Use NetworkManager to manage resolv.conf in FedoraCoreOS (kubernetes-…

…sigs#6291)
southbridgeio · Jun 29, 2020 · ae00211 · ae00211
1 parent 8263ab5
commit ae00211
Show file tree

Hide file tree

Showing 4 changed files with 66 additions and 5 deletions.
diff --git a/roles/kubernetes/preinstall/handlers/main.yml b/roles/kubernetes/preinstall/handlers/main.yml
@@ -16,11 +16,22 @@
   notify:
     - Preinstall | apply resolvconf cloud-init
     - Preinstall | reload kubelet
-  when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos
+  when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]
 
 - name: Preinstall | apply resolvconf cloud-init
   command: /usr/bin/coreos-cloudinit --from-file {{ resolveconf_cloud_init_conf }}
-  when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos
+  when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]
+
+- name: Preinstall | update resolvconf for Fedora CoreOS
+  command: /bin/true
+  notify:
+    - Preinstall | reload NetworkManager
+    - Preinstall | reload kubelet
+  when: is_fedora_coreos
+
+- name: Preinstall | reload NetworkManager
+  command: systemctl restart NetworkManager.service
+  when: is_fedora_coreos
 
 - name: Preinstall | reload kubelet
   service:

diff --git a/roles/kubernetes/preinstall/tasks/0060-resolvconf.yml b/roles/kubernetes/preinstall/tasks/0060-resolvconf.yml
@@ -1,7 +1,7 @@
 ---
 - name: create temporary resolveconf cloud init file
   command: cp -f /etc/resolv.conf "{{ resolvconffile }}"
-  when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos
+  when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]
 
 - name: Add domain/search/nameservers/options to resolv.conf
   blockinfile:
@@ -47,7 +47,7 @@
 - name: get temporary resolveconf cloud init file content
   command: cat {{ resolvconffile }}
   register: cloud_config
-  when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos
+  when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]
 
 - name: persist resolvconf cloud init file
   template:
@@ -56,4 +56,4 @@
     owner: root
     mode: 0644
   notify: Preinstall | update resolvconf for Container Linux by CoreOS and Flatcar
-  when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos
+  when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]
diff --git a/roles/kubernetes/preinstall/tasks/0062-networkmanager.yml b/roles/kubernetes/preinstall/tasks/0062-networkmanager.yml
@@ -0,0 +1,40 @@
+---
+- name: NetworkManager | Add nameservers to NM configuration
+  ini_file:
+    path: /etc/NetworkManager/system-connections/default_connection.nmconnection
+    section: ipv4
+    option: dns
+    value: "{{ ( coredns_server + nameservers|d([]) + cloud_resolver|d([])) | unique | join(';') }}"
+    mode: '0600'
+    backup: yes
+  notify: Preinstall | update resolvconf for Fedora CoreOS
+
+- name: NetworkManager | Add DNS search to NM configuration
+  ini_file:
+    path: /etc/NetworkManager/system-connections/default_connection.nmconnection
+    section: ipv4
+    option: dns-search
+    value: "{{ ([ 'default.svc.' + dns_domain, 'svc.' + dns_domain ] + searchdomains|default([])) | join(';') }}"
+    mode: '0600'
+    backup: yes
+  notify: Preinstall | update resolvconf for Fedora CoreOS
+
+- name: NetworkManager | Add DNS options to NM configuration
+  ini_file:
+    path: /etc/NetworkManager/system-connections/default_connection.nmconnection
+    section: ipv4
+    option: dns-options
+    value: "ndots:{{ ndots }};timeout:2;attempts:2;"
+    mode: '0600'
+    backup: yes
+  notify: Preinstall | update resolvconf for Fedora CoreOS
+
+- name: NetworkManager | Ignore DNS auto configuration
+  ini_file:
+    path: /etc/NetworkManager/system-connections/default_connection.nmconnection
+    section: ipv4
+    option: ignore-auto-dns
+    value: 'true'
+    mode: '0600'
+    backup: yes
+  notify: Preinstall | update resolvconf for Fedora CoreOS
diff --git a/roles/kubernetes/preinstall/tasks/main.yml b/roles/kubernetes/preinstall/tasks/main.yml
@@ -37,6 +37,7 @@
     - dns_mode != 'none'
     - resolvconf_mode == 'host_resolvconf'
     - systemd_resolved_enabled.rc != 0
+    - not is_fedora_coreos
   tags:
     - bootstrap-os
     - resolvconf
@@ -50,6 +51,15 @@
     - bootstrap-os
     - resolvconf
 
+- import_tasks: 0062-networkmanager.yml
+  when:
+    - dns_mode != 'none'
+    - resolvconf_mode == 'host_resolvconf'
+    - is_fedora_coreos
+  tags:
+    - bootstrap-os
+    - resolvconf
+
 - import_tasks: 0070-system-packages.yml
   when:
     - not dns_late