Moved docker_dns_options to defaults so it can be overridden (#6394)

* Moved docker_dns_options to defaults so it can be overridden * Fixed yaml indentation and markdown * Moved docker_dns_search_domains to defaults
2020-08-01 10:29:41 +03:00 · 2020-08-01 10:29:41 +03:00 · 94df580674
parent 90e5f8ffe1
commit 94df580674
3 changed files with 20 additions and 13 deletions
--- a/docs/dns-stack.md
+++ b/docs/dns-stack.md
@ -137,6 +137,16 @@ The following dns options are added to the docker daemon
 * timeout:2
 * attempts:2

+These dns options can be overridden by setting a different list:
+
+```yaml
+docker_dns_options:
+- ndots:{{ ndots }}
+- timeout:2
+- attempts:2
+- rotate
+```
+
 For normal PODs, k8s will ignore these options and setup its own DNS settings for the PODs, taking
 the --cluster_dns (either coredns or coredns_dual, depending on dns_mode) kubelet option into account.
 For ``hostNetwork: true`` PODs however, k8s will let docker setup DNS settings. Docker containers which
--- a/roles/container-engine/docker/tasks/set_facts_dns.yml
+++ b/roles/container-engine/docker/tasks/set_facts_dns.yml
@ -8,17 +8,6 @@
  debug:
    msg: "{{ docker_dns_servers }}"

- name: set base docker dns facts
-  set_fact:
-    docker_dns_search_domains:
-      - 'default.svc.{{ dns_domain }}'
-      - 'svc.{{ dns_domain }}'
-    docker_dns_options:
-      - ndots:{{ ndots }}
-      - timeout:2
-      - attempts:2
-
-
 - name: add upstream dns servers
  set_fact:
    docker_dns_servers: "{{ docker_dns_servers + upstream_dns_servers|default([]) }}"
--- a/roles/kubespray-defaults/defaults/main.yaml
+++ b/roles/kubespray-defaults/defaults/main.yaml
@ -75,6 +75,11 @@ epel_enabled: false
 cluster_name: cluster.local
 # Subdomains of DNS domain to be resolved via /etc/resolv.conf for hostnet pods
 ndots: 2
+# Default resolv.conf options
+docker_dns_options:
+- ndots:{{ ndots }}
+- timeout:2
+- attempts:2
 # Can be coredns, coredns_dual, manual, or none
 dns_mode: coredns

@ -94,6 +99,9 @@ deploy_netchecker: false
 skydns_server: "{{ kube_service_addresses|ipaddr('net')|ipaddr(3)|ipaddr('address') }}"
 skydns_server_secondary: "{{ kube_service_addresses|ipaddr('net')|ipaddr(4)|ipaddr('address') }}"
 dns_domain: "{{ cluster_name }}"
+docker_dns_search_domains:
+- 'default.svc.{{ dns_domain }}'
+- 'svc.{{ dns_domain }}'

 kube_dns_servers:
  coredns: ["{{skydns_server}}"]
@ -367,9 +375,9 @@ external_openstack_lbaas_monitor_timeout: "30s"
 external_openstack_lbaas_monitor_max_retries: "3"
 external_openstack_network_ipv6_disabled: false
 external_openstack_network_internal_networks:
-  - ""
+- ""
 external_openstack_network_public_networks:
-  - ""
+- ""

 ## List of authorization modes that must be configured for
 ## the k8s cluster. Only 'AlwaysAllow', 'AlwaysDeny', 'Node' and