API tools faq
paste
Advertisement
Guest User

Openstack Newton - Designate install and configuration

a guest
Mar 29th, 2018
445
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 6.69 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash -x
  2.  
  3. yum install -y openstack-designate-api openstack-designate-central openstack-designate-sink openstack-designate-pool-manager openstack-designate-mdns openstack-designate-common python-designate python-designateclient openstack-designate-agent openstack-designate-worker openstack-utils bind bind-utils
  4.  
  5. source ~/keystonerc_admin
  6.  
  7. ZONE_NAME=interna.rf01.co
  8. INTERNAL_NET_NAME=interna
  9. INSTANCES_PROJECT_NAME=admin
  10. SERVICES_PROJECT_NAME=services
  11. DESIGNATE_PASSWORD=Corinthians
  12.  
  13. LOCAL_SERVER_IP=$(grep -m1 `hostname` /etc/hosts | awk '{print $1}')
  14. SERVICES_TENANT_ID=`openstack project show $SERVICES_PROJECT_NAME -f value -c id`
  15. INSTANCES_TENANT_ID=`openstack project show $INSTANCES_PROJECT_NAME -f value -c id`
  16. DEFAULT_POOL_ID=794ccc2c-d751-44fe-b57f-8894c9f5c842
  17. DEFAULT_NAMESERVER_ID=$(uuidgen)
  18. DEFAULT_TARGET_ID=$(uuidgen)
  19. FLOAT_NET_ID=`openstack network show $INTERNAL_NET_NAME -f value -c id`
  20.  
  21. mysql -u root << EOF
  22. CREATE DATABASE designate;
  23. GRANT ALL ON designate.* TO 'designate'@'%' IDENTIFIED BY '$DESIGNATE_PASSWORD';
  24. GRANT ALL ON designate.* TO 'designate'@'localhost' IDENTIFIED BY '$DESIGNATE_PASSWORD';
  25. CREATE DATABASE designate_pool_manager;
  26. GRANT ALL ON designate_pool_manager.* TO 'designate'@'%' IDENTIFIED BY '$DESIGNATE_PASSWORD';
  27. GRANT ALL ON designate_pool_manager.* TO 'designate'@'localhost' IDENTIFIED BY '$DESIGNATE_PASSWORD';
  28. FLUSH PRIVILEGES;
  29. quit
  30. EOF
  31.  
  32. openstack user create designate --password $DESIGNATE_PASSWORD --email designate@localhost
  33. openstack role add --project $SERVICES_TENANT_ID --user designate admin
  34. openstack service create dns --name designate --description "Designate DNS Service"
  35. openstack endpoint create --region RegionOne --publicurl http://$LOCAL_SERVER_IP:9001 --internalurl http://$LOCAL_SERVER_IP:9001 --adminurl http://$LOCAL_SERVER_IP:9001 designate
  36.  
  37.  
  38. crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security,dns
  39.  
  40. crudini --set /etc/neutron/neutron.conf DEFAULT dns_domain $ZONE_NAME.
  41. crudini --set /etc/neutron/neutron.conf DEFAULT external_dns_driver designate
  42.  
  43. crudini --set /etc/neutron/neutron.conf designate url http://$LOCAL_SERVER_IP:9001/v2
  44. crudini --set /etc/neutron/neutron.conf designate admin_auth_url http://$LOCAL_SERVER_IP:35357/v2.0
  45. crudini --set /etc/neutron/neutron.conf designate admin_username designate
  46. crudini --set /etc/neutron/neutron.conf designate admin_password $DESIGNATE_PASSWORD
  47. crudini --set /etc/neutron/neutron.conf designate admin_tenant_name $SERVICES_PROJECT_NAME
  48. crudini --set /etc/neutron/neutron.conf designate allow_reverse_dns_lookup True
  49. crudini --set /etc/neutron/neutron.conf designate ipv4_ptr_zone_prefix_size 24
  50. crudini --set /etc/neutron/neutron.conf designate ipv6_ptr_zone_prefix_size 116
  51. crudini --set /etc/neutron/neutron.conf designate insecure true
  52.  
  53.  
  54. crudini --set /etc/designate/designate.conf keystone_authtoken auth_uri http://$LOCAL_SERVER_IP:5000/v2.0
  55. crudini --set /etc/designate/designate.conf keystone_authtoken identity_uri http://$LOCAL_SERVER_IP:35357/
  56. crudini --set /etc/designate/designate.conf keystone_authtoken admin_tenant_name $SERVICES_PROJECT_NAME
  57. crudini --set /etc/designate/designate.conf keystone_authtoken project_name $SERVICES_PROJECT_NAME
  58. crudini --set /etc/designate/designate.conf keystone_authtoken admin_user designate
  59. crudini --set /etc/designate/designate.conf keystone_authtoken admin_password $DESIGNATE_PASSWORD
  60.  
