVSTACK_DIR/openrc admin admin
+
+    designate --all-tenants domain-list -f csv | awk 'BEGIN { FS = "," } ; {print $1}' | \
+        tail -n+2 | xargs --no-run-if-empty -n1 designate --all-tenants domain-delete
+}
+trap cleanup EXIT
+
+function ensure_record_present {
+    local record_name=$1
+    local record_type=$2
+    local record_value=$3
+
+    if [ "$DESIGNATE_BACKEND_DRIVER" = "fake" ] ; then
+        # if the backend is fake, there will be no actual DNS records
+        return 0
+    fi
+
+    if ! timeout $DIG_TIMEOUT sh -c "while ! dig +short $DIG_FLAGS $record_name $record_type | grep \"$record_value\"; do sleep 1; done"; then
+        die $LINENO "Error: record $record_name ($record_type) not found in DNS"
+    fi
+
+    # Display for debugging
+    dig $DIG_FLAGS $record_name $record_type
+
+    return 0
+}
+
+function ensure_record_absent {
+    local record_name=$1
+    local record_type=$2
+    local record_value=$3
+
+    if [ "$DESIGNATE_BACKEND_DRIVER" = "fake" ] ; then
+        # if the backend is fake, there will be no actual DNS records
+        return 0
+    fi
+
+    if ! timeout $DIG_TIMEOUT sh -c "while dig +short $DIG_FLAGS $record_name $record_type | grep \"$record_value\"; do sleep 1; done"; then
+        # Display for debugging
+        dig $DIG_FLAGS $record_name $record_type
+
+        die $LINENO "Error: record $record_name ($record_type) found in DNS, should be absent"
+    fi
+
+    return 0
+}
+
+# do an AXFR request to MDNS
+# if it does not match the expected value, give an error
+function verify_axfr_in_mdns {
+    # Display for debugging
+    dig $DIG_AXFR_FLAGS "$1"
+    if dig $DIG_AXFR_FLAGS "$1"; then
+        if [ -n "$2" ] ; then
+            local axfr_records=$(dig $DIG_AXFR_FLAGS "$1" | grep "$1" | wc -l)
+            if [ "$axfr_records" = "$2" ] ; then
+                return 0
+            else
+                die $LINENO "Error: AXFR to MDNS did not return the expected number of records"
+            fi
+        fi
+        return 0
+    else
+        die $LINENO "Error: AXFR to MDNS did not return a correct response"
+    fi
+}
+
+# get the domain id (uuid) given the domain name
+# if REQUIRED is set, die with an error if name not found
+function get_domain_id {
+    local domain_name=$1
+    local required=$2
+    local domain_id=$(designate domain-list | egrep " $domain_name " | get_field 1)
+    if [ "$required" = "1" ] ; then
+        die_if_not_set $LINENO domain_id "Failure retrieving DOMAIN_ID"
+    fi
+    echo "$domain_id"
+}
+
+
+# get the domain_name given the id
+function get_domain_name {
+    designate domain-list | grep "$1" | get_field 2
+}
+
+# if the given domain does not exist, it will be created
+# the domain_id of the domain will be returned
+function get_or_create_domain_id {
+    local domainid=$(get_domain_id "$1")
+    if [[ -z "$domainid" ]]; then
+        designate domain-create --name $1 --email admin@devstack.org --ttl 86400 --description "domain $1" 1>&2
+        domainid=$(designate domain-list | grep "$1" | get_field 1)
+    fi
+    echo $domainid
+}
+
+# get the record id (uuid) given the record name and domain id
+# if REQUIRED is set, die with an error if name not found
+function get_record_id {
+    local domain_id=$1
+    local record_name=$2
+    local record_type=$3
+    local required=$4
+    local record_id=$(designate record-list $domain_id | egrep " $record_name " | egrep " $record_type " | get_field 1)
+    if [ "$required" = "1" ] ; then
+        die_if_not_set $LINENO record_id "Failure retrieving RECORD_ID"
+    fi
+    echo "$record_id"
+}
+
+# Testing Servers
+# ===============
+designate server-list
+
+# NUMBER_OF_RECORDS keeps track of the records we need to get for AXFR
+# We start with the number of NS lines returned from server list
+# (Header line makes up for SOA + Number of NS record lines)
+NUMBER_OF_RECORDS=$(designate server-list -f csv | wc -l)
+
+# Add 1 extra to account for the additional SOA at the end of the AXFR
+((NUMBER_OF_RECORDS+=1))
+
+# Testing Domains
+# ===============
+
+# List domains
+designate domain-list
+
+# Create random domain name
+DOMAIN_NAME="exercise-$(openssl rand -hex 4).com."
