5f12b7aedf
Both kubedns and dnsmasq modes are long not maintained. We should run dns_late steps at the end because sshd makes DNS lookups during Ansible run and has 2s timeouts for each failed lookup trying to connect to coredns before it is ready.
71 lines
2.2 KiB
YAML
71 lines
2.2 KiB
YAML
---
|
|
|
|
- name: set dns server for docker
|
|
set_fact:
|
|
docker_dns_servers: "{{dns_servers}}"
|
|
|
|
- name: show docker_dns_servers
|
|
debug:
|
|
msg: "{{docker_dns_servers}}"
|
|
|
|
- name: set base docker dns facts
|
|
set_fact:
|
|
docker_dns_search_domains:
|
|
- 'default.svc.{{ dns_domain }}'
|
|
- 'svc.{{ dns_domain }}'
|
|
docker_dns_options:
|
|
- ndots:{{ ndots }}
|
|
- timeout:2
|
|
- attempts:2
|
|
|
|
|
|
- name: add upstream dns servers
|
|
set_fact:
|
|
docker_dns_servers: "{{ docker_dns_servers + upstream_dns_servers|default([]) }}"
|
|
when: dns_mode in ['coredns', 'coredns_dual']
|
|
|
|
- name: add global searchdomains
|
|
set_fact:
|
|
docker_dns_search_domains: "{{ docker_dns_search_domains + searchdomains|default([]) }}"
|
|
|
|
- name: check system nameservers
|
|
shell: grep "^nameserver" /etc/resolv.conf | sed 's/^nameserver\s*//'
|
|
changed_when: False
|
|
register: system_nameservers
|
|
check_mode: no
|
|
|
|
- name: check system search domains
|
|
shell: grep "^search" /etc/resolv.conf | sed 's/^search\s*//'
|
|
changed_when: False
|
|
register: system_search_domains
|
|
check_mode: no
|
|
|
|
- name: add system nameservers to docker options
|
|
set_fact:
|
|
docker_dns_servers: "{{ docker_dns_servers | union(system_nameservers.stdout_lines) | unique }}"
|
|
when: system_nameservers.stdout != ""
|
|
|
|
- name: add system search domains to docker options
|
|
set_fact:
|
|
docker_dns_search_domains: "{{ docker_dns_search_domains | union(system_search_domains.stdout.split()|default([])) | unique }}"
|
|
when: system_search_domains.stdout != ""
|
|
|
|
- name: check number of nameservers
|
|
fail:
|
|
msg: "Too many nameservers. You can relax this check by set docker_dns_servers_strict=false in all.yml and we will only use the first 3."
|
|
when: docker_dns_servers|length > 3 and docker_dns_servers_strict|bool
|
|
|
|
- name: rtrim number of nameservers to 3
|
|
set_fact:
|
|
docker_dns_servers: "{{ docker_dns_servers[0:3] }}"
|
|
when: docker_dns_servers|length > 3 and not docker_dns_servers_strict|bool
|
|
|
|
- name: check number of search domains
|
|
fail:
|
|
msg: "Too many search domains"
|
|
when: docker_dns_search_domains|length > 6
|
|
|
|
- name: check length of search domains
|
|
fail:
|
|
msg: "Search domains exceeded limit of 256 characters"
|
|
when: docker_dns_search_domains|join(' ')|length > 256
|