Ansible-ize OpenStack Designate

Implement containers for main designate components.
Add designate enable options and port configuration.
Add designate groups to ansible inventory.
Add designate configuration to haproxy.
Add designate port checks.
Add designate passwords to passwords.yml.
Enable Designate and Neutron integration.
Enable Designate and Nova integration.
Fix designate-pool-manager container name for consistency.

Co-Authored-By: zhubingbing <zhubingbing10@gmail.com>

Change-Id: I34d8126e0cd8d71d5ced9b62f3776cc354fbb549
Implements: blueprint ansible-designate

ansible/group_vars/all.yml

@@ -124,6 +124,8 @@ congress_api_port: "1789"
 
 cloudkitty_api_port: "8889"
 
+designate_api_port: "9001"
+
 iscsi_port: "3260"
 
 gnocchi_api_port: "8041"
@@ -257,6 +259,7 @@ enable_cinder_backend_lvm: "no"
 enable_cloudkitty: "no"
 enable_congress: "no"
 enable_etcd: "no"
+enable_designate: "no"
 enable_gnocchi: "no"
 enable_grafana: "no"
 enable_heat: "yes"

ansible/inventory/all-in-one

@@ -138,6 +138,9 @@ control
 [searchlight:children]
 control
 
+[designate:children]
+control
+
 # Additional control implemented here. These groups allow you to control which
 # services run on which hosts at a per-service level.
 #
@@ -398,3 +401,19 @@ searchlight
 
 [searchlight-listener:children]
 searchlight
+
+# Designate
+[designate-api:children]
+designate
+
+[designate-central:children]
+designate
+
+[designate-mdns:children]
+designate
+
+[designate-pool-manager:children]
+designate
+
+[designate-sink:children]
+designate

ansible/inventory/multinode

@@ -153,6 +153,9 @@ control
 [searchlight:children]
 control
 
+[designate:children]
+control
+
 # Additional control implemented here. These groups allow you to control which
 # services run on which hosts at a per-service level.
 #
@@ -413,3 +416,19 @@ searchlight
 
 [searchlight-listener:children]
 searchlight
+
+# Designate
+[designate-api:children]
+designate
+
+[designate-central:children]
+designate
+
+[designate-mdns:children]
+designate
+
+[designate-pool-manager:children]
+designate
+
+[designate-sink:children]
+designate

ansible/roles/designate/defaults/main.yml

@@ -0,0 +1,56 @@
+---
+project_name: "designate"
+
+####################
+# Database
+####################
+designate_database_name: "designate"
+designate_database_user: "designate"
+designate_database_address: "{{ kolla_internal_fqdn }}:{{ database_port }}"
+
+designate_pool_manager_database_name: "designate_pool_manager"
+designate_pool_manager_database_user: "designate_pool_manager"
+designate_pool_manager_database_address: "{{ kolla_internal_fqdn }}:{{ database_port }}"
+
+
+####################
+# Docker
+####################
+
+designate_central_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-designate-central"
+designate_central_tag: "{{ openstack_release }}"
+designate_central_image_full: "{{ designate_central_image }}:{{ designate_central_tag }}"
+
+designate_api_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-designate-api"
+designate_api_tag: "{{ openstack_release }}"
+designate_api_image_full: "{{ designate_api_image }}:{{ designate_api_tag }}"
+
+designate_backend_bind9_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-designate-backend-bind9"
+designate_backend_bind9_tag: "{{ openstack_release }}"
+designate_backend_bind9_image_full: "{{ designate_backend_bind9_image }}:{{ designate_backend_bind9_tag }}"
+
+designate_mdns_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-designate-mdns"
+designate_mdns_tag: "{{ openstack_release }}"
+designate_mdns_image_full: "{{ designate_mdns_image }}:{{ designate_mdns_tag }}"
+
+designate_pool_manager_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-designate-pool-manager"
+designate_pool_manager_tag: "{{ openstack_release }}"
+designate_pool_manager_image_full: "{{ designate_pool_manager_image }}:{{ designate_pool_manager_tag }}"
+
+designate_sink_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-designate-sink"
+designate_sink_tag: "{{ openstack_release }}"
+designate_sink_image_full: "{{ designate_sink_image }}:{{ designate_sink_tag }}"
+
+
+####################
+# OpenStack
+####################
+designate_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ designate_api_port }}"
+designate_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ designate_api_port }}"
+designate_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ designate_api_port }}"
+
+designate_logging_debug: "{{ openstack_logging_debug }}"
+
+designate_keystone_user: "designate"
+
+openstack_designate_auth: "{'auth_url':'{{ openstack_auth.auth_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}'}"

