Merge "Generate bind pool and bind configuration using deployment info"
This commit is contained in:
commit
ff2d39e846
|
@ -31,50 +31,6 @@ parameter_defaults:
|
|||
NeutronPluginExtensions: qos,port_security,dns
|
||||
RpcPort: 31459
|
||||
NotifyPort: 5672
|
||||
DesignatePools: |
|
||||
- name: default
|
||||
# The name is immutable. There will be no option to change the name after
|
||||
# creation and the only way will to change it will be to delete it
|
||||
# (and all zones associated with it) and recreate it.
|
||||
description: Default Pool
|
||||
|
||||
attributes: {}
|
||||
|
||||
# List out the NS records for zones hosted within this pool
|
||||
# This should be a record that is created outside of designate, that
|
||||
# points to the public IP of the controller node.
|
||||
ns_records:
|
||||
- hostname: ns1-1.example.org.
|
||||
priority: 1
|
||||
|
||||
# List out the nameservers for this pool. These are the actual BIND servers.
|
||||
# We use these to verify changes have propagated to all nameservers.
|
||||
nameservers:
|
||||
- host: 192.168.24.251
|
||||
port: 53
|
||||
|
||||
# List out the targets for this pool. For BIND there will be one
|
||||
# entry for each BIND server, as we have to run rndc command on each server
|
||||
targets:
|
||||
- type: bind9
|
||||
description: BIND9 Server 1
|
||||
|
||||
# List out the designate-mdns servers from which BIND servers should
|
||||
# request zone transfers (AXFRs) from.
|
||||
# This should be the IP of the controller node.
|
||||
# If you have multiple controllers you can add multiple masters
|
||||
# by running designate-mdns on them, and adding them here.
|
||||
masters:
|
||||
- host: 127.0.0.1
|
||||
port: 5354
|
||||
|
||||
# BIND Configuration options
|
||||
options:
|
||||
host: 192.168.24.251
|
||||
port: 53
|
||||
rndc_host: 192.168.24.251
|
||||
rndc_port: 953
|
||||
rndc_key_file: /etc/rndc.key
|
||||
ContainerCli: podman
|
||||
ExtraFirewallRules:
|
||||
'301 allow arbitrary tcp rule':
|
||||
|
|
|
@ -25,9 +25,6 @@ parameters:
|
|||
via parameter_defaults in the resource registry. This
|
||||
mapping overrides those in ServiceNetMapDefaults.
|
||||
type: json
|
||||
DefaultPasswords:
|
||||
default: {}
|
||||
type: json
|
||||
RoleName:
|
||||
default: ''
|
||||
description: Role name on which the service is applied
|
||||
|
@ -79,56 +76,12 @@ outputs:
|
|||
config_settings:
|
||||
map_merge:
|
||||
- get_attr: [DesignateBase, role_data, config_settings]
|
||||
- designate_rndc_key: {get_param: DesignateRndcKey}
|
||||
dns::vardir: /var/named-persistent
|
||||
dns::recursion: 'no'
|
||||
# Because we generate the key locally and don't want the puppet
|
||||
# module to do it, we set its path to /dev/null. This means we need
|
||||
# to explicitly include /etc/rndc.key though since the default config
|
||||
# will just include /dev/null.
|
||||
dns::rndckeypath: /dev/null
|
||||
dns::additional_directives:
|
||||
- include "/etc/rndc.key";
|
||||
dns::additional_options:
|
||||
listen-on:
|
||||
str_replace:
|
||||
template:
|
||||
"{ %{hiera('$NETWORK')}; }"
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, BINDNetwork]}
|
||||
tripleo::profile::base::designate::rndc_host:
|
||||
str_replace:
|
||||
template:
|
||||
"%{hiera('$NETWORK')}"
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, DesignateApiNetwork]}
|
||||
tripleo::profile::base::designate::rndc_allowed_addresses:
|
||||
get_param:
|
||||
- ServiceData
|
||||
- net_cidr_map
|
||||
- {get_param: [ServiceNetMap, DesignateApiNetwork]}
|
||||
designate::backend::bind9::rndc_host:
|
||||
str_replace:
|
||||
template:
|
||||
"%{hiera('$NETWORK')}"