+
+# Create the domain
+designate domain-create --name $DOMAIN_NAME --email devstack@example.org
+
+DOMAIN_ID=$(get_domain_id $DOMAIN_NAME 1)
+
+# Fetch the domain
+designate domain-get $DOMAIN_ID
+
+# List the nameservers hosting the domain
+designate domain-servers-list $DOMAIN_ID
+
+# Testing Records
+# ===============
+
+# Create random record name
+A_RECORD_NAME="$(openssl rand -hex 4).${DOMAIN_NAME}"
+
+# Create an A record
+designate record-create $DOMAIN_ID --name $A_RECORD_NAME --type A --data 127.0.0.1
+((NUMBER_OF_RECORDS++))
+A_RECORD_ID=$(get_record_id $DOMAIN_ID $A_RECORD_NAME A)
+
+# Fetch the record
+designate record-get $DOMAIN_ID $A_RECORD_ID
+
+# Verify the record is published in DNS
+ensure_record_present $A_RECORD_NAME A 127.0.0.1
+
+# -----
+
+# Create random record name
+AAAA_RECORD_NAME="$(openssl rand -hex 4).${DOMAIN_NAME}"
+
+# Create an AAAA record
+designate record-create $DOMAIN_ID --name $AAAA_RECORD_NAME --type AAAA --data "2607:f0d0:1002:51::4"
+((NUMBER_OF_RECORDS++))
+AAAA_RECORD_ID=$(get_record_id $DOMAIN_ID $AAAA_RECORD_NAME AAAA)
+
+# Fetch the record
+designate record-get $DOMAIN_ID $AAAA_RECORD_ID
+
+# Verify the record is published in DNS
+ensure_record_present $AAAA_RECORD_NAME AAAA 2607:f0d0:1002:51::4
+
+# -----
+
+# Create a MX record
+designate record-create $DOMAIN_ID --name $DOMAIN_NAME --type MX --priority 5 --data "mail.example.com."
+((NUMBER_OF_RECORDS++))
+MX_RECORD_ID=$(get_record_id $DOMAIN_ID $DOMAIN_NAME MX)
+
+# Fetch the record
+designate record-get $DOMAIN_ID $MX_RECORD_ID
+
+# Verify the record is published in DNS
+ensure_record_present $DOMAIN_NAME MX "5 mail.example.com."
+
+# -----
+
+# Create a SRV record
+designate record-create $DOMAIN_ID --name _sip._tcp.$DOMAIN_NAME --type SRV --priority 10 --data "5 5060 sip.example.com."
+((NUMBER_OF_RECORDS++))
+SRV_RECORD_ID=$(get_record_id $DOMAIN_ID _sip._tcp.$DOMAIN_NAME SRV)
+
+# Fetch the record
+designate record-get $DOMAIN_ID $SRV_RECORD_ID
+
+# Verify the record is published in DNS
+ensure_record_present _sip._tcp.$DOMAIN_NAME SRV "10 5 5060 sip.example.com."
