acf032a098
This changes the listen/bind address for the designate's miniDNS instances from "all" to the internal API network. It also properly configures the designate BIND backend to be on the external network. (Both will default to ctlplane if it is absent) Change-Id: I5e900354676a30ae8cf53d0a2f4db0201f05207d
199 lines
6.9 KiB
YAML
199 lines
6.9 KiB
YAML
heat_template_version: wallaby
|
|
|
|
description: >
|
|
OpenStack containerized Designate MiniDNS service
|
|
|
|
parameters:
|
|
ContainerDesignateMDNSImage:
|
|
description: image
|
|
type: string
|
|
tags:
|
|
- role_specific
|
|
ContainerDesignateConfigImage:
|
|
description: The container image to use for the designate config_volume
|
|
type: string
|
|
tags:
|
|
- role_specific
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. Use
|
|
parameter_merge_strategies to merge it with the defaults.
|
|
type: json
|
|
EnableSQLAlchemyCollectd:
|
|
type: boolean
|
|
description: >
|
|
Set to true to enable the SQLAlchemy-collectd server plugin
|
|
default: false
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
MonitoringSubscriptionDesignateMiniDNS:
|
|
default: 'overcloud-designate-mdns'
|
|
type: string
|
|
DesignateWorkers:
|
|
default: 0
|
|
description: Number of workers for Designate services.
|
|
type: number
|
|
DesignatePassword:
|
|
description: The password for the Designate's database account.
|
|
type: string
|
|
hidden: true
|
|
|
|
conditions:
|
|
designate_workers_zero: {equals : [{get_param: DesignateWorkers}, 0]}
|
|
enable_sqlalchemy_collectd: {equals : [{get_param: EnableSQLAlchemyCollectd}, true]}
|
|
|
|
resources:
|
|
|
|
ContainersCommon:
|
|
type: ../containers-common.yaml
|
|
|
|
MySQLClient:
|
|
type: ../database/mysql-client.yaml
|
|
|
|
DesignateBase:
|
|
type: ./designate-base.yaml
|
|
properties:
|
|
EndpointMap: {get_param: EndpointMap}
|
|
ServiceData: {get_param: ServiceData}
|
|
ServiceNetMap: {get_param: ServiceNetMap}
|
|
RoleName: {get_param: RoleName}
|
|
RoleParameters: {get_param: RoleParameters}
|
|
|
|
RoleParametersValue:
|
|
type: OS::Heat::Value
|
|
properties:
|
|
type: json
|
|
value:
|
|
map_replace:
|
|
- map_replace:
|
|
- ContainerDesignateMDNSImage: ContainerDesignateMDNSImage
|
|
ContainerDesignateConfigImage: ContainerDesignateConfigImage
|
|
- values: {get_param: [RoleParameters]}
|
|
- values:
|
|
ContainerDesignateMDNSImage: {get_param: ContainerDesignateMDNSImage}
|
|
ContainerDesignateConfigImage: {get_param: ContainerDesignateConfigImage}
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the Designate MDNS role.
|
|
value:
|
|
service_name: designate_mdns
|
|
firewall_rules:
|
|
'142 designate_mdns udp':
|
|
proto: 'udp'
|
|
dport:
|
|
- 5354
|
|
'143 designate_mdns tcp':
|
|
proto: 'tcp'
|
|
dport:
|
|
- 5354
|
|
monitoring_subscription: {get_param: MonitoringSubscriptionDesignateMiniDNS}
|
|
config_settings:
|
|
map_merge:
|
|
- get_attr: [DesignateBase, role_data, config_settings]
|
|
- designate::mdns::listen:
|
|
str_replace:
|
|
template:
|
|
"%{hiera('$NETWORK')}:5354"
|
|
params:
|
|
$NETWORK: {get_param: [ServiceNetMap, DesignateMdnsNetwork]}
|
|
- designate::db::database_connection:
|
|
make_url:
|
|
scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
|
|
username: designate
|
|
password: {get_param: DesignatePassword}
|
|
host: {get_param: [EndpointMap, MysqlInternal, host]}
|
|
path: /designate
|
|
query:
|
|
if:
|
|
- enable_sqlalchemy_collectd
|
|
-
|
|
read_default_file: /etc/my.cnf.d/tripleo.cnf
|
|
read_default_group: tripleo
|
|
plugin: collectd
|
|
collectd_program_name: designate_mdns
|
|
collectd_host: localhost
|
|
-
|
|
read_default_file: /etc/my.cnf.d/tripleo.cnf
|
|
read_default_group: tripleo
|
|
-
|
|
if:
|
|
- designate_workers_zero
|
|
- {}
|
|
- designate::mdns::workers: {get_param: DesignateWorkers}
|
|
service_config_settings:
|
|
mysql:
|
|
designate::db::mysql::password: {get_param: DesignatePassword}
|
|
designate::db::mysql::user: designate
|
|
designate::db::mysql::host: '%'
|
|
designate::db::mysql::dbname: designate
|
|
# BEGIN DOCKER SETTINGS
|
|
puppet_config:
|
|
config_volume: designate
|
|
puppet_tags: designate_config
|
|
step_config:
|
|
list_join:
|
|
- "\n"
|
|
- - {get_attr: [DesignateBase, role_data, step_config]}
|
|
- "include tripleo::profile::base::designate::mdns"
|
|
- {get_attr: [MySQLClient, role_data, step_config]}
|
|
config_image: {get_attr: [RoleParametersValue, value, ContainerDesignateConfigImage]}
|
|
kolla_config:
|
|
/var/lib/kolla/config_files/designate_mdns.json:
|
|
command: /usr/bin/designate-mdns --config-file=/etc/designate/designate.conf --log-file=/var/log/designate/mdns.log
|
|
config_files:
|
|
- source: "/var/lib/kolla/config_files/src/*"
|
|
dest: "/"
|
|
merge: true
|
|
preserve_properties: true
|
|
permissions:
|
|
- path: /var/log/designate
|
|
owner: designate:designate
|
|
recurse: true
|
|
docker_config:
|
|
step_4:
|
|
designate_mdns:
|
|
image: &designate_mdns_image {get_attr: [RoleParametersValue, value, ContainerDesignateMDNSImage]}
|
|
net: host
|
|
privileged: false
|
|
restart: always
|
|
stop_grace_period: 300
|
|
healthcheck:
|
|
test: /openstack/healthcheck
|
|
volumes:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
-
|
|
- /run:/run
|
|
- /var/lib/kolla/config_files/designate_mdns.json:/var/lib/kolla/config_files/config.json:ro
|
|
- /var/lib/config-data/puppet-generated/designate:/var/lib/kolla/config_files/src:ro
|
|
- /var/log/containers/designate:/var/log/designate:z
|
|
environment:
|
|
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
|
|
host_prep_tasks:
|
|
- name: create persistent directories
|
|
file:
|
|
path: "{{ item.path }}"
|
|
state: directory
|
|
setype: "{{ item.setype }}"
|
|
mode: "{{ item.mode|default(omit) }}"
|
|
with_items:
|
|
- { 'path': /var/log/designate, 'setype': container_file_t }
|
|
- { 'path': /var/log/containers/designate, 'setype': container_file_t, 'mode': '0750' }
|