  61. crudini --set /etc/designate/designate.conf service:api enabled_extensions_v1 "diagnostics, quotas, reports, sync, touch"
  62. crudini --set /etc/designate/designate.conf service:api enabled_extensions_v2 "quotas, reports"
  63.  
  64. crudini --set /etc/designate/designate.conf service:central managed_resource_tenant_id $INSTANCES_TENANT_ID
  65.  
  66. crudini --set /etc/designate/designate.conf storage:sqlalchemy connection mysql://designate:$DESIGNATE_PASSWORD@$LOCAL_SERVER_IP/designate
  67.  
  68. crudini --set /etc/designate/designate.conf pool_manager_cache:sqlalchemy connection mysql://designate:$DESIGNATE_PASSWORD@$LOCAL_SERVER_IP/designate_pool_manager
  69.  
  70. crudini --set /etc/designate/designate.conf pool:$DEFAULT_POOL_ID nameservers $DEFAULT_NAMESERVER_ID
  71. crudini --set /etc/designate/designate.conf pool:$DEFAULT_POOL_ID targets $DEFAULT_TARGET_ID
  72. crudini --set /etc/designate/designate.conf pool_nameserver:$DEFAULT_NAMESERVER_ID port 53
  73. crudini --set /etc/designate/designate.conf pool_nameserver:$DEFAULT_NAMESERVER_ID host $LOCAL_SERVER_IP
  74.  
  75. crudini --set /etc/designate/designate.conf service:sink enabled_notification_handlers "nova_fixed, neutron_floatingip"
  76.  
  77. crudini --set /etc/designate/designate.conf pool_target:$DEFAULT_TARGET_ID type bind9
  78. crudini --set /etc/designate/designate.conf pool_target:$DEFAULT_TARGET_ID masters $LOCAL_SERVER_IP:5354
  79. crudini --set /etc/designate/designate.conf pool_target:$DEFAULT_TARGET_ID options "host: $LOCAL_SERVER_IP, port: 53, rndc_host: 127.0.0.1, rndc_port: 953, rndc_config_file: /etc/rndc.conf, rndc_key_file: /etc/rndc.key"
  80.  
  81. designate-manage database sync
  82. designate-manage pool-manager-cache sync
  83.  
  84. sed -i -e "s/listen-on port.*/listen-on port 53 { any; };/" /etc/named.conf
  85. rndc-confgen -a
  86.  
  87. sed -i '/^options.*/i \
  88. include "/etc/rndc.key"; \
  89. controls { \
  90.        inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; }; \
  91. };' /etc/named.conf
  92.  
  93. sed -i '/allow-query.*/d' /etc/named.conf
  94. sed -i '/recursion.*/d' /etc/named.conf
  95.  
  96. sed -i '/^options.*/a \
  97.        allow-new-zones yes; \
  98.        allow-query { any; }; \
  99.        recursion no;' /etc/named.conf
  100.  
  101. cat << EOF > /etc/rndc.conf
  102. include "/etc/rndc.key";
  103. options {
  104.         default-key "rndc-key";
  105.         default-server 127.0.0.1;
  106.         default-port 953;
  107. };
  108. EOF
  109.  
  110. chmod 644 /etc/rndc*
  111. chmod g+w /var/named
  112.  
  113. systemctl enable named
  114. systemctl start named
  115.  
  116. designate-central & DESIG_CENTRALPID=$!
  117. sleep 3
  118. designate-manage pool export_from_config --file /dev/shm/output.yml
  119. sed -i '/794ccc2c-d751-44fe-b57f-8894c9f5c842/a\ \ name: default' /dev/shm/output.yml
  120. designate-manage pool update --file /dev/shm/output.yml --delete True
  121. kill -SIGQUIT $DESIG_CENTRALPID
  122. sleep 3
  123.  
  124. for i in central api mdns pool-manager sink ; do
  125.     systemctl enable designate-$i
  126.     systemctl start designate-$i
  127. done
  128.  
  129. sleep 5
  130.  
  131. designate server-create --name $(hostname).
  132.  
  133. ZONE_ID=`openstack zone create --email admin@$ZONE_NAME $ZONE_NAME. -f value -c id`
  134. crudini --set /etc/designate/designate.conf handler:nova_fixed domain_id $ZONE_ID
  135. crudini --set /etc/designate/designate.conf handler:neutron_floatingip domain_id $ZONE_ID
  136.  
  137. for i in central api mdns pool-manager sink ; do
  138.     systemctl restart designate-$i
  139. done
  140.  
  141. openstack-service restart neutron
  142. openstack-service restart nova
  143.  
  144. neutron net-update $FLOAT_NET_ID  --dns_domain $ZONE_NAME.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!