[DEFAULT] use_journal = True # Disable stderr logging use_stderr = False ######################## ## General Configuration ######################## # Show debugging output in logs (sets DEBUG log level output) debug = {{ debug }} # Top-level directory for maintaining designate's state #state_path = /var/lib/designate {% if designate_ceilometer_enabled | bool %} # Driver used for issuing notifications notification_driver = messagingv2 {% endif %} # Root helper root_helper = sudo designate-rootwrap /etc/designate/rootwrap.conf # Which networking API to use, Defaults to neutron #network_api = neutron ## RabbitMQ RPC transport_url = {{ designate_oslomsg_rpc_transport }}://{% for host in designate_oslomsg_rpc_servers.split(',') %}{{ designate_oslomsg_rpc_userid }}:{{ designate_oslomsg_rpc_password }}@{{ host }}:{{ designate_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ _designate_oslomsg_rpc_vhost_conf }}{% if designate_oslomsg_rpc_use_ssl | bool %}?ssl=1&ssl_version={{ designate_oslomsg_rpc_ssl_version }}&ssl_ca_file={{ designate_oslomsg_rpc_ssl_ca_file }}{% else %}?ssl=0{% endif %}{% endif %}{% endfor %} # RabbitMQ Config [oslo_messaging_rabbit] ssl = {{ designate_oslomsg_rpc_use_ssl }} rabbit_notification_exchange = designate rabbit_notification_topic = notifications rabbit_quorum_queue = {{ designate_oslomsg_rabbit_quorum_queues }} rabbit_transient_quorum_queue = {{ designate_oslomsg_rabbit_transient_quorum_queues }} rabbit_qos_prefetch_count = {{ designate_oslomsg_rabbit_qos_prefetch_count }} use_queue_manager = {{ designate_oslomsg_rabbit_queue_manager }} {% if designate_oslomsg_rabbit_queue_manager %} hostname = {{ [ansible_facts['hostname'], designate_service_name] | join('-') }} {% endif %} rabbit_stream_fanout = {{ designate_oslomsg_rabbit_stream_fanout }} rabbit_quorum_delivery_limit = {{ designate_oslomsg_rabbit_quorum_delivery_limit }} rabbit_quorum_max_memory_bytes = {{ designate_oslomsg_rabbit_quorum_max_memory_bytes }} [oslo_messaging_notifications] driver = {{ (designate_oslomsg_notify_configure | bool) | ternary('messagingv2', 'noop') }} transport_url = {{ designate_oslomsg_notify_transport }}://{% for host in designate_oslomsg_notify_servers.split(',') %}{{ designate_oslomsg_notify_userid }}:{{ designate_oslomsg_notify_password }}@{{ host }}:{{ designate_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ _designate_oslomsg_notify_vhost_conf }}{% if designate_oslomsg_notify_use_ssl | bool %}?ssl=1&ssl_version={{ designate_oslomsg_notify_ssl_version }}&ssl_ca_file={{ designate_oslomsg_notify_ssl_ca_file }}{% else %}?ssl=0{% endif %}{% endif %}{% endfor %} {% if designate_backend_ssl | bool %} [ssl] cert_file = {{ designate_ssl_cert }} key_file = {{ designate_ssl_key }} {% endif %} ######################## ## Service Configuration ######################## #----------------------- # Central Service #----------------------- [service:central] # Number of central worker processes to spawn #workers = None # Number of central greenthreads to spawn #threads = 1000 # Maximum domain name length #max_domain_name_len = 255 # Maximum recordset name length #max_recordset_name_len = 255 # Minimum TTL #min_ttl = None # The name of the default pool default_pool_id = {{ designate_pool_uuid }} ## Managed resources settings # Email to use for managed resources like domains created by the FloatingIP API #managed_resource_email = hostmaster@example.com. # Tenant ID to own all managed resources - like auto-created records etc. managed_resource_tenant_id = {{ designate_managed_resource_tenant_id }} #----------------------- # API Service #----------------------- [service:api] # Number of api worker processes to spawn #workers = None # Number of api greenthreads to spawn #threads = 1000 # Enable host request headers enable_host_header = True # The base uri used in responses api_base_uri = "{{ designate_service_publicuri }}" # API host:port pairs to listen on listen = "{{ designate_bind_address }}:{{ designate_service_port }}" # Maximum line size of message headers to be accepted. max_header_line may # need to be increased when using large tokens (typically those generated by # the Keystone v3 API with big service catalogs). #max_header_line = 16384 # Authentication strategy to use - can be either "noauth" or "keystone" auth_strategy = keystone # Enable API Version 2 enable_api_v2 = True # Enabled API Version 2 extensions enabled_extensions_v2 = quotas, reports # Default per-page limit for the V2 API, a value of None means show all results # by default #default_limit_v2 = 20 # Max page size in the V2 API #max_limit_v2 = 1000 # Enable Admin API (experimental) enable_api_admin = False # Enabled Admin API extensions # Can be one or more of : reports, quotas, counts, tenants, zones # zone export is in zones extension #enabled_extensions_admin = # Default per-page limit for the Admin API, a value of None means show all results # by default #default_limit_admin = 20 # Max page size in the Admin API #max_limit_admin = 1000 # Show the