Fedora coreos networkmanager global dns and bootstrapping fix (#6577)
* remove podman cni plugin * configure networkamanger global dns * allow installation of python3-libselinux by disabling update repo temporary * remove ipv4 section because it is not a valid configuration
This commit is contained in:
parent
050578da94
commit
2de6a5676d
3 changed files with 32 additions and 21 deletions
|
@ -13,7 +13,7 @@ use_oracle_public_repo: true
|
||||||
|
|
||||||
fedora_coreos_packages:
|
fedora_coreos_packages:
|
||||||
- python
|
- python
|
||||||
- libselinux-python3
|
- python3-libselinux
|
||||||
- ethtool # required in kubeadm preflight phase for verifying the environment
|
- ethtool # required in kubeadm preflight phase for verifying the environment
|
||||||
- ipset # required in kubeadm preflight phase for verifying the environment
|
- ipset # required in kubeadm preflight phase for verifying the environment
|
||||||
- conntrack-tools # required by kube-proxy
|
- conntrack-tools # required by kube-proxy
|
||||||
|
|
|
@ -8,16 +8,37 @@
|
||||||
tags:
|
tags:
|
||||||
- facts
|
- facts
|
||||||
|
|
||||||
|
- name: Remove podman network cni
|
||||||
|
raw: "podman network rm podman"
|
||||||
|
become: true
|
||||||
|
ignore_errors: yes
|
||||||
|
when: need_bootstrap.rc != 0
|
||||||
|
|
||||||
- name: Clean up possible pending packages on fedora coreos
|
- name: Clean up possible pending packages on fedora coreos
|
||||||
raw: "export http_proxy={{ http_proxy | default('') }};rpm-ostree cleanup -p }}"
|
raw: "export http_proxy={{ http_proxy | default('') }};rpm-ostree cleanup -p }}"
|
||||||
become: true
|
become: true
|
||||||
when: need_bootstrap.rc != 0
|
when: need_bootstrap.rc != 0
|
||||||
|
|
||||||
|
# Because the package "python3-libselinux" has a dependency on libselinux,
|
||||||
|
# which is a base package in Fedora CoreOS and cannot be upgraded.
|
||||||
|
# Temporary disabling update repo allows to install python3-libselinux
|
||||||
|
# see https://github.com/coreos/fedora-coreos-tracker/issues/592
|
||||||
|
- name: Temporary disable fedora updates repo because of base packages conflicts
|
||||||
|
raw: "sed -i 's|^enabled=1|enabled=0|g' /etc/yum.repos.d/fedora-updates.repo"
|
||||||
|
become: true
|
||||||
|
when: need_bootstrap.rc != 0
|
||||||
|
|
||||||
- name: Install required packages on fedora coreos
|
- name: Install required packages on fedora coreos
|
||||||
raw: "export http_proxy={{ http_proxy | default('') }};rpm-ostree install {{ fedora_coreos_packages|join(' ') }}"
|
raw: "export http_proxy={{ http_proxy | default('') }};rpm-ostree install {{ fedora_coreos_packages|join(' ') }}"
|
||||||
become: true
|
become: true
|
||||||
when: need_bootstrap.rc != 0
|
when: need_bootstrap.rc != 0
|
||||||
|
|
||||||
|
# see https://github.com/coreos/fedora-coreos-tracker/issues/592
|
||||||
|
- name: Enable fedora updates repo
|
||||||
|
raw: "sed -i 's|^enabled=0|enabled=1|g' /etc/yum.repos.d/fedora-updates.repo"
|
||||||
|
become: true
|
||||||
|
when: need_bootstrap.rc != 0
|
||||||
|
|
||||||
# playbook fails because connection lost
|
# playbook fails because connection lost
|
||||||
- name: Reboot immediately for updated ostree, please run playbook again if failed first time.
|
- name: Reboot immediately for updated ostree, please run playbook again if failed first time.
|
||||||
raw: "nohup bash -c 'sleep 5s && shutdown -r now'"
|
raw: "nohup bash -c 'sleep 5s && shutdown -r now'"
|
||||||
|
|
|
@ -1,9 +1,9 @@
|
||||||
---
|
---
|
||||||
- name: NetworkManager | Add nameservers to NM configuration
|
- name: NetworkManager | Add nameservers to NM configuration
|
||||||
ini_file:
|
ini_file:
|
||||||
path: /etc/NetworkManager/system-connections/default_connection.nmconnection
|
path: /etc/NetworkManager/conf.d/dns.conf
|
||||||
section: ipv4
|
section: global-dns-domain-*
|
||||||
option: dns
|
option: servers
|
||||||
value: "{{ ( coredns_server + nameservers|d([]) + cloud_resolver|d([])) | unique | join(';') }}"
|
value: "{{ ( coredns_server + nameservers|d([]) + cloud_resolver|d([])) | unique | join(';') }}"
|
||||||
mode: '0600'
|
mode: '0600'
|
||||||
backup: yes
|
backup: yes
|
||||||
|
@ -11,9 +11,9 @@
|
||||||
|
|
||||||
- name: NetworkManager | Add DNS search to NM configuration
|
- name: NetworkManager | Add DNS search to NM configuration
|
||||||
ini_file:
|
ini_file:
|
||||||
path: /etc/NetworkManager/system-connections/default_connection.nmconnection
|
path: /etc/NetworkManager/conf.d/dns.conf
|
||||||
section: ipv4
|
section: global-dns
|
||||||
option: dns-search
|
option: searches
|
||||||
value: "{{ ([ 'default.svc.' + dns_domain, 'svc.' + dns_domain ] + searchdomains|default([])) | join(';') }}"
|
value: "{{ ([ 'default.svc.' + dns_domain, 'svc.' + dns_domain ] + searchdomains|default([])) | join(';') }}"
|
||||||
mode: '0600'
|
mode: '0600'
|
||||||
backup: yes
|
backup: yes
|
||||||
|
@ -21,20 +21,10 @@
|
||||||
|
|
||||||
- name: NetworkManager | Add DNS options to NM configuration
|
- name: NetworkManager | Add DNS options to NM configuration
|
||||||
ini_file:
|
ini_file:
|
||||||
path: /etc/NetworkManager/system-connections/default_connection.nmconnection
|
path: /etc/NetworkManager/conf.d/dns.conf
|
||||||
section: ipv4
|
section: global-dns
|
||||||
option: dns-options
|
option: options
|
||||||
value: "ndots:{{ ndots }};timeout:2;attempts:2;"
|
value: "ndots:{{ ndots }};timeout:2;attempts:2;"
|
||||||
mode: '0600'
|
mode: '0600'
|
||||||
backup: yes
|
backup: yes
|
||||||
notify: Preinstall | update resolvconf for Fedora CoreOS
|
notify: Preinstall | update resolvconf for Fedora CoreOS
|
||||||
|
|
||||||
- name: NetworkManager | Ignore DNS auto configuration
|
|
||||||
ini_file:
|
|
||||||
path: /etc/NetworkManager/system-connections/default_connection.nmconnection
|
|
||||||
section: ipv4
|
|
||||||
option: ignore-auto-dns
|
|
||||||
value: 'true'
|
|
||||||
mode: '0600'
|
|
||||||
backup: yes
|
|
||||||
notify: Preinstall | update resolvconf for Fedora CoreOS
|
|
||||||
|
|
Loading…
Reference in a new issue