+
+# -----
+
+# Create random record name
+CNAME_RECORD_NAME="$(openssl rand -hex 4).${DOMAIN_NAME}"
+
+# Create a CNAME record
+designate record-create $DOMAIN_ID --name $CNAME_RECORD_NAME --type CNAME --data $DOMAIN_NAME
+((NUMBER_OF_RECORDS++))
+CNAME_RECORD_ID=$(get_record_id $DOMAIN_ID $CNAME_RECORD_NAME CNAME)
+
+# Fetch the record
+designate record-get $DOMAIN_ID $CNAME_RECORD_ID
+
+# Verify the record is published in DNS
+ensure_record_present $CNAME_RECORD_NAME CNAME $DOMAIN_NAME
+
+# -----
+
+# List Records
+designate record-list $DOMAIN_ID
+
+# Send an AXFR to MDNS and check for the records returned
+verify_axfr_in_mdns $DOMAIN_NAME $NUMBER_OF_RECORDS
+
+# -----
+
+# Delete a Record
+designate record-delete $DOMAIN_ID $CNAME_RECORD_ID
+
+# List Records
+designate record-list $DOMAIN_ID
+
+# Fetch the record - should be gone
+designate record-get $DOMAIN_ID $CNAME_RECORD_ID || echo "good - record was removed"
+
+# verify not in DNS anymore
+ensure_record_absent $CNAME_RECORD_NAME CNAME $DOMAIN_NAME
+
+# Testing Domains Delete
+# ======================
+
+# Delete the domain
+designate domain-delete $DOMAIN_ID
+
+# Fetch the domain - should be gone
+designate domain-get $DOMAIN_ID || echo "good - domain was removed"
+
+set +o xtrace
+echo "*********************************************************************"
+echo "SUCCESS: End DevStack Exercise: $0"
+echo "*********************************************************************"
diff --git a/devstack/gate/gate_hook.sh b/devstack/gate/gate_hook.sh
new file mode 100755
index 000000000..0a93cc6e1
--- /dev/null
+++ b/devstack/gate/gate_hook.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+set -ex
+
+pushd $BASE/new/devstack
+
+DEVSTACK_GATE_DESIGNATE_DRIVER=${DEVSTACK_GATE_DESIGNATE_DRIVER:-powerdns}
+
+export KEEP_LOCALRC=1
+export ENABLED_SERVICES=designate,designate-api,designate-central,designate-sink,designate-mdns,designate-pool-manager,designate-zone-manager
+
+echo "DESIGNATE_SERVICE_PORT_DNS=5322" >> $BASE/new/devstack/localrc
+echo "DESIGNATE_BACKEND_DRIVER=$DEVSTACK_GATE_DESIGNATE_DRIVER" >> $BASE/new/devstack/localrc
+echo "DESIGNATE_PERIODIC_RECOVERY_INTERVAL=20" >> $BASE/new/devstack/localrc
+echo "DESIGNATE_PERIODIC_SYNC_INTERVAL=20" >> $BASE/new/devstack/localrc
+
+
+# Pass through any DESIGNATE_ env vars to the localrc file
+env | grep -E "^DESIGNATE_" >> $BASE/new/devstack/localrc || :
+
+popd
+
+# Run DevStack Gate
+$BASE/new/devstack-gate/devstack-vm-gate.sh
diff --git a/devstack/gate/post_test_hook.sh b/devstack/gate/post_test_hook.sh
new file mode 100755
index 000000000..d815d9a49
--- /dev/null
+++ b/devstack/gate/post_test_hook.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+set -ex
+
+# Run the Designate DevStack exercises
+$BASE/new/designate/devstack/exercise.sh
+
+# Run the Designate Tempest tests
+sudo ./run_tempest_tests.sh
diff --git a/devstack/gate/run_tempest_tests.sh b/devstack/gate/run_tempest_tests.sh
new file mode 100755
index 000000000..c6cd1e6c4
--- /dev/null
+++ b/devstack/gate/run_tempest_tests.sh
@@ -0,0 +1,32 @@
+#!/bin/bash -e
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+# How many seconds to wait for the API to be responding before giving up
+API_RESPONDING_TIMEOUT=20
+
+if ! timeout ${API_RESPONDING_TIMEOUT} sh -c "while ! curl -s http://127.0.0.1:9001/ 2>/dev/null | grep -q 'v1' ; do sleep 1; done"; then
+    echo "The Designate API failed to respond within ${API_RESPONDING_TIMEOUT} seconds"
+    exit 1
+fi
+
+echo "Successfully contacted the Designate API"
+
+# Where Designate and Tempest code lives
+DESIGNATE_DIR=${DESIGNATE_DIR:-/opt/stack/new/designate}
+TEMPEST_DIR=${TEMPEST_DIR:-/opt/stack/new/tempest}
+
+
+pushd $DESIGNATE_DIR
+export TEMPEST_CONFIG=$TEMPEST_DIR/etc/tempest.conf
+tox -e functional
diff --git a/devstack/plugin.sh b/devstack/plugin.sh
new file mode 100755
index 000000000..e3fb7b65a
--- /dev/null
+++ b/devstack/plugin.sh
@@ -0,0 +1,342 @@
+# Install and start **Designate** service in Devstack
+
+# Save trace setting
+XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+# Get backend configuration
+# ----------------------------
+if is_service_enabled designate && [[ -r $DESIGNATE_PLUGINS/backend-$DESIGNATE_BACKEND_DRIVER ]]; then
+    # Load plugin
+    source $DESIGNATE_PLUGINS/backend-$DESIGNATE_BACKEND_DRIVER
+fi
+
+# Helper Functions
+# ----------------
+function setup_colorized_logging_designate {
+    local conf_file=$1
+    local conf_section=$2
+    local project_var=${3:-"project_name"}
+    local user_var=${4:-"user_name"}
+
+    setup_colorized_logging $conf_file $conf_section $project_var $user_var
+
+    # Override the logging_context_format_string value chosen by
+    # setup_colorized_logging.
