From 2ea1ccfb37461a70d329655f7eeaaab090f1ca0d Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Fri, 25 Aug 2017 16:15:40 +0200 Subject: Support external/pre-provisioned authoritative cluster DNS (#690) * Document how to use fully external DNS servers w/o provisioning dns servers group with Heat. * Document how to use a mixed servers setup for dynamic records updates mathing public or private views. * Allow custom nsupdate key names for OSP10 dns service compatibility. The osp-dns configures the named service with the fixed key_name 'update-key'. Add optional key_name for the external_nsupdate_keys public section to allow custom key names. --- roles/openstack-stack/templates/heat_stack.yaml.j2 | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'roles/openstack-stack') diff --git a/roles/openstack-stack/templates/heat_stack.yaml.j2 b/roles/openstack-stack/templates/heat_stack.yaml.j2 index 1ecf84aa6..ea2742a2c 100644 --- a/roles/openstack-stack/templates/heat_stack.yaml.j2 +++ b/roles/openstack-stack/templates/heat_stack.yaml.j2 @@ -54,6 +54,7 @@ outputs: description: Floating IPs of the nodes value: { get_attr: [ infra_nodes, floating_ip ] } +{% if num_dns|int > 0 %} dns_name: description: Name of the DNS value: @@ -68,6 +69,7 @@ outputs: dns_private_ips: description: Private IPs of the DNS value: { get_attr: [ dns, private_ip ] } +{% endif %} resources: @@ -405,6 +407,7 @@ resources: port_range_min: 443 port_range_max: 443 +{% if num_dns|int > 0 %} dns-secgrp: type: OS::Neutron::SecurityGroup properties: @@ -439,6 +442,8 @@ resources: port_range_min: 53 port_range_max: 53 remote_ip_prefix: "{{ openstack_subnet_prefix }}.0/24" +{% endif %} + {% if num_masters|int > 1 or ui_ssh_tunnel|bool %} lb-secgrp: type: OS::Neutron::SecurityGroup @@ -716,6 +721,7 @@ resources: depends_on: - interface +{% if num_dns|int > 0 %} dns: type: OS::Heat::ResourceGroup properties: @@ -755,3 +761,4 @@ resources: volume_size: {{ dns_volume_size }} depends_on: - interface +{% endif %} -- cgit v1.2.3