How to integrate Designate with Nova/Horizon for internal domains
Dear list,
I'm in the process of setting up an Openstack installation for internal use. The environment consists of these nodes: - 1 controller node - 2 compute nodes
My goal is now to get Designate working for internal domain resolution paired with automatic record creation from Nova/Neutron. The steps I did so far: - Installed and configured Designate (https://docs.openstack.org/designate/ussuri/install/install-ubuntu.html) and Designate dashboard for Horizon (https://docs.openstack.org/designate-dashboard/ussuri/install/index.html) - Adjusted handler "neutron_floatingip"
[handler:neutron_floatingip] notification_topics = notifications_designate control_exchange = neutron formatv4 = '%(octet0)s-%(octet1)s-%(octet2)s-%(octet3)s.%(zone)s' formatv4 = '%(hostname)s.%(project)s.%(zone)s' formatv4 = '%(hostname)s.%(zone)s'
- Adjusted handler "nova_fixed"
[handler:nova_fixed] notification_topics = notifications_designate control_exchange = nova formatv4 = '%(octet0)s-%(octet1)s-%(octet2)s-%(octet3)s.%(zone)s' formatv4 = '%(hostname)s.%(project)s.%(zone)s' formatv4 = '%(hostname)s.%(zone)s'
- Installed Designate-Sink and configured notification_handlers
[service:sink] workers = 5 enabled_notification_handlers = "nova_fixed, neutron_floatingip"
- Added notification topic "notifications_designate" to nova.conf and neutron.conf
Let's say I have one additional domain configured in Openstack next to the default domain: "domain1.internal". So I logged in to the new domain in Horizon, created a few networks, created the new zone record "domain1.internal." and started a new instance called "test-vm".
Expectations: Nova creates the instance, Neutron creates the required network port and Designate Sink receives the "Port created" notification via the "notifications_designate" topic
Reality: Nova creates the instance, Neutron creates the required network port but Designate Sink does nothing. In the designate-api.log I can see the creation of the "domain1.internal." zone but the designate-sink.log stays empty
2020-10-20 08:29:19.573 3524893 INFO designate.api.v2.controllers.zones [req-31b7fa68-6621-4044-985e-f90c87dd8cae - - - - -] Created <Zone id:'d7c015ec-5079-450b-866d-f04042221d80' type:'PRIMARY' name:'domain1.internal.' pool_id:'794ccc2c-d751-44fe-b57f-8894c9f5c842' serial:'1603182558' action:'CREATE' status:'PENDING'>
My question is: What piece of configuration did I miss? Is my desired configuration even possible at all? What I basically want to achieve is: - Create an instance using nova - The instance name automatically get's published in all(?) DNS zones of the project/Openstack domain - Instances can resolve other instance names out of this DNS zone
Thank you very much in advance and regards, Daniel Heitepriem
P.S.: Can you please keep my in CC as I'm not subscribed to the list
Hi Daniel,
In recent releases of Designate the "Sink" process is no longer used for integration with neutron.
The steps you need are in these two documents (in the neutron documentation, which is likely how they were missed): 1. DNS integration - https://docs.openstack.org/neutron/latest/admin/config-dns-int.html 2. DNS integration with an external service - https://docs.openstack.org/neutron/latest/admin/config-dns-int-ext-serv.html
We plan to work on the Designate documentation in the next few months, so hopefully we can make this a bit more clear.
Michael
On Tue, Oct 20, 2020 at 12:30 PM Daniel Heitepriem daniel.heitepriem@pribas.com wrote:
Dear list,
I'm in the process of setting up an Openstack installation for internal use. The environment consists of these nodes:
- 1 controller node
- 2 compute nodes
My goal is now to get Designate working for internal domain resolution paired with automatic record creation from Nova/Neutron. The steps I did so far:
- Installed and configured Designate (https://docs.openstack.org/designate/ussuri/install/install-ubuntu.html) and Designate dashboard for Horizon (https://docs.openstack.org/designate-dashboard/ussuri/install/index.html)
- Adjusted handler "neutron_floatingip"
[handler:neutron_floatingip] notification_topics = notifications_designate control_exchange = neutron formatv4 = '%(octet0)s-%(octet1)s-%(octet2)s-%(octet3)s.%(zone)s' formatv4 = '%(hostname)s.%(project)s.%(zone)s' formatv4 = '%(hostname)s.%(zone)s'
- Adjusted handler "nova_fixed"
[handler:nova_fixed] notification_topics = notifications_designate control_exchange = nova formatv4 = '%(octet0)s-%(octet1)s-%(octet2)s-%(octet3)s.%(zone)s' formatv4 = '%(hostname)s.%(project)s.%(zone)s' formatv4 = '%(hostname)s.%(zone)s'
- Installed Designate-Sink and configured notification_handlers
[service:sink] workers = 5 enabled_notification_handlers = "nova_fixed, neutron_floatingip"
- Added notification topic "notifications_designate" to nova.conf and neutron.conf
Let's say I have one additional domain configured in Openstack next to the default domain: "domain1.internal". So I logged in to the new domain in Horizon, created a few networks, created the new zone record "domain1.internal." and started a new instance called "test-vm".
Expectations: Nova creates the instance, Neutron creates the required network port and Designate Sink receives the "Port created" notification via the "notifications_designate" topic
Reality: Nova creates the instance, Neutron creates the required network port but Designate Sink does nothing. In the designate-api.log I can see the creation of the "domain1.internal." zone but the designate-sink.log stays empty
2020-10-20 08:29:19.573 3524893 INFO designate.api.v2.controllers.zones [req-31b7fa68-6621-4044-985e-f90c87dd8cae - - - - -] Created <Zone id:'d7c015ec-5079-450b-866d-f04042221d80' type:'PRIMARY' name:'domain1.internal.' pool_id:'794ccc2c-d751-44fe-b57f-8894c9f5c842' serial:'1603182558' action:'CREATE' status:'PENDING'>
My question is: What piece of configuration did I miss? Is my desired configuration even possible at all? What I basically want to achieve is:
- Create an instance using nova
- The instance name automatically get's published in all(?) DNS zones of the project/Openstack domain
- Instances can resolve other instance names out of this DNS zone
Thank you very much in advance and regards, Daniel Heitepriem
P.S.: Can you please keep my in CC as I'm not subscribed to the list
participants (2)
-
Daniel Heitepriem
-
Michael Johnson