summaryrefslogtreecommitdiff
path: root/recipes/common.rb
blob: 1170d42a55dbe58525e4be8e83c57d188459124e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
# encoding: UTF-8
#
# Cookbook Name:: openstack-dns
# Recipe:: common
#
# Copyright 2017, x-ion Gmbh
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

class ::Chef::Recipe
  include ::Openstack
end

if node['openstack']['dns']['syslog']['use']
  include_recipe 'openstack-common::logging'
end

platform_options = node['openstack']['dns']['platform']

platform_options['designate_packages'].each do |pkg|
  package pkg do
    options platform_options['package_overrides']
    action :upgrade
  end
end

db_type = node['openstack']['db']['dns']['service_type']
node['openstack']['db']['python_packages'][db_type].each do |pkg|
  package pkg do
    action :upgrade
  end
end

if node['openstack']['mq']['service_type'] == 'rabbit'
  node.default['openstack']['dns']['conf_secrets']['DEFAULT']['transport_url'] = rabbit_transport_url 'dns'
  # Note(jh): Workaround for https://bugs.launchpad.net/designate/+bug/1673403
  # Stolen from rabbit_transport_url() in openstack-common/libraries/endpoints.rb
  mq_user = node['openstack']['mq']['dns']['rabbit']['userid']
  node.default['openstack']['dns']['conf_secrets']['oslo_messaging_rabbit']['rabbit_userid'] = mq_user
  node.default['openstack']['dns']['conf_secrets']['oslo_messaging_rabbit']['rabbit_password'] = get_password 'user', mq_user
  node.default['openstack']['dns']['conf_secrets']['oslo_messaging_rabbit']['rabbit_virtual_host'] = node['openstack']['mq']['vhost']
  mq_port = node['openstack']['endpoints']['mq']['port']
  url = ''
  if node['openstack']['mq']['cluster']
    node['openstack']['mq']['servers'].each do |server|
      url += "#{server}:#{mq_port}"
      url += ',' unless node['openstack']['mq']['servers'].last == server
    end
  else
    bind_mq_address = bind_address node['openstack']['bind_service']['mq']
    url += "#{bind_mq_address}:#{mq_port}"
  end
  node.default['openstack']['dns']['conf_secrets']['oslo_messaging_rabbit']['rabbit_hosts'] = url
end

db_user = node['openstack']['db']['dns']['username']
db_pass = get_password 'db', 'designate'

public_identity_endpoint = identity_uri_transform(public_endpoint('identity'))
identity_endpoint = internal_endpoint 'identity'

bind_services = node['openstack']['bind_service']['all']
api_bind = bind_services['dns-api']

auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['dns']['api']['auth']['version']

# define attributes that are needed in designate.conf
node.default['openstack']['dns']['conf'].tap do |conf|
  conf['service:api']['api_host'] = bind_address api_bind
  conf['service:api']['api_port'] = api_bind['port']
  conf['keystone_authtoken']['auth_uri'] = public_identity_endpoint
  conf['keystone_authtoken']['auth_url'] = auth_url
end

# define secrets that are needed in designate.conf
node.default['openstack']['dns']['conf_secrets'].tap do |conf_secrets|
  conf_secrets['storage:sqlalchemy']['connection'] =
    db_uri('dns', db_user, db_pass)
  conf_secrets['keystone_authtoken']['password'] =
    get_password 'service', 'openstack-dns'
end

# merge all config options and secrets to be used in designate.conf
designate_conf_options = merge_config_options 'dns'

directory '/etc/designate' do
  owner node['openstack']['dns']['user']
  group node['openstack']['dns']['group']
  mode 00750
  action :create
end

template '/etc/designate/designate.conf' do
  source 'openstack-service.conf.erb'
  cookbook 'openstack-common'
  owner node['openstack']['dns']['user']
  group node['openstack']['dns']['group']
  mode 00640
  variables(
    service_config: designate_conf_options
  )
end

# delete all secrets saved in the attribute
# node['openstack']['dns']['conf_secrets'] after creating the config file
ruby_block "delete all attributes in node['openstack']['dns']['conf_secrets']" do
  block do
    node.rm(:openstack, :dns, :conf_secrets)
  end
end

rndc_secret = get_password 'token', 'designate_rndc'
template '/etc/designate/rndc.key' do
  source 'rndc.key.erb'
  owner node['openstack']['dns']['user']
  group node['openstack']['dns']['group']
  mode 00440
  variables(
    secret: rndc_secret
  )
end

pool_config = node['openstack']['dns']['pool']
template '/etc/designate/pools.yaml' do
  source 'pools.yaml.erb'
  owner node['openstack']['dns']['user']
  group node['openstack']['dns']['group']
  mode 00644
  variables(
    banner: node['openstack']['dns']['custom_template_banner'],
    bind_host: pool_config['bind_host'],
    masters: pool_config['masters'],
    ns_address: pool_config['ns_address'],
    ns_hostname: pool_config['ns_hostname']
  )
end

execute 'designate-manage database sync' do
  user node['openstack']['dns']['user']
  group node['openstack']['dns']['group']
  command 'designate-manage database sync'
  action :run
end

execute 'designate-manage pool update' do
  user node['openstack']['dns']['user']
  group node['openstack']['dns']['group']
  command 'designate-manage pool update'
  action :nothing
  subscribes :run, 'template[/etc/designate/pools.yaml]'
end