openstack/openstack-ansible-os_designate
Code Issues Proposed changes

Remove bind9 and add functional tests

Browse Source 
This commit moves the installation of bind9 to the tests, leaving the
installation/configuration of the desired DNS server to the deployer.
We can eventually use a role to handle the installation/configuration
of bind, but some further research will need to be done to isolate
the best role.

Additionally, this commit adds some very basic tests that validate the
Designate API.  Next steps involve using designate-tempest-plugin to
handle this.

NOTE: No relnote is being added for the removal of bind9 as no valid
      configuration was being dropped for bind9, meaning we had a
      non-functional DNS server as far as designate was concerned.

Change-Id: I5a21e32f8ad885afd5b4a04d2ef348cd65d0999b
This commit is contained in:
Matt Thompson 2016-04-18 14:40:26 +01:00
parent 38247df459
commit c29b2d8d03
7 changed files with 144 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
tests/named.conf.options Normal file
View File

@ -0,0 +1,29 @@
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
allow-new-zones yes;
request-ixfr no;
recursion no;
};

44
tests/pools.yaml.sample Normal file
View File

@ -0,0 +1,44 @@
- name: default
# The name is immutable. There will be no option to change the name after
# creation and the only way will to change it will be to delete it
# (and all zones associated with it) and recreate it.
description: Default BIND9 Pool
attributes: {}
# List out the NS records for zones hosted within this pool
ns_records:
- hostname: ns1-1.example.org.
priority: 1
# List out the nameservers for this pool. These are the actual BIND servers.
# We use these to verify changes have propagated to all nameservers.
nameservers:
- host: 127.0.0.1
port: 53
# List out the targets for this pool. For BIND, most often, there will be one
# entry for each BIND server.
targets:
- type: bind9
description: BIND9 Server 1
# List out the designate-mdns servers from which BIND servers should
# request zone transfers (AXFRs) from.
masters:
- host: 127.0.0.1
port: 5354
# BIND Configuration options
options:
host: 127.0.0.1
port: 53
rndc_host: 127.0.0.1
rndc_port: 953
rndc_key_file: /etc/bind/rndc.key
# Optional list of additional IP/Port's for which designate-mdns will send
# DNS NOTIFY packets to
# also_notifies:
# - host: 192.0.2.4
# port: 53

38
tests/test-designate-functional.yml Normal file
View File

@ -0,0 +1,38 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for functional testing of designate
hosts: designate_all[0]
user: root
gather_facts: false
tasks:
- name: Check the designate API
uri:
url: "http://localhost:9001"
status_code: 200
- name: Create test domain
shell: |
. /root/openrc
{{ designate_venv_bin }}/designate domain-create --name designate-example.com. --email designate@example.org
- name: Verify domain gets created
shell: |
. /root/openrc
{{ designate_venv_bin }}/designate domain-get designate-example.com.
register: domain_status
until: domain_status|success
retries: 5
delay: 5
vars_files:
- test-vars.yml

28
tests/test-install-designate.yml
View File

@ -81,7 +81,35 @@
- "localhost"
- "%"
delegate_to: "10.100.100.101"
- name: Install bind9
apt:
package: bind9
state: present
- name: Drop bind configuration
copy:
src: named.conf.options
dest: /etc/bind/named.conf.options
- name: Restart bind9
service:
name: bind9
state: restarted
roles:
- role: "{{ rolename | basename }}"
vars_files:
- test-vars.yml
- name: Import pools
hosts: designate_all[0]
user: root
gather_facts: true
tasks:
- name: Copy sample pools.yaml file
copy:
src: pools.yaml.sample
dest: /etc/designate/pools.yaml
- name: Import sample pools.yaml file
shell: |
. /root/openrc
{{ designate_venv_bin }}/designate-manage pool update --file /etc/designate/pools.yaml
vars_files:
- test-vars.yml

1
tests/test-vars.yml
View File

@ -68,3 +68,4 @@ designate_pool_manager_container_mysql_password: "SuperSecrete"
designate_rabbitmq_password: "secrete"
designate_rabbitmq_userid: designate
designate_rabbitmq_vhost: /designate
designate_venv_bin: "/openstack/venvs/designate-{{ designate_venv_tag }}/bin"

3
tests/test.yml
View File

@ -31,3 +31,6 @@
# Install Designate
- include: test-install-designate.yml
# Test Designate
- include: test-designate-functional.yml

3
vars/ubuntu-14.04.yml
View File

@ -16,5 +16,4 @@
cache_timeout: 600
# Common apt packages
designate_apt_packages:
- bind9
designate_apt_packages: []