OpenStack Antelope : Designate कॉन्फ़िगर करें (नेटवर्क नोड)2023/09/11 |
OpenStack DNS सेवा (Designate) स्थापित करें।
यह उदाहरण निम्न प्रकार से पर्यावरण पर आधारित है।
नेटवर्क नोड पर Designate सेवाएँ स्थापित करें और उस पर बैकएंड DNS सेवा के रूप में BIND 9 भी स्थापित करें। ------------+--------------------------+--------------------------+------------ | | | eth0|10.0.0.30 eth0|10.0.0.50 eth0|10.0.0.51 +-----------+-----------+ +-----------+-----------+ +-----------+-----------+ | [ dlp.srv.world ] | | [ network.srv.world ] | | [ node01.srv.world ] | | (Control Node) | | (Network Node) | | (Compute Node) | | | | | | | | MariaDB RabbitMQ | | Open vSwitch | | Libvirt | | Memcached Nginx | | Neutron Server | | Nova Compute | | Keystone httpd | | OVN-Northd | | Open vSwitch | | Glance Nova API | | Nginx iSCSI Target | | OVN Metadata Agent | | Cinder API | | Cinder Volume | | OVN-Controller | | | | Designate Services | | | +-----------------------+ +-----------------------+ +-----------------------+ |
[1] | Designate सेवाएँ स्थापित करें और BIND 9। |
root@network:~# apt -y install designate-api designate-central designate-worker designate-producer designate-mdns python3-designateclient bind9 bind9utils
|
[2] | BIND कॉन्फ़िगर करें। |
root@network:~# rndc-confgen -a -k designate -c /etc/bind/designate.key wrote key file "/etc/bind/designate.key" root@network:~# chown bind:designate /etc/bind/designate.key root@network:~# chmod 640 /etc/bind/designate.key root@network:~# mv /etc/bind/named.conf.options /etc/bind/named.conf.options.org
root@network:~#
vi /etc/bind/named.conf.options # नया निर्माण
options {
directory "/var/cache/bind";
listen-on port 53 { any; };
listen-on-v6 port 53 { none; };
# क्वेरी रेंज को अपने परिवेश में बदलें
allow-query { localhost; 10.0.0.0/24; };
allow-new-zones yes;
request-ixfr no;
recursion no;
dnssec-validation auto;
auth-nxdomain no;
};
include "/etc/bind/designate.key";
controls {
inet 0.0.0.0 port 953
allow { localhost; } keys { "designate"; };
};
chmod 644 /etc/bind/named.conf.options root@network:~# chown -R bind. /etc/bind root@network:~# systemctl restart bind9 |
[3] | Designate कॉन्फ़िगर करें। |
root@network:~# mv /etc/designate/designate.conf /etc/designate/designate.conf.org
root@network:~#
vi /etc/designate/designate.conf # नया निर्माण [DEFAULT] log_dir = /var/log/designate # RabbitMQ कनेक्शन जानकारी transport_url = rabbit://openstack:password@dlp.srv.world root_helper = sudo designate-rootwrap /etc/designate/rootwrap.conf [database] # MariaDB कनेक्शन जानकारी connection = mysql+pymysql://designate:password@dlp.srv.world/designate [service:api] listen = 127.0.0.1:9001 auth_strategy = keystone api_base_uri = https://network.srv.world:9001 enable_api_v2 = True enabled_extensions_v2 = quotas, reports # Keystone प्रामाणिक जानकारी [keystone_authtoken] www_authenticate_uri = https://dlp.srv.world:5000 auth_url = https://dlp.srv.world:5000 memcached_servers = dlp.srv.world:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = designate password = servicepassword # यदि Apache2 Keystone पर स्व-हस्ताक्षरित प्रमाणपत्र का उपयोग कर रहे हैं, तो [true] पर जाएँ insecure = false [service:worker] enabled = True notify = True [storage:sqlalchemy] # MariaDB कनेक्शन जानकारी connection = mysql+pymysql://designate:password@dlp.srv.world/designate [oslo_policy] enforce_new_defaults = false chmod 640 /etc/designate/designate.conf root@network:~# chgrp designate /etc/designate/designate.conf root@network:~# su -s /bin/sh -c "designate-manage database sync" designate
root@network:~#
systemctl restart designate-central designate-api root@network:~# systemctl enable designate-central designate-api
root@network:~#
vi /etc/designate/pools.yaml # नया बनाएं (होस्टनाम और आईपी पते को अपने परिवेश में बदलें) - name: default description: Default Pool attributes: {} ns_records: - hostname: network.srv.world. priority: 1 nameservers: - host: 10.0.0.50 port: 53 targets: - type: bind9 description: BIND9 Server masters: - host: 10.0.0.50 port: 5354 options: host: 10.0.0.50 port: 53 rndc_host: 10.0.0.50 rndc_port: 953 rndc_key_file: /etc/bind/designate.key chmod 640 /etc/designate/pools.yaml root@network:~# chgrp designate /etc/designate/pools.yaml root@network:~# su -s /bin/sh -c "designate-manage pool update" designate Updating Pools Configuration **************************** root@network:~# systemctl restart designate-worker designate-producer designate-mdns root@network:~# systemctl enable designate-worker designate-producer designate-mdns
|
[4] | प्रॉक्सी सेटिंग्स के लिए Nginx कॉन्फ़िगर करें। |
root@network:~#
vi /etc/nginx/nginx.conf # [stream] अनुभाग में जोड़ें
stream {
upstream neutron-api {
server 127.0.0.1:9696;
}
server {
listen 10.0.0.50:9696 ssl;
proxy_pass neutron-api;
}
upstream designate-api {
server 127.0.0.1:9001;
}
server {
listen 10.0.0.50:9001 ssl;
proxy_pass designate-api;
}
ssl_certificate "/etc/letsencrypt/live/network.srv.world/fullchain.pem";
ssl_certificate_key "/etc/letsencrypt/live/network.srv.world/privkey.pem";
}
root@network:~# systemctl restart nginx
|
[5] | किसी नोड पर सेवाओं की स्थिति सत्यापित करें. यदि सभी स्थितियाँ [ऊपर] हैं तो यह ठीक है। |
root@dlp ~(keystone)#
root@dlp ~(keystone)# apt -y install python3-designateclient openstack dns service list +--------------------------------------+-------------------+--------------+--------+-------+--------------+ | id | hostname | service_name | status | stats | capabilities | +--------------------------------------+-------------------+--------------+--------+-------+--------------+ | 3b130642-e68e-4b69-8eb0-f8079e6ca85d | network.srv.world | central | UP | - | - | | 3712e5f2-a272-4344-b191-a64660d3cee5 | network.srv.world | api | UP | - | - | | ac0c496c-69a3-4012-9173-28447f9cf77a | network.srv.world | mdns | UP | - | - | | cf88da5a-c65d-4061-9b91-d72e4a1dbb5c | network.srv.world | producer | UP | - | - | | f80dfa9f-8949-45ff-a9dc-4db753e89013 | network.srv.world | worker | UP | - | - | +--------------------------------------+-------------------+--------------+--------+-------+--------------+ |
Sponsored Link |