Ability to define options for DNS upstream servers (#9311)
* Ability to define options for DNS upstream servers * Doc and sample inventory vars
This commit is contained in:
parent
5d1fe64bc8
commit
5c25b57989
6 changed files with 32 additions and 10 deletions
|
@ -50,6 +50,12 @@ is not set, a default resolver is chosen (depending on cloud provider or 8.8.8.8
|
||||||
DNS servers to be added *after* the cluster DNS. Used by all ``resolvconf_mode`` modes. These serve as backup
|
DNS servers to be added *after* the cluster DNS. Used by all ``resolvconf_mode`` modes. These serve as backup
|
||||||
DNS servers in early cluster deployment when no cluster DNS is available yet.
|
DNS servers in early cluster deployment when no cluster DNS is available yet.
|
||||||
|
|
||||||
|
### dns_upstream_forward_extra_opts
|
||||||
|
|
||||||
|
Whether or not upstream DNS servers come from `upstream_dns_servers` variable or /etc/resolv.conf, related forward block in coredns (and nodelocaldns) configuration can take options (see <https://coredns.io/plugins/forward/> for details).
|
||||||
|
These are configurable in inventory in as a dictionary in the `dns_upstream_forward_extra_opts` variable.
|
||||||
|
By default, no other option than the ones hardcoded (see `roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2` and `roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2`).
|
||||||
|
|
||||||
### coredns_external_zones
|
### coredns_external_zones
|
||||||
|
|
||||||
Array of optional external zones to coredns forward queries to. It's injected into
|
Array of optional external zones to coredns forward queries to. It's injected into
|
||||||
|
|
|
@ -169,6 +169,7 @@ variables to match your requirements.
|
||||||
* *searchdomains* - Array of up to 4 search domains
|
* *searchdomains* - Array of up to 4 search domains
|
||||||
* *remove_default_searchdomains* - Boolean. If enabled, `searchdomains` variable can hold 6 search domains.
|
* *remove_default_searchdomains* - Boolean. If enabled, `searchdomains` variable can hold 6 search domains.
|
||||||
* *dns_etchosts* - Content of hosts file for coredns and nodelocaldns
|
* *dns_etchosts* - Content of hosts file for coredns and nodelocaldns
|
||||||
|
* *dns_upstream_forward_extra_opts* - Options to add in the forward section of coredns/nodelocaldns related to upstream DNS servers
|
||||||
|
|
||||||
For more information, see [DNS
|
For more information, see [DNS
|
||||||
Stack](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/dns-stack.md).
|
Stack](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/dns-stack.md).
|
||||||
|
|
|
@ -205,6 +205,9 @@ enable_coredns_k8s_external: false
|
||||||
coredns_k8s_external_zone: k8s_external.local
|
coredns_k8s_external_zone: k8s_external.local
|
||||||
# Enable endpoint_pod_names option for kubernetes plugin
|
# Enable endpoint_pod_names option for kubernetes plugin
|
||||||
enable_coredns_k8s_endpoint_pod_names: false
|
enable_coredns_k8s_endpoint_pod_names: false
|
||||||
|
# Set forward options for upstream DNS servers in coredns (and nodelocaldns) config
|
||||||
|
# dns_upstream_forward_extra_opts:
|
||||||
|
# policy: sequential
|
||||||
|
|
||||||
# Can be docker_dns, host_resolvconf or none
|
# Can be docker_dns, host_resolvconf or none
|
||||||
resolvconf_mode: host_resolvconf
|
resolvconf_mode: host_resolvconf
|
||||||
|
|
|