ansible/roles/designate/meta/main.yml

@@ -0,0 +1,3 @@
+---
+dependencies:
+  - { role: common }

ansible/roles/designate/tasks/bootstrap.yml

@@ -0,0 +1,78 @@
+---
+- name: Creating Designate database
+  command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
+    -m mysql_db
+    -a "login_host='{{ database_address }}'
+        login_port='{{ database_port }}'
+        login_user='{{ database_user }}'
+        login_password='{{ database_password }}'
+        name='{{ designate_database_name }}'"
+  register: database
+  changed_when: "{{ database.stdout.find('localhost | SUCCESS => ') != -1 and
+                    (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+  failed_when: database.stdout.split()[2] != 'SUCCESS'
+  run_once: True
+  delegate_to: "{{ groups['designate-central'][0] }}"
+
+- name: Reading json from variable
+  set_fact:
+    database_created: "{{ (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+
+- name: Creating Designate Pool Manager database
+  command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
+    -m mysql_db
+    -a "login_host='{{ database_address }}'
+        login_port='{{ database_port }}'
+        login_user='{{ database_user }}'
+        login_password='{{ database_password }}'
+        name='{{ designate_pool_manager_database_name }}'"
+  register: database_pool_manager
+  changed_when: "{{ database.stdout.find('localhost | SUCCESS => ') != -1 and
+                    (database.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+  failed_when: database.stdout.split()[2] != 'SUCCESS'
+  run_once: True
+  delegate_to: "{{ groups['designate-central'][0] }}"
+
+- name: Reading json from variable
+  set_fact:
+    database_pool_manager_created: "{{ (database_pool_manager.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+
+- name: Creating Designate database user and setting permissions
+  command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
+    -m mysql_user
+    -a "login_host='{{ database_address }}'
+        login_port='{{ database_port }}'
+        login_user='{{ database_user }}'
+        login_password='{{ database_password }}'
+        name='{{ designate_database_name }}'
+        password='{{ designate_database_password }}'
+        host='%'
+        priv='{{ designate_database_name }}.*:ALL'
+        append_privs='yes'"
+  register: database_user_create
+  changed_when: "{{ database_user_create.stdout.find('localhost | SUCCESS => ') != -1 and
+                    (database_user_create.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+  failed_when: database_user_create.stdout.split()[2] != 'SUCCESS'
+  run_once: True
+  delegate_to: "{{ groups['designate-central'][0] }}"
+
+- name: Creating Designate Pool Manager database user and setting permissions
+  command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
+    -m mysql_user
+    -a "login_host='{{ database_address }}'
+        login_port='{{ database_port }}'
+        login_user='{{ database_user }}'
+        login_password='{{ database_password }}'
+        name='{{ designate_pool_manager_database_name }}'
+        password='{{ designate_pool_manager_database_password }}'
+        host='%'
+        priv='{{ designate_pool_manager_database_name }}.*:ALL'
+        append_privs='yes'"
+  register: database_pool_manager_user_create
+  changed_when: "{{ database_pool_manager_user_create.stdout.find('localhost | SUCCESS => ') != -1 and
+                    (database_pool_manager_user_create.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+  failed_when: database_pool_manager_user_create.stdout.split()[2] != 'SUCCESS'
+  run_once: True
+
+- include: bootstrap_service.yml
+  when: database_created

ansible/roles/designate/tasks/bootstrap_service.yml

@@ -0,0 +1,20 @@
+---
+- name: Running Designate bootstrap container
+  kolla_docker:
+    action: "start_container"
+    common_options: "{{ docker_common_options }}"
+    detach: False
+    environment:
+      KOLLA_BOOTSTRAP:
+      KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+    image: "{{ designate_central_image_full }}"
+    labels:
+      BOOTSTRAP:
+    name: "bootstrap_designate"
+    restart_policy: "never"
+    volumes:
+      - "{{ node_config_directory }}/designate-central/:{{ container_config_directory }}/:ro"
+      - "/etc/localtime:/etc/localtime:ro"
+      - "kolla_logs:/var/log/kolla/"
+  run_once: True
+  delegate_to: "{{ groups['designate-central'][0] }}"

ansible/roles/designate/tasks/config.yml

@@ -0,0 +1,43 @@
+---
+- name: Ensuring config directories exist
+  file:
+    path: "{{ node_config_directory }}/{{ item }}"
+    state: "directory"
+    recurse: yes
+  with_items:
+    - "designate-api"
+    - "designate-central"
+    - "designate-mdns"
+    - "designate-pool-manager"
+    - "designate-sink"
+
+- name: Copying over config.json files for services
+  template:
+    src: "{{ item }}.json.j2"
+    dest: "{{ node_config_directory }}/{{ item }}/config.json"
+  with_items:
+    - "designate-api"
+    - "designate-central"
+    - "designate-mdns"
+    - "designate-pool-manager"
+    - "designate-sink"
+
+- name: Copying over designate.conf
+  merge_configs:
+    vars:
+      service_name: "{{ item }}"
+    sources:
+      - "{{ role_path }}/templates/designate.conf.j2"
+      - "{{ node_custom_config }}/global.conf"
+      - "{{ node_custom_config }}/database.conf"
+      - "{{ node_custom_config }}/messaging.conf"
+      - "{{ node_custom_config }}/designate.conf"
+      - "{{ node_custom_config }}/designate/{{ item }}.conf"
+      - "{{ node_custom_config }}/designate/{{ inventory_hostname }}/designate.conf"
+    dest: "{{ node_config_directory }}/{{ item }}/designate.conf"
+  with_items:
+    - "designate-api"
+    - "designate-central"
+    - "designate-mdns"
+    - "designate-pool-manager"
+    - "designate-sink"

ansible/roles/designate/tasks/deploy.yml

@@ -0,0 +1,20 @@
+---
+- include: register.yml
+  when: inventory_hostname in groups['designate-api']
+
+- include: config.yml
+  when: inventory_hostname in groups['designate-api'] or
+        inventory_hostname in groups['designate-central'] or
+        inventory_hostname in groups['designate-mdns'] or
+        inventory_hostname in groups['designate-pool-manager'] or
+        inventory_hostname in groups['designate-sink']
+
+- include: bootstrap.yml
+  when: inventory_hostname in groups['designate-central']
+
+- include: start.yml
+  when: inventory_hostname in groups['designate-api'] or
+        inventory_hostname in groups['designate-central'] or
+        inventory_hostname in groups['designate-mdns'] or
+        inventory_hostname in groups['designate-pool-manager'] or
+        inventory_hostname in groups['designate-sink']

ansible/roles/designate/tasks/main.yml

@@ -0,0 +1,2 @@
+---
+- include: "{{ action }}.yml"

ansible/roles/designate/tasks/pull.yml

@@ -0,0 +1,35 @@
+---
+- name: Pulling designate-api image
+  kolla_docker:
+    action: "pull_image"
+    common_options: "{{ docker_common_options }}"
+    image: "{{ designate_api_image_full }}"
+  when: inventory_hostname in groups['designate-api']
+
+- name: Pulling designate-central image
+  kolla_docker:
+    action: "pull_image"
+    common_options: "{{ docker_common_options }}"
+    image: "{{ designate_central_image_full }}"
+  when: inventory_hostname in groups['designate-central']
+
+- name: Pulling designate-mdns image
+  kolla_docker:
+    action: "pull_image"
+    common_options: "{{ docker_common_options }}"
+    image: "{{ designate_mdns_image_full }}"
+  when: inventory_hostname in groups['designate-mdns']
+
+- name: Pulling designate-pool-manager image
+  kolla_docker:
+    action: "pull_image"
+    common_options: "{{ docker_common_options }}"
+    image: "{{ designate_pool_manager_image_full }}"
+  when: inventory_hostname in groups['designate-pool-manager']
+
+- name: Pulling designate-sink image
+  kolla_docker:
+    action: "pull_image"
+    common_options: "{{ docker_common_options }}"
+    image: "{{ designate_sink_image_full }}"
+  when: inventory_hostname in groups['designate-sink']

