From 4157f30c5f936ad8d8ba38e41321fbbae17a7d60 Mon Sep 17 00:00:00 2001 From: Mark Duggan Date: Wed, 11 Jul 2018 17:05:37 +0100 Subject: [PATCH] Extending designate named template to include "forwarders" parameter To get forwarding to work in the kolla implementaion of designate, I'm adding parameters to the named.conf.j2 template. I'm adding the ability to change the default values for dnssec-validation and recursion and creating a new paramater for forwarders. Change-Id: Ideef39034d75a0d99e8a3dc2a5f1a7203ccf51d5 Closes-Bug: #1781196 --- ansible/roles/designate/defaults/main.yml | 8 ++++++++ ansible/roles/designate/templates/named.conf.j2 | 5 +++-- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/ansible/roles/designate/defaults/main.yml b/ansible/roles/designate/defaults/main.yml index 3af79afdff..8e3f500489 100644 --- a/ansible/roles/designate/defaults/main.yml +++ b/ansible/roles/designate/defaults/main.yml @@ -140,3 +140,11 @@ openstack_designate_auth: "{{ openstack_auth }}" designate_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}" designate_dev_repos_pull: "{{ kolla_dev_repos_pull }}" designate_dev_mode: "{{ kolla_dev_mode }}" + +#################### +## Designate +##################### +designate_dnssec_validation: "yes" +designate_recursion: "no" +## Example for designate_forwarders_addresses: "10.199.200.1; 10.199.100.1" +designate_forwarders_addresses: "" diff --git a/ansible/roles/designate/templates/named.conf.j2 b/ansible/roles/designate/templates/named.conf.j2 index 89bd3a952a..60b16f2691 100644 --- a/ansible/roles/designate/templates/named.conf.j2 +++ b/ansible/roles/designate/templates/named.conf.j2 @@ -3,10 +3,11 @@ options { listen-on port {{ designate_bind_port }} { {{ hostvars[inventory_hostname]['ansible_' + hostvars[inventory_hostname]['api_interface']]['ipv4']['address'] }}; }; directory "/var/lib/named"; allow-new-zones yes; - dnssec-validation auto; + dnssec-validation {{ designate_dnssec_validation }}; auth-nxdomain no; request-ixfr no; - recursion no; + recursion {{ designate_recursion }}; + forwarders { {{ designate_forwarders_addresses }}; }; minimal-responses yes; allow-notify { {% for host in groups['designate-worker'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }};{% endfor %} }; };