Ubuntu 22.04
Sponsored Link

OpenStack Bobcat : Designate कॉन्फ़िगर करें (नेटवर्क नोड)2023/10/09

 
OpenStack DNS सेवा (Designate) स्थापित करें।
यह उदाहरण निम्न प्रकार से पर्यावरण पर आधारित है।
नेटवर्क नोड पर Designate सेवाएँ स्थापित करें और उस पर बैकएंड DNS सेवा के रूप में BIND 9 भी स्थापित करें।
------------+--------------------------+--------------------------+------------
            |                          |                          |
        eth0|10.0.0.30             eth0|10.0.0.50             eth0|10.0.0.51
+-----------+-----------+  +-----------+-----------+  +-----------+-----------+
|   [ dlp.srv.world ]   |  | [ network.srv.world ] |  |  [ node01.srv.world ] |
|     (Control Node)    |  |     (Network Node)    |  |     (Compute Node)    |
|                       |  |                       |  |                       |
|  MariaDB    RabbitMQ  |  |      Open vSwitch     |  |        Libvirt        |
|  Memcached  Nginx     |  |     Neutron Server    |  |      Nova Compute     |
|  Keystone   httpd     |  |      OVN-Northd       |  |      Open vSwitch     |
|  Glance     Nova API  |  |  Nginx  iSCSI Target  |  |   OVN Metadata Agent  |
|  Cinder API           |  |     Cinder Volume     |  |     OVN-Controller    |
|                       |  |   Designate Services  |  |                       |
+-----------------------+  +-----------------------+  +-----------------------+

[1] Designate सेवाएँ स्थापित करें और BIND 9।
root@network:~#
apt -y install designate-api designate-central designate-worker designate-producer designate-mdns python3-designateclient bind9 bind9utils
[2] BIND कॉन्फ़िगर करें।
root@network:~#
rndc-confgen -a -k designate -c /etc/bind/designate.key

wrote key file "/etc/bind/designate.key"
root@network:~#
chown bind:designate /etc/bind/designate.key

root@network:~#
chmod 640 /etc/bind/designate.key

root@network:~#
mv /etc/bind/named.conf.options /etc/bind/named.conf.options.org

root@network:~#
vi /etc/bind/named.conf.options
# नया निर्माण

options {
        directory "/var/cache/bind";
        listen-on port 53 { any; };
        listen-on-v6 port 53 { none; };
        # क्वेरी रेंज को अपने परिवेश में बदलें
        allow-query     { localhost; 10.0.0.0/24; };
        allow-new-zones yes;
        request-ixfr no;
        recursion no;
        dnssec-validation auto;
        auth-nxdomain no;
};
include "/etc/bind/designate.key";
controls {
    inet 0.0.0.0 port 953
    allow { localhost; } keys { "designate"; };
};

root@network:~#
chmod 644 /etc/bind/named.conf.options

root@network:~#
chown -R bind. /etc/bind

root@network:~#
systemctl restart bind9

[3] Designate कॉन्फ़िगर करें।
root@network:~#
mv /etc/designate/designate.conf /etc/designate/designate.conf.org

root@network:~#
vi /etc/designate/designate.conf
# नया निर्माण

[DEFAULT]
log_dir = /var/log/designate
# RabbitMQ कनेक्शन जानकारी
transport_url = rabbit://openstack:password@dlp.srv.world
root_helper = sudo designate-rootwrap /etc/designate/rootwrap.conf

[database]
# MariaDB कनेक्शन जानकारी
connection = mysql+pymysql://designate:password@dlp.srv.world/designate

[service:api]
listen = 127.0.0.1:9001
auth_strategy = keystone
api_base_uri = https://network.srv.world:9001
enable_api_v2 = True
enabled_extensions_v2 = quotas, reports

# Keystone प्रामाणिक जानकारी
[keystone_authtoken]
www_authenticate_uri = https://dlp.srv.world:5000
auth_url = https://dlp.srv.world:5000
memcached_servers = dlp.srv.world:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = designate
password = servicepassword
# यदि Apache2 Keystone पर स्व-हस्ताक्षरित प्रमाणपत्र का उपयोग कर रहे हैं, तो [true] पर जाएँ
insecure = false

[service:worker]
enabled = True
notify = True

[storage:sqlalchemy]
# MariaDB कनेक्शन जानकारी
connection = mysql+pymysql://designate:password@dlp.srv.world/designate

[oslo_policy]
enforce_new_defaults = true

root@network:~#
chmod 640 /etc/designate/designate.conf

root@network:~#
chgrp designate /etc/designate/designate.conf

root@network:~#
su -s /bin/sh -c "designate-manage database sync" designate

root@network:~#
systemctl restart designate-central designate-api

root@network:~#
systemctl enable designate-central designate-api
root@network:~#
vi /etc/designate/pools.yaml
# नया बनाएं (होस्टनाम और आईपी पते को अपने परिवेश में बदलें)

- name: default
  description: Default Pool
  attributes: {}
  ns_records:
    - hostname: network.srv.world.
      priority: 1
  nameservers:
    - host: 10.0.0.50
      port: 53
  targets:
    - type: bind9
      description: BIND9 Server
      masters:
        - host: 10.0.0.50
          port: 5354
      options:
        host: 10.0.0.50
        port: 53
        rndc_host: 10.0.0.50
        rndc_port: 953
        rndc_key_file: /etc/bind/designate.key

root@network:~#
chmod 640 /etc/designate/pools.yaml

root@network:~#
chgrp designate /etc/designate/pools.yaml

root@network:~#
su -s /bin/sh -c "designate-manage pool update" designate

Updating Pools Configuration
****************************
root@network:~#
systemctl restart designate-worker designate-producer designate-mdns

root@network:~#
systemctl enable designate-worker designate-producer designate-mdns
[4] प्रॉक्सी सेटिंग्स के लिए Nginx कॉन्फ़िगर करें।
root@network:~#
vi /etc/nginx/nginx.conf
# [stream] अनुभाग में जोड़ें

stream {
    upstream neutron-api {
        server 127.0.0.1:9696;
    }
    server {
        listen 10.0.0.50:9696 ssl;
        proxy_pass neutron-api;
    }
    upstream designate-api {
        server 127.0.0.1:9001;
    }
    server {
        listen 10.0.0.50:9001 ssl;
        proxy_pass designate-api;
    }
    ssl_certificate "/etc/letsencrypt/live/network.srv.world/fullchain.pem";
    ssl_certificate_key "/etc/letsencrypt/live/network.srv.world/privkey.pem";
}

root@network:~#
systemctl restart nginx
[5] किसी नोड पर सेवाओं की स्थिति सत्यापित करें. यदि सभी स्थितियाँ [ऊपर] हैं तो यह ठीक है।
root@dlp ~(keystone)#
apt -y install python3-designateclient
root@dlp ~(keystone)#
openstack dns service list

+--------------------------------------+-------------------+--------------+--------+-------+--------------+
| id                                   | hostname          | service_name | status | stats | capabilities |
+--------------------------------------+-------------------+--------------+--------+-------+--------------+
| f8426486-7a61-4288-8309-9116194e18b0 | network.srv.world | api          | UP     | -     | -            |
| 135c6c4b-827c-4827-9c47-024ed4c4bef6 | network.srv.world | central      | UP     | -     | -            |
| 6aabdfff-5a7b-4ac6-9d7d-aa2325283a5a | network.srv.world | mdns         | UP     | -     | -            |
| 8a1acb68-d3e4-4c40-96b9-46bea44b0afd | network.srv.world | worker       | UP     | -     | -            |
| eae19596-3b8f-457a-954f-54485769dd8c | network.srv.world | producer     | UP     | -     | -            |
+--------------------------------------+-------------------+--------------+--------+-------+--------------+
मिलान सामग्री