pecan HTML based debug interface (v2 only) # This is only useful for development, and WILL break python-designateclient # if an error occurs #pecan_debug = False #----------------------- # Keystone Middleware #----------------------- [keystone_authtoken] insecure = {{ keystone_service_internaluri_insecure | bool }} auth_type = {{ designate_keystone_auth_type }} auth_url = {{ keystone_service_adminurl }} www_authenticate_uri = {{ keystone_service_internaluri }} project_domain_id = {{ designate_service_project_domain_id }} user_domain_id = {{ designate_service_user_domain_id }} project_name = {{ designate_service_project_name }} username = {{ designate_service_user_name }} password = {{ designate_service_password }} service_token_roles_required = {{ designate_service_token_roles_required | bool }} service_token_roles = {{ designate_service_token_roles | join(',') }} service_type = {{ designate_service_type }} memcached_servers = {{ designate_memcached_servers }} #----------------------- # Sink Service #----------------------- [service:sink] # List of notification handlers to enable, configuration of these needs to # correspond to a [handler:my_driver] section below or else in the config # Can be one or more of : nova_fixed, neutron_floatingip #enabled_notification_handlers = #----------------------- # mDNS Service #----------------------- [service:mdns] # Number of mdns worker processes to spawn #workers = None # Number of mdns greenthreads to spawn #threads = 1000 # mDNS Bind Host #host = 0.0.0.0 # mDNS Port Number #port = 5354 # mDNS TCP Backlog #tcp_backlog = 100 # mDNS TCP Receive Timeout #tcp_recv_timeout = 0.5 # Enforce all incoming queries (including AXFR) are TSIG signed #query_enforce_tsig = False # Send all traffic over TCP #all_tcp = False # Maximum message size to emit #max_message_size = 65535 #----------------------- # Agent Service #----------------------- [service:agent] #workers = None #host = 0.0.0.0 #port = 5358 #tcp_backlog = 100 #allow_notify = 127.0.0.1 #masters = 127.0.0.1:5354 #backend_driver = fake #transfer_source = None #notify_delay = 0 #----------------------- # Producer Service #----------------------- [service:producer] # Number of Zone Manager worker processes to spawn #workers = None # Number of Zone Manager greenthreads to spawn #threads = 1000 # List of Zone Manager tasks to enable, a value of None will enable all tasks. # Can be one or more of: periodic_exists #enabled_tasks = None # Whether to allow synchronous zone exports #export_synchronous = True #------------------------ # Deleted domains purging #------------------------ [producer_task:domain_purge] # How frequently to purge deleted domains, in seconds #interval = 3600 # 1h # How many records to be deleted on each run #batch_size = 100 # How old deleted records should be (deleted_at) to be purged, in seconds #time_threshold = 604800 # 7 days #------------------------ # Delayed zones NOTIFY #------------------------ [producer_task:delayed_notify] # How frequently to scan for zones pending NOTIFY, in seconds #interval = 5 #------------------------ # Worker Periodic Recovery #------------------------ [producer_task:worker_periodic_recovery] # How frequently to scan for zones in ERROR, in seconds #interval = 120 #----------------------- # Pool Manager Service #----------------------- [service:pool_manager] # Number of Pool Manager worker processes to spawn #workers = None # Number of Pool Manager greenthreads to spawn #threads = 1000 # The percentage of servers requiring a successful update for a domain change # to be considered active #threshold_percentage = 100 # The time to wait for a response from a server #poll_timeout = 30 # The time between retrying to send a request and waiting for a response from a # server #poll_retry_interval = 15 # The maximum number of times to retry sending a request and wait for a # response from a server #poll_max_retries = 10 # The time to wait before sending the first request to a server #poll_delay = 5 # Enable the recovery thread #enable_recovery_timer = True # The time between recovering from failures #periodic_recovery_interval = 120 # Enable the sync thread #enable_sync_timer = True # The time between synchronizing the servers with storage #periodic_sync_interval = 1800 # Zones Updated within last N seconds will be syncd. Use None to sync all zones #periodic_sync_seconds = None # Perform multiple update attempts during periodic_sync #periodic_sync_max_attempts = 3 #periodic_sync_retry_interval = 30 # The cache driver to use #cache_driver = memcache #----------------------- # Worker Service #----------------------- [service:worker] # Whether to send events to worker instead of Pool Manager enabled = True # Number of Worker processes to spawn #workers = None # Number of Worker greenthreads to spawn #threads = 1000 # The percentage of servers requiring a successful update for a zone change # to be considered active #threshold_percentage = 100 # The time to wait for a response from a server #poll_timeout = 30 # The time between retrying to send a request and waiting for a response from a # server #poll_retry_interval = 15 # The maximum number of times to retry sending a request and wait for a # response from a server #poll_max_retries = 10 # The time to wait before sending the first request to a server #poll_delay = 5 # Whether to allow worker to send NOTIFYs. NOTIFY requests to mdns will noop notify = True ################################### ## Pool Manager Cache Configuration ################################### #----------------------- # SQLAlchemy Pool Manager Cache #----------------------- [pool_manager_cache:sqlalchemy] #connection=sqlite:///$state_path/designate_pool_manager.sqlite #connection_debug = 100 #connection_trace = False #sqlite_synchronous = True #idle_timeout = 3600 #max_retries = 10 #retry_interval = 10 #----------------------- # Memcache Pool Manager Cache #----------------------- [pool_manager_cache:memcache] #memcached_servers = None #expiration = 3600 ############## ## Network API ############## [network_api:neutron] # Comma separated list of values, formatted "|" #endpoints = RegionOne|http://localhost:9696 endpoint_type = internalURL #timeout = 30 #admin_username = designate #admin_password = designate #admin_tenant_name = designate #auth_url = http://localhost:5000/v2.0 #insecure = False #auth_strategy = keystone #ca_certificates_file = ######################## ## Storage Configuration ######################## #----------------------- # SQLAlchemy Storage #----------------------- [storage:sqlalchemy] connection = mysql+pymysql://{{ designate_galera_user }}:{{ designate_galera_password }}@{{ designate_galera_address }}:{{ designate_galera_port }}/{{ designate_galera_database }}?charset=utf8{% if designate_galera_use_ssl | bool %}&ssl_verify_cert=true{% if designate_galera_ssl_ca_cert | length > 0 %}&ssl_ca={{ designate_galera_ssl_ca_cert }}{% endif %}{% endif +%} max_overflow = {{ designate_db_max_overflow }} max_pool_size = {{ designate_db_max_pool_size }} pool_timeout = {{ designate_db_pool_timeout }} connection_recycle_time = {{ designate_db_connection_recycle_time }} #connection_debug = 0 #connection_trace = False #sqlite_synchronous = True #idle_timeout = 3600 #max_retries = 10 #retry_interval = 10 ######################## ## Handler Configuration ######################## #----------------------- # Nova Fixed Handler #----------------------- [handler:nova_fixed] # Domain ID of domain to create records in. Should be pre-created #domain_id = #notification_topics = notifications #control_exchange = 'nova' ##Following https://docs.openstack.org/releasenotes/designate/pike.html#critical-issues #formatv4 = '%(octet0)s-%(octet1)s-%(octet2)s-%(octet3)s.%(zone)s' #formatv4 = '%(hostname)s.%(project)s.%(zone)s' #formatv4 = '%(hostname)s.%(zone)s' #formatv6 = '%(hostname)s.%(project)s.%(zone)s' #formatv6 = '%(hostname)s.%(zone)s' #------------------------ # Neutron Floating Handler #------------------------ [handler:neutron_floatingip] # Domain ID of domain to create records in. Should be pre-created #domain_id = #notification_topics = notifications #control_exchange = 'neutron' ##Following https://docs.openstack.org/releasenotes/designate/pike.html#critical-issues #formatv4 = '%(octet0)s-%(octet1)s-%(octet2)s-%(octet3)s.%(zone)s' #formatv4 = '%(hostname)s.%(project)s.%(zone)s' #formatv4 = '%(hostname)s.%(zone)s' #formatv6 = '%(hostname)s.%(project)s.%(zone)s' #formatv6 = '%(hostname)s.%(zone)s' ############################# ## Agent Backend Configuration ############################# [backend:agent:bind9] #rndc_host = 127.0.0.1 #rndc_port = 953 #rndc_config_file = /etc/rndc.conf #rndc_key_file = /etc/rndc.key #zone_file_path = $state_path/zones #query_destination = 127.0.0.1 # [backend:agent:denominator] #name = dynect #config_file = /etc/denominator.conf ######################## ## Library Configuration ######################## [oslo_concurrency] # Path for Oslo Concurrency to store lock files, defaults to the value # of the state_path setting. #lock_path = $state_path ################################# ## Oslo Middleware Configuration ################################# [oslo_middleware] enable_proxy_headers_parsing = true {% if designate_coordination_enable %} ######################## ## Coordination ######################## [coordination] backend_url = {{ designate_coordination_url }} {% endif %} ######################## ## Hook Points ######################## # Hook Points are enabled when added to the config and there has been # a package that provides the corresponding named designate.hook_point # entry point. # [hook_point:name_of_hook_point] # some_param_for_hook = 42 # Hooks can be disabled in the config # enabled = False # Hook can also be applied to the import path when the hook has not # been given an explicit name. The name is created from the hook # target function / method: # # name = '%s.%s' % (func.__module__, func.__name__) # [hook_point:designate.api.v2.controllers.zones.get_one]