Add support for Designate

Change-Id: I115090679bd2577cdc3998ab3cc97f9581e5e18a
bp designate-support

manifests/haproxy.pp

@@ -240,6 +240,10 @@
 #  (optional) Enable or not Barbican API binding
 #  Defaults to hiera('barbican_api_enabled', false)
 #
+# [*designate*]
+#  (optional) Enable or not Designate API binding
+#  Defaults to hiera('designate_api_enabled', false)
+#
 # [*gnocchi*]
 #  (optional) Enable or not Gnocchi API binding
 #  Defaults to hiera('gnocchi_api_enabled', false)
@@ -378,6 +382,10 @@
 #  (optional) Specify the network congress is running on.
 #  Defaults to hiera('congress_api_network', undef)
 #
+# [*designate_network*]
+#  (optional) Specify the network designate is running on.
+#  Defaults to hiera('designate_api_network', undef)
+#
 # [*docker_registry_network*]
 #  (optional) Specify the network docker-registry is running on.
 #  Defaults to hiera('docker_registry_network', undef)
@@ -629,6 +637,7 @@ class tripleo::haproxy (
   $ironic                      = hiera('ironic_api_enabled', false),
   $ironic_inspector            = hiera('ironic_inspector_enabled', false),
   $octavia                     = hiera('octavia_api_enabled', false),
+  $designate                   = hiera('designate_api_enabled', false),
   $mysql                       = hiera('mysql_enabled', false),
   $kubernetes_master           = hiera('kubernetes_master_enabled', false),
   $mysql_clustercheck          = false,
@@ -652,6 +661,7 @@ class tripleo::haproxy (
   $ceph_rgw_network            = hiera('ceph_rgw_network', undef),
   $cinder_network              = hiera('cinder_api_network', undef),
   $congress_network            = hiera('congress_api_network', undef),
+  $designate_network           = hiera('designate_api_network', undef),
   $docker_registry_network     = hiera('docker_registry_network', undef),
   $glance_api_network          = hiera('glance_api_network', undef),
   $gnocchi_network             = hiera('gnocchi_api_network', undef),
@@ -693,6 +703,8 @@ class tripleo::haproxy (
     cinder_api_ssl_port => 13776,
     congress_api_port => 1789,
     congress_api_ssl_port => 13789,
+    designate_api_port => 9001,
+    designate_api_ssl_port => 13001,
     docker_registry_port => 8787,
     docker_registry_ssl_port => 13787,
     etcd_port => 2379,
@@ -1284,6 +1296,18 @@ class tripleo::haproxy (
     }
   }
 
+  if $designate {
+    ::tripleo::haproxy::endpoint { 'designate':
+      public_virtual_ip => $public_virtual_ip,
+      internal_ip       => hiera('designate_api_vip', $controller_virtual_ip),
+      service_port      => $ports[designate_api_port],
+      ip_addresses      => hiera('designate_node_ips', $controller_hosts_real),
+      server_names      => hiera('designate_node_names', $controller_hosts_names_real),
+      public_ssl_port   => $ports[designate_api_ssl_port],
+      service_network   => $designate_network,
+    }
+  }
+
   if $mysql_clustercheck {
     $mysql_listen_options = {
       'option'         => [ 'tcpka', 'httpchk', 'tcplog' ],

manifests/profile/base/database/mysql.pp

@@ -177,6 +177,9 @@ class tripleo::profile::base::database::mysql (
     if hiera('congress_enabled', false) {
       include ::congress::db::mysql
     }
+    if hiera('designate_api_enabled', false) {
+      include ::designate::db::mysql
+    }
     if hiera('glance_api_enabled', false) {
       include ::glance::db::mysql
     }

