Remove configuration of BIND 9 service
The feature was deprecated in 2024.1 release[1] and is ready for
removal.
Note that the configure_bind parameter is still kept, because
the parameter had to be set to disable the configuration. It may be
removed after 2025.1 release.
[1] 2896fe16c0
Change-Id: I3b84a382608bbf094cfc5b48bb0ced848e73b2f1
			
			
This commit is contained in:
		| @@ -63,7 +63,8 @@ | ||||
| # [*configure_bind*] | ||||
| #  (Optional) Enables running bind9/named configuration for hosts where | ||||
| #  designate and designate bind services are collocated. | ||||
| #  Defaults to true | ||||
| #  Note that this parameter has no effect now. | ||||
| #  Defaults to undef | ||||
| # | ||||
| class designate::backend::bind9 ( | ||||
|   $rndc_config_file                      = '/etc/rndc.conf', | ||||
| @@ -80,34 +81,16 @@ class designate::backend::bind9 ( | ||||
|   Array[String[1]] $also_notifies        = [], | ||||
|   Hash[String[1], String[1]] $attributes = {}, | ||||
|   # DEPRECATED PARAMETERS | ||||
|   Boolean $configure_bind                = true, | ||||
|   Optional[Boolean] $configure_bind      = undef, | ||||
| ) { | ||||
|  | ||||
|   include designate::deps | ||||
|   include designate::params | ||||
|  | ||||
|   if $configure_bind { | ||||
|     warning("Configuragion of BIND 9 by designate::backend::bind9 is deprecated \ | ||||
| and will be removed in a future release.") | ||||
|  | ||||
|     $dns_additional_options = { | ||||
|       'allow-new-zones'   => 'yes', | ||||
|       # Recommended by Designate docs as a mitigation for potential cache | ||||
|       # poisoning attacks: | ||||
|       # https://docs.openstack.org/designate/latest/admin/production-guidelines.html#bind9-mitigation | ||||
|       'minimal-responses' => 'yes', | ||||
|     } | ||||
|  | ||||
|     if $rndc_controls { | ||||
|       class { 'dns': | ||||
|         controls           => $rndc_controls, | ||||
|         additional_options => $dns_additional_options, | ||||
|       } | ||||
|     } else { | ||||
|       class { 'dns': | ||||
|         additional_options => $dns_additional_options, | ||||
|       } | ||||
|     } | ||||
|     fail('Configuration of BIND 9 is no longer supported') | ||||
|   } elsif $configure_bind != undef { | ||||
|     warning('The configure_bind parameter is deprecated and has no effect.') | ||||
|   } | ||||
|  | ||||
|   file { '/etc/designate/pools.yaml': | ||||
|   | ||||
| @@ -0,0 +1,6 @@ | ||||
| --- | ||||
| upgrade: | ||||
|   - | | ||||
|     The ``designate::backend::bind9`` class no longer supports configuration of | ||||
|     the BIND 9 service. Because of this change, setting the ``configure_bind`` | ||||
|     parameter to ``true`` now fails. | ||||
| @@ -10,13 +10,7 @@ describe 'designate::backend::bind9' do | ||||
|       let :params do | ||||
|         {} | ||||
|       end | ||||
|       it 'configures named and pool' do | ||||
|         is_expected.to contain_class('dns').with( | ||||
|           :additional_options => { | ||||
|             'allow-new-zones'   => 'yes', | ||||
|             'minimal-responses' => 'yes' | ||||
|           }, | ||||
|         ) | ||||
|       it 'configures the bind9 pool' do | ||||
|         is_expected.to contain_file('/etc/designate/pools.yaml').with( | ||||
|           :ensure => 'present', | ||||
|           :path   => '/etc/designate/pools.yaml', | ||||
| @@ -32,15 +26,6 @@ describe 'designate::backend::bind9' do | ||||
|         ) | ||||
|       end | ||||
|     end | ||||
|  | ||||
|     context 'with named configuration disabled' do | ||||
|       let :params do | ||||
|         { :configure_bind => false } | ||||
|       end | ||||
|       it 'does not configure named' do | ||||
|         is_expected.to_not contain_class('dns') | ||||
|       end | ||||
|     end | ||||
|   end | ||||
|  | ||||
|   on_supported_os({ | ||||
| @@ -51,18 +36,6 @@ describe 'designate::backend::bind9' do | ||||
|         facts.merge!(OSDefaults.get_facts()) | ||||
|       end | ||||
|  | ||||
|       let(:platform_params) do | ||||
|         case facts[:os]['family'] | ||||
|         when 'Debian' | ||||
|           { | ||||
|             :dns_optionspath => '/etc/bind/named.conf.options' | ||||
|           } | ||||
|         when 'RedHat' | ||||
|           { | ||||
|             :dns_optionspath => '/etc/named/options.conf' | ||||
|           } | ||||
|         end | ||||
|       end | ||||
|       it_behaves_like 'designate-backend-bind9' | ||||
|     end | ||||
|   end | ||||
|   | ||||
		Reference in New Issue
	
	Block a user
	 Takashi Kajinami
					Takashi Kajinami