 Sorry, could you repeat that the version of vagrant and virtual box that's on there will not I'm on okay all right guys I think we're gonna go ahead and get started hopefully by now everybody has had an opportunity to grab the USB drive plug it in and download what's on there if you have not done that can you raise your hand real quick so I get a sense of how far along we are and getting ready okay so we've got a couple folks that are still doing that well for the benefit of everybody else I mean if you've already copied it over there are a couple of things that you need to do to get ready for this presentation first of all make sure you got a laptop obviously if you grab the USB drive you're probably already have assumed that make sure you've down you've got virtual box and vagrant installed on there so on the USB drive there is a folder that has different versions of that software there so if you didn't get a chance to download that and saw that before the start you can go ahead and do so now make sure that that you've got at least 30 gigabytes of free disk space on your laptop and then finally if you are using Windows make sure you've got some some some sort of SSH client whether it's putty or something else we have found there are some issues with getting vagrant to do exactly everything we wanted to do so just everything do everything up until a point where it's time to SSH in and then just switch over to your other client so the stuff that you do need to get from the USB drive it's all up here copy the designate install directory somewhere local where you can get to it easily and then you're going to switch to your terminal and once you're in your terminal you're going to change directory into that folder so designate install and once you're there issue a vagrant up that's going to take a little while depending on how depending on your CPU and on your laptop once it's finished then you just from within that same directory issue a vagrant SSH so real quickly who here has finished the vagrant up portion of this raise them high okay so who here who has started it but it's not finished okay just trying to get an idea of what to expect on the USB drive there's a file at the root of the drive and it says something to the count of installation instructions so you can open that and that basically has more or less what we have up here on the slides so I'm going to go ahead and start moving forward if you get stuck raise your hand raise your hand high and we've got team members in the room basically everybody who's who's working on the project who can help you out so pretty much anybody who's standing towards the back of room they can they can help you so just raise them high and we'll come help you out okay so welcome to the installation workshop for designate we are here to help you get it installed on the VM we've provided show you some things that you can do to operate it and just rocket so real quick introductions we've got a real solid tight-knit team and I would I would like to give a chance to recognize everybody on it so first we've got Rich Meginson Rich where you at from Red Hat hey Rich he's also available for help if anybody is running Fedora then he's got a special drive for that so so rich has been working on the project now for for a couple months he actually just got free IPA working so if you're interested in using that as a back-and-name server you'll want to talk to him then we've got the Rackspace crew Emmanuel on Kutze who's over here he's going to be walking you through the the actual installation portion and Emmanuel is a contributor to the project Betsy Luzator who you probably met walking in hey Betsy Betsy is one of the core team members so if you're interested in contributing and you want to get a plus to you definitely want to talk to her and she's also available for any issues you may encounter the node mangle Polly hey Vinod Vinod is also a contributor and he is available for any issues and I'm I'm Joe McBride development manager next up we got eBay from from eBay Ron Rickard if you were who here was in the session at 11 o'clock okay good so if you were the session there you saw Ron and another of our team members up there presenting and and Ron is going to be walking you through the operation and some of the integration portions with some of the other designate project or some of the other open-stack projects so last intro slide we got Graham Hayes where's Graham hey Graham Graham did the 11 o'clock session along with Ron he is also a core team member so plus two away Graham and finally I want to introduce Kyle McKinnis a cow Kyle is the project technical lead he also has the first commit on the project so I I looked at him as sort of the founder and leader of this initiative and I don't know if you guys were here for Troy Tomans talk earlier today he very much embodies the sense of bringing a group together and working towards a common cause so we commend Kyle for what he's done and what he continues to do for the community okay so who has finished the vagrant up raise them high for me okay all right who has started the vagrant up okay who is who's almost at the vagrant up portion okay so two people is there anybody else other than those two folks is there anybody else that's that's gonna try to go through the install and is having some problems or hasn't sat down and got started yet okay okay well yeah yeah let us know go ahead and raise them high if it's if it's continuing to take a while so I'm gonna I'm gonna continue forward and we'll do our best to circle back and help you guys okay real quick the agenda as I mentioned Emmanuel and Kutze is gonna walk us through the install Ron is gonna take us through operations as well as the Nova Neutron portion specifically the integration that we have there and then finally our project technical lead Kyle is gonna show you how to contribute and take it from take it to the next level if you're interested with that I'm going to hand it over to Emmanuel who's gonna show you how to install okay well thank you very much for coming again my name is Emmanuel and Kutze from Rackspace so we're gonna I'm gonna walk you through the install and hopefully everybody has at least most of you already have your vagrant I mean the VM app a couple of slides before we actually get on there so just in the next 15 or 20 minutes at most we're gonna spend time installing the services for designate and then we will configure the power DNS backend which is what we are gonna use for this session and verify that the installation is good and then we'll hand it off to Ron to walk us through some of the users of designate a quick review or overview of where designate fits within open stack the colored or the orange boxes are the components that we are going to be installing here so designate has the API the front end which talks of our MQ rabbit MQ to central central is the repository for everything that comes in and it has a database that is toss everything in there that is pluggable we have SQL alchemy alchemy in front of it so you can plug anything in there right now it is my sequel and then the information flows on to the back end and which is where real DNS happens when you come and resolve against names and all that for today we're gonna be using power DNS now the VM you have has a few things already installed for you just so we can move along quickly we have Nova Neutron installed keystone and we will do a little bit of configuration of some of those as we go like Joe mentioned if you are on the