Merge "Add opendev nameservers (1/2)"

This commit is contained in:
Zuul 2018-10-17 17:41:58 +00:00 committed by Gerrit Code Review
commit 015e82e1eb
2 changed files with 48 additions and 0 deletions

View File

@ -14,6 +14,8 @@ At a Glance
:Hosts:
* ns1.openstack.org
* ns2.openstack.org
* ns1.opendev.org
* ns2.opendev.org
:Puppet:
* :cgit_file:`manifests/site.pp`
:Projects:

View File

@ -746,6 +746,21 @@ node /^adns\d+\.openstack\.org$/ {
}
}
# This is a hidden authoritative master nameserver, not publicly
# accessible.
# Node-OS: xenial
node /^adns\d+\.opendev\.org$/ {
$group = 'adns'
class { 'openstack_project::server': }
class { 'openstack_project::master_nameserver':
tsig_key => hiera('tsig_key', {}),
dnssec_keys => hiera_hash('dnssec_keys', {}),
notifies => [],
}
}
# These are publicly accessible authoritative slave nameservers.
# Node-OS: xenial
node /^ns\d+\.openstack\.org$/ {
@ -777,6 +792,37 @@ node /^ns\d+\.openstack\.org$/ {
}
}
# These are publicly accessible authoritative slave nameservers.
# Node-OS: xenial
node /^ns\d+\.opendev\.org$/ {
$group = 'ns'
class { 'openstack_project::server': }
$tsig_key = hiera('tsig_key', {})
if $tsig_key != {} {
$tsig_name = 'tsig'
nsd::tsig { 'tsig':
algo => $tsig_key[algorithm],
data => $tsig_key[secret],
}
} else {
$tsig_name = undef
}
class { '::nsd':
ip_addresses => [ $::ipaddress, $::ipaddress6 ],
zones => {
# 'adns1_zones' => {
# allow_notify => dns_a('adns1.opendev.org'),
# masters => dns_a('adns1.opendev.org'),
# zones => ['opendev.org'],
# tsig_name => $tsig_name,
# }
}
}
}
# Node-OS: trusty
node 'nodepool.openstack.org' {
$group = 'nodepool'