Add the Designate DNSaaS services.

This is a complete DNS solution, with hidden master and bind9 slave.

It lacks the designate-sink service, because there is no true specification
to implement that. It listens for Nova/Neutron events and creates records
though adding those to just 1 domain isn't helping much in an environment
with multiple tenants.

Change-Id: I500fb6058b118d25a4ccfd1d3479830c36af7e2a
Blueprint: designate-container

compose/designate.yml

@@ -0,0 +1,54 @@
+# The DNSaaS REST api from where zones and records are added or removed.
+designateapi:
+  image: kollaglue/centos-rdo-designate-api:latest
+  name: designate-api
+  net: "host"
+  restart: always
+  env_file:
+   - openstack.env
+
+# The central dispatches the API requests and pushes requests further down to
+# pool-manager and the database for storage.
+designatecentral:
+  image: kollaglue/centos-rdo-designate-central:latest
+  name: designate-central
+  net: "host"
+  restart: always
+  env_file:
+   - openstack.env
+
+# The pool-manager will push new zones to the backend so they can slave them.
+designatepoolmanager:
+  image: kollaglue/centos-rdo-designate-poolmanager:latest
+  name: designate-poolmanager
+  net: "host"
+  restart: always
+  env_file:
+    - openstack.env
+
+# Bind9 backend and state storage.
+designatebackendbind9data:
+  image: kollaglue/centos-rdo-designate-backend-bind9-data:latest
+  name: designate-backend-bind9-data
+  restart: on-failure
+
+designatebackendbind9:
+  image: kollaglue/centos-rdo-designate-backend-bind9:latest
+  name: designate-backend-bind9
+  net: "host"
+  restart: always
+  env_file:
+    - openstack.env
+  volumes_from:
+    - designatebackendbind9data
+
+# The MDNS service acts as the primary (or hidden-master) nameserver and uses
+# AXFR/IXFR commands to inform the slaves (which realy listen for queries from
+# $world) about updates.
+designatemdns:
+  image: kollaglue/centos-rdo-designate-mdns:latest
+  name: designate-mdns
+  net: "host"
+  restart: always
+  env_file:
+   - openstack.env

docker/centos/binary/designate/designate-api/Dockerfile

@@ -0,0 +1,10 @@
+FROM %%KOLLA_NAMESPACE%%/%%KOLLA_PREFIX%%designate-base:%%KOLLA_TAG%%
+MAINTAINER Kolla Project (https://launchpad.net/kolla)
+
+RUN yum install -y \
+    openstack-designate-api \
+    && yum clean all
+
+COPY start.sh /start.sh
+
+CMD ["/start.sh"]

docker/centos/binary/designate/designate-api/build

@@ -0,0 +1 @@
+../../../../../tools/build-docker-image

docker/centos/binary/designate/designate-api/start.sh

@@ -0,0 +1,37 @@
+#!/bin/bash
+set -e
+
+. /opt/kolla/kolla-common.sh
+. /opt/kolla/config-designate.sh
+
+CONF=/etc/designate/designate.conf
+
+check_required_vars KEYSTONE_ADMIN_TOKEN KEYSTONE_ADMIN_SERVICE_HOST \
+                    DESIGNATE_KEYSTONE_USER DESIGNATE_KEYSTONE_PASSWORD \
+                    KEYSTONE_AUTH_PROTOCOL ADMIN_TENANT_NAME \
+                    DESIGNATE_API_SERVICE_HOST DESIGNATE_API_SERVICE_PORT \
+                    KEYSTONE_ADMIN_SERVICE_PORT
+
+export SERVICE_TOKEN="${KEYSTONE_ADMIN_TOKEN}"
+export SERVICE_ENDPOINT="${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_ADMIN_SERVICE_PORT}/v2.0"
+
+fail_unless_os_service_running keystone
+
+crux user-create \
+    -n ${DESIGNATE_KEYSTONE_USER} \
+    -p ${DESIGNATE_KEYSTONE_PASSWORD} \
+    -t ${ADMIN_TENANT_NAME} \
+    -r admin
+
+crux endpoint-create \
+    --remove-all \
+    -n ${DESIGNATE_KEYSTONE_USER} \
+    -t dns \
+    -I "${KEYSTONE_AUTH_PROTOCOL}://${DESIGNATE_API_SERVICE_HOST}:${DESIGNATE_API_SERVICE_PORT}/v1" \
+    -P "${KEYSTONE_AUTH_PROTOCOL}://${DESIGNATE_API_SERVICE_HOST}:${DESIGNATE_API_SERVICE_PORT}/v1" \
+    -A "${KEYSTONE_AUTH_PROTOCOL}://${DESIGNATE_API_SERVICE_HOST}:${DESIGNATE_API_SERVICE_PORT}/v1"
+
+crudini --set $CONF service:api api_paste_config "/usr/share/designate/api-paste.ini"
+crudini --set $CONF service:api api_port "${DESIGNATE_API_SERVICE_PORT}"
+
+exec /usr/bin/designate-api

docker/centos/binary/designate/designate-backend-bind9-data/Dockerfile

@@ -0,0 +1,6 @@
+FROM %%KOLLA_NAMESPACE%%/%%KOLLA_PREFIX%%base:%%KOLLA_TAG%%
+MAINTAINER Kolla Project (https://launchpad.net/kolla)
+
+VOLUME [ "/var/named" ]
+
+CMD [ "/bin/true" ]

docker/centos/binary/designate/designate-backend-bind9-data/build

@@ -0,0 +1 @@
+../../../../../tools/build-docker-image

docker/centos/binary/designate/designate-backend-bind9/Dockerfile

@@ -0,0 +1,10 @@
+FROM %%KOLLA_NAMESPACE%%/%%KOLLA_PREFIX%%designate-base:%%KOLLA_TAG%%
+MAINTAINER Kolla Project (https://launchpad.net/kolla)
+
+RUN yum install -y bind \
+    && yum clean all \
+    && cp -pr /var/named /opt/kolla/var-named
+
+COPY start.sh /start.sh
+
+CMD ["/start.sh"]

docker/centos/binary/designate/designate-backend-bind9/build

@@ -0,0 +1 @@
+../../../../../tools/build-docker-image

docker/centos/binary/designate/designate-backend-bind9/start.sh

@@ -0,0 +1,60 @@
+#!/bin/bash
+set -e
+
+. /opt/kolla/kolla-common.sh
+
+check_required_vars DESIGNATE_MASTERNS DESIGNATE_SLAVENS DESIGNATE_BIND9_RNDC_KEY \
+                    DESIGNATE_ALLOW_RECURSION
+
+NAMEDCFG=/etc/named.conf
+
+# /var/named is coming from a VOLUME definition but at first boot it needs to
+# be populated from the original container since else it would be missing some
+# Bind9 core files. These files have been saved during the build phase.
+
+if [ ! -f /var/named/named.ca ]; then
+    cp -pr /opt/kolla/var-named/* /var/named/
+fi
+
+# When rndc adds a new domain, bind adds the call in an nzf file in this
+# directory.
+chmod 770 /var/named
+chown root:named /var/named
+
+# Default Bind9 behavior is to enable recursion, disable if wanted.
+if [ "${DESIGNATE_ALLOW_RECURSION}" == "false" ]; then
+    sed -i -r "s/(recursion) yes/\1 no/" $NAMEDCFG
+fi
+
+sed -i -r "/listen-on port 53/d" $NAMEDCFG
+sed -i -r "/listen-on-v6/d" $NAMEDCFG
+sed -i -r "s,/\* Path to ISC DLV key \*/,allow-new-zones yes;," $NAMEDCFG
+sed -i -r "/allow-query .+;/d" $NAMEDCFG
+
+if ! grep -q rndc-key /etc/named.conf; then
+    cat >> /etc/named.conf <<EOF
+include "/etc/rndc.key";
+controls {
+    inet ${DESIGNATE_SLAVENS} allow { ${DESIGNATE_MASTERNS}; } keys { "rndc-key"; };
+};
+EOF
+fi
+
+cat > /etc/rndc.key <<EOF
+key "rndc-key" {
+    algorithm hmac-md5;
+    secret "${DESIGNATE_BIND9_RNDC_KEY}";
+};
+EOF
+cat > /etc/rndc.conf <<EOF
+options {
+    default-key "rndc-key";
+    default-server 127.0.0.1;
+    default-port 953;
+};
+EOF
+cat /etc/rndc.key >> /etc/rndc.conf
+chown named /etc/rndc.key
+
+# Launch and keep in the foreground.
+exec /usr/sbin/named -u named -g

docker/centos/binary/designate/designate-base/Dockerfile

@@ -0,0 +1,17 @@
+FROM %%KOLLA_NAMESPACE%%/%%KOLLA_PREFIX%%base:%%KOLLA_TAG%%
+MAINTAINER Kolla Project (https://launchpad.net/kolla)
+
+# Install designate-api because of /etc/designate/policy.json, which
+# is needed in all services. This is probably a packaging bug. We do
+# need the complete policy file because of some of the containers'
+# requiring it. Remove the package when the file is moved though.
+RUN yum install -y \
+    MySQL-python \
+    openstack-designate-api \
+    openstack-designate-common \
+    && yum clean all \
+    && cp /etc/designate/policy.json /tmp/ \
+    && rpm -e openstack-designate-api \
+    && mv /tmp/policy.json /etc/designate/
+
+COPY config-designate.sh /opt/kolla/config-designate.sh

docker/centos/binary/designate/designate-base/build

@@ -0,0 +1 @@
+../../../../../tools/build-docker-image

docker/centos/binary/designate/designate-base/config-designate.sh

@@ -0,0 +1,58 @@
+#!/bin/bash
+
+set -e
+
+. /opt/kolla/kolla-common.sh
+
+check_required_vars DESIGNATE_DB_PASSWORD DESIGNATE_KEYSTONE_PASSWORD \
+                    KEYSTONE_PUBLIC_SERVICE_HOST RABBITMQ_SERVICE_HOST \
+                    DESIGNATE_BIND9_RNDC_KEY DESIGNATE_BACKEND \
+                    KEYSTONE_PUBLIC_SERVICE_PORT DESIGNATE_KEYSTONE_USER \
+                    RABBIT_USERID RABBIT_PASSWORD DESIGNATE_DB_USER \
+                    DESIGNATE_DB_NAME KEYSTONE_AUTH_PROTOCOL \
+                    KEYSTONE_ADMIN_SERVICE_HOST KEYSTONE_ADMIN_SERVICE_PORT \
+                    DEBUG_LOGGING
+
+fail_unless_db
+dump_vars
+
+cat > /openrc <<EOF
+export OS_AUTH_URL="http://${KEYSTONE_PUBLIC_SERVICE_HOST}:${KEYSTONE_PUBLIC_SERVICE_PORT}/v2.0"
+export OS_USERNAME="${DESIGNATE_KEYSTONE_USER}"
+export OS_PASSWORD="${DESIGNATE_KEYSTONE_PASSWORD}"
+export OS_TENANT_NAME="${ADMIN_TENANT_NAME}"
+EOF
+
+conf=/etc/designate/designate.conf
+
+# Regular configuration.
+crudini --set $conf DEFAULT log_file ""
+crudini --set $conf DEFAULT use_stderr "True"
+crudini --set $conf DEFAULT debug "${DEBUG_LOGGING}"
+crudini --set $conf DEFAULT rpc_backend "designate.openstack.common.rpc.impl_kombu"
+
+crudini --set $conf oslo_messaging_rabbit rabbit_host "${RABBITMQ_SERVICE_HOST}"
+crudini --set $conf oslo_messaging_rabbit rabbit_userid "${RABBIT_USERID}"
+crudini --set $conf oslo_messaging_rabbit rabbit_password "${RABBIT_PASSWORD}"
+
+crudini --set $conf storage:sqlalchemy connection "mysql://${DESIGNATE_DB_USER}:${DESIGNATE_DB_PASSWORD}@${MARIADB_SERVICE_HOST}/${DESIGNATE_DB_NAME}"
+
+crudini --set $conf service:api auth_strategy "keystone"
+crudini --set $conf service:api api_host "${PUBLIC_IP}"
+
+crudini --set $conf keystone_authtoken identity_uri "${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_ADMIN_SERVICE_PORT}"
+crudini --set $conf keystone_authtoken auth_uri "${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_PUBLIC_SERVICE_HOST}:${KEYSTONE_PUBLIC_SERVICE_PORT}/v2.0"
+crudini --set $conf keystone_authtoken admin_tenant_name "${ADMIN_TENANT_NAME}"
+crudini --set $conf keystone_authtoken admin_user "${DESIGNATE_KEYSTONE_USER}"
+crudini --set $conf keystone_authtoken admin_password "${DESIGNATE_KEYSTONE_PASSWORD}"
+
+if [ "${DESIGNATE_BACKEND}" == "bind9" ]; then
+    # Configure a key for RNDC so it can connect with Bind9 to create/delete
+    # zones.
+    cat > /etc/rndc.key <<EOF
+key "rndc-key" {
+    algorithm hmac-md5;
+    secret "${DESIGNATE_BIND9_RNDC_KEY}";
+};
+EOF
+fi

docker/centos/binary/designate/designate-central/Dockerfile

@@ -0,0 +1,10 @@
+FROM %%KOLLA_NAMESPACE%%/%%KOLLA_PREFIX%%designate-base:%%KOLLA_TAG%%
+MAINTAINER Kolla Project (https://launchpad.net/kolla)
+
+RUN yum install -y \
+    openstack-designate-central \
+    && yum clean all
+
+COPY start.sh /start.sh
+
+CMD ["/start.sh"]

docker/centos/binary/designate/designate-central/build

@@ -0,0 +1 @@
+../../../../../tools/build-docker-image

docker/centos/binary/designate/designate-central/start.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+set -e
+
+. /opt/kolla/kolla-common.sh
+. /opt/kolla/config-designate.sh
+
+check_required_vars MARIADB_SERVICE_HOST DB_ROOT_PASSWORD DESIGNATE_DB_NAME \
+                    DESIGNATE_DB_USER DESIGNATE_DB_PASSWORD DESIGNATE_INITDB
+
+fail_unless_db
+
+CONF=/etc/designate/designate.conf
+
+if [ "${DESIGNATE_INITDB}" == "true" ]; then
+    echo "Configuring database"
+    mysql -h ${MARIADB_SERVICE_HOST} -u root -p"${DB_ROOT_PASSWORD}" mysql <<EOF
+CREATE DATABASE IF NOT EXISTS ${DESIGNATE_DB_NAME};
+GRANT ALL PRIVILEGES ON ${DESIGNATE_DB_NAME}.* TO '${DESIGNATE_DB_USER}'@'%' IDENTIFIED BY '${DESIGNATE_DB_PASSWORD}'
+EOF
+
+    designate-manage database sync
+fi
+
+exec /usr/bin/designate-central

docker/centos/binary/designate/designate-mdns/Dockerfile

@@ -0,0 +1,9 @@
+FROM %%KOLLA_NAMESPACE%%/%%KOLLA_PREFIX%%designate-base:%%KOLLA_TAG%%
+MAINTAINER Kolla Project (https://launchpad.net/kolla)
+
+RUN yum install -y openstack-designate-mdns \
+    && yum clean all
+
+COPY start.sh /start.sh
+
+CMD ["/start.sh"]

docker/centos/binary/designate/designate-mdns/build

@@ -0,0 +1 @@
+../../../../../tools/build-docker-image

docker/centos/binary/designate/designate-mdns/start.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+set -e
+
+. /opt/kolla/kolla-common.sh
+. /opt/kolla/config-designate.sh
+
+check_required_vars DESIGNATE_MASTERNS DESIGNATE_MDNS_PORT
+
+CONF=/etc/designate/designate.conf
+
+crudini --set $CONF service:mdns workers "1"
+crudini --set $CONF service:mdns host "${DESIGNATE_MASTERNS}"
+crudini --set $CONF service:mdns port "${DESIGNATE_MDNS_PORT}"
+crudini --set $CONF service:mdns tcp_backlog "100"
+crudini --set $CONF service:mdns all_tcp "False"
+
+exec /usr/bin/designate-mdns

docker/centos/binary/designate/designate-poolmanager/Dockerfile

@@ -0,0 +1,12 @@
+FROM %%KOLLA_NAMESPACE%%/%%KOLLA_PREFIX%%designate-base:%%KOLLA_TAG%%
+MAINTAINER Kolla Project (https://launchpad.net/kolla)
+
+# The bind9 package here is only to provide the rndc binary.
+RUN yum install -y \
+    openstack-designate-pool-manager \
+    bind \
+    && yum clean all
+
+COPY start.sh /start.sh
+
+CMD ["/start.sh"]

docker/centos/binary/designate/designate-poolmanager/build

@@ -0,0 +1 @@
+../../../../../tools/build-docker-image

docker/centos/binary/designate/designate-poolmanager/start.sh

@@ -0,0 +1,49 @@
+#!/bin/bash
+set -e
+
+. /opt/kolla/kolla-common.sh
+. /opt/kolla/config-designate.sh
+
+check_required_vars DESIGNATE_MASTERNS DESIGNATE_BACKEND DESIGNATE_SLAVENS \
+                    DESIGNATE_MDNS_PORT DESIGNATE_DNS_PORT DESIGNATE_POOLMAN_POOLID \
+                    DESIGNATE_POOLMAN_TARGETS DESIGNATE_POOLMAN_NSS
+
+CONF=/etc/designate/designate.conf
+
+if [ "${DESIGNATE_BACKEND}" == "bind9" ]; then
+    TYPE="bind9"
+    OPTIONS="rndc_host: ${DESIGNATE_SLAVENS}, rndc_key_file: /etc/rndc.key"
+else
+    echo Unsupported backend: ${DESIGNATE_BACKEND}
+    exit
+fi
+
+crudini --set $CONF service:pool_manager workers "1"
+crudini --set $CONF service:pool_manager enable_recovery_timer "False"
+crudini --set $CONF service:pool_manager periodic_recovery_interval "120"
+crudini --set $CONF service:pool_manager enable_sync_timer "True"
+crudini --set $CONF service:pool_manager periodic_sync_interval "1800"
+crudini --set $CONF service:pool_manager poll_max_retries "10"
+crudini --set $CONF service:pool_manager poll_delay "5"
+crudini --set $CONF service:pool_manager poll_retry_interval "15"
+crudini --set $CONF service:pool_manager pool_id "${DESIGNATE_POOLMAN_POOLID}"
+crudini --set $CONF service:pool_manager cache_driver "noop"
+
+# TODO: use this to use memcached
+#crudini --set $CONF service:pool_manager cache_driver memcache
+#crudini --set $CONF service:pool_manager memcached_servers ${MEMCACHED_HOST}
+
+crudini --set $CONF pool:${DESIGNATE_POOLMAN_POOLID} nameservers "${DESIGNATE_POOLMAN_NSS}"
+crudini --set $CONF pool:${DESIGNATE_POOLMAN_POOLID} targets "${DESIGNATE_POOLMAN_TARGETS}"
+
+crudini --set $CONF pool_target:${DESIGNATE_POOLMAN_TARGETS} type "${TYPE}"
+crudini --set $CONF pool_target:${DESIGNATE_POOLMAN_TARGETS} options "${OPTIONS}"
+# This is the mdns container, which is the master nameserver.
+crudini --set $CONF pool_target:${DESIGNATE_POOLMAN_TARGETS} masters "${DESIGNATE_MASTERNS}:${DESIGNATE_MDNS_PORT}"
+crudini --set $CONF pool_target:${DESIGNATE_POOLMAN_TARGETS} host "${DESIGNATE_MASTERNS}"
+crudini --set $CONF pool_target:${DESIGNATE_POOLMAN_TARGETS} port "${DESIGNATE_DNS_PORT}"
+
+crudini --set $CONF pool_nameserver:${DESIGNATE_POOLMAN_NSS} host "${DESIGNATE_MASTERNS}"
+crudini --set $CONF pool_nameserver:${DESIGNATE_POOLMAN_NSS} port "${DESIGNATE_DNS_PORT}"
+
+exec /usr/bin/designate-pool-manager

docs/integration-guide.md

@@ -119,6 +119,19 @@ all containers.  This allows a simple method of ensuring every type of node
     MAGNUM_KEYSTONE_PASSWORD=<magnum> - The Magnum keystone password
     MAGNUM_API_SERVICE_HOST=<IP> - The Magnum Host IP address
     MAGNUM_API_SERVICE_PORT=<9511> - The Magnum port
+    DESIGNATE_DB_NAME=<designate> - The Designate database name
+    DESIGNATE_DB_PASSWORD=<designatedns> - The Designate database password
+    DESIGNATE_KEYSTONE_PASSWORD=<designate> - The keystone password for the designate user
+    DESIGNATE_BIND9_RNDC_KEY=<KEY> - The rndc/bind key to use for communication between pool_manager and bind9
+    DESIGNATE_MASTERNS=<IP> - The IP Address of the master (primary) DNS server (the backend)
+    DESIGNATE_BACKEND=<bind9> - The backend to use in Designate, currently only bind9 is supported
+    DESIGNATE_SLAVENS=<IP> - The IP Address of a slave nameserver under control of pool_manager
+    DESIGNATE_API_SERVICE_HOST=<IP> - The IP Address of the Designate API
+    DESIGNATE_API_SERVICE_PORT=<9001> - The port of the Designate API
+    DESIGNATE_MDNS_PORT=<5354> - The port of the Designate MiniDNS server acting as master server
+    DESIGNATE_DNS_PORT=<53> - The port of the Designate-backed DNS slaves that are used by the world
+    DESIGNATE_INITDB=<true|false> - Configures if the database should be created and initialised
+    DESIGNATE_ALLOW_RECURSION=<true|false> - Configure a recursive nameserver
 