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, DesignateApiNetwork]}
|
||||
# BEGIN DOCKER SETTINGS
|
||||
# TODO(beagles): puppet-desginate is doing some configuration in
|
||||
# dns::options_path so it seems like we need to run this puppet here for
|
||||
# the time being at least. I don't think there is a path from heat
|
||||
# var->hiera->puppet->named configuration at the moment though.
|
||||
- designate::backend::bind9::configure_bind: false
|
||||
puppet_config:
|
||||
config_volume: designate
|
||||
puppet_tags: designate_config,dns_config
|
||||
step_config:
|
||||
list_join:
|
||||
- "\n"
|
||||
- - {get_attr: [DesignateBase, role_data, step_config]}
|
||||
- include ::designate::backend::bind9
|
||||
puppet_tags: designate_config
|
||||
step_config: {get_attr: [DesignateBase, role_data, step_config]}
|
||||
config_image: {get_param: ContainerDesignateConfigImage}
|
||||
volumes:
|
||||
- /var/named-persistent:/var/named-persistent:z
|
||||
kolla_config:
|
||||
/var/lib/kolla/config_files/designate_backend_bind9.json:
|
||||
command: /usr/sbin/named -u named -c /etc/named.conf -f -g
|
||||
|
@ -151,6 +104,24 @@ outputs:
|
|||
- path: /etc/rndc.key
|
||||
owner: root:named
|
||||
perm: '0640'
|
||||
deploy_steps_tasks:
|
||||
- name: generate rndc key configuration files
|
||||
when: step|int == 4
|
||||
import_role:
|
||||
name: designate_rndc_config
|
||||
vars:
|
||||
designate_rndc_key: {get_param: DesignateRndcKey}
|
||||
designate_rndc_key_file_path: /var/lib/config-data/ansible-generated/designate/etc/
|
||||
- name: generate bind configuration
|
||||
when: step|int == 4
|
||||
import_role:
|
||||
name: designate_bind_config
|
||||
vars:
|
||||
rndc_allowed_addresses:
|
||||
get_param:
|
||||
- ServiceData
|
||||
- net_cidr_map
|
||||
- {get_param: [ServiceNetMap, DesignateApiNetwork]}
|
||||
docker_config:
|
||||
step_4:
|
||||
designate_backend_bind9:
|
||||
|
@ -164,7 +135,7 @@ outputs:
|
|||
-
|
||||
- /run:/run
|
||||
- /var/lib/kolla/config_files/designate_backend_bind9.json:/var/lib/kolla/config_files/config.json:ro
|
||||
- /var/lib/config-data/puppet-generated/designate:/var/lib/kolla/config_files/src:ro
|
||||
- /var/lib/config-data/ansible-generated/designate:/var/lib/kolla/config_files/src:ro
|
||||
- /var/log/containers/designate:/var/log/designate:z
|
||||
- /var/named-persistent:/var/named-persistent:z
|
||||
environment:
|
||||
|
|
|
@ -55,9 +55,6 @@ parameters:
|
|||
description: The password for the Designate's database account.
