designate #24

Description

Designate provides DNSaaS services for OpenStack:
REST API for domain/record management
Multi-tenant
Integrated with Keystone for authentication
Framework in place to integrate with Nova and Neutron notifications
* Support for PowerDNS and Bind9 out of the box


Overview

This charm provides Designate (DNSaaS) for an OpenStack Cloud.

Usage

Designate relies on services from the mysql, rabbitmq-server and keystone
charms:

juju deploy designate
juju deploy mysql
juju deploy rabbitmq-server
juju deploy keystone
juju deploy memcached
juju add-relation designate memcached
juju add-relation designate mysql
juju add-relation designate rabbitmq-server
juju add-relation designate keystone

To add support for DNS record auto-generation when Neutron ports and
floating IPs are created the charm needs a relation with neutron-api charm:

juju deploy neutron-api
juju add-relation designate neutron-api

The charm needs to store DNS records. This can be achieved by setting the
dns-slave config option or by relating to the designate-bind charm:

juju deploy designate-bind
juju add-relation designate designate-bind

For Queens and later, the nameservers config value must be set:

juju config designate nameservers="ns1.example.com. ns2.example.com."

Bugs

Please report bugs on Launchpad.

For general questions please refer to the OpenStack Charm Guide.

Configuration

ssl_key
(string) SSL key to use with certificate specified as ssl_cert.
vip_iface
(string) Default network interface to use for HA vip when it cannot be automatically determined.
eth0
neutron-domain-email
(string) Email address of the person responsible for the domain. (NOTE: This option is obsolete starting from OpenStack Mitaka release)
os-admin-network
(string) The IP address and netmask of the OpenStack Admin network (e.g., 192.168.0.0/24) . This network will be used for admin endpoints.
enable-admin-api
(boolean) Enables experimental admin API for Designate.
haproxy-server-timeout
(int) Server timeout configuration in ms for haproxy, used in HA configurations. If not provided, default value of 90000ms is used.
neutron-record-format
(string) Format of floating IP global records. (NOTE: This option is obsolete starting from OpenStack Mitaka release)
%(octet0)s-%(octet1)s-%(octet2)s-%(octet3)s.%(zone)s
also-notifies
(string) Space delimited list of DNS servers which should be notified on every zone change in addition to the backend servers. List is of the form also_notify_ip:also_notify_port
vip
(string) Virtual IP(s) to use to front API services in HA configuration. If multiple networks are being used, a VIP should be provided for each network, separated by spaces.
dns-slaves
(string) List of DNS slaves which will accept addzone/delzone rndc commands from Designate. List is of the form slave_ip:rndc_port:rndc_key. This should only be used if DNS servers are outside of Juju control. Using the designate-bind charm is the prefered approach.
worker-multiplier
(float) The CPU core multiplier to use when configuring worker processes. By default, the number of workers for each daemon is set to twice the number of CPU cores a service unit has. When deployed in a LXD container, this default value will be capped to 4 workers unless this configuration option is set.
use-syslog
(boolean) Setting this to True will allow supporting services to log to syslog.
neutron-record-formatv6
(string) Format of floating IPv6 global records. (NOTE: This option is obsolete starting from OpenStack Mitaka release)
%(hostname)s.%(tenant_id)s.%(zone)s
verbose
(boolean) Enable verbose logging
haproxy-queue-timeout
(int) Queue timeout configuration in ms for haproxy, used in HA configurations. If not provided, default value of 9000ms is used.
nameservers
(string) Space delimited list of nameservers. These are the nameservers that have been provided to the domain registrar in order to delegate the domain to Designate. e.g. "ns1.example.com. ns2.example.com." This config value is required for Queens and later.
ssl_cert
(string) SSL certificate to install and use for API ports. Setting this value and ssl_key will enable reverse proxying, point Glance's entry in the Keystone catalog to use https, and override any certficiate and key issued by Keystone (if it is configured to do so).