VM right now you should be in home vigrant if you do an else you should see one of the files that is installed a TXT that file is going to contain the commands that we're going to be using in some of the instructions in fact if you would please do a cut after that file copy it and maybe paste it into some kind of a text editor on your host because we're going to be going you know copying and pasting so that you know if you're like me I fact-finger a lot and that will help us quite a bit now on the wiki we also have we have the instructions on wiki as well will make this available at some point and you can go and walk through this again so you have lots of ways to get to the instructions for working this thing okay now if you don't mind I'll sit down because I'm gonna be typing and we'll walk through this right now good so I'm in the VM myself I'm in home vagrant and to the side is my cheat sheet like you know if you copied your stuff over this is what you would see so in this directory we're going to go in one more step to in so we can install the packages and dependencies for designate so I would copy those first line here boom the second line is one that we did for you ahead of time while installing the VM so we don't need to do that we'll skip to the next one which is the pseudo peep install the requirements for designate and that too we will only do the first part of it which is without the test requirements it to take a bit more time to install those and we actually don't need them right now so we'll go ahead and install only what we need for that everybody with me finally we set up the installation and it looks like that went well everybody with me okay we'll continue now we're going to set up the configuration file for designate now to do that we're going to step two more steps deeper into the directory structure etc designate so the full path then is home vagrant designate etc designate etc designate now typically what you would do at this point is make copies of your configuration file by the way this is what we have in there we have templates for our config files you make copies of those that you need and make changes to them and and go from there the one we are interested in is designate comp and this is the template for it now we have provided the we have a little you know command here show command that will do that copy for us so let's do that and see what happens yes okay okay please let me know if I'm going too quickly okay I'm going to continue and to run this next command all right so after that we have designate.conf which is a copy of the sample the template file we also have a copy of the root wrap configuration so normally what you do then is at this point you would pick up your favorite editor open up the designate config file and edit it to your suit whatever you want to put it configure in there but for the purposes of this workshop we have already written a config file that works and so we're going to copy that on top of this and that is what the next command is we are copying from home vigrant designate.conf workshop onto this configuration file over here okay now we will come back and go into the config file and I can show you what's in there every component that we touch in OpenStack has some configuration in here additionally in addition to configuring the components that they can designate but for now trust me we have the right stuff in there what we're going to do next is to create a couple of directories for designate to use one of those is going to be a directory where designate can store state information the other one will be a location to put log files so let's go ahead and create yes you can use vigrant okay so I will continue to the next step so this is the first directory we're going to create and this will be for storing state information so we've done that yes that's right I went over that a little bit too fast I think oh okay yes pardon yes now excuse me when you go to home vigrant the install.txt and you display that file is exactly the same thing you have in here so you have it there and then we have it on the wiki as well okay so we have created the directories that we need one for logs and one for state now as part of the installation of the VM we started the we installed power DNS for you which is the back end and we just want to check quickly to make sure that the configuration that is in there is what we expect to do that we're going to look at a file in the etc in the etc power DNS you know that directory down there and so this is the file and so when we do a cut I am mainly looking for the database name to be pdns at this point when we go back into the config file designate.conf there will be an entry there there will be a database connection string in there part of which has to match this so just to check that for now a quick check to see if power DNS the back end the service is up and running so what I'm looking for is something sitting on pod 53 and it should be this this one right here so power DNS is up it is running and this are back end we will come back to do this one other check we can do is to try to do a dig against power DNS at this point it's not completely set up because we still need to initialize the database that it works with but at least we should get some kind of a response from it okay so status fail because we we don't know anything the server doesn't know anything about this but this is a successful communication with the service so we know that party and this is up and running the next step is to create initialize and sync up our database for designate it's everybody with me at this point most some people are okay okay so here we go I am going to create that database and then we're going to initialize it using some of the designate utilities designate manage and what this next command does is to put in or create the schema for designate and we have okay no such file okay so it's looking for the the log directory so we'll go back and make sure that we created that log directory I have another window here let me see if no such okay so we probably I probably didn't execute that command let's go ahead and try it okay now okay so now if we go back in my other window to the location we should start seeing some well that's not yet okay there we go that is a log file and we can just you know take a quick look at it so a lot of things happened in there one of which is that the database schema was initialized now we can go ahead and do a sync what the sync does is to apply patches to your schema to bring it up to the the current excuse me that's not where they should be to the current state okay now if we went here and looked at the log file would see a lot of the transactions that went on to upgrade the database we'll do the same to the party NS database except that it already exists so we only have to in it and sync and I'm going to do these a little faster okay we've installed the the services and the database now we're gonna start the services for designate there are two central central and the API itself now if we do a simple ps with some grip in there we should see the central service app and the API app as well a couple of final things to do we are going to set up keystone we're going to set up a service for us to use keystone and to do that we're going to first of all become admin in home vagrant we have a number of these open RC files that switch from one user to another and this is the admin so we can go ahead and do the creation of the keystone service so we've shelled