Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- set -e
- #### RUN IN YOUR DNS SERVER. CAN ALSO BE CO-LOCATED IN YOUR CONTROLLER NODE.
- yum install -y bind bind-utils
- #### CONFIG DNS
- setenforce 0
- sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
- sed -i -e "s/listen-on port.*/listen-on port 53 { any; };/" /etc/named.conf
- sed -i '/^options.*/i include "/etc/rndc.key"; controls { inet * allow { any; } keys { "rndc-key"; }; };' /etc/named.conf
- sed -i '/allow-query.*/d' /etc/named.conf
- sed -i '/^options.*/a allow-new-zones yes; allow-query { any; };' /etc/named.conf
- rndc-confgen -a
- chmod g+w /var/named
- systemctl enable named
- systemctl start named
- #### RUN IN YOUR CONTROLLER
- yum install -y openstack-designate-api openstack-designate-central openstack-designate-sink openstack-designate-pool-manager openstack-designate-mdns openstack-designate-common python-designate python-designateclient openstack-designate-agent openstack-utils
- #### SETUP VARIABLES
- source ~/keystonerc_admin
- CONTROLLER_IP_ADDRESS=`ip -f inet ad show dev br-ex | grep -Po 'inet \K[\d.]+'`
- ZONE_NAME=openstack.rf01.co
- INTERNAL_NET_NAME=interna
- INSTANCES_PROJECT_NAME=admin
- SERVICES_PROJECT_NAME=services
- DESIGNATE_PASSWORD=Corinthians
- EXTERNAL_DNS_SERVER_IP=$CONTROLLER_IP_ADDRESS
- EXTERNAL_DNS_SERVER_FQDN=`hostname`
- DESIGNATE_VIP_IP=$CONTROLLER_IP_ADDRESS
- RABBIT_SERVER_IP=$CONTROLLER_IP_ADDRESS
- REDIS_SERVER_IP=$CONTROLLER_IP_ADDRESS
- MYSQL_SERVER_IP=$CONTROLLER_IP_ADDRESS
- KEYSTONE_SERVER_IP=$CONTROLLER_IP_ADDRESS
- DESIGNATE_SERVER_1=$CONTROLLER_IP_ADDRESS
- SERVICES_TENANT_ID=`openstack project show $SERVICES_PROJECT_NAME -f value -c id`
- INSTANCES_TENANT_ID=`openstack project show $INSTANCES_PROJECT_NAME -f value -c id`
- DEFAULT_NAMESERVER_ID=$(uuidgen)
- DEFAULT_TARGET_ID=$(uuidgen)
- INTERNAL_NET_ID=`openstack network show $INTERNAL_NET_NAME -f value -c id`
- #### PREPARE DATABASE
- mysql -u root << EOF
- CREATE DATABASE designate;
- GRANT ALL ON designate.* TO 'designate'@'%' IDENTIFIED BY '$DESIGNATE_PASSWORD';
- GRANT ALL ON designate.* TO 'designate'@'localhost' IDENTIFIED BY '$DESIGNATE_PASSWORD';
- CREATE DATABASE designate_pool_manager;
- GRANT ALL ON designate_pool_manager.* TO 'designate'@'%' IDENTIFIED BY '$DESIGNATE_PASSWORD';
- GRANT ALL ON designate_pool_manager.* TO 'designate'@'localhost' IDENTIFIED BY '$DESIGNATE_PASSWORD';
- FLUSH PRIVILEGES;
- quit
- EOF
- # CREATE SERVICES ENDPOINTS
- openstack user create designate --password $DESIGNATE_PASSWORD --email designate@localhost
- openstack role add --project $SERVICES_TENANT_ID --user designate admin
- openstack service create dns --name designate --description "Designate DNS Service"
- openstack endpoint create --region RegionOne --publicurl http://$DESIGNATE_VIP_IP:9001 --internalurl http://$DESIGNATE_VIP_IP:9001 --adminurl http://$DESIGNATE_VIP_IP:9001 designate
- ## DESIGNATE BASE CONFIGURATION
- crudini --set /etc/designate/designate.conf keystone_authtoken auth_uri http://$KEYSTONE_SERVER_IP:5000/v2.0
- crudini --set /etc/designate/designate.conf keystone_authtoken identity_uri http://$KEYSTONE_SERVER_IP:35357/
- crudini --set /etc/designate/designate.conf keystone_authtoken admin_tenant_name $SERVICES_PROJECT_NAME
- crudini --set /etc/designate/designate.conf keystone_authtoken project_name $SERVICES_PROJECT_NAME
- crudini --set /etc/designate/designate.conf keystone_authtoken admin_user designate
- crudini --set /etc/designate/designate.conf keystone_authtoken admin_password $DESIGNATE_PASSWORD
- crudini --set /etc/designate/designate.conf service:api enabled_extensions_v1 "diagnostics, quotas, reports, sync, touch"