|
||||
type: string
|
||||
hidden: true
|
||||
DesignatePools:
|
||||
description: The content for Designate's pools.yaml
|
||||
type: string
|
||||
|
||||
conditions:
|
||||
designate_workers_zero: {equals : [{get_param: DesignateWorkers}, 0]}
|
||||
|
@ -89,8 +86,7 @@ outputs:
|
|||
config_settings:
|
||||
map_merge:
|
||||
- get_attr: [DesignateBase, role_data, config_settings]
|
||||
- tripleo::profile::base::designate::central::pools_file_content: {get_param: DesignatePools}
|
||||
designate::db::database_connection:
|
||||
- designate::db::database_connection:
|
||||
make_url:
|
||||
scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
|
||||
username: designate
|
||||
|
@ -147,6 +143,11 @@ outputs:
|
|||
- path: /var/log/designate
|
||||
owner: designate:designate
|
||||
recurse: true
|
||||
deploy_steps_tasks:
|
||||
- name: generate designate pool
|
||||
when: step|int == 4
|
||||
import_role:
|
||||
name: designate_bind_pool
|
||||
docker_config:
|
||||
# db sync runs before permissions set by kolla_config
|
||||
step_2:
|
||||
|
@ -204,7 +205,7 @@ outputs:
|
|||
list_concat:
|
||||
- {get_attr: [ContainersCommon, volumes]}
|
||||
-
|
||||
- /var/lib/config-data/designate/etc/designate/:/etc/designate/:ro
|
||||
- /var/lib/config-data/puppet-generated/designate/etc/designate/:/etc/designate/:ro
|
||||
- /var/log/containers/designate:/var/log/designate:z
|
||||
command: "/usr/bin/bootstrap_host_exec designate_central su designate -s /bin/bash -c '/bin/designate-manage pool update'"
|
||||
host_prep_tasks:
|
||||
|
|
|
@ -87,24 +87,6 @@ outputs:
|
|||
config_settings:
|
||||
map_merge:
|
||||
- get_attr: [DesignateBase, role_data, config_settings]
|
||||
- designate_rndc_key: {get_param: DesignateRndcKey}
|
||||
tripleo::profile::base::designate::rndc_host:
|
||||
str_replace:
|
||||
template:
|
||||
"%{hiera('$NETWORK')}"
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, DesignateApiNetwork]}
|
||||
tripleo::profile::base::designate::rndc_allowed_addresses:
|
||||
get_param:
|
||||
- ServiceData
|
||||
- net_cidr_map
|
||||
- {get_param: [ServiceNetMap, DesignateApiNetwork]}
|
||||
designate::backend::bind9::rndc_host:
|
||||
str_replace:
|
||||
template:
|
||||
"%{hiera('$NETWORK')}"
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, DesignateApiNetwork]}
|
||||
-
|
||||
if:
|
||||
- designate_workers_zero
|
||||
|
@ -117,12 +99,13 @@ outputs:
|
|||
# BEGIN DOCKER SETTINGS
|
||||
puppet_config:
|
||||
config_volume: designate
|
||||
puppet_tags: designate_config,dns_config
|
||||
puppet_tags: designate_config
|
||||
step_config:
|
||||
list_join:
|
||||
- "\n"
|
||||
- - {get_attr: [DesignateBase, role_data, step_config]}
|
||||
- "include tripleo::profile::base::designate::worker"
|
||||
- "include tripleo::profile::base::designate::backend"
|
||||
config_image: {get_param: ContainerDesignateConfigImage}
|
||||
kolla_config:
|
||||
/var/lib/kolla/config_files/designate_worker.json:
|
||||
|
@ -136,6 +119,13 @@ outputs:
|
|||
- path: /var/log/designate
|
||||
owner: designate:designate
|
||||
recurse: true
|
||||
deploy_steps_tasks:
|
||||
- name: generate rndc key configuration files
|
||||
when: step|int == 4
|
||||
import_role:
|
||||
name: designate_rndc_config
|
||||
vars:
|
||||
designate_rndc_key: {get_param: DesignateRndcKey}
|
||||
docker_config:
|
||||
step_4:
|
||||
designate_worker:
|
||||
|
|
|
@ -1,127 +0,0 @@
|
|||
# *******************************************************************
|
||||
# This file was created automatically by the sample environment
|
||||
# generator. Developers should use `tox -e genconfig` to update it.
|
||||
# Users are recommended to make changes to a copy of the file instead
|
||||
# of the original, if any customizations are needed.
|
||||
# *******************************************************************
|
||||
# title: Configure Designate Parameters for HA
|
||||
# description: |
|
||||
# Sample configuration parameters for Designate that are appropriate
|
||||
# for an HA deployment. Requires the enable-designate environment.
|
||||
parameter_defaults:
|
||||
# The content for Designate's pools.yaml
|
||||
# Mandatory. This parameter must be set by the user.
|
||||
# Type: string
|
||||
DesignatePools: |
|
||||
- name: default
|
||||
# The name is immutable. There will be no option to change the name after
|
||||
# creation and the only way will to change it will be to delete it
|
||||
# (and all zones associated with it) and recreate it.
|
||||
description: Default Pool
|
||||
|
||||
attributes: {}
|
||||
|
||||
# List out the NS records for zones hosted within this pool
|
||||
# This should be a record that is created outside of designate, that
|
||||
# points to the public IP of the controller node.
|
||||
ns_records:
|
||||
- hostname: ns1-1.example.org.
