From 5ba88401eb586fb0aab1c7634da7a88ce98551ff Mon Sep 17 00:00:00 2001 From: Marc Gariepy Date: Thu, 12 Jan 2017 15:03:05 -0500 Subject: [PATCH] Add CentOS support for os_designate This commit add CentOS support to os_designate Change-Id: Idfae25a8a769348da629bc0a4a79d1ee56d60aad --- ...gnate-centos-support-501276f049c2baff.yaml | 4 ++ tasks/designate_install.yml | 28 ++++++++-- tests/named.conf | 51 +++++++++++++++++++ tests/pools.yaml.sample.centos | 44 ++++++++++++++++ tests/test-install-designate.yml | 31 ++++++++--- .../redhat-7.yml | 14 ++--- 6 files changed, 151 insertions(+), 21 deletions(-) create mode 100644 releasenotes/notes/os_designate-centos-support-501276f049c2baff.yaml create mode 100644 tests/named.conf create mode 100644 tests/pools.yaml.sample.centos rename tasks/designate_install_apt.yml => vars/redhat-7.yml (65%) diff --git a/releasenotes/notes/os_designate-centos-support-501276f049c2baff.yaml b/releasenotes/notes/os_designate-centos-support-501276f049c2baff.yaml new file mode 100644 index 0000000..764ae2f --- /dev/null +++ b/releasenotes/notes/os_designate-centos-support-501276f049c2baff.yaml @@ -0,0 +1,4 @@ +--- +features: + - CentOS7/RHEL support has been added to the os_designate role. + diff --git a/tasks/designate_install.yml b/tasks/designate_install.yml index 6d79bde..8092747 100644 --- a/tasks/designate_install.yml +++ b/tasks/designate_install.yml @@ -13,9 +13,22 @@ # See the License for the specific language governing permissions and # limitations under the License. -- include: designate_install_apt.yml - static: no - when: ansible_pkg_mgr == 'apt' +- name: Ensure apt cache is up to date + apt: + update_cache: yes + cache_valid_time: "{{ cache_timeout }}" + when: + - ansible_pkg_mgr == 'apt' + +- name: Install designate distro packages + package: + name: "{{ item }}" + state: "{{ designate_package_state }}" + register: install_packages + until: install_packages|success + retries: 5 + delay: 2 + with_items: "{{ designate_distro_packages }}" - name: Create developer mode constraint file copy: @@ -87,6 +100,15 @@ notify: - Restart designate services +- name: CentOS remove python from path first + file: + path: "{{ designate_bin | dirname }}/bin/python2.7" + state: "absent" + when: + - ansible_pkg_mgr == 'yum' + - not designate_developer_mode | bool + - designate_get_venv | changed + - name: Update virtualenv path command: > virtualenv-tools --update-path=auto --reinitialize {{ designate_bin | dirname }} diff --git a/tests/named.conf b/tests/named.conf new file mode 100644 index 0000000..badbaf6 --- /dev/null +++ b/tests/named.conf @@ -0,0 +1,51 @@ +options { + directory "/var/named"; + + // If there is a firewall between you and any nameservers you want + // to talk to, you may need to fix the firewall to allow multiple + // ports to talk. See http://www.kb.cert.org/vuls/id/800113 + + // If your ISP provided one or more IP addresses for stable + // nameservers, you probably want to use them as forwarders. + // Uncomment the following block, and insert the addresses replacing + // the all-0's placeholder. + + // forwarders { + // 0.0.0.0; + // }; + + //======================================================================== + // If BIND logs error messages about the root key being expired, + // you will need to update your keys. See https://www.isc.org/bind-keys + //======================================================================== + dnssec-validation auto; + + auth-nxdomain no; # conform to RFC1035 + listen-on-v6 { any; }; + allow-new-zones yes; + request-ixfr no; + recursion no; +}; + + +logging { + channel default_debug { + file "data/named.run"; + severity dynamic; + }; +}; + +zone "." IN { + type hint; + file "named.ca"; +}; + +include "/etc/rndc.key"; + +controls { + inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; }; +}; + +include "/etc/named.rfc1912.zones"; +include "/etc/named.root.key"; + diff --git