+    iniset $conf_file $conf_section logging_context_format_string "%(asctime)s.%(msecs)03d %(color)s%(levelname)s %(name)s [[01;36m%(request_id)s [00;36m%(user_identity)s%(color)s] [01;35m%(instance)s%(color)s%(message)s[00m"
+}
+
+# DevStack Plugin
+# ---------------
+
+# cleanup_designate - Remove residual data files, anything left over from previous
+# runs that a clean run would need to clean up
+function cleanup_designate {
+    sudo rm -rf $DESIGNATE_STATE_PATH $DESIGNATE_AUTH_CACHE_DIR
+    cleanup_designate_backend
+}
+
+# configure_designate - Set config files, create data dirs, etc
+function configure_designate {
+    [ ! -d $DESIGNATE_CONF_DIR ] && sudo mkdir -m 755 -p $DESIGNATE_CONF_DIR
+    sudo chown $STACK_USER $DESIGNATE_CONF_DIR
+
+    [ ! -d $DESIGNATE_LOG_DIR ] &&  sudo mkdir -m 755 -p $DESIGNATE_LOG_DIR
+    sudo chown $STACK_USER $DESIGNATE_LOG_DIR
+
+    # (Re)create ``designate.conf``
+    rm -f $DESIGNATE_CONF
+
+    # General Configuration
+    iniset_rpc_backend designate $DESIGNATE_CONF DEFAULT
+
+    iniset $DESIGNATE_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
+    iniset $DESIGNATE_CONF DEFAULT verbose True
+    iniset $DESIGNATE_CONF DEFAULT state_path $DESIGNATE_STATE_PATH
+    iniset $DESIGNATE_CONF DEFAULT root-helper sudo designate-rootwrap $DESIGNATE_ROOTWRAP_CONF
+    iniset $DESIGNATE_CONF storage:sqlalchemy connection `database_connection_url designate`
+
+    # Coordination Configuration
+    if [[ -n "$DESIGNATE_COORDINATION_URL" ]]; then
+        iniset $DESIGNATE_CONF coordination backend_url $DESIGNATE_COORDINATION_URL
+    fi
+
+    # Install the policy file for the API server
+    cp $DESIGNATE_DIR/etc/designate/policy.json $DESIGNATE_CONF_DIR/policy.json
+    iniset $DESIGNATE_CONF DEFAULT policy_file $DESIGNATE_CONF_DIR/policy.json
+
+    # Pool Manager Configuration
+    iniset $DESIGNATE_CONF service:pool_manager pool_id $DESIGNATE_POOL_ID
+    iniset $DESIGNATE_CONF service:pool_manager cache_driver $DESIGNATE_POOL_MANAGER_CACHE_DRIVER
+    iniset $DESIGNATE_CONF service:pool_manager periodic_recovery_interval $DESIGNATE_PERIODIC_RECOVERY_INTERVAL
+    iniset $DESIGNATE_CONF service:pool_manager periodic_sync_interval $DESIGNATE_PERIODIC_SYNC_INTERVAL
+
+    # Pool Manager Cache
+    if [ "$DESIGNATE_POOL_MANAGER_CACHE_DRIVER" == "sqlalchemy" ]; then
+        iniset $DESIGNATE_CONF pool_manager_cache:sqlalchemy connection `database_connection_url designate_pool_manager`
+    fi
+
+    # Pool Options
+    iniset $DESIGNATE_CONF pool:$DESIGNATE_POOL_ID targets $DESIGNATE_TARGET_ID
+
+    # API Configuration
+    sudo cp $DESIGNATE_DIR/etc/designate/api-paste.ini $DESIGNATE_APIPASTE_CONF
+    iniset $DESIGNATE_CONF service:api enabled_extensions_v1 $DESIGNATE_ENABLED_EXTENSIONS_V1
+    iniset $DESIGNATE_CONF service:api enabled_extensions_v2 $DESIGNATE_ENABLED_EXTENSIONS_V2
+    iniset $DESIGNATE_CONF service:api enabled_extensions_admin $DESIGNATE_ENABLED_EXTENSIONS_ADMIN
+    iniset $DESIGNATE_CONF service:api api_host $DESIGNATE_SERVICE_HOST
+    iniset $DESIGNATE_CONF service:api api_base_uri $DESIGNATE_SERVICE_PROTOCOL://$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT/
+    iniset $DESIGNATE_CONF service:api enable_api_v1 True
