Merge "Add ability to deploy designate and pdns on different nodes"
diff --git a/bind/server/cluster.yml b/bind/server/cluster.yml
new file mode 100644
index 0000000..1f9e943
--- /dev/null
+++ b/bind/server/cluster.yml
@@ -0,0 +1,37 @@
+classes:
+- service.bind.server.single
+parameters:
+ _param:
+ mgmt_allow_node01_address: ${_param:openstack_control_node01_address}
+ mgmt_allow_node02_address: ${_param:openstack_control_node02_address}
+ mgmt_allow_node03_address: ${_param:openstack_control_node03_address}
+ bind:
+ server:
+ key:
+ mgmt:
+ secret: "${_param:bind9_mgmt_rndc_key}"
+ algorithm: "${_param:bind9_mgmt_rndc_algorithm}"
+ allow_new_zones: true
+ query: true
+ # for local server management /etc/bind/rndc.key
+ # generated by bind9 package postinstall script
+ # will be used
+ control:
+ local:
+ enabled: true
+ bind:
+ address: 127.0.0.1
+ port: 953
+ allow:
+ - 127.0.0.1
+ mgmt:
+ enabled: true
+ bind:
+ address: ${_param:single_address}
+ port: 953
+ allow:
+ - ${_param:mgmt_allow_node01_address}
+ - ${_param:mgmt_allow_node02_address}
+ - ${_param:mgmt_allow_node03_address}
+ keys:
+ - mgmt
\ No newline at end of file
diff --git a/designate/server/backend/bind.yml b/designate/server/backend/bind.yml
index 823d52d..bbce637 100644
--- a/designate/server/backend/bind.yml
+++ b/designate/server/backend/bind.yml
@@ -38,4 +38,4 @@
key:
designate:
secret: "${_param:designate_bind9_rndc_key}"
- algorithm: "${_param:designate_bind9_rndc_algorithm}"
+ algorithm: "${_param:designate_bind9_rndc_algorithm}"
\ No newline at end of file
diff --git a/designate/server/backend/pdns.yml b/designate/server/backend/pdns.yml
index 45ad0b7..151ef10 100644
--- a/designate/server/backend/pdns.yml
+++ b/designate/server/backend/pdns.yml
@@ -23,4 +23,4 @@
enabled: true
address: ${_param:single_address}
port: ${_param:powerdns_webserver_port}
- password: ${_param:powerdns_webserver_password}
+ password: ${_param:powerdns_webserver_password}
\ No newline at end of file
diff --git a/designate/server/cluster/bind.yml b/designate/server/cluster/bind.yml
new file mode 100644
index 0000000..39c802b
--- /dev/null
+++ b/designate/server/cluster/bind.yml
@@ -0,0 +1,39 @@
+classes:
+ - system.designate.server.cluster.default
+parameters:
+ _param:
+ designate_bind9_rndc_algorithm: hmac-sha512
+ designate:
+ worker:
+ enabled: true
+ server:
+ backend:
+ bind9:
+ rndc_key: "${_param:designate_bind9_rndc_key}"
+ rndc_algorithm: "${_param:designate_bind9_rndc_algorithm}"
+ pools:
+ default:
+ description: 'default pool'
+ ns_records: ${_param:designate_pool_ns_records}
+ nameservers: ${_param:designate_pool_nameservers}
+ targets:
+ default01:
+ type: bind9
+ description: 'default target01'
+ masters: ${_param:designate_pool_target_masters}
+ options:
+ host: ${_param:openstack_dns_node01_address}
+ port: 53
+ rndc_host: ${_param:openstack_dns_node01_address}
+ rndc_port: 953
+ rndc_key_file: /etc/designate/rndc.key
+ default02:
+ type: bind9
+ description: 'default target02'
+ masters: ${_param:designate_pool_target_masters}
+ options:
+ host: ${_param:openstack_dns_node02_address}
+ port: 53
+ rndc_host: ${_param:openstack_dns_node02_address}
+ rndc_port: 953
+ rndc_key_file: /etc/designate/rndc.key
\ No newline at end of file
diff --git a/designate/server/cluster/default.yml b/designate/server/cluster/default.yml
new file mode 100644
index 0000000..de2eb43
--- /dev/null
+++ b/designate/server/cluster/default.yml
@@ -0,0 +1,59 @@
+classes:
+- service.keepalived.cluster.single
+- service.haproxy.proxy.single
+- system.haproxy.proxy.listen.openstack.designate
+- service.designate.server.cluster
+parameters:
+ _param:
+ designate_admin_api_enabled: false
+ cluster_internal_protocol: 'http'
+ linux:
+ system:
+ package:
+ python-pymysql:
+ fromrepo: ${_param:openstack_version}
+ version: latest
+ designate:
+ _support:
+ sensu:
+ enabled: false
+ server:
+ enabled: true
+ local_bind: true
+ region: ${_param:openstack_region}
+ domain_id: ${_param:designate_domain_id}
+ version: ${_param:designate_version}
+ role: ${_param:openstack_node_role}
+ admin_api:
+ enabled: ${_param:designate_admin_api_enabled}
+ enabled_extensions_admin: quotas
+ database:
+ engine: mysql
+ host: ${_param:openstack_database_address}
+ port: 3306
+ name:
+ main_database: designate