the environment now we're going to go in and create a service called designate and here is the unique ID for it it's called designate and it's of type DNS we are going to create we are going to tell keystone to forward authenticated services to this service that to DNS so here you can see we have this ID which matches this ID and this is the unique ID of the the service now it has three endpoints all of which are the same but we have it in there and now any of authenticated requests will be sent by keystone to this service to our DNS service finally let's install the client for designate to do that we go back to home vagrant python designate client and there we're going to again install and this time to we do not want to install the test requirements so we'll only do this part of it so that does it and then we so that finishes it a quick test oh they got tiny again you know you know what happened I probably selected a section and did the plus so okay sorry is that okay good so we're going to do a quick check of the client we go back to the home where we have as you can see we have all these users preset and we did source the admin already so it's redundant to do this but now we're going to use this set the client to request for entities that we call service from the API of course we should not see any because nothing has been put in there so we get back an empty response similarly one can also we can check using curl to talk to the service locally on the VM so basically we are hitting the main endpoint it comes back and tells us the versions that we have we have the current one V1 in the experimental V2 and we'll see some of this I mean how this relates to some of the contents of the config file when we go back in there in fact one can also go to a client and try to hit the endpoint from outside of the VM so we get back authentication required which is something that we expect because a keystone caught it and said hey you are not authenticated from the outside that you can get in here before I hand over to Ron I'm going to quickly show you what the config file looks like and for that I'm going to use Vim so the file that we had so here it is our point to a couple of things quickly this is the state this is the same directory that we created earlier on for state information so it's reference in here this is the log location when it didn't exist we had an error because the system didn't know where to put the log files and for each system that we interact with like Nova or neutron we have configurations for them in here but for designate itself the API central they also have configuration in here so here we are telling central that we're going to be doing power DNS as the back end and we continue there's going to be more now Ron will show you a few other things as we go one last thing I'd like to show you is the power DNS back end which has the same database name reflected in there when we were doing the so here we go there was that one file we had to cut to make sure that the value that was right is because of this this database string in here so this file is the config file and there is more documentation on these values and the meaning on the read the docs for designate and with that I will I will hand off to Ron now one one quick comment if you want to repeat this later on in the same home vagrant directory that we have the install dot txt there is another file install hyphen designate dot sh if you run that it should run everything and get the whole thing installed for you just in case you want to do it over again or something like that now there is one comment that's the second line in there is set yes you might have to on comment I mean comment that out or just do the grand destroy and then bring that up and run that okay thank you well are there any questions about the installation portion of the workshop no okay yeah good no no we will actually we will actually configure in and run sync a little bit later in the in this so at this point you should have the API up and running you have central up and running are there any other questions nope it's hard to see the lights are really bright up here so if you do have a question speak up if you're raising your hand I can't see okay so at this point let's go ahead and talk about what can I do got this thing installed now I need to do something with it before we get into that though I do want to tell you pre-installed on the image that you're using we did some work already for you in Keystone we have some tenants set up for you and we have some users set up for you we have an admin tenant and it has an admin user we have a tenant a and it has a user one and a user two and we have a tenant B and it has a user three in it again if you attend at the earlier session the reason why this is important to understand is domains are owned by tenants okay and you know obviously only users that are members of that tenant are going to be able to do work either with the domain or the records for that tenant okay we also preloaded some scripts on here for you Emanuel talked about the open RC scripts and what they do it allows us to switch between the users quickly the other scripts down at the bottom there those are there to help us along with using the actual REST API it's not an exhaustive set of scripts we're basically going to create a server and delete a server well there's a script there to delete a server and a script there to list the servers we will we will start the operations portion using the REST API but you'll run scripts to use it and then we'll move over to using the designate client okay so I'm going to start typing so I am going to sit down I will be flipping back and forth between the slides and and typing I do not have anything for you to guys to cut and paste you'll be typing along with me if you want to keep up with me during this portion of it okay so the first thing I need you to do is just make sure you're in the home directory so go ahead and type CD home directory you're logged in as vagrant that's where that's where all the scripts that we have pre-insult for you for this portion of the demo let's go ahead and source the open RC admin and I'm I could be a good type or some days and I can be a horrible type or so bear with me as you watch me type we basically switch to the admin user for in Keystone this sets up if you're familiar with open stack at all this just sets up environment variables for you so that you can do things as that user let's go ahead and do run the script list servers dot sh and well that work work like a charm oh we skipped a step here okay so we source the admin user now what one of things that you and I'm glad I did this one of things that you need to understand when you're using the rest API is you need a token okay so and this is this is not any different than than most of the other open stack components you need a token interact with them I have some scripts that are pre-created for you that will allow you to to get a token for this user the token will be scoped to the appropriate tenant for you and and then we'll use that token the token will be put in your environment so let's go ahead and run this the select ENV script and that'll generate a token for you and then if you echo it you'll see your your your big long token there was much shorter in the previous version of all this but gotten bigger okay now we do our list servers and we have no servers created okay if you attended if you attended the previous session you you understand that when we talk about