default-soa-expire
(int) Default SOA expire value in seconds to specify how long a secondary will still treat its copy of the zone data as valid if it can't contact the primary.
86400
os-public-network
(string) The IP address and netmask of the OpenStack Public network (e.g., 192.168.0.0/24) . This network will be used for public endpoints.
nova-domain-email
(string) Email address of the person responsible for the domain. (NOTE: This option is obsolete starting from OpenStack Mitaka release)
haproxy-client-timeout
(int) Client timeout configuration in ms for haproxy, used in HA configurations. If not provided, default value of 90000ms is used.
os-public-hostname
(string) The hostname or address of the public endpoints created in the keystone identity provider. . This value will be used for public endpoints. For example, an os-public-hostname set to 'api-public.example.com' with ssl enabled will create the following endpoint for neutron-api: . https://api-public.example.com:9696/
nova-domain
(string) Domain to add records for new instances to (NOTE: This option is obsolete starting from OpenStack Mitaka release)
action-managed-upgrade
(boolean) If True enables openstack upgrades for this charm via juju actions. You will still need to set openstack-origin to the new repository but instead of an upgrade running automatically across all units, it will wait for you to execute the openstack-upgrade action for this charm on each unit. If False it will revert to existing behavior of upgrading all units on config change.
os-admin-hostname
(string) The hostname or address of the admin endpoints created in the keystone identity provider. . This value will be used for admin endpoints. For example, an os-admin-hostname set to 'api-admin.example.com' with ssl enabled will create the following endpoint for neutron-api: . https://api-admin.example.com:9696/
use-internal-endpoints
(boolean) Openstack mostly defaults to using public endpoints for internal communication between services. If set to True this option will configure services to use internal endpoints where possible.
enable-host-header
(boolean) Enables host request headers.
nova-record-format
(string) Format of floating IP global records. (NOTE: This option is obsolete starting from OpenStack Mitaka release)
%(hostname)s.%(tenant_id)s.%(zone)s
neutron-domain
(string) Domain to add floating IP records to. (NOTE: This option is obsolete starting from OpenStack Mitaka release)
dns-ha
(boolean) Use DNS HA with MAAS 2.0. Note if this is set do not set vip settings below.
openstack-origin
(string) Repository from which to install OpenStack. May be one of the following: distro (default) ppa:somecustom/ppa (PPA name must include OpenStack Release) deb url sources entry|key id or a supported Ubuntu Cloud Archive pocket. Supported Ubuntu Cloud Archive pockets include: cloud:trusty-liberty cloud:trusty-juno cloud:trusty-kilo cloud:trusty-liberty cloud:trusty-mitaka Note that updating this setting to a source that is known to provide a later version of OpenStack will trigger a software upgrade.
distro
os-internal-network
(string) The IP address and netmask of the OpenStack Internal network (e.g., 192.168.0.0/24) . This network will be used for internal endpoints.
region
(string) OpenStack Region
RegionOne
ssl_ca
(string) SSL CA to use with the certificate and key provided - this is only required if you are providing a privately signed ssl_cert and ssl_key.
nova-record-formatv6
(string) Format of floating IPv6 global records. (NOTE: This option is obsolete starting from OpenStack Mitaka release)
%(hostname)s.%(tenant_id)s.%(zone)s
debug
(boolean) Enable debug logging
os-internal-hostname
(string) The hostname or address of the internal endpoints created in the keystone identity provider. . This value will be used for internal endpoints. For example, an os-internal-hostname set to 'api-internal.example.com' with ssl enabled will create the following endpoint for neutron-api: . https://api-internal.example.com:9696/
haproxy-connect-timeout
(int) Connect timeout configuration in ms for haproxy, used in HA configurations. If not provided, default value of 9000ms is used.
vip_cidr
(int) Default CIDR netmask to use for HA vip when it cannot be automatically determined.
24