- crudini --set /etc/designate/designate.conf service:api enabled_extensions_v2 "quotas, reports"
- crudini --set /etc/designate/designate.conf service:central managed_resource_tenant_id $INSTANCES_TENANT_ID
- crudini --set /etc/designate/designate.conf storage:sqlalchemy connection mysql+pymysql://designate:$DESIGNATE_PASSWORD@$MYSQL_SERVER_IP/designate
- crudini --set /etc/designate/designate.conf pool_manager_cache:sqlalchemy connection mysql+pymysql://designate:$DESIGNATE_PASSWORD@$MYSQL_SERVER_IP/designate_pool_manager
- crudini --set /etc/designate/designate.conf oslo_messaging_rabbit rabbit_hosts $RABBIT_SERVER_IP:5672
- ## POPULATE DESIGNATE DATABASE
- su -s /bin/sh -c "designate-manage database sync" designate
- su -s /bin/sh -c "designate-manage pool-manager-cache sync" designate
- ## PRELIMINARY SERVICE START
- systemctl enable designate-central designate-api
- systemctl start designate-central designate-api
- ## YML FILE WITH POOL CONFIG
- cat << EOF > /etc/designate/pools.yaml
- - name: default
- description: Default BIND9 Pool
- attributes:
- external: true
- ns_records:
- - hostname: $EXTERNAL_DNS_SERVER_FQDN.
- priority: 1
- nameservers:
- - host: $EXTERNAL_DNS_SERVER_IP
- port: 53
- targets:
- - type: bind9
- description: BIND9 Server 1
- masters:
- - host: $DESIGNATE_SERVER_1
- port: 5354
- # --- - host: $DESIGNATE_SERVER_2
- # --- port: 5354
- # --- - host: $DESIGNATE_SERVER_3
- # --- port: 5354
- options:
- host: $EXTERNAL_DNS_SERVER_IP
- port: 53
- rndc_host: $EXTERNAL_DNS_SERVER_IP
- rndc_port: 953
- rndc_key_file: /etc/designate/rndc.key
- EOF
- cp -f /etc/rndc.key /etc/designate/rndc.key
- chown designate:designate /etc/designate/rndc.key
- ### LOAD THE ABOVE YML INTO DESIGNATE RUNTIME
- su -s /bin/sh -c "designate-manage pool update" designate
- ### ACTIVATE AND START SERVICE
- systemctl enable designate-pool-manager designate-mdns designate-sink
- systemctl start designate-pool-manager designate-mdns designate-sink
- # CREATE THE ZONE THAT WILL BE USED BY NEUTRON
- ZONE_ID=`openstack zone create --email admin@$ZONE_NAME $ZONE_NAME. -f value -c id`
- crudini --set /etc/designate/designate.conf handler:nova_fixed domain_id $ZONE_ID
- crudini --set /etc/designate/designate.conf handler:neutron_floatingip domain_id $ZONE_ID
- ### RESTART THE SERVICES TO LOAD THE ABOVE CHANGED CONFIG
- systemctl restart designate-api designate-central designate-mdns designate-pool-manager designate-sink
- #### SETUP NEUTRON SERVICES
- crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security,dns
- crudini --set /etc/neutron/neutron.conf DEFAULT dns_domain $ZONE_NAME.
- crudini --set /etc/neutron/neutron.conf DEFAULT external_dns_driver designate
- crudini --set /etc/neutron/dhcp_agent.ini DEFAULT dnsmasq_dns_servers $EXTERNAL_DNS_SERVER_IP
- crudini --set /etc/neutron/neutron.conf designate url http://$DESIGNATE_VIP_IP:9001/v2
- crudini --set /etc/neutron/neutron.conf designate admin_auth_url http://$DESIGNATE_VIP_IP:35357/v2.0
- crudini --set /etc/neutron/neutron.conf designate admin_username designate
- crudini --set /etc/neutron/neutron.conf designate admin_password $DESIGNATE_PASSWORD
- crudini --set /etc/neutron/neutron.conf designate admin_tenant_name $SERVICES_PROJECT_NAME
- crudini --set /etc/neutron/neutron.conf designate allow_reverse_dns_lookup True
- crudini --set /etc/neutron/neutron.conf designate ipv4_ptr_zone_prefix_size 24
- crudini --set /etc/neutron/neutron.conf designate ipv6_ptr_zone_prefix_size 116
- crudini --set /etc/neutron/neutron.conf designate insecure true
- openstack-service restart neutron
- openstack-service restart nova
- neutron net-update $INTERNAL_NET_ID --dns_domain $ZONE_NAME.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement