From 1f1d91b960ad8bc2b18e60ce1dd7ee0a16f46a3f Mon Sep 17 00:00:00 2001
From: Eduardo Gonzalez <dabarren@gmail.com>
Date: Fri, 26 May 2017 21:19:07 +0100
Subject: [PATCH] Move mDNS to network nodes

mDNS publish DNS services to designate service customers.
Only network node should be reachable by public networks.

Change-Id: Id2947df89d2d831d67e006a581ac88b4ecf8ce04
Closes-Bug: #1693918
---
 ansible/inventory/all-in-one                                | 2 +-
 ansible/inventory/multinode                                 | 2 +-
 ansible/roles/designate/templates/designate.conf.j2         | 2 ++
 releasenotes/notes/mdns-network-nodes-ac8b9d4b721e9ac8.yaml | 6 ++++++
 4 files changed, 10 insertions(+), 2 deletions(-)
 create mode 100644 releasenotes/notes/mdns-network-nodes-ac8b9d4b721e9ac8.yaml

diff --git a/ansible/inventory/all-in-one b/ansible/inventory/all-in-one
index f0450c5cad..98e3809388 100644
--- a/ansible/inventory/all-in-one
+++ b/ansible/inventory/all-in-one
@@ -521,7 +521,7 @@ designate
 designate
 
 [designate-mdns:children]
-designate
+network
 
 [designate-worker:children]
 designate
diff --git a/ansible/inventory/multinode b/ansible/inventory/multinode
index 7775bdcb68..721f6fed07 100644
--- a/ansible/inventory/multinode
+++ b/ansible/inventory/multinode
@@ -539,7 +539,7 @@ designate
 designate
 
 [designate-mdns:children]
-designate
+network
 
 [designate-worker:children]
 designate
diff --git a/ansible/roles/designate/templates/designate.conf.j2 b/ansible/roles/designate/templates/designate.conf.j2
index 02532a2cf3..86480fef9f 100644
--- a/ansible/roles/designate/templates/designate.conf.j2
+++ b/ansible/roles/designate/templates/designate.conf.j2
@@ -39,9 +39,11 @@ memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansi
 enabled_notification_handlers = nova_fixed, neutron_floatingip
 workers = {{ openstack_service_workers }}
 
+{% if service_name == 'designate-mdns' %}
 [service:mdns]
 listen = {{ hostvars[inventory_hostname]['ansible_' + dns_interface]['ipv4']['address'] }}:{{ designate_mdns_port }}
 workers = {{ openstack_service_workers }}
+{% endif %}
 
 [service:worker]
 enabled = True
diff --git a/releasenotes/notes/mdns-network-nodes-ac8b9d4b721e9ac8.yaml b/releasenotes/notes/mdns-network-nodes-ac8b9d4b721e9ac8.yaml
new file mode 100644
index 0000000000..2b285e6bb8
--- /dev/null
+++ b/releasenotes/notes/mdns-network-nodes-ac8b9d4b721e9ac8.yaml
@@ -0,0 +1,6 @@
+---
+upgrade:
+  - |
+    Designate mDNS container now runs on network nodes,
+    ensure designate-mdns group in your inventory has network
+    as parent group.