When deploying with tls enabled in public
endpoints, ansible modules fails due SSL certificates
are self-signed.
This change adds a new variable to allow customization
on which endpoints ansible should connect.
Defaults to admin because admin auth parameters defaults
to admin endpoint.
Change-Id: Ic3ed58cf9c9579cae08a11bbfe6fce983b5a9cbc
Closes-Bug: #1720995
kolla designate DNSaaS makes use of containerised bind9 servers
as it's default designate_backend. These can be disabled by
setting designate_backend to "no". default: "bind9"
This commit adds two new properties:
1) designate_backend_external
which can be enabled by setting it to 'bind9'. default: "no"
and
2) designate_backend_external_bind9_nameservers, which can
accept a csv list of all the external server addresses.
(default: "")
The following attributes should either be set:
'internal' (the default)
designate_backend: "bind9"
designate_backend_external: "no"
(designate_backend_external_bind9_nameservers is ignored)
or
'external'
designate_backend: "no"
designate_backend_external: "bind9"
(designate_backend_external_bind9_nameservers must be populated)
Configuration override files to align with external bind9
dns servers must be supplied manually,
/etc/kolla/config/designate/rndc.key
/etc/kolla/config/designate/rndc.conf
Change-Id: I8dbe6fd4fe7820b9143604d89e8399b07e07c3fd
Actually Openstack services configuration can be overriden using many
files:
- /etc/kolla/config/<< service name >>/<< config file >>
- /etc/kolla/config/<< service name >>/<<host>>/<< config file >>
- /etc/kolla/config/global.conf
- /etc/kolla/config/database.conf
- /etc/kolla/config/messaging.conf
Only per-service configuration is actually documented here:
https://github.com/openstack/kolla-ansible/blob/master/doc/advanced-configuration.rst#L164
Allowing to globally modify service configuration can be perform too,
but it can be done in 3 different manners, all not documented:
- /etc/kolla/config/global.conf
- /etc/kolla/config/database.conf
- /etc/kolla/config/messaging.conf
database.conf and messaging.conf seems redundant with global.conf.
In order to simplify codebase it seems logical to remove them.
Documentation has been added for overriding configuration globally and
release note has been added too.
Closes-Bug: #1682479
Change-Id: I5d922dfc0d938173bad34ac64e490b78db1b7e31
In order to speed up deployment time some "local" actions should be run
only once using 'run_once: True'.
This will decrease deployment time in case of multihost configuration.
Change-Id: I6015d772d35c15e96c52f577013b6e41197cb41a
Ansible task support vars directive, no need implement another one in
merge_config. This patch remove the vars directive in merge_config
action plugin.
Change-Id: I33648a2b6e39b4d49ce76eb66fbf2522721f8c68
wait_for module waits 300 seconds for the port started or stopped. This
is meaningless and useless in precheck. This patch change timeout to 1
seconds.
Change-Id: I9b251ec4ba17ce446655917e8ef5e152ef947298
Closes-Bug: #1688152
Using "{{ item }}" is causing wrong fact assignment
and tries to check port when containers are running.
Closes-Bug: #1678102
Change-Id: I659e1c1828b9d82ef9d5bad81021a655cac21478
Add a new subcommand 'check' to kolla-ansible, used to run the
smoke/sanity checks.
Add stub files to all services that don't currently have checks.
Change-Id: I9f661c5fc51fd5b9b266f23f6c524884613dee48
Partially-implements: blueprint sanity-check-container
While deploying/genconfig designate, raise an error due
a missing .key in the item iteration
designate_rndc_key var is already used and replaced by the register
Changed register to other name.
Bind9 container should be started before other designate services.
Change-Id: Ia6aa89af1cf2317fa8f006b8d35d3760e7fb9980
Usernames can be configured with variables in
configuration files, but user creation is hardcoded.
Change-Id: I057cfb921d776217db66f59226dcfa79f3eb7368
Closes-Bug: #1661587
Integrate designate service with neutron to allow instances
and floatingip resolve designate dns.
MDNS service need to be reachable from nova instances
in order to resolve DNS queries.
Added new dns_interface to make this configurable.
Add designate guide.
Closes-Bug: #1661330
Change-Id: I5a2ac5cf2a9aa0977ae42d53dd64699623ddf3ed
Add conditionals to deploy bind9 as backend
for designate, this way will easy third parties
to deploy or develop custom backends.
Change-Id: Ie61a3927ecb9366476cf3fbe0a866f8ea843d100
Implement ansible role to deploy designate
and dependencies. The backend used is bind9.
Co-Authored-By: zhubingbing <zhubingbing10@gmail.com>
Co-Authored-By: Eduardo Gonzalez <dabarren@gmail.com>
Depends-On: 6d0dc3e0f931c7c50b64a4659900cc50b0d860a2
Implements: blueprint ansible-designate
Change-Id: I34d8126e0cd8d71d5ced9b62f3776cc354fbb549