Add support for dns_etchosts (#6236)

docs/dns-stack.md

@@ -40,8 +40,6 @@ is not set, a default resolver is chosen (depending on cloud provider or 8.8.8.8
 DNS servers to be added *after* the cluster DNS. Used by all ``resolvconf_mode`` modes. These serve as backup
 DNS servers in early cluster deployment when no cluster DNS is available yet.
 
-## DNS modes supported by Kubespray
-
 ### coredns_external_zones
 
 Array of optional external zones to coredns forward queries to. It's  injected into
@@ -69,9 +67,23 @@ coredns_external_zones:
 or as INI
 
 ```ini
-coredns_external_zones=[{"cache": 30,"zones":["example.com","example.io:453"],"nameservers":["1.1.1.1","2.2.2.2"]}]'
+coredns_external_zones='[{"cache": 30,"zones":["example.com","example.io:453"],"nameservers":["1.1.1.1","2.2.2.2"]}]'
 ```
 
+### dns_etchosts (coredns)
+
+Optional hosts file content to coredns use as /etc/hosts file. This will also be used by nodelocaldns, if enabled.
+
+Example:
+
+```yaml
+dns_etchosts: |
+  192.168.0.100 api.example.com
+  192.168.0.200 ingress.example.com
+```
+
+## DNS modes supported by Kubespray
+
 You can modify how Kubespray sets up DNS for your cluster with the variables ``dns_mode`` and ``resolvconf_mode``.
 
 ### dns_mode
@@ -182,6 +194,10 @@ nodelocaldns_external_zones:
   - 192.168.0.53
 ```
 
+### dns_etchosts (nodelocaldns)
+
+See [dns_etchosts](#dns_etchosts-coredns) above.
+
 ## Limitations
 
 * Kubespray has yet ways to configure Kubedns addon to forward requests SkyDns can

docs/vars.md

@@ -99,6 +99,7 @@ variables to match your requirements.
   addition to Kubespray deployed DNS
 * *nameservers* - Array of DNS servers configured for use by hosts
 * *searchdomains* - Array of up to 4 search domains
+* *dns_etchosts* - Content of hosts file for coredns and nodelocaldns
 
 For more information, see [DNS
 Stack](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/dns-stack.md).

roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2

@@ -17,6 +17,11 @@ data:
         loadbalance
         cache {{ block['cache'] | default(5) }}
         reload
+{% if dns_etchosts | default(None) %}
+        hosts /etc/coredns/hosts {
+          fallthrough
+        }
+{% endif %}
     }
 {%   endfor %}
 {% endif %}
@@ -50,4 +55,13 @@ data:
         loop
         reload
         loadbalance
+{% if dns_etchosts | default(None) %}
+        hosts /etc/coredns/hosts {
+          fallthrough
+        }
+{% endif %}
     }
+{% if dns_etchosts | default(None) %}
+  hosts: |
+   {{ dns_etchosts }}
+{% endif %}

roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2

@@ -110,3 +110,7 @@ spec:
             items:
             - key: Corefile
               path: Corefile
+{% if dns_etchosts | default(None) %}
+            - key: hosts
+              path: hosts
+{% endif %}

roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2

@@ -19,6 +19,11 @@ data:
         forward . {{ block['nameservers'] | join(' ') }}
         prometheus :9253
         log
+{% if dns_etchosts | default(None) %}
+        hosts /etc/coredns/hosts {
+          fallthrough
+        }
+{% endif %}
     }
 {% endfor %}
 {% endif %}
@@ -36,6 +41,11 @@ data:
         }
         prometheus :9253
         health {{ nodelocaldns_ip }}:{{ nodelocaldns_health_port }}
+{% if dns_etchosts | default(None) %}
+        hosts /etc/coredns/hosts {
+          fallthrough
+        }
+{% endif %}
     }
     in-addr.arpa:53 {
         errors
@@ -67,4 +77,13 @@ data:
         bind {{ nodelocaldns_ip }}
         forward . {{ upstreamForwardTarget }}
         prometheus :9253
+{% if dns_etchosts | default(None) %}
+        hosts /etc/coredns/hosts {
+          fallthrough
+        }
+{% endif %}
     }
+{% if dns_etchosts | default(None) %}
+  hosts: |
+   {{ dns_etchosts }}
+{% endif %}

roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2

@@ -79,6 +79,10 @@ spec:
             items:
             - key: Corefile
               path: Corefile
+{% if dns_etchosts | default(None) %}
+            - key: hosts
+              path: hosts
+{% endif %}
         - name: xtables-lock
           hostPath:
             path: /run/xtables.lock