+    iniset $DESIGNATE_CONF service:api enable_api_v2 True
+    iniset $DESIGNATE_CONF service:api enable_api_admin True
+
+    # mDNS Configuration
+    iniset $DESIGNATE_CONF service:mdns host $DESIGNATE_SERVICE_HOST
+    iniset $DESIGNATE_CONF service:mdns port $DESIGNATE_SERVICE_PORT_MDNS
+
+    # Set up Notifications/Ceilometer Integration
+    iniset $DESIGNATE_CONF DEFAULT notification_driver "$DESIGNATE_NOTIFICATION_DRIVER"
+    iniset $DESIGNATE_CONF DEFAULT notification_topics "$DESIGNATE_NOTIFICATION_TOPICS"
+
+    # Root Wrap
+    sudo cp $DESIGNATE_DIR/etc/designate/rootwrap.conf.sample $DESIGNATE_ROOTWRAP_CONF
+    iniset $DESIGNATE_ROOTWRAP_CONF DEFAULT filters_path $DESIGNATE_DIR/etc/designate/rootwrap.d root-helper
+
+    # Oslo Concurrency
+    iniset $DESIGNATE_CONF oslo_concurrency lock_path "$DESIGNATE_STATE_PATH"
+
+    # Set up the rootwrap sudoers for designate
+    local rootwrap_sudoer_cmd="$DESIGNATE_BIN_DIR/designate-rootwrap $DESIGNATE_ROOTWRAP_CONF *"
+    local tempfile=`mktemp`
+    echo "$STACK_USER ALL=(root) NOPASSWD: $rootwrap_sudoer_cmd" >$tempfile
+    chmod 0440 $tempfile
+    sudo chown root:root $tempfile
+    sudo mv $tempfile /etc/sudoers.d/designate-rootwrap
+
+    # TLS Proxy Configuration
+    if is_service_enabled tls-proxy; then
+        # Set the service port for a proxy to take the original
+        iniset $DESIGNATE_CONF service:api api_port $DESIGNATE_SERVICE_PORT_INT
+    else
+        iniset $DESIGNATE_CONF service:api api_port $DESIGNATE_SERVICE_PORT
+    fi
+
+    # Setup the Keystone Integration
+    if is_service_enabled key; then
+        iniset $DESIGNATE_CONF service:api auth_strategy keystone
+        configure_auth_token_middleware $DESIGNATE_CONF designate $DESIGNATE_AUTH_CACHE_DIR
+    fi
+
+    # Logging Configuration
+    if [ "$SYSLOG" != "False" ]; then
+        iniset $DESIGNATE_CONF DEFAULT use_syslog True
+    fi
+
+    # Format logging
+    if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ]; then
+        setup_colorized_logging_designate $DESIGNATE_CONF DEFAULT "tenant" "user"
+    fi
+
+    # Backend Plugin Configuation
+    configure_designate_backend
+}
+
+# Configure the needed tempest options
+function configure_designate_tempest() {
+    if is_service_enabled tempest; then
+        nameservers=$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT_DNS
+        case $DESIGNATE_BACKEND_DRIVER in
+            bind9|powerdns)
+                nameservers="$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT_DNS"
+                ;;
+            akamai)
+                nameservers="$DESIGNATE_AKAMAI_NAMESERVERS"
+                ;;
+            dynect)
+                nameservers="$DESIGNATE_DYNECT_NAMESERVERS"
+                ;;
+        esac
+
+        if [ ! -z "$DESIGNATE_NAMESERVERS" ]; then
+            nameservers=$DESIGNATE_NAMESERVERS
+        fi
+
+        iniset $TEMPEST_CONFIG designate nameservers $nameservers
+    fi
+}
+
+# create_designate_accounts - Set up common required designate accounts
+
+# Tenant               User       Roles
+# ------------------------------------------------------------------
+# service              designate  admin        # if enabled
