kolla-ansible/ansible/roles/designate/templates/named.conf.j2

include "/etc/rndc.key";
options {
        listen-on port {{ designate_bind_port }} { {{ hostvars[inventory_hostname]['ansible_' + hostvars[inventory_hostname]['api_interface']]['ipv4']['address'] }}; };
        directory       "/var/lib/named";
        allow-new-zones yes;
        dnssec-validation auto;
        auth-nxdomain no;
        request-ixfr no;
        recursion no;
        minimal-responses yes;
        allow-notify { {% for host in groups['designate-worker'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }};{% endfor %} };
};

controls {
        inet {{ hostvars[inventory_hostname]['ansible_' + hostvars[inventory_hostname]['api_interface']]['ipv4']['address'] }} port {{ designate_rndc_port }} allow { {% for host in groups['designate-worker'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}; {% endfor %} } keys { "rndc-key"; };
};