|
||||
priority: 1
|
||||
- hostname: ns1-2.example.org.
|
||||
priority: 2
|
||||
- hostname: ns1-3.example.org.
|
||||
priority: 3
|
||||
|
||||
# List out the nameservers for this pool. These are the actual BIND servers.
|
||||
# We use these to verify changes have propagated to all nameservers.
|
||||
nameservers:
|
||||
- host: 10.0.0.51
|
||||
port: 53
|
||||
- host: 10.0.0.52
|
||||
port: 53
|
||||
- host: 10.0.0.53
|
||||
port: 53
|
||||
|
||||
# List out the targets for this pool. For BIND there will be one
|
||||
# entry for each BIND server, as we have to run rndc command on each server
|
||||
targets:
|
||||
- type: bind9
|
||||
description: BIND9 Server 1
|
||||
|
||||
# List out the designate-mdns servers from which BIND servers should
|
||||
# request zone transfers (AXFRs) from.
|
||||
# This should be the IP of the controller node.
|
||||
# If you have multiple controllers you can add multiple masters
|
||||
# by running designate-mdns on them, and adding them here.
|
||||
masters:
|
||||
- host: 10.0.0.51
|
||||
port: 5354
|
||||
- host: 10.0.0.52
|
||||
port: 5354
|
||||
- host: 10.0.0.53
|
||||
port: 5354
|
||||
|
||||
# BIND Configuration options
|
||||
options:
|
||||
host: 10.0.0.51
|
||||
port: 53
|
||||
rndc_host: 172.17.0.251
|
||||
rndc_port: 953
|
||||
rndc_key_file: /etc/rndc.key
|
||||
- type: bind9
|
||||
description: BIND9 Server 2
|
||||
|
||||
# List out the designate-mdns servers from which BIND servers should
|
||||
# request zone transfers (AXFRs) from.
|
||||
# This should be the IP of the controller node.
|
||||
# If you have multiple controllers you can add multiple masters
|
||||
# by running designate-mdns on them, and adding them here.
|
||||
masters:
|
||||
- host: 10.0.0.51
|
||||
port: 5354
|
||||
- host: 10.0.0.52
|
||||
port: 5354
|
||||
- host: 10.0.0.53
|
||||
port: 5354
|
||||
|
||||
# BIND Configuration options
|
||||
options:
|
||||
host: 10.0.0.52
|
||||
port: 53
|
||||
rndc_host: 172.17.0.252
|
||||
rndc_port: 953
|
||||
rndc_key_file: /etc/rndc.key
|
||||
- type: bind9
|
||||
description: BIND9 Server 3
|
||||
|
||||
# List out the designate-mdns servers from which BIND servers should
|
||||
# request zone transfers (AXFRs) from.
|
||||
# This should be the IP of the controller node.
|
||||
# If you have multiple controllers you can add multiple masters
|
||||
# by running designate-mdns on them, and adding them here.
|
||||
masters:
|
||||
- host: 10.0.0.51
|
||||
port: 5354
|
||||
- host: 10.0.0.52
|
||||
port: 5354
|
||||
- host: 10.0.0.53
|
||||
port: 5354
|
||||
|
||||
# BIND Configuration options
|
||||
options:
|
||||
host: 10.0.0.53
|
||||
port: 53
|
||||
rndc_host: 172.17.0.253
|
||||
rndc_port: 953
|
||||
rndc_key_file: /etc/rndc.key
|
||||
|
||||
# If True, enable the internal Neutron DNS server that provides name
|
||||
# resolution between VMs. This parameter has no effect if
|
||||
# NeutronDhcpAgentDnsmasqDnsServers is set.
|
||||
# Type: boolean
|
||||
NeutronEnableInternalDNS: True
|
||||
|
||||
# Comma-separated list of extensions enabled for the Neutron plugin.
|
||||
# Type: comma_delimited_list
|
||||
NeutronPluginExtensions: qos,port_security,dns
|
||||
|
|
@ -1,69 +0,0 @@
|
|||
# *******************************************************************
|
||||
# This file was created automatically by the sample environment
|
||||
# generator. Developers should use `tox -e genconfig` to update it.
|
||||
# Users are recommended to make changes to a copy of the file instead
|
||||
# of the original, if any customizations are needed.
|
||||
# *******************************************************************
|
||||
# title: Configure Designate Parameters
|
||||
# description: |
|
||||
# Sample configuration parameters for Designate. Requires the
|
||||
# enable-designate environment.
|
||||
parameter_defaults:
|
||||
# The content for Designate's pools.yaml
|
||||
# Mandatory. This parameter must be set by the user.
|
||||
# Type: string
|
||||
DesignatePools: |
|
||||
- name: default
|
||||
# The name is immutable. There will be no option to change the name after
|
||||
# creation and the only way will to change it will be to delete it
|
||||
# (and all zones associated with it) and recreate it.
|
||||
description: Default Pool
|
||||
|
||||
attributes: {}
|
||||
|
||||
# List out the NS records for zones hosted within this pool
|
||||
# This should be a record that is created outside of designate, that
|
||||
# points to the public IP of the controller node.
|
||||
ns_records:
|
||||
- hostname: ns1-1.example.org.
|
||||
priority: 1
|
||||
|
||||
# List out the nameservers for this pool. These are the actual BIND servers.
|
||||
# We use these to verify changes have propagated to all nameservers.
|
||||
nameservers:
|
||||
- host: 10.0.0.51
|
||||
port: 53
|
||||
|
||||
# List out the targets for this pool. For BIND there will be one
|
||||
# entry for each BIND server, as we have to run rndc command on each server
|
||||
targets:
|
||||
- type: bind9
|
||||
description: BIND9 Server 1
|
||||
|
||||
# List out the designate-mdns servers from which BIND servers should
|
||||
# request zone transfers (AXFRs) from.
|
||||
# This should be the IP of the controller node.
|
||||
# If you have multiple controllers you can add multiple masters
|
||||
# by running designate-mdns on them, and adding them here.
|
||||
masters:
|
||||
- host: 10.0.0.51
|
||||
port: 5354
|
||||
|
||||
# BIND Configuration options
|
||||
options:
|
||||
host: 10.0.0.51
|
||||
port: 53
|
||||
rndc_host: 172.17.0.251
|
||||
rndc_port: 953
|
||||
rndc_key_file: /etc/rndc.key
|
||||
|
||||
# If True, enable the internal Neutron DNS server that provides name
|
||||
# resolution between VMs. This parameter has no effect if
|
||||
# NeutronDhcpAgentDnsmasqDnsServers is set.
|
||||
# Type: boolean
|
||||
NeutronEnableInternalDNS: True
|
||||
|
||||
# Comma-separated list of extensions enabled for the Neutron plugin.
|
||||
# Type: comma_delimited_list
|
||||
NeutronPluginExtensions: qos,port_security,dns
|
||||
|
|
@ -20,3 +20,15 @@ resource_registry:
|
|||
OS::TripleO::Services::DesignateBind: ../deployment/experimental/designate/designate-bind-container.yaml
|
||||
OS::TripleO::Services::Redis: ../deployment/database/redis-container-puppet.yaml
|
||||
OS::TripleO::Services::Unbound: ../deployment/unbound/unbound-container-ansible.yaml
|
||||
|
||||
parameter_defaults:
|
||||
# If True, enable the internal Neutron DNS server that provides name
|
||||
# resolution between VMs. This parameter has no effect if
|
||||
# NeutronDhcpAgentDnsmasqDnsServers is set.
|
||||
# Type: boolean
|
||||
NeutronEnableInternalDNS: True
|
||||
|
||||
# Comma-separated list of extensions enabled for the Neutron plugin.
|
||||
# Type: comma_delimited_list
|
||||
NeutronPluginExtensions: qos,port_security,dns
|
||||
|
||||
|
|
|
@ -8,23 +8,15 @@ environments:
|
|||
|
||||
This environment enables the Designate services. One of the
|
||||
designate-config* environment files must also be included.
|
||||
# FIXME(bnemec): files should not be a required key.
|
||||
files: {}
|
||||
resource_registry:
|
||||
OS::TripleO::Services::DesignateApi: ../deployment/experimental/designate/designate-api-container-puppet.yaml
|
||||
OS::TripleO::Services::DesignateCentral: ../deployment/experimental/designate/designate-central-container-puppet.yaml
|
||||
OS::TripleO::Services::DesignateMDNS: ../deployment/experimental/designate/designate-mdns-container-puppet.yaml
|
||||
OS::TripleO::Services::DesignateProducer: ../deployment/experimental/designate/designate-producer-container-puppet.yaml
|
||||
OS::TripleO::Services::DesignateWorker: ../deployment/experimental/designate/designate-worker-container-puppet.yaml
|
||||
OS::TripleO::Services::DesignateMDNS: ../deployment/experimental/designate/designate-mdns-container-puppet.yaml
|
||||
OS::TripleO::Services::DesignateBind: ../deployment/experimental/designate/designate-bind-container.yaml
|
||||
OS::TripleO::Services::Redis: ../deployment/database/redis-container-puppet.yaml
|
||||
OS::TripleO::Services::Unbound: ../deployment/unbound/unbound-container-ansible.yaml
|
||||
-
|
||||
name: designate-config
|
||||
title: Configure Designate Parameters
|
||||
description: |
|
||||
Sample configuration parameters for Designate. Requires the
|
||||
enable-designate environment.
|
||||
files:
|
||||
deployment/neutron/neutron-plugin-ml2.yaml:
|
||||
parameters:
|
||||
|
@ -32,167 +24,6 @@ environments:
|
|||
deployment/neutron/neutron-dhcp-container-puppet.yaml:
|
||||
parameters:
|
||||
- NeutronEnableInternalDNS
|
||||
deployment/experimental/designate/designate-central-container-puppet.yaml:
|
||||
parameters:
|
||||
- DesignatePools
|
||||
sample_values:
|
||||
NeutronPluginExtensions: qos,port_security,dns
|
||||
NeutronEnableInternalDNS: True
|
||||
DesignatePools: |-
|
||||
|
|
||||
- name: default
|
||||
# The name is immutable. There will be no option to change the name after
|
||||
# creation and the only way will to change it will be to delete it
|
||||
# (and all zones associated with it) and recreate it.
|
||||
description: Default Pool
|
||||
|
||||
attributes: {}
|
||||
|
||||
# List out the NS records for zones hosted within this pool
|
||||
# This should be a record that is created outside of designate, that
|
||||
# points to the public IP of the controller node.
|
||||
ns_records:
|
||||
- hostname: ns1-1.example.org.
|
||||
priority: 1
|
||||
|
||||
# List out the nameservers for this pool. These are the actual BIND servers.
|
||||
# We use these to verify changes have propagated to all nameservers.
|
||||
nameservers:
|
||||
- host: 10.0.0.51
|
||||
port: 53
|
||||
|
||||
# List out the targets for this pool. For BIND there will be one
|
||||
# entry for each BIND server, as we have to run rndc command on each server
|
||||
targets:
|
||||
- type: bind9
|
||||
description: BIND9 Server 1
|
||||
|
||||
# List out the designate-mdns servers from which BIND servers should
|
||||
# request zone transfers (AXFRs) from.
|
||||
# This should be the IP of the controller node.
|
||||
# If you have multiple controllers you can add multiple masters
|
||||
# by running designate-mdns on them, and adding them here.
|
||||
masters:
|
||||
- host: 10.0.0.51
|
||||
port: 5354
|
||||
|
||||
# BIND Configuration options
|
||||
options:
|
||||
host: 10.0.0.51
|
||||
port: 53
|
||||
rndc_host: 172.17.0.251
|
||||
rndc_port: 953
|
||||
rndc_key_file: /etc/rndc.key
|
||||
children:
|
||||
-
|
||||
name: designate-config-ha
|
||||
title: Configure Designate Parameters for HA
|
||||
description: |
|
||||
Sample configuration parameters for Designate that are appropriate
|
||||
for an HA deployment. Requires the enable-designate environment.
|
||||
sample_values:
|
||||
NeutronPluginExtensions: qos,port_security,dns
|
||||
NeutronEnableInternalDNS: True
|
||||
DesignatePools: |-
|
||||
|
|
||||
- name: default
|
||||
# The name is immutable. There will be no option to change the name after
|
||||
# creation and the only way will to change it will be to delete it
|
||||
# (and all zones associated with it) and recreate it.
|
||||
description: Default Pool
|
||||
|
||||
attributes: {}
|
||||
|
||||
# List out the NS records for zones hosted within this pool
|
||||
# This should be a record that is created outside of designate, that
|
||||
# points to the public IP of the controller node.
|
||||
ns_records:
|
||||
- hostname: ns1-1.example.org.
