| nickghee | Hello all, | 07:22 |
|---|---|---|
| nickghee | I deployed designate in our kolla-ansible installation. my control nodes are in a private network and my external bind9 servers are public addressed. My understanding was, to access (the private addressed) designate-mdns containers from my (public) bind9 servers for the zone transfers, I just configure a loadbalanced public url, which loadbalances to the designate-mdns servers. I can do a manual AXFR request (dig AXFR @loadbalancer-ip ), but | 07:28 |
| nickghee | but designate initiated zone transfers (after a change e.g.) are not, and the log of my public bind servers show the private IPs from designate - which are of course not accessible from my public bind servers. So how can I configure my bind servers, to "force" the zone transfers from my loadbalancer ip/name instead of the private designate mdns IPs? any advice appreciated, thank you! | 07:29 |
| frickler | nickghee: you need to specify your lb ips as masters in the pool configuration for those external servers. kolla doesn't support that currently natively, you'll need to override the ansible/roles/designate/templates/pools.yaml.j2 template | 08:47 |
| opendevreview | Erik Olof Gunnar Andersson proposed openstack/designate master: [WIP] Remove designate-agent https://review.opendev.org/c/openstack/designate/+/891317 | 09:25 |
| nickghee | so in addition or just replacing the private IPs of all my designate-mdns with the public loadbalancer IP? | 09:58 |
| nickghee | I reconfigured designate with the public IP in the masters config, but still see the private IP reqeusts to bind "Log: Aug 21 12:37:12 ns1-stage named[48935]: transfer of 'nghtest.stage.mydomain.ch/IN' from 10.233.114.238#5354: failed to connect: timed out" | 10:40 |
| eandersson | nickghee: Did you run designate-manage to update the pool? You might also need to restart the designate-central service to pick up the changes. | 13:36 |
| opendevreview | kiran pawar proposed openstack/designate master: Add new API for zone move https://review.opendev.org/c/openstack/designate/+/796633 | 14:55 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!