This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration
for the neutron-api, neutron-dhcp, and neutron-l3 services.
With this patch the baremetal version of each respective neutron service
has been removed.
Because the designate parameters will always need to be edited for
a deployment, a copy of the environment must be made. However,
because there were resource_registry entries in the previous
enable-designate environments those relative paths would become
invalid if the file was moved. Splitting the resource_registry
entries from the user-configured parameters should eliminate this
The pool configuration for an ha deployment of designate looks quite
a bit different from the nonha one, so it's useful to provide a
separate example environment for it.
This is necessary as the settings in this file are deployment
specific, so the defaults will never be correct. For simplicity,
the enablement environment includes the sample pools.yaml content
from the Designate docs. It can then be easily modified to match
the actual intended deployment environment.
For security, it is best to split authoritative and recursive
nameservers. This way a security vulnerability that only affects
one type of server won't provide an exploit for the other too.
For Designate, the managed BIND server is the authoritative one.
We can use Neutron's internal DNS server as the recursive server, or
users can point at their DNS server of choice. To make sure our
defaults work out of the box, this change enables the Neutron
internal DNS by default and users can change that if they choose.
Since that means we no longer need recursion in BIND, we should shut
it off, which this also does.