servers here we're really talking about NS record okay so whatever we create for servers become NS records for the zones that you create or the domains you create later and additionally one of one of those one of those records also becomes the primary domain for the SOA record will be what's put in there for the yes what did I echo earlier I echoed the token I just did echo token so that when you run dot space dot select ENV it actually generates a token for you so let's go look at that script real quick I'll just show you it calls some other scripts but basically it calls the get user token script it uses those variables that we set up when we ran the source open RC admin and it and it generates a token for you it communicates with Keystone generates a token for you it's a scope token in this case scope to the tenant for that user which is the admin user okay let's go ahead and create our first server so we'll run the crate server.sh ns.example.net trailing dot hit return and we've created our first server so what did what does this mean to create our first server what this is doing is it's just creating an entry in designates storage okay it just created an entry in the storage and this this ns.example.net becomes an NS record for any zones that you create from this point forward once we create our first zone any more servers that you create just become ns records for those zones okay now at this point nothing has happened on the DNS back end okay this is all in the designate database so just want to make that clear once we create our first zone then if you did this again it would actually happen on the back end but we don't have we don't have a zone for this to work with so it just created it and put it in designate database okay let's go ahead and take a look at these scripts I just I'll go ahead and list the servers one more time and we'll take a look at these scripts so you can see how the rest calls work let's look at the crate server.sh first so not surprising not surprisingly you know the endpoints that we registered with the catalog in Keystone the endpoint is up there at the top I'm using localhost I'm sure we used an IP address when we registered the endpoint but it's port 9001 we're using the version 1 API today during the operational portion of the demo where you we're going to be sticking with the version 1 API stuff if you attended our earlier meeting you and you probably heard that there designate does more than just what we're going to be doing today we do you do need to pass of the token this shouldn't be a surprise if you used any other open stack components in the past we do have a payload the payload is the name of the server that we're creating and then we have we're using the servers resource so we specify that in the URL okay so list server list servers that sh whoops not a surprise there no payload we're just listing the servers this is this is these scripts are just there for you to kind of build off of in the future if you need to use the rest API you can look at these scripts how did he do it you go out to you go out to the website the read me docs and you can read more about the API and then finally I have a delete we won't run it here but there is a delete server script and no surprise there like all other open stack components we're using you you IDs very painful but there it is okay okay I don't see anybody raising hands everybody looks like they're looking at me so I'm going to guess everybody's cool with where we're at good so let's go ahead and switch over to using the designate client we're going to go back we're going to go back to our window there in a second but we're going to do is we're going to first be the admin user whenever we do anything with servers we're going to be the admin to do it when we start doing things with domains and records we will be other users okay so it's good and switch back over everybody can see the screen and everything okay there's no problems there yeah okay good he's I think that was a thumbs up or middle finger I couldn't tell so okay I'm just changing back to the admin user I was already admin user redundant but there I go designate client the command is designate and then you give and then you give it a command so I type designate server list not surprisingly gives me the same server list I saw when I ran when I looked at the rest client okay let's go ahead and create another server using the client so we're going to run a designate server create let's call this one ns.example.com instead of .NET we made a mistake we don't want example .NET we'll delete it in a second but let's go ahead and do it ns.example.com trailing that's important you just have to give it a name hit return and there it is if I do a designate server list again not surprisingly I have I have two servers there again all of this is being done in the database the storage for designate there is nothing occurring at this point in on the back end DNS server not until we have a zone does anything happen in on the on the back end server okay let's go ahead and delete the original server that we had we're going to do a designate server delete and we're going to give it the UUID forgive me this is okay give it the UUID hit return and the original one should be deleted we'll go ahead and do a designate server list again and the original the original server that we had is created I'm going to go and delete this final server designate server delete command C and we're not allowed to delete the final server okay that's just built in once you create a server you can't delete the final one not a big deal because you probably need it anyways but if you do want to create something that you generated earlier just create a new one you can delete delete the previous one okay we'll not let you delete the final one okay now with all of that said there is you do not have to type designate every single time you do this stuff there is a shell and the shell you get into just type designate hit return and you're into the designate shell so it's very useful I think it was ingenious I think it was a good idea and at this point if you need to see the commands that you're able to type just type help there's a list of your commands so the commands that we're typing are there okay so during the rest of this demo I'll flip back and forth you'll probably see me mostly do it from the command line but I may I may flip in and start using the shell if you want to fall along using the shell great that's that's perfectly acceptable promise will be switching switching back and forth between different users and you'll have to get out of it eventually so but I did want you to know that yeah okay yeah okay so I did mention it before whenever you're doing work with designate you do need the trailing dot so please please remember to enter the trailing dot if you don't enter the trailing dot I what does it do it gives you an error yeah it gives you an error okay so it tells you but put the trailing dot you won't get there yeah you're gonna you're gonna get sick of typing the trailing dot you're also gonna get sick of typing UUID so or hopefully you're cutting pasting them but you'll get sick of that as well okay okay so at this point what I'd like to do is we'll go ahead and create our first domain and we'll show that this this not only is it updating the storage for designate but it's also doing the work on the on the DNS server in the back end in our case it's power DNS we'll run some dig commands we'll take a look at what what it did and then I'll