+function create_designate_accounts {
+    if is_service_enabled designate-api; then
+        create_service_user "designate"
+
+        if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
+            get_or_create_service "designate" "dns" "Designate DNS Service"
+            get_or_create_endpoint "dns" \
+                "$REGION_NAME" \
+                "$DESIGNATE_SERVICE_PROTOCOL://$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT/" \
+                "$DESIGNATE_SERVICE_PROTOCOL://$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT/" \
+                "$DESIGNATE_SERVICE_PROTOCOL://$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT/"
+        fi
+    fi
+}
+
+# create_designate_ns_records - Create Pool NS Records
+function create_designate_ns_records {
+    # Allow Backends to install their own NS Records rather than the default
+    if function_exists create_designate_ns_records_backend; then
+        create_designate_ns_records_backend
+    else
+        designate server-create --name $DESIGNATE_DEFAULT_NS_RECORD
+    fi
+}
+
+# init_designate - Initialize etc.
+function init_designate {
+    # Create cache dir
+    sudo mkdir -p $DESIGNATE_AUTH_CACHE_DIR
+    sudo chown $STACK_USER $DESIGNATE_AUTH_CACHE_DIR
+    rm -f $DESIGNATE_AUTH_CACHE_DIR/*
+
+    # Some Designate Backends require mdns be bound to port 53, make that
+    # doable.
+    sudo setcap 'cap_net_bind_service=+ep' $(readlink -f /usr/bin/python)
+
+    # (Re)create designate database
+    recreate_database designate utf8
+
+    # Init and migrate designate database
+    designate-manage database sync
+
+    if [ "$DESIGNATE_POOL_MANAGER_CACHE_DRIVER" == "sqlalchemy" ]; then
+        # (Re)create designate_pool_manager cache
+        recreate_database designate_pool_manager utf8
+
+        # Init and migrate designate pool-manager-cache
+        designate-manage pool-manager-cache sync
+    fi
+
+    init_designate_backend
+}
+
+# install_designate - Collect source and prepare
+function install_designate {
+    if is_fedora; then
+        # This package provides `dig`
+        install_package bind-utils
+    fi
+
+    git_clone $DESIGNATE_REPO $DESIGNATE_DIR $DESIGNATE_BRANCH
+    setup_develop $DESIGNATE_DIR
+
+    install_designate_backend
+}
+
+# install_designateclient - Collect source and prepare
+function install_designateclient {
+    if use_library_from_git "python-designateclient"; then
+        git_clone_by_name "python-designateclient"
+        setup_dev_lib "python-designateclient"
+    else
+        pip_install_gr "python-designateclient"
+    fi
+}
+
+# install_designatedashboard - Collect source and prepare
+function install_designatedashboard {
+    git_clone $DESIGNATEDASHBOARD_REPO $DESIGNATEDASHBOARD_DIR $DESIGNATEDASHBOARD_BRANCH
+    setup_develop $DESIGNATEDASHBOARD_DIR
+    ln -fs $DESIGNATEDASHBOARD_DIR/designatedashboard/enabled/_70_dns_add_group.py $HORIZON_DIR/openstack_dashboard/local/enabled/70_dns_add_group.py
+    ln -fs $DESIGNATEDASHBOARD_DIR/designatedashboard/enabled/_71_dns_project.py $HORIZON_DIR/openstack_dashboard/local/enabled/71_dns_project.py
+}
+
+# start_designate - Start running processes, including screen
+function start_designate {
+    start_designate_backend
