Moved docker_dns_options to defaults so it can be overridden (#6394)

* Moved docker_dns_options to defaults so it can be overridden

* Fixed yaml indentation and markdown

* Moved docker_dns_search_domains to defaults

docs/dns-stack.md

@@ -137,6 +137,16 @@ The following dns options are added to the docker daemon
 * timeout:2
 * attempts:2
 
+These dns options can be overridden by setting a different list:
+
+```yaml
+docker_dns_options:
+- ndots:{{ ndots }}
+- timeout:2
+- attempts:2
+- rotate
+```
+
 For normal PODs, k8s will ignore these options and setup its own DNS settings for the PODs, taking
 the --cluster_dns (either coredns or coredns_dual, depending on dns_mode) kubelet option into account.
 For ``hostNetwork: true`` PODs however, k8s will let docker setup DNS settings. Docker containers which

roles/container-engine/docker/tasks/set_facts_dns.yml

@@ -8,17 +8,6 @@
   debug:
     msg: "{{ docker_dns_servers }}"
 
-- name: set base docker dns facts
-  set_fact:
-    docker_dns_search_domains:
-      - 'default.svc.{{ dns_domain }}'
-      - 'svc.{{ dns_domain }}'
-    docker_dns_options:
-      - ndots:{{ ndots }}
-      - timeout:2
-      - attempts:2
-
-
 - name: add upstream dns servers
   set_fact:
     docker_dns_servers: "{{ docker_dns_servers + upstream_dns_servers|default([]) }}"

roles/kubespray-defaults/defaults/main.yaml

@@ -75,6 +75,11 @@ epel_enabled: false
 cluster_name: cluster.local
 # Subdomains of DNS domain to be resolved via /etc/resolv.conf for hostnet pods
 ndots: 2
+# Default resolv.conf options
+docker_dns_options:
+- ndots:{{ ndots }}
+- timeout:2
+- attempts:2
 # Can be coredns, coredns_dual, manual, or none
 dns_mode: coredns
 
@@ -94,6 +99,9 @@ deploy_netchecker: false
 skydns_server: "{{ kube_service_addresses|ipaddr('net')|ipaddr(3)|ipaddr('address') }}"
 skydns_server_secondary: "{{ kube_service_addresses|ipaddr('net')|ipaddr(4)|ipaddr('address') }}"
 dns_domain: "{{ cluster_name }}"
+docker_dns_search_domains:
+- 'default.svc.{{ dns_domain }}'
+- 'svc.{{ dns_domain }}'
 
 kube_dns_servers:
   coredns: ["{{skydns_server}}"]
@@ -367,9 +375,9 @@ external_openstack_lbaas_monitor_timeout: "30s"
 external_openstack_lbaas_monitor_max_retries: "3"
 external_openstack_network_ipv6_disabled: false
 external_openstack_network_internal_networks:
-  - ""
+- ""
 external_openstack_network_public_networks:
-  - ""
+- ""
 
 ## List of authorization modes that must be configured for
 ## the k8s cluster. Only 'AlwaysAllow', 'AlwaysDeny', 'Node' and