Designate Bind
- By OpenStack Charmers
- Cloud
Channel | Revision | Published | Runs on |
---|---|---|---|
latest/edge | 151 | 07 Mar 2024 | |
yoga/stable | 107 | 27 Mar 2023 | |
zed/stable | 96 | 23 Jan 2023 | |
xena/stable | 97 | 16 Jan 2023 | |
wallaby/stable | 99 | 23 Jan 2023 | |
victoria/stable | 100 | 23 Jan 2023 | |
ussuri/stable | 98 | 23 Jan 2023 | |
train/candidate | 92 | 28 Nov 2022 | |
train/edge | 102 | 26 Jan 2023 | |
stein/candidate | 92 | 28 Nov 2022 | |
stein/edge | 102 | 26 Jan 2023 | |
rocky/candidate | 92 | 28 Nov 2022 | |
rocky/edge | 102 | 26 Jan 2023 | |
queens/candidate | 92 | 28 Nov 2022 | |
queens/edge | 102 | 26 Jan 2023 | |
2024.1/candidate | 151 | Today | |
2023.2/stable | 143 | 30 Nov 2023 | |
2023.1/stable | 119 | 14 Jun 2023 |
juju deploy designate-bind --channel yoga/stable
Deploy universal operators easily with Juju, the Universal Operator Lifecycle Manager.
Platform:
-
allowed_nets | string
String containing a list of allowed networks of hosts for DNS queries, separated by semicolons: e.g., "10.0.0.0/8;172.16.0.0/12;192.168.0.0/16". The option is equivalent to "allow-query" in BIND9. If not specified, the default is to allow queries from all hosts.
-
allowed_recursion_nets | string
String containing a list of allowed networks of hosts for recursive queries through the designate-bind servers, spearated by semicolons: e.g., "10.0.0.0/8;172.16.0.0/12;192.168.0.0/16". The option is equivalent to "allow-recursion" in BIND9. If allowed_recursion_nets is not set then allowed_nets is used if set, otherwise any will be set to allow recursive queries from all hosts.
-
debug | boolean
Enable debug logging
-
disable-dnssec-validation | boolean
Whether or not to disable DNSSEC validation. This may be helpful in a situation that upstream DNS servers do not support DNSSEC, and BIND9 reports "Unable to fetch DNSKEY". For production deployments, it's encouraged to keep DNSSEC enabled.
-
forwarders | string
String containing a list of forwarders, separated by semicolons: e.g., "8.8.8.8;8.8.4.4". As non-empty forwarders option implies recursion, recursive queries will be enabled regardless of the value set in the recursion option. When using this option, ACLs should be used with allowed_nets and/or allowed_recursion_nets to prevent it from being a open resolver.
-
recursion | boolean
Whether or not to enable recursive queries with BIND9 itself to be installed by the charm. The option is equivalent to "recursion" in BIND9. When using this option, ACLs should be used with allowed_nets and/or allowed_recursion_nets to prevent it from being a open resolver.
-
service_ips | string
Service IPs are list of Virtual IPs that will be assigned to the designate-bind units. This option accepts comma separated list of IPv4 or IPv6 addresses that belong to the at least one directly connected network. This option also requires that relation with subordinate hacluster unit is created, otherwise the designate-bind units go into the the blocked state until the hacluster relation is made, or this option is uncofigured.
-
ssl_ca | string
TLS CA to use to communicate with other components in a deployment. . __NOTE__: This configuration option will take precedence over any certificates received over the ``certificates`` relation.
-
ssl_cert | string
TLS certificate to install and use for any listening services. . __NOTE__: This configuration option will take precedence over any certificates received over the ``certificates`` relation.
-
ssl_key | string
TLS key to use with certificate specified as ``ssl_cert``. . __NOTE__: This configuration option will take precedence over any certificates received over the ``certificates`` relation.
-
use-internal-endpoints | boolean
Openstack mostly defaults to using public endpoints for internal communication between services. If set to True this option will configure services to use internal endpoints where possible.
-
use-syslog | boolean
Setting this to True will allow supporting services to log to syslog.
-
verbose | boolean
Enable verbose logging