0515814e0c
Do not repeat options and nameservers in the dhclient hooks. Do not prepend nameservers for dhclient but supersede and fail back to the upstream_dns_resolvers then default_resolver. Fixes order of nameservers placement, which is cluster DNS ip goes always first. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
84 lines
2.8 KiB
YAML
84 lines
2.8 KiB
YAML
---
|
|
- name: check resolvconf
|
|
shell: which resolvconf
|
|
register: resolvconf
|
|
ignore_errors: yes
|
|
changed_when: false
|
|
|
|
- set_fact:
|
|
resolvconf: >-
|
|
{%- if resolvconf.rc == 0 -%}true{%- else -%}false{%- endif -%}
|
|
|
|
- set_fact:
|
|
private_domains: |-
|
|
{% for d in [ 'default.svc.' + dns_domain, 'svc.' + dns_domain ] + searchdomains|default([]) -%}
|
|
{{dns_domain}}.{{d}}./{{d}}.{{d}}./com.{{d}}./
|
|
{%- endfor %}
|
|
default_resolver: >-
|
|
{%- if cloud_provider is defined and cloud_provider == 'gce' -%}169.254.169.254{%- else -%}8.8.8.8{%- endif -%}
|
|
|
|
- name: check kubelet
|
|
stat:
|
|
path: "{{ bin_dir }}/kubelet"
|
|
register: kubelet
|
|
changed_when: false
|
|
|
|
- name: check if early DNS configuration stage
|
|
set_fact:
|
|
dns_early: >-
|
|
{%- if kubelet.stat.exists -%}false{%- else -%}true{%- endif -%}
|
|
|
|
- name: target resolv.conf files
|
|
set_fact:
|
|
resolvconffile: /etc/resolv.conf
|
|
base: >-
|
|
{%- if resolvconf|bool -%}/etc/resolvconf/resolv.conf.d/base{%- endif -%}
|
|
head: >-
|
|
{%- if resolvconf|bool -%}/etc/resolvconf/resolv.conf.d/head{%- endif -%}
|
|
when: ansible_os_family != "CoreOS"
|
|
|
|
- name: target temporary resolvconf cloud init file (CoreOS)
|
|
set_fact: resolvconffile=/tmp/resolveconf_cloud_init_conf
|
|
when: ansible_os_family == "CoreOS"
|
|
|
|
- name: target dhclient conf/hook files for Red Hat family
|
|
set_fact:
|
|
dhclientconffile: /etc/dhclient.conf
|
|
dhclienthookfile: /etc/dhcp/dhclient.d/zdnsupdate.sh
|
|
when: ansible_os_family == "RedHat"
|
|
|
|
- name: target dhclient conf/hook files for Debian family
|
|
set_fact:
|
|
dhclientconffile: /etc/dhcp/dhclient.conf
|
|
dhclienthookfile: /etc/dhcp/dhclient-exit-hooks.d/zdnsupdate
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: generate search domains to resolvconf
|
|
set_fact:
|
|
searchentries:
|
|
search {{ ([ 'default.svc.' + dns_domain, 'svc.' + dns_domain ] + searchdomains|default([])) | join(' ') }}
|
|
domainentry:
|
|
domain {{ dns_domain }}
|
|
supersede_search:
|
|
supersede domain-search "{{ ([ 'default.svc.' + dns_domain, 'svc.' + dns_domain ] + searchdomains|default([])) | join('", "') }}";
|
|
supersede_domain:
|
|
supersede domain-name "{{ dns_domain }}";
|
|
|
|
- name: pick dnsmasq cluster IP or default resolver
|
|
set_fact:
|
|
dnsmasq_server: |-
|
|
{%- if skip_dnsmasq|bool and not dns_early|bool -%}
|
|
{{ [ skydns_server ] + upstream_dns_servers|default([]) }}
|
|
{%- elif dns_early|bool -%}
|
|
{{ upstream_dns_servers|default([default_resolver]) }}
|
|
{%- else -%}
|
|
{{ [ dns_server ] }}
|
|
{%- endif -%}
|
|
|
|
- name: generate nameservers to resolvconf
|
|
set_fact:
|
|
nameserverentries:
|
|
nameserver {{( dnsmasq_server + nameservers|default([])) | join(',nameserver ')}}
|
|
supersede_nameserver:
|
|
supersede domain-name-servers {{( dnsmasq_server + nameservers|default([])) | join(', ') }};
|