ansible/roles/designate/tasks/reconfigure.yml

@@ -0,0 +1,86 @@
+---
+- name: Ensuring the containers up
+  kolla_docker:
+    name: "{{ item.name }}"
+    action: "get_container_state"
+  register: container_states
+  failed_when: container_states.Running == false
+  when:
+    - "{{ item.enabled|default(True) }}"
+    - inventory_hostname in groups[item.group]
+  with_items:
+    - { name: designate_central, group: designate-central }
+    - { name: designate_api, group: designate-api }
+    - { name: designate_mdns, group: designate-mdns }
+    - { name: designate_pool_manager, group: designate-pool-manager }
+    - { name: designate_sink, group: designate-sink }
+
+- include: config.yml
+
+- name: Check the configs
+  command: docker exec {{ item.name }} /usr/local/bin/kolla_set_configs --check
+  changed_when: false
+  failed_when: false
+  register: check_results
+  when: inventory_hostname in groups[item.group]
+  with_items:
+    - { name: designate_central, group: designate-central }
+    - { name: designate_api, group: designate-api }
+    - { name: designate_mdns, group: designate-mdns }
+    - { name: designate_pool_manager, group: designate-pool-manager }
+    - { name: designate_sink, group: designate-sink }
+
+# NOTE(jeffrey4l): when config_strategy == 'COPY_ALWAYS'
+# and container env['KOLLA_CONFIG_STRATEGY'] == 'COPY_ONCE',
+# just remove the container and start again
+- name: Containers config strategy
+  kolla_docker:
+    name: "{{ item.name }}"
+    action: "get_container_env"
+  register: container_envs
+  when: inventory_hostname in groups[item.group]
+  with_items:
+    - { name: designate_central, group: designate-central }
+    - { name: designate_api, group: designate-api }
+    - { name: designate_mdns, group: designate-mdns }
+    - { name: designate_pool_manager, group: designate-pool-manager }
+    - { name: designate_sink, group: designate-sink }
+
+- name: Remove the containers
+  kolla_docker:
+    name: "{{ item[0]['name'] }}"
+    action: "remove_container"
+  register: remove_containers
+  when:
+    - inventory_hostname in groups[item[0]['group']]
+    - config_strategy == "COPY_ONCE" or item[1]['KOLLA_CONFIG_STRATEGY'] == 'COPY_ONCE'
+    - item[2]['rc'] == 1
+  with_together:
+    - [{ name: designate_central, group: designate-central },
+       { name: designate_api, group: designate-api },
+       { name: designate_mdns, group: designate-mdns },
+       { name: designate_pool_manager, group: designate-pool-manager },
+       { name: designate_sink, group: designate-sink }]
+    - "{{ container_envs.results }}"
+    - "{{ check_results.results }}"
+
+- include: start.yml
+  when: remove_containers.changed
+
+- name: Restart containers
+  kolla_docker:
+    name: "{{ item[0]['name'] }}"
+    action: "restart_container"
+  when:
+    - inventory_hostname in groups[item[0]['group']]
+    - config_strategy == 'COPY_ALWAYS'
+    - item[1]['KOLLA_CONFIG_STRATEGY'] != 'COPY_ONCE'
+    - item[2]['rc'] == 1
+  with_together:
+    - [{ name: designate_central, group: designate-central },
+       { name: designate_api, group: designate-api },
+       { name: designate_mdns, group: designate-mdns },
+       { name: designate_pool_manager, group: designate-pool-manager },
+       { name: designate_sink, group: designate-sink }]
+    - "{{ container_envs.results }}"
+    - "{{ check_results.results }}"

ansible/roles/designate/tasks/register.yml

@@ -0,0 +1,40 @@
+---
+- name: Creating the Designate service and endpoint
+  command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
+    -m kolla_keystone_service
+    -a "service_name=designate
+        service_type=dns
+        description='Designate DNS Service'
+        endpoint_region={{ openstack_region_name }}
+        url='{{ item.url }}'
+        interface='{{ item.interface }}'
+        region_name={{ openstack_region_name }}
+        auth={{ '{{ openstack_designate_auth }}' }}"
+    -e "{'openstack_designate_auth':{{ openstack_designate_auth }}}"
+  register: designate_endpoint
+  changed_when: "{{ designate_endpoint.stdout.find('localhost | SUCCESS => ') != -1 and (designate_endpoint.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+  until: designate_endpoint.stdout.split()[2] == 'SUCCESS'
+  retries: 10
+  delay: 5
+  run_once: True
+  with_items:
+    - {'interface': 'admin', 'url': '{{ designate_admin_endpoint }}'}
+    - {'interface': 'internal', 'url': '{{ designate_internal_endpoint }}'}
+    - {'interface': 'public', 'url': '{{ designate_public_endpoint }}'}
+
+- name: Creating the Designate project, user, and role
+  command: docker exec -t kolla_toolbox /usr/bin/ansible localhost
+    -m kolla_keystone_user
+    -a "project=service
+        user=designate
+        password={{ designate_keystone_password }}
+        role=admin
+        region_name={{ openstack_region_name }}
+        auth={{ '{{ openstack_designate_auth }}' }}"
+    -e "{'openstack_designate_auth':{{ openstack_designate_auth }}}"
+  register: designate_user
+  changed_when: "{{ designate_user.stdout.find('localhost | SUCCESS => ') != -1 and (designate_user.stdout.split('localhost | SUCCESS => ')[1]|from_json).changed }}"
+  until: designate_user.stdout.split()[2] == 'SUCCESS'
+  retries: 10
+  delay: 5
+  run_once: True

