diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index a07819b53a..f22fefdf60 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -539,7 +539,8 @@ cloudkitty_collector_backend: "ceilometer" # Valid options are [ bind9 ] designate_backend: "bind9" designate_ns_record: "sample.openstack.org" - +designate_backend_external: "no" +designate_backend_external_bind9_nameservers: "" ####################### # Neutron options diff --git a/ansible/roles/designate/tasks/backend_external.yml b/ansible/roles/designate/tasks/backend_external.yml new file mode 100644 index 0000000000..b37d164968 --- /dev/null +++ b/ansible/roles/designate/tasks/backend_external.yml @@ -0,0 +1,28 @@ +--- +- name: Copying over rndc.conf (designate_backend_external) + template: + src: "{{ node_custom_config }}/designate/rndc.conf" + dest: "{{ node_config_directory }}/{{ item.key }}/rndc.conf" + register: designate_rndc_conf + when: + - designate_backend_external == 'bind9' + - item.key in [ "designate-worker" ] + - inventory_hostname in groups[item.value.group] + - item.value.enabled | bool + with_dict: "{{ designate_services }}" + notify: + - Restart designate-worker container + +- name: Copying over rndc.key (designate_backend_external) + template: + src: "{{ node_custom_config }}/designate/rndc.key" + dest: "{{ node_config_directory }}/{{ item.key }}/rndc.key" + register: designate_rndc_key_file + when: + - designate_backend_external == 'bind9' + - item.key in [ "designate-worker" ] + - inventory_hostname in groups[item.value.group] + - item.value.enabled | bool + with_dict: "{{ designate_services }}" + notify: + - Restart designate-worker container diff --git a/ansible/roles/designate/tasks/config.yml b/ansible/roles/designate/tasks/config.yml index cbe226f223..3e9f9779d6 100644 --- a/ansible/roles/designate/tasks/config.yml +++ b/ansible/roles/designate/tasks/config.yml @@ -92,7 +92,7 @@ dest: "{{ node_config_directory }}/{{ item.key }}/rndc.conf" register: designate_rndc_conf when: - - designate_backend == 'bind9' + - designate_backend == 'bind9' and designate_backend_external == 'no' - item.key in [ "designate-backend-bind9", "designate-worker" ] - inventory_hostname in groups[item.value.group] - item.value.enabled | bool @@ -107,7 +107,7 @@ dest: "{{ node_config_directory }}/{{ item.key }}/rndc.key" register: designate_rndc_key_file when: - - designate_backend == 'bind9' + - designate_backend == 'bind9' and designate_backend_external == 'no' - item.key in [ "designate-backend-bind9", "designate-worker" ] - inventory_hostname in groups[item.value.group] - item.value.enabled | bool @@ -116,6 +116,9 @@ - Restart designate-backend-bind9 container - Restart designate-worker container +- include: backend_external.yml + when: designate_backend_external == 'bind9' + - name: Check if policies shall be overwritten local_action: stat path="{{ node_custom_config }}/designate/policy.json" run_once: True diff --git a/ansible/roles/designate/templates/pools.yaml.j2 b/ansible/roles/designate/templates/pools.yaml.j2 index f3b0aca03f..f35ef5a9f5 100644 --- a/ansible/roles/designate/templates/pools.yaml.j2 +++ b/ansible/roles/designate/templates/pools.yaml.j2 @@ -1,4 +1,4 @@ -{% if designate_backend == 'bind9' %} +{% if designate_backend == 'bind9' or designate_backend_external == 'bind9' %} - name: default-bind id: {{ designate_pool_id }} description: Default BIND9 Pool @@ -7,11 +7,19 @@ - hostname: {{ designate_ns_record }}. priority: 1 nameservers: +{% if designate_backend == 'bind9' %} {% for host in groups['designate-backend-bind9'] %} - host: {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }} port: {{ designate_bind_port }} {% endfor %} +{% elif designate_backend_external == 'bind9' %} +{% for host in designate_backend_external_bind9_nameservers.replace(" ", "").split(',') %} + - host: {{ host }} + port: {{ designate_bind_port }} +{% endfor %} +{% endif %} targets: +{% if designate_backend == 'bind9' %} {% for bind_host in groups['designate-backend-bind9'] %} - type: bind9 description: BIND9 Server {{ hostvars[bind_host]['ansible_' + hostvars[bind_host]['api_interface']]['ipv4']['address'] }} @@ -27,4 +35,21 @@ rndc_port: {{ designate_rndc_port }} rndc_key_file: /etc/designate/rndc.key {% endfor %} +{% elif designate_backend_external == 'bind9' %} +{% for bind_host in designate_backend_external_bind9_nameservers.replace(" ", "").split(',') %} + - type: bind9 + description: BIND9 Server {{ bind_host }} + masters: +{% for mdns_host in groups['designate-mdns'] %} + - host: {{ hostvars[mdns_host]['ansible_' + hostvars[mdns_host]['api_interface']]['ipv4']['address'] }} + port: 5354 +{% endfor %} + options: + host: {{ bind_host }} + port: {{ designate_bind_port }} + rndc_host: {{ bind_host }} + rndc_port: {{ designate_rndc_port }} + rndc_key_file: /etc/designate/rndc.key +{% endfor %} +{% endif %} {% endif %} diff --git a/releasenotes/notes/designate-allow-external-bind9-servers-c2c5dc31b0475cb7.yaml b/releasenotes/notes/designate-allow-external-bind9-servers-c2c5dc31b0475cb7.yaml new file mode 100644 index 0000000000..cb55c84a7b --- /dev/null +++ b/releasenotes/notes/designate-allow-external-bind9-servers-c2c5dc31b0475cb7.yaml @@ -0,0 +1,20 @@ +--- +features: | + Update designate to allow use of external bind9 dns servers. + Added two new properties: + + - designate_backend_external + + This defaults to 'no', and can be enabled by setting + it to 'bind9' + + - designate_backend_external_bind9_nameservers + + This defaults to an empty string, and should be populated + with a csv list of external bind9 dns server addresses. + + - Configuration override files to align with external bind9 + dns servers must be supplied manually, + + - /etc/kolla/config/designate/rndc.key + - /etc/kolla/config/designate/rndc.conf