+
+    run_process designate-central "$DESIGNATE_BIN_DIR/designate-central --config-file $DESIGNATE_CONF"
+    run_process designate-api "$DESIGNATE_BIN_DIR/designate-api --config-file $DESIGNATE_CONF"
+    run_process designate-pool-manager "$DESIGNATE_BIN_DIR/designate-pool-manager --config-file $DESIGNATE_CONF"
+    run_process designate-zone-manager "$DESIGNATE_BIN_DIR/designate-zone-manager --config-file $DESIGNATE_CONF"
+    run_process designate-mdns "$DESIGNATE_BIN_DIR/designate-mdns --config-file $DESIGNATE_CONF"
+    run_process designate-agent "$DESIGNATE_BIN_DIR/designate-agent --config-file $DESIGNATE_CONF"
+    run_process designate-sink "$DESIGNATE_BIN_DIR/designate-sink --config-file $DESIGNATE_CONF"
+
+    # Start proxies if enabled
+    if is_service_enabled designate-api && is_service_enabled tls-proxy; then
+        start_tls_proxy '*' $DESIGNATE_SERVICE_PORT $DESIGNATE_SERVICE_HOST $DESIGNATE_SERVICE_PORT_INT &
+    fi
+
+    if ! timeout $SERVICE_TIMEOUT sh -c "while ! wget --no-proxy -q -O- $DESIGNATE_SERVICE_PROTOCOL://$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT; do sleep 1; done"; then
+        die $LINENO "Designate did not start"
+    fi
+}
+
+# stop_designate - Stop running processes
+function stop_designate {
+    # Kill the designate screen windows
+    stop_process designate-central
+    stop_process designate-api
+    stop_process designate-pool-manager
+    stop_process designate-zone-manager
+    stop_process designate-mdns
+    stop_process designate-agent
+    stop_process designate-sink
+
+    stop_designate_backend
+}
+
+# This is the main for plugin.sh
+if is_service_enabled designate; then
+
+    if [[ "$1" == "stack" && "$2" == "install" ]]; then
+        echo_summary "Installing Designate"
+        install_designate
+
+        echo_summary "Installing Designate client"
+        install_designateclient
+
+        if is_service_enabled horizon; then
+            echo_summary "Installing Designate dashboard"
+            install_designatedashboard
+        fi
+
+    elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
+        echo_summary "Configuring Designate"
+        configure_designate
+
+        if is_service_enabled key; then
+            echo_summary "Creating Designate Keystone accounts"
+            create_designate_accounts
+        fi
+
+    elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
+        echo_summary "Initializing Designate"
+        init_designate
+
+        echo "Configuring Tempest options for Designate"
+        configure_designate_tempest
+
+        echo_summary "Starting Designate"
+        start_designate
+
+        echo_summary "Creating pool NS records"
+        create_designate_ns_records
+    fi
+
+    if [[ "$1" == "unstack" ]]; then
+        stop_designate
+    fi
+
+    if [[ "$1" == "clean" ]]; then
+        echo_summary "Cleaning Designate"
+        cleanup_designate
+    fi
+fi
+
+# Restore xtrace
+$XTRACE
diff --git a/devstack/settings b/devstack/settings
new file mode 100644
index 000000000..60e00c6a5
--- /dev/null
+++ b/devstack/settings
@@ -0,0 +1,58 @@
+# Default options
+DESIGNATE_BACKEND_DRIVER=${DESIGNATE_BACKEND_DRIVER:=powerdns}
