opendev/system-config
Code Issues Proposed changes

Merge "Make ns*.openstack.org authoritative slaves"

Browse Source
This commit is contained in:
Zuul 2017-12-19 21:48:21 +00:00 committed by Gerrit Code Review
commit bd56a81619
1 changed files with 19 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
manifests/site.pp
View File

@ -853,13 +853,29 @@ node /^ns\d+\.openstack\.org$/ {
class { 'openstack_project::server':
sysadmins => hiera('sysadmins', []),
iptables_public_udp_ports => [53],
iptables_public_tcp_ports => [53],
}
$tsig_key = hiera('tsig_key', {})
if $tsig_key != {} {
$tsig_name = 'tsig'
nsd::tsig { 'tsig':
algo => $tsig_key[algorithm],
data => $tsig_key[secret],
}
} else {
$tsig_name = undef
}
class { '::nsd':
ip_addresses => [ $::ipaddress, $::ipaddress6 ],
zones => {
'master_zones' => {
'zones' => ['zuul-ci.org'],
},
'adns1_zones' => {
allow_notify => dns_a('adns1.openstack.org'),
masters => dns_a('adns1.openstack.org'),
zones => ['zuul-ci.org'],
tsig_name => $tsig_name,
}
}
}
}