show you what the other users see when it comes to what we did when we created that domain okay so I'm gonna I'm gonna switch to another user user one again this is all in your home directory make sure you're in the home directory of vagrant to do this I switched over to the user one user I'm gonna do a designate domain list and that's surprisingly there is no domain all we've done is created a server at this point the example.com server I'm sorry ns.example.com server so we don't have a domain so let's create our first domain designate domain create give it a name.com make sure you put the trailing dot or you'll get an error and we'll give it an email address so we've created our first domain so this has done several things for us it went ahead and added it to the designate database so if I do a designate domain list you not surprisingly the domain is there but more importantly for us is if I take a look at what happened in Power DNS let's look at the SOA record first it created it created our first zone so you guys see here the SOA record in the answer section okay not surprisingly the primary DNS for that SOA for that zone is ns.example.com if you go ahead and query for the name service for that zone okay I'm querying for the name service for that zone it's the ns.example.com so it created it created that record there yes how's the serial chosen Kyle okay so we did all this work as user one if you remember user one's part of 10 at a user two is also part of 10 at a so it shouldn't be a surprise that if we switch over to the user two and we do a designate domain list we can see that domain okay so if you go ahead and source open RC user two you do your designate domain list you see that user two sees it it's part of the same tenant okay zones are owned by tenants now if you switch over to user three you would not expect to see it so let's go ahead and switch over to user three I do my designate domain list there's no domain there okay that domain is owned by tenant a tenant B does not have this domain let's go go ahead and real quick just because I want to show you a delete we'll go ahead and create a domain here real quick a test domain and then we'll delete it just just so you guys can see the delete but do a designate domain create we'll call it test.com don't forget the trailing dot email and I must type something wrong designate domain create test.com email I typed email wrong DNS at test.com okay so we created the test.com domain you can do your designate domain list again not a surprise test.com's there if you want to do your dig you can do your dig I'm not going to do it but I will do a designate domain delete and you pass it the UUID for that domain hit return and it deleted it so if I do a designate domain list you'll see that the domain is gone okay so and it did it all on the back end as well I saved time here just showed you that it did it in the database so are there any questions where we're at right now so I've shown you we've worked with servers we've worked with domains if you attended the earlier session there's only one other thing I need to show you from the from version one of the API and that's working with records right so let's go ahead and let's go ahead and switch over to that so we've gone through this okay so we're going to go ahead and create our first record in DNS using designate okay let's switch over to user two okay we'll do our designate domain list the reason we're doing this is we need that UUID again because when you create the record you need to tell it the UUID you need to tell what domain that records in even though you're going to specify a fully qualified domain name okay with the trailing dot so let's go ahead and do a designate record create we'll call it server a example.com don't forget the trailing dot it's going to be an A record we'll give it a dummy IP address one two three four you type whatever you want and we have to pass it the UUID for the domain when I hit return we have created our first record we've created an A record called serverA.example.com so not surprisingly if I do a designate record list and I pass it the domain ID there's the record if we if we query the back end serverA.example.com and on the answer section there you can see that we've created an A record with the IP address of one two three four okay so very similar to the domains the user two is in tenant A I'm going to switch over to user one and I'll do a designate record list you're going to need that domain ID again if you remember the command is domain list if you don't have it there already in your buffer hit return and not surprisingly user one can see this record as well what happened what about yeah what about user three okay switch over to user three it's in a different tenant we'll do our designate record list again and this time it tells us domain is not found so user three can't do anything with the domain we don't see the record okay I'm going to go ahead and delete the record now but I'm not going to delete the record using user two the the users that created it I'm going to delete the record using user one just to show you that anybody who's a member any user any account that's a member of that tenant can work with these records so let's go ahead and switch over to user one we'll do a designate record list on that domain again sure enough our record still there and let's go ahead and delete it designate record list give it the ID I'm sorry record delete give it the ID and hit return and it didn't work okay this is this is this is the fun with the IDs I gave it I gave it the ID of the domain right we also need the ID for the record so let's go ahead and let's go ahead and give it both and what's the order well you you give the domain ID first then you give the record I get this messed up all the time if you don't remember you can go back into your designate if you're in this if you're in the in the shell the designate shell you can you can get more help off of those commands just type help command it'll give you more information so I'll do designate record delete I don't think I've gotten this right in any of any of the demos even all the pre stuff so I keep getting this one wrong but we'll give it the the ID for the domain first followed by the ID of the record yeah Kyle's gonna talk to you later about he's gonna recruit you to help and you will help help us make this you more user-friendly so I did the record delete let's go into a list yeah yeah you see why there's a shell so you don't I gotta give it the ID for the domain so hang on domain list designate record list give it the ID for the domain see control V I share your pain by the way and sure enough there is no record there okay so go and flip back over to the slides here for you we've walked through these slides these slides are going to be made available to you guys you have the thumb drive with the information about installing these slides will be made available too so if you want to if you want to walk through this again outside of outside of here you you have that opportunity are there any questions before I move on yes yeah there there is an option to change the TTLs I don't know if the client has every option for the SOA record but that is available in the API but but you do you can change the TTLs from from from the designate client yeah okay yeah the question was can I change the TTL the default there's gonna be a default TTL that that's that's used for those records can I change it and the answer is yes yeah I don't want I don't want to show