+DESIGNATE_POOL_MANAGER_CACHE_DRIVER=${DESIGNATE_POOL_MANAGER_CACHE_DRIVER:-memcache}
+DESIGNATE_POOL_ID=${DESIGNATE_POOL_ID:-794ccc2c-d751-44fe-b57f-8894c9f5c842}
+DESIGNATE_TARGET_ID=${DESIGNATE_TARGET_ID:-f26e0b32-736f-4f0a-831b-039a415c481e}
+DESIGNATE_DEFAULT_NS_RECORD=${DESIGNATE_DEFAULT_NS_RECORD:-ns1.devstack.org.}
+DESIGNATE_NOTIFICATION_DRIVER=${DESIGNATE_NOTIFICATION_DRIVER:-}
+DESIGNATE_NOTIFICATION_TOPICS=${DESIGNATE_NOTIFICATION_TOPICS:-notifications}
+DESIGNATE_PERIODIC_RECOVERY_INTERVAL=${DESIGNATE_PERIODIC_RECOVERY_INTERVAL:-120}
+DESIGNATE_PERIODIC_SYNC_INTERVAL=${DESIGNATE_PERIODIC_SYNC_INTERVAL:-1800}
+DESIGNATE_COORDINATION_URL=${DESIGNATE_COORDINATION_URL:-}
+
+# Default extensions
+DESIGNATE_ENABLED_EXTENSIONS_V1=${DESIGNATE_ENABLED_EXTENSIONS_V1:-"quotas"}
+DESIGNATE_ENABLED_EXTENSIONS_V2=${DESIGNATE_ENABLED_EXTENSIONS_V2:-""}
+DESIGNATE_ENABLED_EXTENSIONS_ADMIN=${DESIGNATE_ENABLED_EXTENSIONS_ADMIN:-"quotas"}
+
+# Default IP/port settings
+DESIGNATE_SERVICE_PROTOCOL=${DESIGNATE_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
+DESIGNATE_SERVICE_HOST=${DESIGNATE_SERVICE_HOST:-$SERVICE_HOST}
+DESIGNATE_SERVICE_PORT=${DESIGNATE_SERVICE_PORT:-9001}
+DESIGNATE_SERVICE_PORT_INT=${DESIGNATE_SERVICE_PORT_INT:-19001}
+DESIGNATE_SERVICE_PORT_DNS=${DESIGNATE_SERVICE_PORT_DNS:-53}
+DESIGNATE_SERVICE_PORT_MDNS=${DESIGNATE_SERVICE_PORT_MDNS:-5354}
+
+# Default directories
+DESIGNATE_BIN_DIR=$(get_python_exec_prefix)
+DESIGNATE_DIR=$DEST/designate
+DESIGNATEDASHBOARD_DIR=$DEST/designate-dashboard
+DESIGNATE_CONF_DIR=/etc/designate
+DESIGNATE_STATE_PATH=${DESIGNATE_STATE_PATH:=$DATA_DIR/designate}
+DESIGNATE_CONF=$DESIGNATE_CONF_DIR/designate.conf
+DESIGNATE_LOG_DIR=/var/log/designate
+DESIGNATE_AUTH_CACHE_DIR=${DESIGNATE_AUTH_CACHE_DIR:-/var/cache/designate}
+DESIGNATE_ROOTWRAP_CONF=$DESIGNATE_CONF_DIR/rootwrap.conf
+DESIGNATE_APIPASTE_CONF=$DESIGNATE_CONF_DIR/api-paste.ini
+DESIGNATE_PLUGINS=$DESIGNATE_DIR/devstack/designate_plugins
+
+# Default repositories
+DESIGNATE_REPO=${DESIGNATE_REPO:-${GIT_BASE}/openstack/designate.git}
+DESIGNATE_BRANCH=${DESIGNATE_BRANCH:-master}
+DESIGNATEDASHBOARD_REPO=${DESIGNATEDASHBOARD_REPO:-${GIT_BASE}/openstack/designate-dashboard.git}
+DESIGNATEDASHBOARD_BRANCH=${DESIGNATEDASHBOARD_BRANCH:-master}
+GITDIR["python-designateclient"]=$DEST/python-designateclient
+
+# Tell Tempest this project is present
+TEMPEST_SERVICES+=,designate
+
+# Turn on all Designate services by default
+
+enable_service designate
+enable_service designate-central
+enable_service designate-api
+enable_service designate-pool-manager
+enable_service designate-zone-manager
+enable_service designate-mdns
+enable_service designate-agent
+enable_service designate-sink
diff --git a/tox.ini b/tox.ini
index 25a8e2ac9..cb5decfcf 100644
--- a/tox.ini
+++ b/tox.ini
@@ -42,7 +42,7 @@ commands = sh tools/pretty_flake8.sh
 [testenv:bashate]
 deps = bashate
 whitelist_externals = bash
-commands = bash -c "find {toxinidir}/contrib/devstack \
+commands = bash -c "find {toxinidir}/devstack         \
          -not \( -type d -name .?\* -prune \)         \ # prune all 'dot' dirs
          -not \( -type d -name doc -prune \)          \ # skip documentation
          -type f                                      \ # only files