+ pool_manager: designate_pool_manager
+ user: designate
+ password: ${_param:mysql_designate_password}
+ identity:
+ engine: keystone
+ host: ${_param:openstack_control_address}
+ port: 35357
+ tenant: service
+ user: designate
+ password: ${_param:keystone_designate_password}
+ protocol: ${_param:cluster_internal_protocol}
+ bind:
+ api:
+ address: ${_param:single_address}
+ message_queue:
+ engine: rabbitmq
+ port: 5672
+ members:
+ - host: ${_param:openstack_message_queue_node01_address}
+ - host: ${_param:openstack_message_queue_node02_address}
+ - host: ${_param:openstack_message_queue_node03_address}
+ user: openstack
+ password: ${_param:rabbitmq_openstack_password}
+ virtual_host: '/openstack'
\ No newline at end of file
diff --git a/designate/server/cluster/pdns.yml b/designate/server/cluster/pdns.yml
new file mode 100644
index 0000000..7d81f90
--- /dev/null
+++ b/designate/server/cluster/pdns.yml
@@ -0,0 +1,42 @@
+classes:
+ - system.designate.server.cluster.default
+parameters:
+ _param:
+ designate_pool_manager_enabled: true
+ designate_pool_manager_periodic_sync_interval: '120'
+ designate_mdns_address: 0.0.0.0
+ # required for supermasters functionality
+ designate_mdns_port: 53
+ designate:
+ pool_manager:
+ # required for supermasters functionality
+ enabled: ${_param:designate_pool_manager_enabled}
+ periodic_sync_interval: ${_param:designate_pool_manager_periodic_sync_interval}
+ server:
+ mdns:
+ address: ${_param:designate_mdns_address}
+ port: ${_param:designate_mdns_port}
+ pools:
+ default:
+ description: 'default pool'
+ ns_records: ${_param:designate_pool_ns_records}
+ nameservers: ${_param:designate_pool_nameservers}
+ targets:
+ default:
+ type: pdns4
+ description: 'default target1'
+ masters: ${_param:designate_pool_target_masters}
+ options:
+ host: ${_param:openstack_dns_node01_address}
+ port: 53
+ api_endpoint: "http://${_param:openstack_dns_node01_address}:${_param:powerdns_webserver_port}"
+ api_token: ${_param:designate_pdns_api_key}
+ default1:
+ type: pdns4
+ description: 'default target2'
+ masters: ${_param:designate_pool_target_masters}
+ options:
+ host: ${_param:openstack_dns_node02_address}
+ port: 53
+ api_endpoint: "http://${_param:openstack_dns_node02_address}:${_param:powerdns_webserver_port}"
+ api_token: ${_param:designate_pdns_api_key}
\ No newline at end of file
diff --git a/powerdns/server/cluster.yml b/powerdns/server/cluster.yml
new file mode 100644
index 0000000..b4a5625
--- /dev/null
+++ b/powerdns/server/cluster.yml
@@ -0,0 +1,43 @@
+classes:
+ - service.powerdns.server.single
+parameters:
+ _param:
+ powerdns_axfr_ips_address01: ${_param:openstack_control_node01_address}
+ powerdns_axfr_ips_address02: ${_param:openstack_control_node02_address}
+ powerdns_axfr_ips_address03: ${_param:openstack_control_node03_address}
+ powerdns_supermaster_node01_address: ${_param:openstack_control_node01_address}
+ powerdns_supermaster_node02_address: ${_param:openstack_control_node02_address}
+ powerdns_supermaster_node03_address: ${_param:openstack_control_node03_address}
+ powerdns_supermaster_node01_name: ${_param:openstack_control_node01_hostname}.${_param:cluster_domain}
+ powerdns_supermaster_node02_name: ${_param:openstack_control_node02_hostname}.${_param:cluster_domain}
+ powerdns_supermaster_node03_name: ${_param:openstack_control_node03_hostname}.${_param:cluster_domain}
+ powerdns_webserver_port: 8081
+ powerdns:
+ server:
+ enabled: true
+ api:
+ enabled: true
+ key: ${_param:designate_pdns_api_key}
+ axfr_ips:
+ - ${_param:powerdns_axfr_ips_address01}
+ - ${_param:powerdns_axfr_ips_address02}
+ - ${_param:powerdns_axfr_ips_address03}
+ - 127.0.0.1
+ bind:
+ address: ${_param:single_address}
+ overwrite_supermasters: true
+ supermasters:
+ - ip: ${_param:powerdns_supermaster_node01_address}
+ nameserver: ${_param:powerdns_supermaster_node01_name}
+ account: master
+ - ip: ${_param:powerdns_supermaster_node02_address}
+ nameserver: ${_param:powerdns_supermaster_node02_name}
+ account: master
+ - ip: ${_param:powerdns_supermaster_node03_address}
+ nameserver: ${_param:powerdns_supermaster_node03_name}
+ account: master
+ webserver:
+ enabled: true
+ address: ${_param:single_address}
+ password: ${_param:powerdns_webserver_password}
+ port: ${_param:powerdns_webserver_port}
\ No newline at end of file