Blame - robot/assets/asdc/base_clearwater/dns.yaml - onap/testsuite

blob: f257d24093dffe5049c96690873c4aefa26c4c1b [file] [log] [blame]

DR695H	96c1f6f	2017-08-17 17:13:48 -0400	[diff] [blame]	1	# Project Clearwater - IMS in the Cloud
				2	# Copyright (C) 2015 Metaswitch Networks Ltd
				3	#
				4	# This program is free software: you can redistribute it and/or modify it
				5	# under the terms of the GNU General Public License as published by the
				6	# Free Software Foundation, either version 3 of the License, or (at your
				7	# option) any later version, along with the "Special Exception" for use of
				8	# the program along with SSL, set forth below. This program is distributed
				9	# in the hope that it will be useful, but WITHOUT ANY WARRANTY;
				10	# without even the implied warranty of MERCHANTABILITY or FITNESS FOR
				11	# A PARTICULAR PURPOSE. See the GNU General Public License for more
				12	# details. You should have received a copy of the GNU General Public
				13	# License along with this program. If not, see
				14	# <http://www.gnu.org/licenses/>.
				15	#
				16	# The author can be reached by email at clearwater@metaswitch.com or by
				17	# post at Metaswitch Networks Ltd, 100 Church St, Enfield EN2 6BQ, UK
				18	#
				19	# Special Exception
				20	# Metaswitch Networks Ltd grants you permission to copy, modify,
				21	# propagate, and distribute a work formed by combining OpenSSL with The
				22	# Software, or a work derivative of such a combination, even if such
				23	# copying, modification, propagation, or distribution would otherwise
				24	# violate the terms of the GPL. You must comply with the GPL in all
				25	# respects for all of the code used other than OpenSSL.
				26	# "OpenSSL" means OpenSSL toolkit software distributed by the OpenSSL
				27	# Project and licensed under the OpenSSL Licenses, or a work based on such
				28	# software and licensed under the OpenSSL Licenses.
				29	# "OpenSSL Licenses" means the OpenSSL License and Original SSLeay License
				30	# under which the OpenSSL Project distributes the OpenSSL toolkit software,
				31	# as those licenses appear in the file LICENSE-OPENSSL.
				32
				33	heat_template_version: 2013-05-23
				34
				35	description: >
				36	DNS server exposing dynamic DNS using DNSSEC
				37
				38	parameters:
				39	vnf_id:
				40	type: string
				41	label: VNF ID
				42	description: The VNF ID provided by ONAP
				43	vf_module_id:
				44	type: string
				45	label: VNF module ID
				46	description: The VNF module ID provided by ONAP
				47	public_net_id:
				48	type: string
				49	description: ID of public network
				50	constraints:
				51	- custom_constraint: neutron.network
				52	description: Must be a valid network ID
				53	dns_flavor_name:
				54	type: string
				55	description: Flavor to use
				56	constraints:
				57	- custom_constraint: nova.flavor
				58	description: Must be a valid flavor name
				59	dns_image_name:
				60	type: string
				61	description: Name of image to use
				62	key_name:
				63	type: string
				64	description: Name of keypair to assign
				65	constraints:
				66	- custom_constraint: nova.keypair
				67	description: Must be a valid keypair name
				68	# dns_security_group:
				69	# type: string
				70	# description: ID of security group for DNS nodes
				71	zone:
				72	type: string
				73	description: DNS zone
				74	default: example.com
				75	dnssec_key:
				76	type: string
				77	description: DNSSEC private key (Base64-encoded)
				78
				79	resources:
				80	server:
				81	type: OS::Nova::Server
				82	properties:
				83	name: { str_replace: { params: { __zone__: { get_param: zone } }, template: ns.__zone__ } }
				84	image: { get_param: dns_image_name }
				85	flavor: { get_param: dns_flavor_name }
				86	key_name: { get_param: key_name }
				87	networks:
				88	- network: { get_param: public_net_id }
				89	metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }}
				90	user_data_format: RAW
				91	user_data:
				92	str_replace:
				93	params:
				94	__zone__: { get_param: zone }
				95	__dnssec_key__: { get_param: dnssec_key }
				96	template: \|
				97	#!/bin/bash
				98
				99	# Log all output to file.
				100	exec > >(tee -a /var/log/clearwater-heat-dns.log) 2>&1
				101	set -x
				102
				103	# Install BIND.
				104	apt-get update
				105	DEBIAN_FRONTEND=noninteractive apt-get install bind9 --yes
				106
				107	# Get the public IP address from eth0
				108	sudo apt-get install ipcalc
				109	ADDR=`ip addr show eth0 \| awk '/inet /{print $2}'`
				110	PUBLIC_ADDR=`ipcalc -n -b $ADDR \| awk '/Address:/{print $2}'`
				111
				112	# Update BIND configuration with the specified zone and key.
				113	cat >> /etc/bind/named.conf.local << EOF
				114	key __zone__. {
				115	algorithm "HMAC-MD5";
				116	secret "__dnssec_key__";
				117	};
				118
				119	zone "__zone__" IN {
				120	type master;
				121	file "/var/lib/bind/db.__zone__";
				122	allow-update {
				123	key __zone__.;
				124	};
				125	};
				126	EOF
				127
				128	# Function to give DNS record type and IP address for specified IP address
				129	ip2rr() {
				130	if echo $1 \| grep -q -e '[^0-9.]' ; then
				131	echo AAAA $1
				132	else
				133	echo A $1
				134	fi
				135	}
				136
				137	# Create basic zone configuration.
				138	cat > /var/lib/bind/db.__zone__ << EOF
				139	\$ORIGIN __zone__.
				140	\$TTL 1h
				141	@ IN SOA ns admin\@__zone__. ( $(date +%Y%m%d%H) 1d 2h 1w 30s )
				142	@ NS ns
				143	ns $(ip2rr $PUBLIC_ADDR)
				144	EOF
				145	chown root:bind /var/lib/bind/db.__zone__
				146
				147	# Now that BIND configuration is correct, kick it to reload.
				148	service bind9 reload
				149
				150	outputs:
				151	dns_ip:
				152	description: IP address of DNS server
				153	value: { get_attr: [ server, accessIPv4 ] }
				154	zone:
				155	description: DNS zone
				156	value: { get_param: zone }
				157	dnssec_key:
				158	description: DNSSEC private key (Base64-encoded)
				159	value: { get_param: dnssec_key }