ansible/roles/designate/tasks/start.yml

@@ -0,0 +1,60 @@
+---
+- name: Starting designate-central container
+  kolla_docker:
+    action: "start_container"
+    common_options: "{{ docker_common_options }}"
+    image: "{{ designate_central_image_full }}"
+    name: "designate_central"
+    volumes:
+      - "{{ node_config_directory }}/designate-central/:{{ container_config_directory }}/:ro"
+      - "/etc/localtime:/etc/localtime:ro"
+      - "kolla_logs:/var/log/kolla/"
+  when: inventory_hostname in groups['designate-central']
+
+- name: Starting designate-api container
+  kolla_docker:
+    action: "start_container"
+    common_options: "{{ docker_common_options }}"
+    image: "{{ designate_api_image_full }}"
+    name: "designate_api"
+    volumes:
+      - "{{ node_config_directory }}/designate-api/:{{ container_config_directory }}/:ro"
+      - "/etc/localtime:/etc/localtime:ro"
+      - "kolla_logs:/var/log/kolla/"
+  when: inventory_hostname in groups['designate-api']
+
+- name: Starting designate-mdns container
+  kolla_docker:
+    action: "start_container"
+    common_options: "{{ docker_common_options }}"
+    image: "{{ designate_mdns_image_full }}"
+    name: "designate_mdns"
+    volumes:
+      - "{{ node_config_directory }}/designate-mdns/:{{ container_config_directory }}/:ro"
+      - "/etc/localtime:/etc/localtime:ro"
+      - "kolla_logs:/var/log/kolla/"
+  when: inventory_hostname in groups['designate-mdns']
+
+- name: Starting designate-pool-manager container
+  kolla_docker:
+    action: "start_container"
+    common_options: "{{ docker_common_options }}"
+    image: "{{ designate_pool_manager_image_full }}"
+    name: "designate_pool_manager"
+    volumes:
+      - "{{ node_config_directory }}/designate-pool-manager/:{{ container_config_directory }}/:ro"
+      - "/etc/localtime:/etc/localtime:ro"
+      - "kolla_logs:/var/log/kolla/"
+  when: inventory_hostname in groups['designate-pool-manager']
+
+- name: Starting designate-sink container
+  kolla_docker:
+    action: "start_container"
+    common_options: "{{ docker_common_options }}"
+    image: "{{ designate_sink_image_full }}"
+    name: "designate_sink"
+    volumes:
+      - "{{ node_config_directory }}/designate-sink/:{{ container_config_directory }}/:ro"
+      - "/etc/localtime:/etc/localtime:ro"
+      - "kolla_logs:/var/log/kolla/"
+  when: inventory_hostname in groups['designate-sink']

ansible/roles/designate/tasks/upgrade.yml

@@ -0,0 +1,6 @@
+---
+- include: config.yml
+
+- include: bootstrap_service.yml
+
+- include: start.yml

ansible/roles/designate/templates/designate-api.json.j2

@@ -0,0 +1,11 @@
+{
+    "command": "designate-api --config-file /etc/designate/designate.conf",
+    "config_files": [
+        {
+            "source": "{{ container_config_directory }}/designate.conf",
+            "dest": "/etc/designate/designate.conf",
+            "owner": "designate",
+            "perm": "0600"
+        }
+    ]
+}