manifests/profile/base/designate.pp

@@ -0,0 +1,73 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::designate
+#
+# Designate server profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+#   (Optional) The current step of the deployment
+#   Defaults to hiera('step')
+#
+# [*oslomsg_rpc_proto*]
+#   Protocol driver for the oslo messaging rpc service
+#   Defaults to hiera('messaging_rpc_service_name', rabbit)
+#
+# [*oslomsg_rpc_hosts*]
+#   list of the oslo messaging rpc host fqdns
+#   Defaults to hiera('rabbitmq_node_names')
+#
+# [*oslomsg_rpc_port*]
+#   IP port for oslo messaging rpc service
+#   Defaults to hiera('designate::rabbit_port', 5672)
+#
+# [*oslomsg_rpc_username*]
+#   Username for oslo messaging rpc service
+#   Defaults to hiera('designate::rabbit_userid', 'guest')
+#
+# [*oslomsg_rpc_password*]
+#   Password for oslo messaging rpc service
+#   Defaults to hiera('designate::rabbit_password')
+#
+# [*oslomsg_use_ssl*]
+#   Enable ssl oslo messaging services
+#   Defaults to hiera('designate::rabbit_use_ssl', '0')
+
+class tripleo::profile::base::designate (
+  $step                 = Integer(hiera('step')),
+  $oslomsg_rpc_proto    = hiera('messaging_rpc_service_name', 'rabbit'),
+  $oslomsg_rpc_hosts    = any2array(hiera('rabbitmq_node_names', undef)),
+  $oslomsg_rpc_password = hiera('designate::rabbit_password'),
+  $oslomsg_rpc_port     = hiera('designate::rabbit_port', '5672'),
+  $oslomsg_rpc_username = hiera('designate::rabbit_userid', 'guest'),
+  $oslomsg_use_ssl      = hiera('designate::rabbit_use_ssl', '0'),
+) {
+  if $step >= 3 {
+    $oslomsg_use_ssl_real = sprintf('%s', bool2num(str2bool($oslomsg_use_ssl)))
+    class { '::designate' :
+      default_transport_url => os_transport_url({
+        'transport' => $oslomsg_rpc_proto,
+        'hosts'     => $oslomsg_rpc_hosts,
+        'port'      => sprintf('%s', $oslomsg_rpc_port),
+        'username'  => $oslomsg_rpc_username,
+        'password'  => $oslomsg_rpc_password,
+        'ssl'       => $oslomsg_use_ssl_real,
+        }),
+    }
+    include ::designate::config
+    include ::designate::backend::bind9
+  }
+}

manifests/profile/base/designate/api.pp

@@ -0,0 +1,49 @@
+# Copyright 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::designate::api
+#
+# Designate API server profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+#   (Optional) The current step in deployment. See tripleo-heat-templates
+#   for more details.
+#   Defaults to hiera('step')
+#
+# [*listen_ip*]
+#   (Optional) The IP on which the API should listen.
+#   Defaults to 0.0.0.0
+#
+# [*listen_port*]
+#   (Optional) The port on which the API should listen.
+#   Defaults to 9001
+#
+class tripleo::profile::base::designate::api (
+  $step           = Integer(hiera('step')),
+  $listen_ip      = '0.0.0.0',
+  $listen_port    = '9001',
+) {
+
+  include ::tripleo::profile::base::designate
+
+  if ($step >= 3) {
+    $listen_uri = normalize_ip_for_uri($listen_ip)
+    include ::designate::keystone::authtoken
+    class { '::designate::api':
+      listen => "${listen_uri}:${listen_port}",
+    }
+  }
+}

manifests/profile/base/designate/central.pp

@@ -0,0 +1,58 @@
+# Copyright 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::designate::central
+#
+# Designate Central profile for tripleo
+#
+# === Parameters
+#
+# [*bootstrap_node*]
+#   (Optional) The hostname of the node responsible for bootstrapping tasks
+#   Defaults to hiera('bootstrap_nodeid')
+#
+# [*step*]
+#   (Optional) The current step in deployment. See tripleo-heat-templates
+#   for more details.
+#   Defaults to hiera('step')
+#
+class tripleo::profile::base::designate::central (
+  $bootstrap_node = hiera('bootstrap_nodeid', undef),
+  $step = Integer(hiera('step')),
+) {
+  if $::hostname == downcase($bootstrap_node) {
+    $sync_db = true
+  } else {
+    $sync_db = false
+  }
+
+  # TODO(bnemec): Make this configurable.
+  file { 'designate pools':
+    path    => '/etc/designate/pools.yaml',
+    content => template('tripleo/designate/pools.yaml.erb'),
+  }
+  include ::tripleo::profile::base::designate
+  if ($step >= 4 or ($step >= 3 and $sync_db)) {
+    include ::designate::central
+    class { '::designate::db':
+      sync_db => $sync_db,
+    }
+  }
+  if $step == 5 {
+    exec { 'pool update':
+      command => '/bin/designate-manage pool update',
+      user    => 'designate',
+    }
+  }
+}

manifests/profile/base/designate/mdns.pp

@@ -0,0 +1,33 @@
+# Copyright 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::designate::mdns
+#
+# Designate MiniDNS profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+#   (Optional) The current step in deployment. See tripleo-heat-templates
+#   for more details.
+#   Defaults to hiera('step')
+#
+class tripleo::profile::base::designate::mdns (
+  $step = Integer(hiera('step')),
+) {
+  include ::tripleo::profile::base::designate
+  if $step >= 4 {
+    include ::designate::mdns
+  }
+}

manifests/profile/base/designate/producer.pp

@@ -0,0 +1,33 @@
+# Copyright 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::designate::producer
+#
+# Designate Producer profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+#   (Optional) The current step in deployment. See tripleo-heat-templates
+#   for more details.
+#   Defaults to hiera('step')
+#
+class tripleo::profile::base::designate::producer (
+  $step = Integer(hiera('step')),
+) {
+  include ::tripleo::profile::base::designate
+  if $step >= 4 {
+    include ::designate::producer
+  }
+}

manifests/profile/base/designate/sink.pp

@@ -0,0 +1,33 @@
+# Copyright 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::designate::sink
+#
+# Designate Sink profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+#   (Optional) The current step in deployment. See tripleo-heat-templates
+#   for more details.
+#   Defaults to hiera('step')
+#
+class tripleo::profile::base::designate::sink (
+  $step = Integer(hiera('step')),
+) {
+  include ::tripleo::profile::base::designate
+  if $step >= 4 {
+    include ::designate::sink
+  }
+}

manifests/profile/base/designate/worker.pp

@@ -0,0 +1,33 @@
+# Copyright 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::designate::worker
+#
+# Designate Worker profile for tripleo
+#
+# === Parameters
+#
+# [*step*]
+#   (Optional) The current step in deployment. See tripleo-heat-templates
+#   for more details.
+#   Defaults to hiera('step')
+#
+class tripleo::profile::base::designate::worker (
+  $step = Integer(hiera('step')),
+) {
+  include ::tripleo::profile::base::designate
+  if $step >= 4 {
+    include ::designate::worker
+  }
+}

manifests/profile/base/keystone.pp

@@ -298,6 +298,9 @@ class tripleo::profile::base::keystone (
     if hiera('congress_enabled', false) {
       include ::congress::keystone::auth
     }
+    if hiera('designate_api_enabled', false) {
+      include ::designate::keystone::auth
+    }
     if hiera('glance_api_enabled', false) {
       include ::glance::keystone::auth
     }

templates/designate/pools.yaml.erb

@@ -0,0 +1,43 @@
+- name: default
+  # The name is immutable. There will be no option to change the name after
+  # creation and the only way will to change it will be to delete it
+  # (and all zones associated with it) and recreate it.
+  description: Default Pool
+
+  attributes: {}
+
+  # List out the NS records for zones hosted within this pool
+  # This should be a record that is created outside of designate, that
+  # points to the public IP of the controller node.
+  ns_records:
+    - hostname: ns1-1.example.org.
+      priority: 1
+
+  # List out the nameservers for this pool. These are the actual BIND servers.
+  # We use these to verify changes have propagated to all nameservers.
+  nameservers:
+    - host: 127.0.0.1
+      port: 53
+
+  # List out the targets for this pool. For BIND there will be one
+  # entry for each BIND server, as we have to run rndc command on each server
+  targets:
+    - type: bind9
+      description: BIND9 Server 1
+
+      # List out the designate-mdns servers from which BIND servers should
+      # request zone transfers (AXFRs) from.
+      # This should be the IP of the controller node.
+      # If you have multiple controllers you can add multiple masters
+      # by running designate-mdns on them, and adding them here.
+      masters:
+        - host: 127.0.0.1
+          port: 5354
+
+      # BIND Configuration options
+      options:
+        host: 127.0.0.1
+        port: 53
+        rndc_host: 127.0.0.1
+        rndc_port: 953
+        rndc_key_file: /etc/rndc.key