 
 [Minimum environment variable setup guide.](https://github.com/stackforge/kolla/blob/master/docs/minimal-environment-vars.md)

tools/genenv

@@ -125,6 +125,27 @@ MAGNUM_KEYSTONE_PASSWORD=magnum
 MAGNUM_API_SERVICE_HOST=$HOST_IP
 MAGNUM_API_SERVICE_PORT=9511
 
+# Designate
+DESIGNATE_DB_NAME=designate
+DESIGNATE_DB_USER=designate
+DESIGNATE_DB_PASSWORD=designatedns
+DESIGNATE_KEYSTONE_USER=designate
+DESIGNATE_KEYSTONE_PASSWORD=designate
+DESIGNATE_BIND9_RNDC_KEY=$(openssl rand -base64 24)
+DESIGNATE_MASTERNS=$HOST_IP
+DESIGNATE_BACKEND=bind9
+DESIGNATE_SLAVENS=$HOST_IP
+DESIGNATE_API_SERVICE_HOST=$HOST_IP
+DESIGNATE_API_SERVICE_PORT=9001
+DESIGNATE_MDNS_PORT=5354
+DESIGNATE_DNS_PORT=53
+# The POOLID is hardcoded, upstream ships pre-configured with this uuid:
+DESIGNATE_POOLMAN_POOLID=794ccc2c-d751-44fe-b57f-8894c9f5c842
+DESIGNATE_POOLMAN_TARGETS=$(uuidgen)
+DESIGNATE_POOLMAN_NSS=$(uuidgen)
+DESIGNATE_INITDB=true
+DESIGNATE_ALLOW_RECURSION=true
+
 cat > ./openrc <<EOF
 export OS_AUTH_URL="http://${KEYSTONE_PUBLIC_SERVICE_HOST}:5000/v2.0"
 export OS_USERNAME=$ADMIN_TENANT_NAME
@@ -215,6 +236,24 @@ RABBITMQ_USER=$RABBIT_USER
 RABBIT_PASSWORD=$RABBIT_PASSWORD
 RABBIT_USERID=$RABBIT_USER
 HEAT_API_CFN_SERVICE_HOST=$HEAT_API_CFN_SERVICE_HOST
+DESIGNATE_DB_NAME=$DESIGNATE_DB_NAME
+DESIGNATE_DB_USER=$DESIGNATE_DB_USER
+DESIGNATE_DB_PASSWORD=$DESIGNATE_DB_PASSWORD
+DESIGNATE_KEYSTONE_USER=$DESIGNATE_KEYSTONE_USER
+DESIGNATE_KEYSTONE_PASSWORD=$DESIGNATE_KEYSTONE_PASSWORD
+DESIGNATE_API_SERVICE_HOST=$DESIGNATE_API_SERVICE_HOST
+DESIGNATE_API_SERVICE_PORT=$DESIGNATE_API_SERVICE_PORT
+DESIGNATE_BIND9_RNDC_KEY=$DESIGNATE_BIND9_RNDC_KEY
+DESIGNATE_MASTERNS=$DESIGNATE_MASTERNS
+DESIGNATE_BACKEND=$DESIGNATE_BACKEND
+DESIGNATE_SLAVENS=$DESIGNATE_SLAVENS
+DESIGNATE_MDNS_PORT=$DESIGNATE_MDNS_PORT
+DESIGNATE_DNS_PORT=$DESIGNATE_DNS_PORT
+DESIGNATE_POOLMAN_POOLID=$DESIGNATE_POOLMAN_POOLID
+DESIGNATE_POOLMAN_TARGETS=$DESIGNATE_POOLMAN_TARGETS
+DESIGNATE_POOLMAN_NSS=$DESIGNATE_POOLMAN_NSS
+DESIGNATE_INITDB=$DESIGNATE_INITDB
+DESIGNATE_ALLOW_RECURSION=$DESIGNATE_ALLOW_RECURSION
 EOF
 echo Please customize your FLAT_INTERFACE to a different network then your
 echo main network. The FLAT_INTERFACE is used for inter-VM communication.