a/tests/pools.yaml.sample.centos b/tests/pools.yaml.sample.centos new file mode 100644 index 0000000..286b164 --- /dev/null +++ b/tests/pools.yaml.sample.centos @@ -0,0 +1,44 @@ +- name: default + # The name is immutable. There will be no option to change the name after + # creation and the only way will to change it will be to delete it + # (and all zones associated with it) and recreate it. + description: Default BIND9 Pool + + attributes: {} + + # List out the NS records for zones hosted within this pool + ns_records: + - hostname: ns1-1.example.org. + priority: 1 + + # List out the nameservers for this pool. These are the actual BIND servers. + # We use these to verify changes have propagated to all nameservers. + nameservers: + - host: 127.0.0.1 + port: 53 + + # List out the targets for this pool. For BIND, most often, there will be one + # entry for each BIND server. + targets: + - type: bind9 + description: BIND9 Server 1 + + # List out the designate-mdns servers from which BIND servers should + # request zone transfers (AXFRs) from. + masters: + - host: 127.0.0.1 + port: 5354 + + # BIND Configuration options + options: + host: 127.0.0.1 + port: 53 + rndc_host: 127.0.0.1 + rndc_port: 953 + rndc_key_file: /etc/rndc.key + + # Optional list of additional IP/Port's for which designate-mdns will send + # DNS NOTIFY packets to + # also_notifies: + # - host: 192.0.2.4 + # port: 53 diff --git a/tests/test-install-designate.yml b/tests/test-install-designate.yml index 12d8f3a..8e1e16a 100644 --- a/tests/test-install-designate.yml +++ b/tests/test-install-designate.yml @@ -29,17 +29,32 @@ db_name: "{{ designate_pool_manager_galera_database }}" db_password: "{{ designate_pool_manager_galera_password }}" - name: Install bind9 - apt: - package: bind9 + package: + name: "{{ bind_package_name }}" state: present - name: Drop bind configuration copy: - src: named.conf.options - dest: /etc/bind/named.conf.options + src: "{{ named_src_file }}" + dest: "{{ named_config_file }}" + - name: fix perms for named directory (centos) + file: + mode: '770' + state: directory + path: '/var/named/' + owner: 'root' + group: 'named' + when: + - ansible_pkg_mgr == 'yum' - name: Restart bind9 service: - name: bind9 - state: restarted + name: "{{ bind_service_name }}" + state: "{{ bind_service_state }}" + vars: + named_config_file: "{{ (ansible_pkg_mgr == 'apt') | ternary('/etc/bind/named.conf.options','/etc/named.conf') }}" + named_src_file: "{{ (ansible_pkg_mgr == 'apt') | ternary('named.conf.options','named.conf') }}" + bind_package_name: "{{ (ansible_pkg_mgr == 'apt') | ternary('bind9','bind') }}" + bind_service_name: "{{ (ansible_pkg_mgr == 'apt') | ternary('bind9','named') }}" + bind_service_state: "{{ (ansible_pkg_mgr == 'apt') | ternary('restarted','started') }}" roles: - role: "os_designate" vars_files: @@ -53,11 +68,13 @@ tasks: - name: Copy sample pools.yaml file copy: - src: pools.yaml.sample + src: "{{ sample_pool_file }}" dest: /etc/designate/pools.yaml - name: Import sample pools.yaml file shell: | . /root/openrc {{ designate_bin }}/designate-manage pool update --file /etc/designate/pools.yaml + vars: + sample_pool_file: "{{ (ansible_pkg_mgr == 'apt') | ternary('pools.yaml.sample','pools.yaml.sample.centos') }}" vars_files: - common/test-vars.yml diff --git a/tasks/designate_install_apt.yml b/vars/redhat-7.yml similarity index 65% rename from tasks/designate_install_apt.yml rename to vars/redhat-7.yml index a0f4f3f..45e515e 100644 --- a/tasks/designate_install_apt.yml +++ b/vars/redhat-7.yml @@ -12,14 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Install apt packages - apt: - pkg: "{{ item }}" - state: "{{ designate_package_state }}" - update_cache: yes - cache_valid_time: "{{ cache_timeout }}" - register: install_packages - until: install_packages|success - retries: 5 - delay: 2 - with_items: "{{ designate_distro_packages }}" +# Common yum packages +designate_distro_packages: + - which