Designate: Use appropriate IP version for bind and mdns

... instead of using 127.0.0.1 always. Change-Id: I27f976bde8a0f61aed814156f97a84b19f653b86
2023-02-28 13:33:57 +09:00 · 2023-02-28 13:33:57 +09:00 · 6fb144ec85
parent dcaa10cfb3
commit 6fb144ec85
3 changed files with 26 additions and 6 deletions
--- a/manifests/bind.pp
+++ b/manifests/bind.pp
@ -6,6 +6,17 @@ class openstack_integration::bind {
  include openstack_integration::config
  include openstack_integration::params

+  $bind_host = $::openstack_integration::config::host
+
+  $listen_on = $::openstack_integration::config::ipv6 ? {
+    true    => 'none',
+    default => $bind_host,
+  }
+  $listen_on_v6 = $::openstack_integration::config::ipv6 ? {
+    true    => $bind_host,
+    default => 'none',
+  }
+
  # NOTE (dmsimard): listen_on_v6 is false and overridden due to extended port
  # configuration in additional_options
  class { 'dns':
@ -13,10 +24,17 @@ class openstack_integration::bind {
    allow_recursion    => [],
    listen_on_v6       => false,
    additional_options => {
-      'listen-on'     => 'port 5322 { any; }',
-      'listen-on-v6'  => 'port 5322 { any; }',
+      'listen-on'     => "port 5322 { ${listen_on}; }",
+      'listen-on-v6'  => "port 5322 { ${listen_on_v6}; }",
      'auth-nxdomain' => 'no',
-    }
+    },
+    controls           => {
+      $bind_host => {
+        'port'              => 953,
+        'allowed_addresses' => [$bind_host],
+        'keys'              => ['rndc-key'],
+      }
+    },
  }

  # ::dns creates the rndc key but not a rndc.conf.
--- a/manifests/designate.pp
+++ b/manifests/designate.pp
@ -86,9 +86,8 @@ class openstack_integration::designate {
    workers   => '2',
  }

-  # IPv6 doesn't work for mdns ? https://bugs.launchpad.net/designate/+bug/1501396
  class { 'designate::mdns':
-    listen => '127.0.0.1:5354'
+    listen => "${::openstack_integration::config::ip_for_url}:5354"
  }

  class { 'designate::central': }
@ -98,7 +97,10 @@ class openstack_integration::designate {
  class { 'designate::worker': }

  class { 'designate::backend::bind9':
+    nameservers      => [$::openstack_integration::config::host],
+    bind9_hosts      => [$::openstack_integration::config::host],
    dns_port         => 5322,
+    mdns_hosts       => [$::openstack_integration::config::host],
    rndc_config_file => '/etc/rndc.conf',
    rndc_key_file    => $::dns::params::rndckeypath,
    manage_pool      => true
--- a/templates/rndc.conf.erb
+++ b/templates/rndc.conf.erb
@ -1,6 +1,6 @@
 include "/etc/rndc.key";
 options {
        default-key "rndc-key";
-        default-server 127.0.0.1;
+        default-server <%= @bind_host %>;
        default-port 953;
 };