1782d19e1f
Current design expects users to define at least one nameserver in the nameservers var to backup host OS DNS config when the K8s cluster DNS service IP is not available and hosts still have to resolve external or intranet FQDNs. Fix undefined nameservers to fallback to the default_resolver. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
84 lines
2.8 KiB
YAML
84 lines
2.8 KiB
YAML
---
|
|
- name: check resolvconf
|
|
shell: which resolvconf
|
|
register: resolvconf
|
|
ignore_errors: yes
|
|
changed_when: false
|
|
|
|
- set_fact:
|
|
resolvconf: >-
|
|
{%- if resolvconf.rc == 0 -%}true{%- else -%}false{%- endif -%}
|
|
|
|
- set_fact:
|
|
private_domains: |-
|
|
{% for d in [ 'default.svc.' + dns_domain, 'svc.' + dns_domain ] + searchdomains|default([]) -%}
|
|
{{dns_domain}}.{{d}}./{{d}}.{{d}}./com.{{d}}./
|
|
{%- endfor %}
|
|
default_resolver: >-
|
|
{%- if cloud_provider is defined and cloud_provider == 'gce' -%}169.254.169.254{%- else -%}8.8.8.8{%- endif -%}
|
|
|
|
- name: check kubelet
|
|
stat:
|
|
path: "{{ bin_dir }}/kubelet"
|
|
register: kubelet
|
|
changed_when: false
|
|
|
|
- name: check if early DNS configuration stage
|
|
set_fact:
|
|
dns_early: >-
|
|
{%- if kubelet.stat.exists -%}false{%- else -%}true{%- endif -%}
|
|
|
|
- name: target resolv.conf files
|
|
set_fact:
|
|
resolvconffile: /etc/resolv.conf
|
|
base: >-
|
|
{%- if resolvconf|bool -%}/etc/resolvconf/resolv.conf.d/base{%- endif -%}
|
|
head: >-
|
|
{%- if resolvconf|bool -%}/etc/resolvconf/resolv.conf.d/head{%- endif -%}
|
|
when: ansible_os_family != "CoreOS"
|
|
|
|
- name: target temporary resolvconf cloud init file (CoreOS)
|
|
set_fact: resolvconffile=/tmp/resolveconf_cloud_init_conf
|
|
when: ansible_os_family == "CoreOS"
|
|
|
|
- name: target dhclient conf/hook files for Red Hat family
|
|
set_fact:
|
|
dhclientconffile: /etc/dhcp/dhclient.conf
|
|
dhclienthookfile: /etc/dhcp/dhclient.d/zdnsupdate.sh
|
|
when: ansible_os_family == "RedHat"
|
|
|
|
- name: target dhclient conf/hook files for Debian family
|
|
set_fact:
|
|
dhclientconffile: /etc/dhcp/dhclient.conf
|
|
dhclienthookfile: /etc/dhcp/dhclient-exit-hooks.d/zdnsupdate
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: generate search domains to resolvconf
|
|
set_fact:
|
|
searchentries:
|
|
search {{ ([ 'default.svc.' + dns_domain, 'svc.' + dns_domain ] + searchdomains|default([])) | join(' ') }}
|
|
domainentry:
|
|
domain {{ dns_domain }}
|
|
supersede_search:
|
|
supersede domain-search "{{ ([ 'default.svc.' + dns_domain, 'svc.' + dns_domain ] + searchdomains|default([])) | join('", "') }}";
|
|
supersede_domain:
|
|
supersede domain-name "{{ dns_domain }}";
|
|
|
|
- name: pick dnsmasq cluster IP or default resolver
|
|
set_fact:
|
|
dnsmasq_server: |-
|
|
{%- if skip_dnsmasq|bool and not dns_early|bool -%}
|
|
{{ [ skydns_server ] + upstream_dns_servers|default([]) }}
|
|
{%- elif dns_early|bool -%}
|
|
{{ upstream_dns_servers|default([]) }}
|
|
{%- else -%}
|
|
{{ [ dns_server ] }}
|
|
{%- endif -%}
|
|
|
|
- name: generate nameservers to resolvconf
|
|
set_fact:
|
|
nameserverentries:
|
|
nameserver {{( dnsmasq_server + nameservers|default([default_resolver])) | join(',nameserver ')}}
|
|
supersede_nameserver:
|
|
supersede domain-name-servers {{( dnsmasq_server + nameservers|default([default_resolver])) | join(', ') }};
|