--- - name: ensure dnsmasq.d directory exists file: path: /etc/dnsmasq.d state: directory - name: ensure dnsmasq.d-available directory exists file: path: /etc/dnsmasq.d-available state: directory - name: Write dnsmasq configuration template: src: 01-kube-dns.conf.j2 dest: /etc/dnsmasq.d-available/01-kube-dns.conf mode: 0755 backup: yes - name: Stat dnsmasq configuration stat: path=/etc/dnsmasq.d/01-kube-dns.conf register: sym - name: Move previous configuration command: mv /etc/dnsmasq.d/01-kube-dns.conf /etc/dnsmasq.d-available/01-kube-dns.conf.bak changed_when: False when: sym.stat.islnk is defined and sym.stat.islnk == False - name: Enable dnsmasq configuration file: src: /etc/dnsmasq.d-available/01-kube-dns.conf dest: /etc/dnsmasq.d/01-kube-dns.conf state: link - name: Create dnsmasq manifests template: src={{item.file}} dest=/etc/kubernetes/{{item.file}} with_items: - {file: dnsmasq-ds.yml, type: ds} - {file: dnsmasq-svc.yml, type: svc} register: manifests when: inventory_hostname == groups['kube-master'][0] - name: Start Resources kube: name: dnsmasq namespace: kube-system kubectl: "{{bin_dir}}/kubectl" resource: "{{item.item.type}}" filename: /etc/kubernetes/{{item.item.file}} state: "{{item.changed | ternary('latest','present') }}" with_items: "{{ manifests.results }}" when: inventory_hostname == groups['kube-master'][0] - name: Check for dnsmasq port (pulling image and running container) wait_for: host: "{{dns_server}}" port: 53 delay: 5 when: inventory_hostname == groups['kube-node'][0] - name: check resolvconf shell: which resolvconf register: resolvconf ignore_errors: yes - name: target resolv.conf file set_fact: resolvconffile: >- {%- if resolvconf.rc == 0 -%}/etc/resolvconf/resolv.conf.d/head{%- else -%}/etc/resolv.conf{%- endif -%} - name: generate search domains to resolvconf set_fact: searchentries="{{ ([ 'default.svc.' + dns_domain, 'svc.' + dns_domain ] + searchdomains|default([])) | join(' ') }}" - name: generate nameservers to resolvconf set_fact: nameserverentries="{{ nameservers|default([]) + [ dns_server ] }}" - name: Add search resolv.conf lineinfile: line: "search {{searchentries}}" dest: "{{resolvconffile}}" state: present insertbefore: BOF backup: yes follow: yes - name: Add local dnsmasq to resolv.conf blockinfile: dest: "{{resolvconffile}}" block: |- {% for item in nameserverentries -%} nameserver {{ item }} {% endfor %} state: present create: yes backup: yes follow: yes marker: "# Ansible nameservers {mark}" - name: Add options to resolv.conf lineinfile: line: options {{ item }} dest: "{{resolvconffile}}" state: present regexp: "^options.*{{ item }}$" insertafter: EOF backup: yes follow: yes with_items: - timeout:2 - attempts:2 - name: Remove search and nameserver options from resolvconf base lineinfile: dest: /etc/resolvconf/resolv.conf.d/base state: absent regexp: "^{{ item }}.*$" backup: yes follow: yes with_items: - search - nameserver when: resolvconf.rc == 0 - name: disable resolv.conf modification by dhclient copy: src=dhclient_nodnsupdate dest=/etc/dhcp/dhclient-enter-hooks.d/znodnsupdate mode=0755 notify: Dnsmasq | restart network when: ansible_os_family == "Debian" - name: disable resolv.conf modification by dhclient copy: src=dhclient_nodnsupdate dest=/etc/dhcp/dhclient.d/nodnsupdate mode=u+x notify: Dnsmasq | restart network when: ansible_os_family == "RedHat"