Add a DNS server on OpenStack clusters

6 files changed, 113 insertions, 0 deletions

diff --git a/roles/dns/README.md b/roles/dns/README.md
new file mode 100644
index 000000000..e238fb92e
--- /dev/null
+++ b/roles/dns/README.md
@@ -0,0 +1,43 @@
+dns
+===
+
+Configure a DNS server serving IPs of all the nodes of the cluster
+
+Requirements
+------------
+
+None
+
+Role Variables
+--------------
+
+| Name | Mandatory / Optional | Description |
+|------|----------------------|-------------|
+| `dns_zones` | Mandatory | DNS zones in which we must find the hosts |
+| `dns_forwarders` | If not set, the DNS will be a recursive non-forwarding DNS server | DNS forwarders to delegate the requests for hosts outside of `dns_zones` |
+| `dns_all_hosts` | Mandatory | Exhaustive list of hosts |
+
+Dependencies
+------------
+
+None
+
+Example Playbook
+----------------
+
+    - hosts: dns_hosts
+      roles:
+      - role: dns
+        dns_forwarders: [ '8.8.8.8', '8.8.4.4' ]
+        dns_zones: [ novalocal, openstacklocal ]
+        dns_all_hosts: "{{ g_all_hosts }}"
+
+License
+-------
+
+ASL 2.0
+
+Author Information
+------------------
+
+OpenShift operations, Red Hat, Inc
diff --git a/roles/dns/handlers/main.yml b/roles/dns/handlers/main.yml
new file mode 100644
index 000000000..ef101785e
--- /dev/null
+++ b/roles/dns/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: restart bind
+  service:
+    name: named
+    state: restarted
diff --git a/roles/dns/meta/main.yml b/roles/dns/meta/main.yml
new file mode 100644
index 000000000..b6e9d9ad0
--- /dev/null
+++ b/roles/dns/meta/main.yml
@@ -0,0 +1,7 @@
+---
+galaxy_info:
+  author: Lénaïc Huard
+  description: Deploy and configure a DNS server
+  company: Amadeus SAS
+  license: ASL 2.0
+dependencies: []
diff --git a/roles/dns/tasks/main.yml b/roles/dns/tasks/main.yml
new file mode 100644
index 000000000..af728585d
--- /dev/null
+++ b/roles/dns/tasks/main.yml
@@ -0,0 +1,22 @@
+- name: Install Bind
+  action: "{{ ansible_pkg_mgr }} name=bind"
+
+- name: Configure Bind
+  template:
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
+    validate: "{{ item.validate }}"
+  with_items:
+    - src: openshift-cluster.zone
+      dest: /var/named/openshift-cluster.zone
+      validate: "named-checkzone {{ dns_zones[0] }} %s"
+    - src: named.conf
+      dest: /etc/named.conf
+      validate: "named-checkconf %s"
+  notify: restart bind
+
+- name: Enable Bind
+  service:
+    name: named
+    state: started
+    enabled: yes
diff --git a/roles/dns/templates/named.conf b/roles/dns/templates/named.conf
new file mode 100644
index 000000000..22c1ff935
--- /dev/null
+++ b/roles/dns/templates/named.conf
@@ -0,0 +1,23 @@
+options
+{
+    directory "/var/named";
+
+    allow-query { {{ ansible_default_ipv4.network }}/24; };
+
+    recursion yes;
+
+{% if dns_forwarders is defined %}
+    forwarders {
+        {% for dns in dns_forwarders %}
+        {{ dns }};
+        {% endfor %}
+    };
+{% endif %}
+};
+{% for zone in dns_zones %}
+
+zone "{{ zone }}" IN {
+    type master;
+    file "openshift-cluster.zone";
+};
+{% endfor %}
diff --git a/roles/dns/templates/openshift-cluster.zone b/roles/dns/templates/openshift-cluster.zone
new file mode 100644
index 000000000..03f5dc089
--- /dev/null
+++ b/roles/dns/templates/openshift-cluster.zone
@@ -0,0 +1,14 @@
+$TTL 1d
+@               IN      SOA     {{ ansible_hostname }} openshift (
+                                {{ ansible_date_time.epoch }}      ; Serial (To be fixed before 2039)
+                                12h     ; Refresh
+                                3m      ; Retry
+                                4w      ; Expire
+                                3h      ; TTL for negative replies
+                        )
+
+    IN NS {{ ansible_hostname }}
+{{ ansible_hostname }}  IN A  {{ ansible_default_ipv4.address }}
+{% for host in dns_all_hosts %}
+{{ hostvars[host].ansible_hostname }}  IN A  {{ hostvars[host]['ansible_default_ipv4'].address }}
+{% endfor %}