it but yeah you can do it yeah go ahead good question that was asked at earlier session and the answer is yes HP has been working on a plug-in for Horizon and and it's their intent that to make it available to the community at some point in the future okay name yes server list is for yeah server list is for admin the admin user that's correct okay any other questions okay good we're gonna move on and let's go ahead and talk about the next piece here which I think will probably be important to those of you that are running the rest of the open stack components so how do we integrate designate with everything else okay what we're talking about here is designate sync I think we had a question earlier we were not running sync now that's correct we weren't running sync we will be starting up sync here shortly what happens with sync is sync is is interfaced to the other open stack components the other open stack components send notification events out sync custom handlers are registered with designate sync those handlers tell it tell tell designate say which events it wants to consume designate sync will pick up those events pass them off to the appropriate designate handler which you guys will be writing for your organization and then designate sync will perform whatever DNS operations you've you've written into the custom handler if you attend at the earlier meeting we had a lot more slides on this this particular subject but we'll I'll just do this again real quick so designate sync consumes notification events from nova neutron and potentially other open stack services okay what designate sync's job is to take those events and what's an example of event VM create I create a VM that's an event that event gets published on to the message queue sync here's it hey I have a handler that needs to do something with that hands it off to the handler then what the handler does is it performs DN op DNS operations based on based on that message okay what events and what DNS operations we're talking about here are handled by custom notification handlers designate ships with two custom notification handlers that are I'm Kyle don't take this wrong but they're a little bit brain dead they're just there as examples both of them you hard code the domain that you're going to be dealing with and they create a records okay so there's one for Nova when Nova events occur and there's one for neutron when floating IP events occur and it'll delete that a record as well okay they weren't written for you guys to use per se they were written as an example for you to take those to the next step for your business okay are there any questions about that before I go on no okay in the image that you have in front of you we've already enabled Nova to send a notification to the appropriate topic to be picked up by designate we haven't configured designate yet but we've configured Nova already so these changes have already been made to the Nova con so if you look at Etsy Nova Nova dot com file you'll see that these these three lines are already in there the notification topic is a topic that we're gonna we're gonna consume the message from in designate sync the notify on state change is is a directive to Nova that anytime a VM state changes I need you to publish a message about this if you've done anything with salameter this is probably familiar to you because it's the same thing you have to do to get salameter to eat these messages okay neutron configuration changes very similar the only difference is you don't have to give it a directive to tell it hey I want you to actually publish these events in the in this case we're publishing to the same topic the topic that we are going to configure designate to consume okay okay so we're going to make these changes right now to your your designate con file but what we're going to do is we're going to enable designate sync in the designate con file and we're going to do that by giving it notification handlers and it's important to understand if you don't want to run sync fine you don't need to run sync doesn't it works just fine if you do want sync running you can register one or more notification handlers to do whatever business operations you need DNS to do for you so one or more handlers could be registered here let's go ahead and do that everybody here knows how to use vi I hope if you don't you're in the wrong room the wrong conference okay so let's go and switch over to our shell okay and if you remember from manuals discussion earlier we're down in from the home directory just to make sure everybody's in the home directory vagrant go down into designate it was in Etsy designate and there's a file in here called designate.con let's go ahead and edit that look for look for sync and all you have to do is uncomment the line that says enable notification handlers and we're going to actually enable both the both both of the I guess we'll call it reference notification handlers the Nova and the Neutron one we're only going to use Nova though in the demo but but we'll go ahead and enable them both okay after you're done uncommenting that line look for the Nova fixed one first and let's uncomment the three lines in in that stanza in the config file you'll see that we have a domain ID notification topic not a surprise there it's monitor that's the that's the topic that we told Nova and Neutron to publish to the exchange we're using the Nova exchange for the Nova handler and we're going to use the Neutron exchange for the Neutron handler the format now the format is interesting this is going to be the format for for the fully qualified domain name for the a record that that this this handler creates there is more information on what else you can do with this but right now what we're going to do is whatever display name we supply when we create the VM will be the name of the record followed by the domain you could have it be the octets for the IP address that it gets there's you there's any number of things you can do here but in this case we're going to use the display name followed by the by the domain name of the zone name okay and and if you attended my early meeting you'll hear me intermix domain and zone for designates purposes there is a distinction between domains and zones but for designates purposes you can use them interchangeably because domain maps to zone one it's a one-to-one mapping at least now there is I see a hand oh sorry okay I'm sorry what what did I uncomment first can you stand up and go to the mic I can't hear oh what I uncomment at first is a look for the word sink in the stinks in the sink stands I come uncomment at the notification handlers okay let me get back to where we were okay so you've got this domain ID here what there's something missing right we need to actually give it a domain ID so let's go ahead and escape down to our shell from within vi and let's go ahead and capture that domain ID so I'm going to do a designate domain list and the domain ID for the VMs that we're going to create we're going to use the example dot com domain and so let's capture that ID and cut and paste that back up into our our shell I mean into our vi session so let's go ahead and do that if you guys are vi guys hopefully you can make that happen I did a domain do a designate domain list I use the yeah user user one right you should be already in that in that user but user one is or user two anybody who's in ten and a can can list it yes no what that means is you're going to write a custom handler to handle that this is this is a