26 Commits

Author SHA1 Message Date
Eduardo Gonzalez
fae046ece8 Fixes bind9 restarting when no designate_forwarders_addresses
When deploying designate if no designate_forwarders_addresses
is provided, bind9 container keeps restarting due an invalid(empty)
forwarder addresses is set in named.conf

Change-Id: I7d309eb077243435dd2038629074251abec7d3e1
Closes-Bug: #1787092
2018-08-15 08:24:48 +02:00
ZhongShengping
ae246945a6 Deprecate auth_uri option
Option auth_uri from group keystone_authtoken is deprecated[1].
Use option www_authenticate_uri from group keystone_authtoken.

[1]https://review.openstack.org/#/c/508522/

Co-Authored-By: confi-surya <singh.surya64mnnit@gmail.com>
Change-Id: Ifd8527d404f1df807ae8196eac2b3849911ddc26
Closes-Bug: #1761907
2018-08-07 11:58:23 +05:30
Mark Duggan
4157f30c5f Extending designate named template to include "forwarders" parameter
To get forwarding to work in the kolla implementaion of designate,
I'm adding parameters to the named.conf.j2 template.  I'm adding
the ability to change the default values for dnssec-validation and
recursion and creating a new paramater for forwarders.

Change-Id: Ideef39034d75a0d99e8a3dc2a5f1a7203ccf51d5
Closes-Bug: #1781196
2018-07-12 12:25:39 +01:00
Kevin TIBI
a81a5d5d5d Fix SSL api for multiple services
If SSL is enabled, api of multiple services returns
wrong external URL without https prefix.

Removal of condition for deletion of http  header.

Change-Id: I4264e04d0d6b9a3e11ef7dd7add6c5e166cf9fb4
Closes-Bug: #1749155
Closes-Bug: #1717491
2018-04-18 17:20:27 +02:00
Kevin Tibi
8e897bcd78 Designate: Fix neutron handler
Change-Id: Id55daa93cc4778bd59dd8befbe4ed04c031f4384
Closes-bug: #1758850
2018-03-26 10:48:46 +02:00
Kevin TIBI
7892826743 Add permission to notify dns server from worker
Change-Id: I67ea2b1a91dfd61341ae2e5bcd82d1cf0597fe9c
Closes-Bug: #1745957
2018-02-14 16:04:38 +01:00
Dai Dang Van
6b99f21341 Support policy.yaml file [part 4]
- Barbican
- Ceilometer
- Cloudkitty
- Congress
- Designate

This will copy only yaml or json policy file if they exist.

Change-Id: Iaa19f64073d8bdee948bc2de58e095ca72afc092
Implements: blueprint support-custom-policy-yaml
Co-authored-By: Duong Ha-Quang <duonghq@vn.fujitsu.com>
2018-01-22 01:57:02 +00:00
Pierre Hanselmann
f11042acae Designate/Neutron communicaton failure
Designate communicate on publicURL (Default) endpoint with Neutron.
When TLS is enabled it generates errors (Missing certificate). We
need to ensure designate communicate with neutron on internalURL.

Change-Id: Ie969fc2d1a2d4241371b459af2fc5b7bdf236bf0
Closes-Bug: #1742625
2018-01-11 09:05:14 +01:00
Zuul
b00fdc3ae7 Merge "Change listen for mdns" 2017-12-13 18:01:32 +00:00
caowei
b82f5cc9f0 Implement designate-producer service
Depends-On: Ia22128e5ce4a717612af658d63258e78e52176ad
Implements: blueprint designate-producer

Change-Id: I98b5e99e8fcfe18fde442b317348ec261f4d2f99
2017-12-07 10:11:14 +08:00
Andrew Smith
fd1d3af0df Add support for hybrid messaging backends
This commit separates the messaging rpc and notify transports in order
to support separate and different oslo.messaging backends

This patch:
* add rpc and notify variables
* update service role conf templates
* add example to globals.yaml
* add release note

Implements: blueprint hybrid-messaging
Change-Id: I34691c2895c8563f1f322f0850ecff98d11b5185
2017-11-22 14:09:40 -05:00
Kevin TIBI
c2d150d6be Change listen for mdns
The service listening port of MDNS can be override by dns_interface.
If so, the pool conf use the wrong IP for join mdns service.

Change-Id: I8a3678955ecf5f769da7090fe5dad68e027c102b
2017-11-21 15:04:24 +00:00
Jenkins
85164c1bcb Merge "Update designate to allow use of external bind9 dns servers." 2017-09-21 13:26:56 +00:00
James McCarthy
d4f8b413a8 Update designate to allow use of external bind9 dns servers.
kolla designate DNSaaS makes use of containerised bind9 servers
as it's default designate_backend. These can be disabled by
setting designate_backend to "no". default: "bind9"

This commit adds two new properties:
1) designate_backend_external
 which can be enabled by setting it to 'bind9'. default: "no"
and
2) designate_backend_external_bind9_nameservers, which can
 accept a csv list of all the external server addresses.
 (default: "")

