This implements the spec to introduce support for providing catalog zones.
Co-Authored-By: Nico Keller <nico.keller@inovex.de>
Change-Id: Ic9e593d661f2eb1db59a5b235521e0746489f9bb
Signed-off-by: Jan Hartkopf <jhartkopf@inovex.de>
This ensures the options for oslo.versionedobjects library are
included in the file generated by oslo-config-generator.
Change-Id: Icc60e155c88efdb2a2c59637b35b19c3e92918c0
The current rootwrap.conf file is outdated and doesn't include some
parameters. This change updates the content to make it consistent with
the latest example file in oslo.rootwrap.
Change-Id: I5fe06cf99bb9787ec3afc67ab60a7330fe281513
*) Add osprofiler wsgi middleware
This middleware is used for 2 things:
1) It checks that person who want to trace is trusted and knows
secret HMAC key.
2) It start tracing in case of proper trace headers and add
first wsgi trace point, with info about HTTP request
*) Add initialization of osprofiler at start of serivce.
You should use python-designateclient with this patch:
https://review.opendev.org/#/c/773575
Run any command with --os-profile SECRET_KEY
$ openstack zone create --email <email_id> <zone_name> \
--os-profile SECRET_KEY
# it will print <Trace ID>
Get pretty HTML with traces:
$ osprofiler trace show --html <Trace ID> --connection-string \
<connection_string> --out <output.html>
e.g. --connection-string can be redis://localhost:6379
Note that osprofiler should be run from admin user name & tenant.
Implements: blueprint designate-os-profiler
Change-Id: I2a3787b6428d679555a9add3a57ffe8c2112b6d3
The oslo.reports library provides some options under the [oslo_reports]
section. This change ensures these parameters are rendered by
the oslo-config-generator command.
Closes-Bug: #1940733
Change-Id: Ia5491fc97e431e5fce52091729738e6958f764e2
The /healthcheck URL, as provided by oslo.middleware, is very
useful for operators to setup haproxy and to do monitoring.
Such feature is already in many services like Keystone, Glance,
and others.
The same type of patch has been approved in Neutronm, Heat, and
Cinder. It's under discussion in Nova, where they want to check
more than just the wsgi app, though the pricinple to add it has
been accepted already.
Change-Id: I8f24431db0ec88385b4b916e181d6da3e598c764
- Ignore duplicate Zone error
- Handle error when contractId or gid is missed
- Ignore port for masters servers, because Akamai uses only 53 port and
does not allow to specify any port in list of masters servers.
- Added timeout and retries for soft Zone Delete
- Added handling errors on the delete zone action
- Added Log info message with RequestId on soft zone delete
- Added processing for TsigKey during creation zone
- Added devsatck_plugin for akamai_v2 backend
Depends-On: https://review.opendev.org/#/c/692819/4
Change-Id: Ib221f4cf0371e70fc6900582d826ffc1bdfc12b9
Service layer has been simplified by removing abstraction
and making the implementation more in line with other
OpenStack projects.
Moved Heartbeat code out of Service class and
into the console scripts. We only need one instance
of the Heartbeat Emitter.
Cleaned up the WSGI code by making use of the
reusable oslo_service.wsgi code.
* Added Heartbeat to designate-sink.
* Cleaned up and refactored Service layers.
* Fixed various bugs e.g. errors on shutdown.
* Removed deprecated options host, port etc.
* Simplified Heartbeat implementation.
Closes-Bug: #1442141
Change-Id: I536b92407bf6ca5bddf4c048909cd13d4e094d26
Based upon the established conf paradigm used in Nova,
this patch moves most of the configuration to a
central location. Making config a lot easier to
manage, as well a lot easier to locate.
There is still some configuration listed in classes,
that I would like to eventually move to
designate.conf as well, but to lower complexity not
all config was moved.
General changes
* Centrelized most configuration under designate.conf.
* Cleaned up configuration.
* Simplified config generation.
* Renamed generated config to designate.conf.sample.
Previously broken
* xfr_timeout now in the appropriate section.
* memcached_servers now in the appropriate section.
Previously missing from sample config
* allowed_remote_exmods listed in sample config.
* backend:akamai section listed in sample config.
* backend:dynect section listed in sample config.
* backend:infoblox section listed in sample config.
blueprint centralize-config-designate
Change-Id: I3be68bf294157631a9bac128df0841220020de96
This patch only setup package dependency which named Pygments
for this test. Pygments also exist item in lower-contraints.txt
which does not setup along with tox env.
Change-Id: I1a75150b7fd813a4126716b898a55f35c64c5ec6
The `update_service_status` policy was missed
named as `update_service_service_status` which seemed
to cause issues for other rules.
Closes-Bug: #1753503
Change-Id: Ic2952c36c03a4cb7a148f1518766ddefb9144dcd
Instead of having a partial sample config that may be outdated, have
users reference the config file the can be generated from source by
running "tox -e genconfig". Also change the name of the generated config
so that it is covered by our .gitignore and matches the README.