brain dead default handler that ships with designate I don't call I don't think your intent anybody's actually going to use it in production or anything it's just so it's pretty it's pretty brain dead so yeah you would you would write a custom notification handler to handle this the way you need to handle it okay this is this is just an example handler it's a starting point for you okay okay so I'm gonna I'm gonna keep moving here because I know I know we're getting toward the getting toward the end I'm gonna give Kyle opportunity to recruit some of you I also know there's probably gonna be some questions so let's go ahead and I'm sorry go ahead and hit yy or whatever you need to do let's cut and paste this we're gonna take it down to the neutron floating handler as well and just replace the domain ID down there and then go ahead and comment the rest of those lines I don't think I need to explain explain again but you know again the control exchange and the topic or the topic or the world we're gonna consume these messages from just just to repeat we're enabling both the Nova and the neutron handlers that ship would designate we're only gonna look at the Nova one today okay so go ahead and get out of this save that off now we're going you know we don't really need to to cycle designate but I found with OpenStack a lot of times you think you know what's gonna happen and you know you end up cycling especially when it comes to Nova you end up cycling something you realize you need it to cycle several other things so let's go ahead and cycle all these while we're at it you really don't need to but to a kill all on designate API so we're gonna stop the designate API we'll go ahead and do the same thing with designate central okay and then let's go ahead and restart central let's go ahead and restart the API and let's go ahead and start up sync so we will have sync the service running now is everybody have sync up and running at least everybody that's gonna be following okay perfect okay so the next thing we'll do is let's back to our home directory let's make sure we're user one we're gonna we're gonna go ahead and create we're gonna create our first VM we're gonna do it from the command line using Nova so we need an image so let's get our image list we're gonna need this ID so go ahead and cut and paste that okay we're gonna get our flavors although I know what flavor we're gonna use we're gonna use the smallest one which is gonna be one we'll go ahead and get a list of flavors hey we'll use one let's go ahead and do our Nova boot the next piece of boot that I'm supplying there is going to be the display name so not surprisingly we're gonna create a record here hopefully the record will be an example dot com because that's what we configured in the designate dot com file so what we should get is an a record that's called test VM dot example dot com with some IP address so let's do Nova boot test VM our image supply our image and then finally let's supply our flavor when you've got that hit return you do your Nova list and at some point hopefully soon it's active so if this is the first one you've created you probably have an IP address very similar to mine 172 31 to 52 dot 3 you'll notice that's the tenant tenant a network not surprising when we're in tenant a for this work if I do my designate domain list and I do my designate record list off of that domain ID we hope that we have a record so there's our a record okay if we run dig just to prove that the back end did its job sure enough there's our there's our a record okay so again the the notification handler I'm demoing is just a reference notification it's just for you guys to a starting point for you guys you guys will be customizing it for yourself and if you attended the earlier session we actually went through some use cases eBay I showed you eBay's use case which was a little bit complex and I believe Graham went through through what may or may not be HP's use case so let's go ahead and delete this VM test VM do a Nova list it's gone so not surprisingly if I do my designate record list on that on that domain example dot com the records gone and and if you just want to prove that you can do a dig on local host test VM that example dot com okay and and and and the a record's not there we got the SOA record as an answer but the a record's not there so we're we're out of there okay so I believe that concludes the demo portion of yep let's I'm sorry let me go back the demo portion of this are there any questions about what we went over yes okay I'm on Mike okay the question was does it does the vagrant image work with Havana and the answer was yes okay are there any other questions okay if there are no questions I'm gonna hand you over to Kyle who's gonna attempt to get you guys excited about the project and come aboard and help us and fix things like I being able to use the client a little bit easier and things like that so go ahead Kyle thank you this thing is on alright so first off I'm gonna say I hate standing in front of crowds and talking so yeah first off there's a bunch of links and you don't will publish these online as a link at the end it contains all of the useful things on getting started contributing to designate or generally open stack so the first bunch is things like you know the how to contribute primer from which is a general open stack link we follow all the open stack processes we're on stack forage the CLA will be needed we use launchpad for bugs and blueprints and so if you contributed to any other open stack project this is going to be familiar the rest are designate specific links so our documentation our specific launchpad bug and blueprints tracker and some other useful bits so bare necessities designate does the vast majority of our communication on IRC so if you want to get involved having a good IRC client come join at the open stack DNS room you'll find us there you're pretty much any one time besides this week we have a weekly IRC meeting which is on Wednesdays at 1700 UTC and it's free for everyone to attend it's the agendas open for anyone to add items to the link is there it's wiki.openstack.org wiki meetings designate and if there's anything you think we're missing anything you want to add and anything you think we should be adding and please go ahead file bugs file blueprints and add it to them with the meeting agenda beforehand we'll bring it up during the meeting and we'll see if we can help hey so for people who are interested in contributing the vast majority of designate pieces are pluggable so everything from the V1 API endpoints you can add plugins which will add more V2 will do that eventually storage drivers which is our communication to the database today we have a sequel alchemy plug-in you could write a MongoDB plug-in or something else if you wanted tomorrow then the back-end drivers which is our DNS server communication so today we have Power DNS, NSD4, Red Hats free IPA, Dinect which used to be DYN DNS and bind 9 kind of we're fixing that this this cycle so by the end of Juneau if you're looking to use bind it should be perfect and finally the notification handlers are plugins as well there was a couple of questions on those so if you look in the designate get repository in the contrived folder there's an example plug-in so it's an example out of tree plug-in how you would add your own company's stuff without actually having to fork designate and add it so we have two APIs as was mentioned the version one the version two the version one's