|
||||
priority: 1
|
||||
- hostname: ns1-2.example.org.
|
||||
priority: 2
|
||||
- hostname: ns1-3.example.org.
|
||||
priority: 3
|
||||
|
||||
# List out the nameservers for this pool. These are the actual BIND servers.
|
||||
# We use these to verify changes have propagated to all nameservers.
|
||||
nameservers:
|
||||
- host: 10.0.0.51
|
||||
port: 53
|
||||
- host: 10.0.0.52
|
||||
port: 53
|
||||
- host: 10.0.0.53
|
||||
port: 53
|
||||
|
||||
# List out the targets for this pool. For BIND there will be one
|
||||
# entry for each BIND server, as we have to run rndc command on each server
|
||||
targets:
|
||||
- type: bind9
|
||||
description: BIND9 Server 1
|
||||
|
||||
# List out the designate-mdns servers from which BIND servers should
|
||||
# request zone transfers (AXFRs) from.
|
||||
# This should be the IP of the controller node.
|
||||
# If you have multiple controllers you can add multiple masters
|
||||
# by running designate-mdns on them, and adding them here.
|
||||
masters:
|
||||
- host: 10.0.0.51
|
||||
port: 5354
|
||||
- host: 10.0.0.52
|
||||
port: 5354
|
||||
- host: 10.0.0.53
|
||||
port: 5354
|
||||
|
||||
# BIND Configuration options
|
||||
options:
|
||||
host: 10.0.0.51
|
||||
port: 53
|
||||
rndc_host: 172.17.0.251
|
||||
rndc_port: 953
|
||||
rndc_key_file: /etc/rndc.key
|
||||
- type: bind9
|
||||
description: BIND9 Server 2
|
||||
|
||||
# List out the designate-mdns servers from which BIND servers should
|
||||
# request zone transfers (AXFRs) from.
|
||||
# This should be the IP of the controller node.
|
||||
# If you have multiple controllers you can add multiple masters
|
||||
# by running designate-mdns on them, and adding them here.
|
||||
masters:
|
||||
- host: 10.0.0.51
|
||||
port: 5354
|
||||
- host: 10.0.0.52
|
||||
port: 5354
|
||||
- host: 10.0.0.53
|
||||
port: 5354
|
||||
|
||||
# BIND Configuration options
|
||||
options:
|
||||
host: 10.0.0.52
|
||||
port: 53
|
||||
rndc_host: 172.17.0.252
|
||||
rndc_port: 953
|
||||
rndc_key_file: /etc/rndc.key
|
||||
- type: bind9
|
||||
description: BIND9 Server 3
|
||||
|
||||
# List out the designate-mdns servers from which BIND servers should
|
||||
# request zone transfers (AXFRs) from.
|
||||
# This should be the IP of the controller node.
|
||||
# If you have multiple controllers you can add multiple masters
|
||||
# by running designate-mdns on them, and adding them here.
|
||||
masters:
|
||||
- host: 10.0.0.51
|
||||
port: 5354
|
||||
- host: 10.0.0.52
|
||||
port: 5354
|
||||
- host: 10.0.0.53
|
||||
port: 5354
|
||||
|
||||
# BIND Configuration options
|
||||
options:
|
||||
host: 10.0.0.53
|
||||
port: 53
|
||||
rndc_host: 172.17.0.253
|
||||
rndc_port: 953
|
||||
rndc_key_file: /etc/rndc.key
|
||||
|
|
|
@ -1015,8 +1015,7 @@ def validate_service_hiera_interpol(f, tpl):
|
|||
if 'apache::mod::remoteip::proxy_ips' in path:
|
||||
continue
|
||||
# Omit Designate rndc_allowed_addressses
|
||||
if ('tripleo::profile::base::designate::rndc_allowed_addresses' in
|
||||
path):
|
||||
if ('rndc_allowed_addresses' in path):
|
||||
continue
|
||||
# Omit Neutron ml2 overlay_ip_version
|
||||
if 'neutron::plugins::ml2::overlay_ip_version' in path:
|
||||
|
|
Loading…
Reference in New Issue