settingsLogin | Registersettings

[openstack-dev] [designate] multi domain usage for handlers

0 votes

Hi,

i'm currently testing designate and i have a question about the architecture.
We're using openstack newton with keystone v3 and thus the keystone domain/project structure.

I've tried the global novafixed and neutronfloating_ip handlers but all dns records (for each domains/projects) are stored in the same dns domain (instance1.novafixed.example.com and anotherinstance.neutronfloatingip.example.com).
is is possible to define a seperate DNS domain for each keystone domain/project and auto-assign the instances to this domain?
example: openstack domain "customerA.com" with projects "prod" and "dev". instance1 starts in project "dev" and the dns record is instance1.dev.customerA.com

Best regards
Kim


Kim-Norman Sahm
Cloud & Infrastructure(OCI)

noris network AG
Thomas-Mann-Straße 16-20
90471 Nürnberg
Deutschland

Tel +49 911 9352 1433
Fax +49 911 9352 100

kim-norman.sahm@noris.de

https://www.noris.de - Mehr Leistung als Standard
Vorstand: Ingo Kraupa (Vorsitzender), Joachim Astel
Vorsitzender des Aufsichtsrats: Stefan Schnabel - AG Nürnberg HRB 17689


OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

asked Sep 29, 2017 in openstack-dev by Kim-Norman_Sahm (320 points)   4 5

2 Responses

0 votes

On 28/09/17 17:06, Kim-Norman Sahm wrote:
Hi,

i'm currently testing designate and i have a question about the
architecture.
We're using openstack newton with keystone v3 and thus the keystone
domain/project structure.

I've tried the global novafixed and neutronfloating_ip handlers but
all dns records (for each domains/projects) are stored in the same dns
domain (instance1.novafixed.example.com and
anotherinstance.neutronfloatingip.example.com).
is is possible to define a seperate DNS domain for each keystone
domain/project and auto-assign the instances to this domain?
example: openstack domain "customerA.com" with projects "prod" and
"dev". instance1 starts in project "dev" and the dns record is
instance1.dev.customerA.com

Best regards
Kim

Hi Kim,

Unfortunately, with the default handlers, there is no way of assigning
them to different projects.

We also mark any recordsets created by designate-sink as "managed" -
this means that normal users cannot modify them, an admin has to update
them, with the --all-projects and --edit-managed flags.

The modules provided are only designed to be examples. We expected any
users would end up writing their own handlers [0].

You should also look at the neutron / designate integration [1] as it
may do what you need.

Thanks,

Graham

0 -
https://github.com/openstack/designate/tree/master/contrib/designate-ext-samplehandler

1 -
https://docs.openstack.org/ocata/networking-guide/config-dns-int.html#integration-with-an-external-dns-service


Kim-Norman Sahm
Cloud & Infrastructure(OCI)

noris network AG
Thomas-Mann-Straße 16-20
90471 Nürnberg
Deutschland

Tel +49 911 9352 1433
Fax +49 911 9352 100

kim-norman.sahm@noris.de

https://www.noris.de - Mehr Leistung als Standard
Vorstand: Ingo Kraupa (Vorsitzender), Joachim Astel
Vorsitzender des Aufsichtsrats: Stefan Schnabel - AG Nürnberg HRB 17689

 

 

 

 


OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

responded Sep 28, 2017 by gr_at_ham.ie (620 points)  
0 votes

On 29/09/17 11:39, Kim-Norman Sahm wrote:
Hi Graham,

thanks for your answer.
I want try to extent the nova_fixed handler for our requirements.

how can i enable a new handler in designate?
I've defined a new handler section in designate.conf and copied my
handlername.py file to
/usr/lib/python2.7/dist-packages/designate/notification_handler but
designate sink should not use it:

2017-09-29 12:19:26.180 12177 WARNING designate.sink.service [-] No
designate-sink handlers enabled or loaded

regards
Kim

If you look at this folder:
https://github.com/openstack/designate/tree/master/contrib/designate-ext-samplehandler

it has an example handler.

You would need to copy that folder, and then write your custom handler.

Then update
https://github.com/openstack/designate/blob/master/contrib/designate-ext-samplehandler/setup.cfg
with the new details, and pip install the handler.

Then you can set the enabled handlers to be what ever you set:

https://github.com/openstack/designate/blob/master/contrib/designate-ext-samplehandler/setup.cfg#L28

to be.

Thanks,

Graham


Kim-Norman Sahm
Cloud & Infrastructure(OCI)

noris network AG
Thomas-Mann-Straße 16-20
90471 Nürnberg
Deutschland

Tel +49 911 9352 1433
Fax +49 911 9352 100

kim-norman.sahm@noris.de

https://www.noris.de - Mehr Leistung als Standard
Vorstand: Ingo Kraupa (Vorsitzender), Joachim Astel
Vorsitzender des Aufsichtsrats: Stefan Schnabel - AG Nürnberg HRB 17689

 

 

 

 

Am 28.09.2017 um 18:54 schrieb Graham Hayes:

On 28/09/17 17:06, Kim-Norman Sahm wrote:

Hi,

i'm currently testing designate and i have a question about the
architecture.
We're using openstack newton with keystone v3 and thus the keystone
domain/project structure.

I've tried the global novafixed and neutronfloating_ip handlers but
all dns records (for each domains/projects) are stored in the same dns
domain (instance1.novafixed.example.com and
anotherinstance.neutronfloatingip.example.com).
is is possible to define a seperate DNS domain for each keystone
domain/project and auto-assign the instances to this domain?
example: openstack domain "customerA.com" with projects "prod" and
"dev". instance1 starts in project "dev" and the dns record is
instance1.dev.customerA.com

Best regards
Kim
Hi Kim,

Unfortunately, with the default handlers, there is no way of assigning
them to different projects.

We also mark any recordsets created by designate-sink as "managed" -
this means that normal users cannot modify them, an admin has to update
them, with the --all-projects and --edit-managed flags.

The modules provided are only designed to be examples. We expected any
users would end up writing their own handlers [0].

You should also look at the neutron / designate integration [1] as it
may do what you need.

Thanks,

Graham

0 -https://github.com/openstack/designate/tree/master/contrib/designate-ext-samplehandler

1 -https://docs.openstack.org/ocata/networking-guide/config-dns-int.html#integration-with-an-external-dns-service



OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request@lists.openstack.org?subject:unsubscribehttp://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request@lists.openstack.org?subject:unsubscribehttp://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

responded Sep 29, 2017 by gr_at_ham.ie (620 points)  
...