based on flask all of the open stack services seem to be slowly standardizing on Pekin at least the newer ones so that's being used for version two the API layer is intentionally as a lightweight as possible so we basically do validations basic syntax validations is this a valid host name that kind of stuff at the API layer then the message will get popped onto the queue designate central pick it up and do the heavy lifting the reason for that is we've always had multiple APIs in mind so we've always had the rest API we're introducing essentially a DNS API where you'll be able to do zone transfers to the real DNS servers via that API you'll be able to do NS updates to us at some point in the future as well and then there's the sync which is essentially a message bus API so we've centralized all of the logic in central the API so API sync MDNS are all going to be very lightweight version one is we're trying to keep it in maintenance mode it's we're trying to get v2 stable and ready to go so we're trying not to add new features to version one but we will if we have to so I'm kind of already mentioned some of this the central services our core service pretty much everything belongs in there and if it's not something specific to do with with implementing a particular API HTTP rest DNS API or rabbit API then it probably belongs in designate central so as I said I hate talking so I kept this short did anyone have any questions yes yes that's on free node alongside all of the other the question was is the IRC channel on free node the answer is yes it's on free node alongside all of the other open stack IRC channels are all of us here are usually on some of us live in other countries so they're on at different times but there's usually somebody on to answer your questions any other questions do we have package builds so there's a PPL launchpad under launchpad net slash designate PPA I haven't updated those for the latest release but they will be at some point there's also packages in Deben and unstable now for designate I think that's our latest latest release like just got pushed in there and I'm not sure there's been a couple of people who have made Fedora and Red Hat RPMs I've never actually they've never been sent to me so I don't I don't know if they're open or not and do you guys any of the Red Hat folks in the room know I've made some already and I can help you with making them but I don't think they're out there yet yeah yeah so yes it can work oh sorry repeat the question so the question is can most enterprises already have DNS service of some kind deployed can this coexist or is this only for OpenStack so yes and no it can coexist it you can reuse the same DNS servers you do have some catch 22s for example if you if the main already exists on your back-end DNS server but designate knows nothing about it someone goes to try and create that it's going to error that's a designate expects to be able to create any domain that it doesn't already have so it doesn't query all the way to the back to check if it's pre-existing and so with that caveat in mind yes if that caveat it's not acceptable then no so not necessarily so we there's loads of ways that could be done one is you just if you've got pre-existing zones that you don't want to be that that you don't want on this then you have to enforce nobody creates them we have a blacklist feature that you can list them all out and nobody will be able to create those and you'll be able to continue using me you at the pre-existing zones just like you did and you can add more do whatever you want with it the other way is potentially only want to delegate part of your if your company a calm you might want to delegate you know office a company a calm to designate while keeping the rest separately and that's that can be done as well so there's there's generally a bunch of different ways that you can make it coexist but up to now so far we've mainly been concentrating on we own the DNS servers and we will we will manage them essentially and and there are tools to help you migrate from your existing DNS into designate if you want doesn't need to be the source of record for that stuff hey power DNS so the one we tested today sorry the question was do any of the DNS server support multi-master yes essentially and we have some problems and the multi-master situations one of the big reasons that we call bind kind of works and power DNS uses a database so you're free to replicate your database however you wish and so it only needs a read-only replica that's relatively easy to do even across continents for the likes of bind and so on we would have to coordinate the record create record delete all of the actions across every server what happens when one of them's down and so that's why we're introducing this cycle the mini DNS or MDNS service which will help will help us fix that situation so for the likes of bind and so on things should become a lot more reliable are there any other questions it's the yeah it's way it it's a bad name I think but it's just designate dash MDNS yeah it's a piece it's gonna be another piece of designate you know we have the designate API designate central designate sir sink there will be a designate mini DNS yeah so the designate MDNS will be a we'll make use of the DNS Python library it will stand itself up on port 53 you'll be able to send queries to us we want to expect end users to ever actually put publish that but we would expect that you would take your real name servers bind power DNS point them at that as the hidden master so that should one of your machines be down and a couple of records were added it's okay DNS zone transfers you know that's a standard way of dealing with that you will always end up with a consistent set and it makes the implementation for for you know multiple different types of DNS servers that might be so much centralized in the database some are zone files on disk that aren't shared some need a minor slave zone files some need a full zone file so it gets awful complicated when you start multiplying up by the number of DNS servers people start asking for so we've started holding off with you know any additional DNS servers we had a question today about a DJB DNS and another one and everybody has their own opinion on what the best DNS server is and we want to let them use that but we're gonna try and get this mini DNS thing in so that we can actually do every single one of them reliably rather than you know only ones that have their own inbuilt replication like parody DNS being really really reliable yeah and that's targeted for Juno so at the end of this it's like you said at the end of the cycle we will have that done you said you said that you can support any DNS backend can you plug that out of the tree as well yes so I was that question on the microphone yeah okay so all of the things I listed as plug-in interfaces can be done out of tree so it uses just Python entry points you just have to have your own package register an entry point in designate dot storage or designate dot back ends and we'll load the appropriate one the sample we gave the sample in tree is an handler because that's when we get asked the most about but essentially it be identical just change the handlers to to storage or or back end and make sure you implement the right APIs in the class you you advertise okay we got a few more minutes okay so we have a couple minutes does anybody have any more questions okay well thank you yeah thank you everybody for coming and hope to see you again