The following attributes should either be set:
'internal' (the default)
 designate_backend: "bind9"
 designate_backend_external: "no"
 (designate_backend_external_bind9_nameservers is ignored)
or
 'external'
 designate_backend: "no"
 designate_backend_external: "bind9"
 (designate_backend_external_bind9_nameservers must be populated)

Configuration override files to align with external bind9
dns servers must be supplied manually,
 /etc/kolla/config/designate/rndc.key
 /etc/kolla/config/designate/rndc.conf

Change-Id: I8dbe6fd4fe7820b9143604d89e8399b07e07c3fd
2017-09-18 13:51:39 +01:00
ZhongShengping
8bff46454e Remove deprecated oslo_messaging_rabbit options
It's supposed to be working now https://review.openstack.org/475273

Change-Id: I5ae4f5f8ca977f7343cb135e41eb2d0703c37024
Closes-Bug: #1713609
2017-09-14 16:04:33 +08:00
Jenkins
d5c328af3b Merge "Fix designate-api listen interface" 2017-07-11 11:29:02 +00:00
Bertrand Lallau
f8bbba5531 Fix designate-api listen interface
designate-api service is launched using dns_interface instead of api_interface.
Haproxy is using the good interface (api_interface), hence designate_api
can't be accessed.

Change-Id: I24e356c167c931a6b69a283efba12117fcff936a
Closes-Bug: #1703425
2017-07-10 19:12:37 +00:00
Bertrand Lallau
372e991bec Standardize Keystone domain variables
As described here:
https://github.com/openstack/keystone/blob/master/keystone/resource/core.py#L841
https://github.com/openstack/keystone/blob/master/keystone/conf/identity.py#L21

* default project domain name MUST be named 'Default'
* default project domain id MUST be named 'default'
* default project user name MUST be named 'Default'
* default project user id MUST be named 'default'

Change-Id: I610a0416647fdea31bb04889364da5395d8c8d74
2017-07-06 14:34:11 +00:00
Jenkins
5dc7920d4a Merge "Move mDNS to network nodes" 2017-07-06 03:34:22 +00:00
Eduardo Gonzalez
1f1d91b960 Move mDNS to network nodes
mDNS publish DNS services to designate service customers.
Only network node should be reachable by public networks.

Change-Id: Id2947df89d2d831d67e006a581ac88b4ecf8ce04
Closes-Bug: #1693918
2017-06-21 13:17:46 +00:00
Eduardo Gonzalez
e0c31c5b90 Remove deprecated options designate
Cleanup designate deprecated options.
Add note for cleanup rabbitmq options when a bug is fixed in designate.
Update docs to use designate v2 commands (openstack client)
Designate v1 is deprecated:
- https://docs.openstack.org/releasenotes/designate/unreleased.html#critical-issues

Change-Id: Ie12af2f515a35289b357fd7894a5acc2e4d253c5
2017-05-29 12:36:23 +02:00
Bertrand Lallau
afdd11b9a2 Generalize api_interface_address variable usage
Useful api_interface_address variable has been define here:
https://github.com/openstack/kolla-ansible/blob/master/ansible/group_vars/all.yml#L57
In order to simplify codebase we must use it as much as possible.

Change-Id: I18fec19bf69e05a22a4142a9cd1165eccd022455
2017-05-23 08:35:15 +00:00
Bertrand Lallau
1c5e6a5980 Designate: manage Api and Central services workers
Api and Central Designate services are not configured and will be set to
4 (default value). In an "all-in-one" config it's very helpful to
minimize used resources by setting openstack_service_workers to 1.

Change-Id: Iafa460859e4b6004ae202bb878da77add08d7a5f
Closes-Bug: #1672413
2017-03-13 17:31:37 +01:00
Eduardo Gonzalez
e516ea5099 Integrate designate with neutron
Integrate designate service with neutron to allow instances
and floatingip resolve designate dns.
MDNS service need to be reachable from nova instances
in order to resolve DNS queries.
Added new dns_interface to make this configurable.
Add designate guide.

Closes-Bug: #1661330

Change-Id: I5a2ac5cf2a9aa0977ae42d53dd64699623ddf3ed
2017-02-03 11:06:59 +00:00
Eduardo Gonzalez
89447107b5 Remove hardcoded designate backend
Add conditionals to deploy bind9 as backend
for designate, this way will easy third parties
to deploy or develop custom backends.

Change-Id: Ie61a3927ecb9366476cf3fbe0a866f8ea843d100
2017-01-20 12:01:53 +00:00
Ross Krumbeck
a9ade20bee Ansible-ize OpenStack Designate
Implement ansible role to deploy designate
and dependencies. The backend used is bind9.

Co-Authored-By: zhubingbing <zhubingbing10@gmail.com>
Co-Authored-By: Eduardo Gonzalez <dabarren@gmail.com>

Depends-On: 6d0dc3e0f931c7c50b64a4659900cc50b0d860a2
Implements: blueprint ansible-designate
Change-Id: I34d8126e0cd8d71d5ced9b62f3776cc354fbb549
2017-01-05 14:34:15 +00:00