From 3d23905b219bc106035ae756d87ca57923b70f29 Mon Sep 17 00:00:00 2001 From: Boris Barnier Date: Thu, 18 Jun 2020 11:59:00 +0200 Subject: [PATCH] Use NetworkManager to manage resolv.conf in FedoraCoreOS --- roles/kubernetes/preinstall/handlers/main.yml | 15 ++++++- .../preinstall/tasks/0060-resolvconf.yml | 6 +-- .../preinstall/tasks/0062-networkmanager.yml | 40 +++++++++++++++++++ roles/kubernetes/preinstall/tasks/main.yml | 10 +++++ 4 files changed, 66 insertions(+), 5 deletions(-) create mode 100644 roles/kubernetes/preinstall/tasks/0062-networkmanager.yml diff --git a/roles/kubernetes/preinstall/handlers/main.yml b/roles/kubernetes/preinstall/handlers/main.yml index 2e8528f566d..fd4cec362bb 100644 --- a/roles/kubernetes/preinstall/handlers/main.yml +++ b/roles/kubernetes/preinstall/handlers/main.yml @@ -16,11 +16,22 @@ notify: - Preinstall | apply resolvconf cloud-init - Preinstall | reload kubelet - when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos + when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] - name: Preinstall | apply resolvconf cloud-init command: /usr/bin/coreos-cloudinit --from-file {{ resolveconf_cloud_init_conf }} - when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos + when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] + +- name: Preinstall | update resolvconf for Fedora CoreOS + command: /bin/true + notify: + - Preinstall | reload NetworkManager + - Preinstall | reload kubelet + when: is_fedora_coreos + +- name: Preinstall | reload NetworkManager + command: systemctl restart NetworkManager.service + when: is_fedora_coreos - name: Preinstall | reload kubelet service: diff --git a/roles/kubernetes/preinstall/tasks/0060-resolvconf.yml b/roles/kubernetes/preinstall/tasks/0060-resolvconf.yml index 690317013c7..805b93a37f6 100644 --- a/roles/kubernetes/preinstall/tasks/0060-resolvconf.yml +++ b/roles/kubernetes/preinstall/tasks/0060-resolvconf.yml @@ -1,7 +1,7 @@ --- - name: create temporary resolveconf cloud init file command: cp -f /etc/resolv.conf "{{ resolvconffile }}" - when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos + when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] - name: Add domain/search/nameservers/options to resolv.conf blockinfile: @@ -47,7 +47,7 @@ - name: get temporary resolveconf cloud init file content command: cat {{ resolvconffile }} register: cloud_config - when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos + when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] - name: persist resolvconf cloud init file template: @@ -56,4 +56,4 @@ owner: root mode: 0644 notify: Preinstall | update resolvconf for Container Linux by CoreOS and Flatcar - when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos + when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] diff --git a/roles/kubernetes/preinstall/tasks/0062-networkmanager.yml b/roles/kubernetes/preinstall/tasks/0062-networkmanager.yml new file mode 100644 index 00000000000..4d94231aad8 --- /dev/null +++ b/roles/kubernetes/preinstall/tasks/0062-networkmanager.yml @@ -0,0 +1,40 @@ +--- +- name: NetworkManager | Add nameservers to NM configuration + ini_file: + path: /etc/NetworkManager/system-connections/default_connection.nmconnection + section: ipv4 + option: dns + value: "{{ ( coredns_server + nameservers|d([]) + cloud_resolver|d([])) | unique | join(';') }}" + mode: '0600' + backup: yes + notify: Preinstall | update resolvconf for Fedora CoreOS + +- name: NetworkManager | Add DNS search to NM configuration + ini_file: + path: /etc/NetworkManager/system-connections/default_connection.nmconnection + section: ipv4 + option: dns-search + value: "{{ ([ 'default.svc.' + dns_domain, 'svc.' + dns_domain ] + searchdomains|default([])) | join(';') }}" + mode: '0600' + backup: yes + notify: Preinstall | update resolvconf for Fedora CoreOS + +- name: NetworkManager | Add DNS options to NM configuration + ini_file: + path: /etc/NetworkManager/system-connections/default_connection.nmconnection + section: ipv4 + option: dns-options + value: "ndots:{{ ndots }};timeout:2;attempts:2;" + mode: '0600' + backup: yes + notify: Preinstall | update resolvconf for Fedora CoreOS + +- name: NetworkManager | Ignore DNS auto configuration + ini_file: + path: /etc/NetworkManager/system-connections/default_connection.nmconnection + section: ipv4 + option: ignore-auto-dns + value: 'true' + mode: '0600' + backup: yes + notify: Preinstall | update resolvconf for Fedora CoreOS diff --git a/roles/kubernetes/preinstall/tasks/main.yml b/roles/kubernetes/preinstall/tasks/main.yml index 932f99deeb5..e1a6a71af7a 100644 --- a/roles/kubernetes/preinstall/tasks/main.yml +++ b/roles/kubernetes/preinstall/tasks/main.yml @@ -33,6 +33,7 @@ - dns_mode != 'none' - resolvconf_mode == 'host_resolvconf' - systemd_resolved_enabled.rc != 0 + - not is_fedora_coreos tags: - bootstrap-os - resolvconf @@ -46,6 +47,15 @@ - bootstrap-os - resolvconf +- import_tasks: 0062-networkmanager.yml + when: + - dns_mode != 'none' + - resolvconf_mode == 'host_resolvconf' + - is_fedora_coreos + tags: + - bootstrap-os + - resolvconf + - import_tasks: 0070-system-packages.yml when: - not dns_late