Chapter 8. Continuing Broker Host Installation for Enterprise

This section describes how to customize your broker installation for enterprise use, and provides information beyond the basic installation of an OpenShift Enterprise broker host.

8.1. Installing and Configuring DNS Plug-ins

OpenShift Enterprise must be able to make dynamic, real-time updates to a DNS domain to publish applications. A DNS plug-in on the broker handles these updates by creating or deleting CNAME records. The sample broker deployment described in Chapter 7, Manually Installing and Configuring a Broker Host installs and configures an nsupdate plug-in that modifies a name server according to RFC 2136 [2]. However, you can instead define and use a different plug-in that updates a DNS service of your choice.
To implement a different DNS plug-in, you can either develop your own or install and configure one of the supported plug-ins that are shipped with OpenShift Enterprise. If you choose to develop your own, inspect the nsupdate plug-in code as an example. The location of the gem and the source files varies depending on the version of the RPM package. Use the following command to find out the location of these files on your broker hosts: 
# rpm -ql rubygem-openshift-origin-dns-nsupdate
Then see the Gem_Location/lib/openshift/nsupdate_plugin.rb file to observe the necessary functions.
If you choose to use one of the supported DNS plug-ins, see the following sections.

8.1.1. Installing and Configuring the Fog DNS Plug-in

Available starting in OpenShift Enterprise 2.2, the Fog DNS plug-in uses cloud DNS services to publish OpenShift Enterprise applications. Currently, this plug-in can only be configured for use with Rackspace® Cloud DNS.
See http://fog.io/dns for more information on Fog cloud DNS services.
See http://www.rackspace.com/cloud/dns for more information on Rackspace® Cloud DNS.

Procedure 8.1. To Install and Configure the Fog DNS Plug-in:

Perform all of the following steps on each broker host in your deployment.
  1. Install the Fog DNS plug-in: 
    # yum install rubygem-openshift-origin-dns-fog
  2. Copy the example to create the configuration file: 
    # cp /etc/openshift/plugins.d/openshift-origin-dns-fog.conf.example /etc/openshift/plugins.d/openshift-origin-dns-fog.conf
  3. Edit the /etc/openshift/plugins.d/openshift-origin-dns-fog.conf file and set your Rackspace® Cloud DNS credentials.

    Example 8.1. Fog DNS Plug-in Configuration Using Rackspace® Cloud DNS

    FOG_RACKSPACE_USERNAME="racker"
FOG_RACKSPACE_API_KEY="apikey"
FOG_RACKSPACE_REGION="ord"
  4. Disable any other DNS plug-in that may be in use by moving its configuration file from the /etc/openshift/plugins.d/ directory or renaming it so that it does not end with a .conf extension.
  5. Restart the broker service to reload the configuration: 
    # service openshift-broker restart

8.1.2. Installing and Configuring the DYN® DNS Plug-in

Available starting in OpenShift Enterprise 2.1.6, the DYN® DNS plug-in uses the DYN® Managed DNS service to publish OpenShift Enterprise applications.
See http://dyn.com/managed-dns for more information on DYN® Managed DNS.

Procedure 8.2. To Install and Configure the DYN® DNS Plug-in:

Perform all of the following steps on each broker host in your deployment.
  1. Install the DYN® DNS plug-in: 
    # yum install rubygem-openshift-origin-dns-dynect
  2. Copy the example to create the configuration file: 
    # cp /etc/openshift/plugins.d/openshift-origin-dns-dynect.conf.example /etc/openshift/plugins.d/openshift-origin-dns-dynect.conf
  3. Edit the /etc/openshift/plugins.d/openshift-origin-dns-dynect.conf file and set your DYN® DNS credentials.

    Example 8.2. DYN® DNS Plug-in Configuration

    ZONE=Cloud_Domain
DYNECT_CUSTOMER_NAME=Customer_Name
DYNECT_USER_NAME=Username
DYNECT_PASSWORD=Password
DYNECT_URL=https://api2.dynect.net
  4. Disable any other DNS plug-in that may be in use by moving its configuration file from the /etc/openshift/plugins.d/ directory or renaming it so that it does not end with a .conf extension.
  5. Restart the broker service to reload the configuration: 
    # service openshift-broker restart

8.1.3. Configuring the nsupdate DNS Plug-in for Compatible DNS Services

A basic installation of OpenShift Enterprise includes the default nsupdate DNS plug-in, as described in Section 7.3, “Installing and Configuring BIND and DNS”, which updates a name server according to RFC 2136 [3]. In addition to BIND, this plug-in supports integration with other compatible DNS services as well.
Using Infoblox®

Because Infoblox® supports TSIG and GSS-TSIG updates, you can configure the nsupdate DNS plug-in to use an Infoblox® service to publish OpenShift Enterprise applications. See https://www.infoblox.com for more information on Infoblox®.

Configuring your Infoblox® service with the appropriate keys is outside of the scope of this guide, but once a key has been added to your zone, the configuration requirements on your OpenShift Enterprise hosts are the same as if you were using a BIND server.

Procedure 8.3. To Configure the nsupdate DNS Plug-in to Update an Infoblox® Service:

Perform all of the following steps on each broker host in your deployment.
  1. The nsupdate DNS plug-in is installed by default during a basic installation of OpenShift Enterprise, but if it is not currently installed, install the rubygem-openshift-origin-dns-nsupdate package: 
    # yum install rubygem-openshift-origin-dns-nsupdate
  2. Edit the /etc/openshift/plugins.d/openshift-origin-dns-nsupdate.conf file and set values appropriate for your Infoblox® service and zone: 
    BIND_SERVER="Infoblox_Name_Server"
BIND_PORT=53
BIND_KEYNAME="Key_Name"
BIND_KEYVALUE="Key_Value"
BIND_KEYALGORITHM=Key_Algorithm_Type
BIND_ZONE="Zone_Name"
  3. Disable any other DNS plug-in that may be in use by moving its configuration file from the /etc/openshift/plugins.d/ directory or renaming it so that it does not end with a .conf extension.
  4. Restart the broker service to reload the configuration: 
    # service openshift-broker restart