Change-Id: I49afb68a170abffaf7852dd7a2dc837e4cf4a756
This commit will move all default policies to code for:
- zone
- zone_export
- zone_import
- zone_transfer_accept
- zone_transfer_request
Change-Id: I9945fe66d127696907695c73ecef77a6f07acd38
Co-authored-By: Nam Nguyen Hoai <namnh@vn.fujitsu.com>
Implements: blueprint policy-in-code
This commit will move all default policies to code for:
- blacklist
- context
- diagnostics
- pool
Change-Id: I0c94ecaadba21b69b1fe4c0cd924e2b9b12c4782
Co-authored-By: Nam Nguyen Hoai <namnh@vn.fujitsu.com>
Implements: blueprint policy-in-code
This commit will prepare for implementing policies in code.
- https://governance.openstack.org/tc/goals/queens/policy-in-code.html
Change-Id: Iea587cb6f4281b950eaca6bdaac3a8ea5de76c67
Co-authored-By: Nam Nguyen Hoai <namnh@vn.fujitsu.com>
Implements: blueprint policy-in-code
- Keep currently config in the Designate
- Fix some warning about missing help string
- Auto-generate sample config via genconfig testenv.
- Add an instruction in README about genconfig
- Create config sample along with whole service, backend
- Create opts.py to focus list_opts.
Change-Id: Iead7772cd13316c9f4adafe1b1e70d36bbc6a11a
In the sink config, we use domain_XXX parameter.
But it does not work now,
because it is renamed from "domain" to "zone"
when naming rule is changed
("openstack zone XXX" cli is released).
Change-Id: Idb988fedd739692996474065e8f557c2ef54aec1
Closes-Bug: #1655616
- More information about the actual worker code can be found
in `designate/worker/README.md` and in the inline docstrings
- Stand up a `designate-worker` process with an rpcapi, all
the usual jazz
- Implement a base `Task` class that defines the behavior of
a task and exposes resources to the task.
- Implement CUD Zone tasks, which includes Tasks that poll for zones,
send Notifies, and update status. These are all done in parallel
with threads using a shared threadpool, rather than iteratively.
- Implement a `recover_shard` task that serves the function
of a periodic recovery, but only for a shard. Call that
task with various shards from the zone manager.
- Put some shims in central and mdns so that the worker can
be switched on/off with a few config values.
- Changes Zone Manager -> Producer
- Removes zm rpcapi
- Adds startable designate-producer service
- Makes zone-manager an alias for producer service with a warning log
- Lots of renaming
- Moves zone export to worker
- API now uses central_api.export_zone to get zonefiles
- Central uses worker_api.start_zone_export to init exports
- Now including unit tests
- Temporary workarounds for upgrade/migration move the logic
into central if worker isn't available.
- Deprecates Pool manager polling options and adds warning msg on
starting designate-pool-manager
- Get some devstack going
- Changes powerdns backend to get new sqlalchemy sessions for each
action
- Sets the default number of threads in a worker process to 200,
this is pretty much a shot in the dark, but 1000 seemed like
too many, and 20 wasn't enough.
- Grenade upgrade testing
- Deprecation warnings for zone/pool mgr
The way to run this is simple, just stop `designate-pool-manager`
and `designate-zone-manager`, toggle the config settings in the
`service:worker` section: enabled = true, notify = true
and start `designate-worker` and `designate-producer` and you
should be good to go.
Change-Id: I259e9825d3a4eea58e082303ba3bdbdb7bf8c363
Currently, there is no support for Microsoft DNS
in designate. This patch addresses this issue
by adding support for Microsoft DNS Server using
an agent backend in designate.
Change-Id: I8db1906e17e5fb20fa6f3e5d1f13b2d701f0c032
Implements: blueprint msdns-backend-support
Depends-On: I029747555a58e0a8e362b65e6c0c470cf2774e42
The performance of /v2/recordsets API was found slow when
filtering on large amount of recordsets. The patch proposes
the following ways to improve the performance,
and was tested with 1M recordsets.
1. To explicitly mention a correct table index in sql queries
for different sort keys and filtering keys.
We found mysql optimizer is not able to choose the most suitable index;
2. Introduce a new header 'OpenStack-DNS-Hide-Counts' to give operators
the flexibility of showing total_count or not, because we found that
the count query does not scale well on a large amount of records.
Performance results are at: https://gist.github.com/jamesyli/2eb9fb474a493477a9beb42fe122180f
DB migration
Change-Id: I7f3a09ce2c7396ff6ad02d3b5d562d186f66ed30
This change will allow users to define seperate
formats for ipv4 and ipv6 addresses.
this requires formatv4 and formatv6 to de defined in
designate.conf instead of format.
format has been marked depricated
Change-Id: Ief685ba6a00da5100013f4ab71768c661f37ee13
Implements: blueprint different-format-for-ipv4-and-ipv6
As Designate requests its service token using Identity v3, the
config.sample and some docs should reflect this. This patch updates
these files in order to conform to new v3 parameters.
Change-Id: I3205751f0c818f85ffe2fbb2468c6c48fd27eb91
This change adds the tooling to use the DB Tables created for pool
config data and the tooling to migrate the config info itself.
Change-Id: If99dbf527ef1ac0f05f15fe77f68f64e357fe0a5
The default values needed for designate's implementation of cors
middleware have been moved from paste.ini into a common
set_defaults method, invoked on load. Unlike similar patches
on other services, this patch does not include config-generation
hooks, as designate does not use it.
Change-Id: I6661f67bbdc36e17bc297128b470007e4762b603
Closes-Bug: 1551836