@ -14,6 +14,10 @@ coredns_deployment_nodeselector: "kubernetes.io/os: linux"
|
||||||
coredns_default_zone_cache_block: |
|
coredns_default_zone_cache_block: |
|
||||||
cache 30
|
cache 30
|
||||||
|
|
||||||
|
# dns_upstream_forward_extra_opts apply to coredns forward section as well as nodelocaldns upstream target forward section
|
||||||
|
# dns_upstream_forward_extra_opts:
|
||||||
|
# policy: sequential
|
||||||
|
|
||||||
# nodelocaldns
|
# nodelocaldns
|
||||||
nodelocaldns_cpu_requests: 100m
|
nodelocaldns_cpu_requests: 100m
|
||||||
nodelocaldns_memory_limit: 200Mi
|
nodelocaldns_memory_limit: 200Mi
|
||||||
|
|
|
@ -46,17 +46,15 @@ data:
|
||||||
{% endif %}
|
{% endif %}
|
||||||
}
|
}
|
||||||
prometheus :9153
|
prometheus :9153
|
||||||
{% if upstream_dns_servers is defined and upstream_dns_servers|length > 0 %}
|
forward . {{ upstream_dns_servers|join(' ') if upstream_dns_servers is defined and upstream_dns_servers|length > 0 else '/etc/resolv.conf' }} {
|
||||||
forward . {{ upstream_dns_servers|join(' ') }} {
|
|
||||||
prefer_udp
|
prefer_udp
|
||||||
max_concurrent 1000
|
max_concurrent 1000
|
||||||
}
|
{% if dns_upstream_forward_extra_opts is defined %}
|
||||||
{% else %}
|
{% for optname, optvalue in dns_upstream_forward_extra_opts.items() %}
|
||||||
forward . /etc/resolv.conf {
|
{{ optname }} {{ optvalue }}
|
||||||
prefer_udp
|
{% endfor %}
|
||||||
max_concurrent 1000
|
|
||||||
}
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
}
|
||||||
{% if enable_coredns_k8s_external %}
|
{% if enable_coredns_k8s_external %}
|
||||||
k8s_external {{ coredns_k8s_external_zone }}
|
k8s_external {{ coredns_k8s_external_zone }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
|
@ -80,7 +80,12 @@ data:
|
||||||
reload
|
reload
|
||||||
loop
|
loop
|
||||||
bind {{ nodelocaldns_ip }}
|
bind {{ nodelocaldns_ip }}
|
||||||
forward . {{ upstreamForwardTarget }}
|
forward . {{ upstreamForwardTarget }}{% if dns_upstream_forward_extra_opts is defined %} {
|
||||||
|
{% for optname, optvalue in dns_upstream_forward_extra_opts.items() %}
|
||||||
|
{{ optname }} {{ optvalue }}
|
||||||
|
{% endfor %}
|
||||||
|
}{% endif %}
|
||||||
|
|
||||||
prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:{{ nodelocaldns_prometheus_port }}
|
prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:{{ nodelocaldns_prometheus_port }}
|
||||||
{% if dns_etchosts | default(None) %}
|
{% if dns_etchosts | default(None) %}
|
||||||
hosts /etc/coredns/hosts {
|
hosts /etc/coredns/hosts {
|
||||||
|
@ -157,7 +162,12 @@ data:
|
||||||
reload
|
reload
|
||||||
loop
|
loop
|
||||||
bind {{ nodelocaldns_ip }}
|
bind {{ nodelocaldns_ip }}
|
||||||
forward . {{ upstreamForwardTarget }}
|
forward . {{ upstreamForwardTarget }}{% if dns_upstream_forward_extra_opts is defined %} {
|
||||||
|
{% for optname, optvalue in dns_upstream_forward_extra_opts.items() %}
|
||||||
|
{{ optname }} {{ optvalue }}
|
||||||
|
{% endfor %}
|
||||||
|
}{% endif %}
|
||||||
|
|
||||||
prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:{{ nodelocaldns_secondary_prometheus_port }}
|
prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:{{ nodelocaldns_secondary_prometheus_port }}
|
||||||
{% if dns_etchosts | default(None) %}
|
{% if dns_etchosts | default(None) %}
|
||||||
hosts /etc/coredns/hosts {
|
hosts /etc/coredns/hosts {
|
||||||
|
|
Loading…
Reference in a new issue