ansible/roles/designate/templates/designate-central.json.j2

@@ -0,0 +1,11 @@
+{
+    "command": "designate-central --config-file /etc/designate/designate.conf",
+    "config_files": [
+        {
+            "source": "{{ container_config_directory }}/designate.conf",
+            "dest": "/etc/designate/designate.conf",
+            "owner": "designate",
+            "perm": "0600"
+        }
+    ]
+}

ansible/roles/designate/templates/designate-mdns.json.j2

@@ -0,0 +1,11 @@
+{
+    "command": "designate-mdns --config-file /etc/designate/designate.conf",
+    "config_files": [
+        {
+            "source": "{{ container_config_directory }}/designate.conf",
+            "dest": "/etc/designate/designate.conf",
+            "owner": "designate",
+            "perm": "0600"
+        }
+    ]
+}

ansible/roles/designate/templates/designate-pool-manager.json.j2

@@ -0,0 +1,11 @@
+{
+    "command": "designate-pool-manager --config-file /etc/designate/designate.conf",
+    "config_files": [
+        {
+            "source": "{{ container_config_directory }}/designate.conf",
+            "dest": "/etc/designate/designate.conf",
+            "owner": "designate",
+            "perm": "0600"
+        }
+    ]
+}

ansible/roles/designate/templates/designate-sink.json.j2

@@ -0,0 +1,11 @@
+{
+    "command": "designate-sink --config-file /etc/designate/designate.conf",
+    "config_files": [
+        {
+            "source": "{{ container_config_directory }}/designate.conf",
+            "dest": "/etc/designate/designate.conf",
+            "owner": "designate",
+            "perm": "0600"
+        }
+    ]
+}

ansible/roles/designate/templates/designate.conf.j2

@@ -0,0 +1,92 @@
+[DEFAULT]
+
+debug = {{ designate_logging_debug }}
+
+log-dir = /var/log/kolla/designate
+
+notification_driver = messaging
+notification_topics = notifications_designate
+
+transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %}
+
+[service:api]
+api_base_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ designate_api_port }}
+api_host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
+api_port = {{ designate_api_port }}
+
+enable_api_v1 = True
+enabled_extensions_v1 = 'diagnostics, quotas, reports, sync, touch'
+enable_api_v2 = True
+enabled_extensions_v2 = 'quotas, reports'
+
+api_paste_config = /usr/share/designate/api-paste.ini
+
+[keystone_authtoken]
+auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
+auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
+auth_type = password
+project_domain_id = default
+user_domain_id = default
+project_name = service
+username = {{ designate_keystone_user }}
+password = {{ designate_keystone_password }}
+http_connect_timeout = 60
+
+memcache_security_strategy = ENCRYPT
+memcache_secret_key = {{ memcache_secret_key }}
+memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
+
+[cors]
+
+[cors.subdomain]
+
+[service:sink]
+enabled_notification_handlers = nova_fixed, neutron_floatingip
+
+[service:mdns]
+host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
+
+[service:agent]
+host = {{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}
+
+[service:zone_manager]
+
+[zone_manager_task:domain_purge]
+
+[zone_manager_task:delayed_notify]
+
+[service:pool_manager]
+cache_driver = memcache
+
+[pool_manager_cache:sqlalchemy]
+connection = mysql+pymysql://{{ designate_pool_manager_database_user }}:{{ designate_pool_manager_database_password }}@{{ designate_pool_manager_database_address }}/{{ designate_pool_manager_database_name }}
+max_retries = 10
+idle_timeout = 3600
+
+[pool_manager_cache:memcache]
+memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
+
+[network_api:neutron]
+
+[storage:sqlalchemy]
+connection = mysql+pymysql://{{ designate_database_user }}:{{ designate_database_password }}@{{ designate_database_address }}/{{ designate_database_name }}
+max_retries = 10
+idle_timeout = 3600
+
+[handler:nova_fixed]
+notification_topics = notifications_designate
+control_exchange = nova
+format = '(display_name)s.%(domain)s'
+
+[handler:neutron_floatingip]
+notification_topics = notifications_designate
+control_exchange = neutron
+format = '%(octet0)s-%(octet1)s-%(octet2)s-%(octet3)s.%(domain)s'
+
+[backend:agent:bind9]
+
+[backend:agent:denominator]
+
+[oslo_concurrency]
+
+[coordination]

ansible/roles/haproxy/templates/haproxy.cfg.j2

@@ -587,6 +587,22 @@ listen congress_api_external
 {% endif %}
 {% endif %}
 
+{% if enable_designate | bool %}
+listen designate_api
+  bind {{ kolla_internal_vip_address }}:{{ designate_api_port }}
+{% for host in groups['designate-api'] %}
+  server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ designate_api_port }} check inter 2000 rise 2 fall 5
+{% endfor %}
+{% if haproxy_enable_external_vip | bool %}
+
+listen designate_api_external
+  bind {{ kolla_external_vip_address }}:{{ designate_api_port }} {{ tls_bind_info }}
+{% for host in groups['designate-api'] %}
+  server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ designate_api_port }} check inter 2000 rise 2 fall 5
+{% endfor %}
+{% endif %}
+{% endif %}
+
 {% if enable_mistral | bool %}
 listen mistral_api
   bind {{ kolla_internal_vip_address }}:{{ mistral_api_port }}

ansible/roles/neutron/templates/neutron.conf.j2

@@ -91,9 +91,10 @@ memcached_servers = {% for host in groups['memcached'] %}{% if orchestration_eng
 {% endif %}
 
 [oslo_messaging_notifications]
-{% if enable_ceilometer | bool %}
+{% if enable_ceilometer | bool or enable_designate | bool %}
 driver = messagingv2
-topics = notifications
+{% set topics=["notifications" if enable_ceilometer|bool else "", "notifications_designate" if enable_designate|bool else ""] %}
+topcis = {{ topics|reject("equalto", "")|list|join(",") }}
 {% else %}
 driver = noop
 {% endif %}

ansible/roles/nova/templates/nova.conf.j2

@@ -187,9 +187,10 @@ rbd_secret_uuid = {{ rbd_secret_uuid }}
 compute = auto
 
 [oslo_messaging_notifications]
-{% if enable_ceilometer | bool %}
+{% if enable_ceilometer | bool or enable_designate | bool %}
 driver = messagingv2
-topics = notifications
+{% set topics=["notifications" if enable_ceilometer|bool else "", "notifications_designate" if enable_designate|bool else ""] %}
+topcis = {{ topics|reject("equalto", "")|list|join(",") }}
 {% else %}
 driver = noop
 {% endif %}

ansible/roles/prechecks/tasks/port_checks.yml

@@ -139,6 +139,22 @@
     - inventory_hostname in groups['etcd']
     - enable_etcd | bool
 
+- name: Checking free port for Designate API
+  wait_for:
+    host: "{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}"
+    port: "{{ designate_api_port }}"
+    connect_timeout: 1
+    state: stopped
+  when: inventory_hostname in groups['designate-api']
+
+- name: Checking free port for Designate API HAProxy
+  wait_for:
+    host: "{{ kolla_internal_vip_address }}"
+    port: "{{ designate_api_port }}"
+    connect_timeout: 1
+    state: stopped
+  when: inventory_hostname in groups['haproxy']
+
 - name: Checking free port for Glance API
   wait_for:
     host: "{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}"

ansible/site.yml

@@ -327,6 +327,18 @@
         tags: congress,
         when: enable_congress | bool }
 
+- hosts:
+    - designate-api
+    - designate-central
+    - designate-mdns
+    - designate-pool-manager
+    - designate-sink
+  serial: '{{ serial|default("0") }}'
+  roles:
+    - { role: designate,
+        tags: designate,
+        when: enable_designate | bool }
+
 - hosts:
     - tempest
   serial: '{{ serial|default("0") }}'

etc/kolla/globals.yml

@@ -127,6 +127,7 @@ kolla_internal_vip_address: "10.10.10.254"
 #enable_cinder_backend_lvm: "no"
 #enable_cloudkitty: "no"
 #enable_congress: "no"
+#enable_designate: "no"
 #enable_etcd: "no"
 #enable_gnocchi: "no"
 #enable_grafana: "no"

etc/kolla/passwords.yml

@@ -58,6 +58,10 @@ cloudkitty_keystone_password:
 sahara_database_password:
 sahara_keystone_password:
 
+designate_database_password:
+designate_pool_manager_database_password:
+designate_keystone_password:
+
 swift_keystone_password:
 swift_hash_path_suffix:
 swift_hash_path_prefix:

releasenotes/notes/add-designate-c789e47f8ced394d.yaml

@@ -0,0 +1,5 @@
+---
+features:
+  - Add deployment and management of Designate OpenStack services.
+issues:
+  - Customer facing DNS servers for use with Designate still required to be set up manually.