From 09b23f96d7a734d96ebddc5bd4b4e92f4d7df424 Mon Sep 17 00:00:00 2001
From: bozzo <bozzo@users.noreply.github.com>
Date: Mon, 29 Jun 2020 09:26:17 +0200
Subject: [PATCH] Use NetworkManager to manage resolv.conf in FedoraCoreOS
(#6291)
---
roles/kubernetes/preinstall/handlers/main.yml | 15 ++++++-
.../preinstall/tasks/0060-resolvconf.yml | 6 +--
.../preinstall/tasks/0062-networkmanager.yml | 40 +++++++++++++++++++
roles/kubernetes/preinstall/tasks/main.yml | 10 +++++
4 files changed, 66 insertions(+), 5 deletions(-)
create mode 100644 roles/kubernetes/preinstall/tasks/0062-networkmanager.yml
diff --git a/roles/kubernetes/preinstall/handlers/main.yml b/roles/kubernetes/preinstall/handlers/main.yml
index 2e8528f56..fd4cec362 100644
--- a/roles/kubernetes/preinstall/handlers/main.yml
+++ b/roles/kubernetes/preinstall/handlers/main.yml
@@ -16,11 +16,22 @@
notify:
- Preinstall | apply resolvconf cloud-init
- Preinstall | reload kubelet
- when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos
+ when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]
- name: Preinstall | apply resolvconf cloud-init
command: /usr/bin/coreos-cloudinit --from-file {{ resolveconf_cloud_init_conf }}
- when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos
+ when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]
+
+- name: Preinstall | update resolvconf for Fedora CoreOS
+ command: /bin/true
+ notify:
+ - Preinstall | reload NetworkManager
+ - Preinstall | reload kubelet
+ when: is_fedora_coreos
+
+- name: Preinstall | reload NetworkManager
+ command: systemctl restart NetworkManager.service
+ when: is_fedora_coreos
- name: Preinstall | reload kubelet
service:
diff --git a/roles/kubernetes/preinstall/tasks/0060-resolvconf.yml b/roles/kubernetes/preinstall/tasks/0060-resolvconf.yml
index 690317013..805b93a37 100644
--- a/roles/kubernetes/preinstall/tasks/0060-resolvconf.yml
+++ b/roles/kubernetes/preinstall/tasks/0060-resolvconf.yml
@@ -1,7 +1,7 @@
---
- name: create temporary resolveconf cloud init file
command: cp -f /etc/resolv.conf "{{ resolvconffile }}"
- when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos
+ when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]
- name: Add domain/search/nameservers/options to resolv.conf
blockinfile:
@@ -47,7 +47,7 @@
- name: get temporary resolveconf cloud init file content
command: cat {{ resolvconffile }}
register: cloud_config
- when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos
+ when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]
- name: persist resolvconf cloud init file
template:
@@ -56,4 +56,4 @@
owner: root
mode: 0644
notify: Preinstall | update resolvconf for Container Linux by CoreOS and Flatcar
- when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"] or is_fedora_coreos
+ when: ansible_os_family in ["CoreOS", "Coreos", "Container Linux by CoreOS", "Flatcar", "Flatcar Container Linux by Kinvolk"]
diff --git a/roles/kubernetes/preinstall/tasks/0062-networkmanager.yml b/roles/kubernetes/preinstall/tasks/0062-networkmanager.yml
new file mode 100644
index 000000000..4d94231aa
--- /dev/null
+++ b/roles/kubernetes/preinstall/tasks/0062-networkmanager.yml
@@ -0,0 +1,40 @@
+---
+- name: NetworkManager | Add nameservers to NM configuration
+ ini_file:
+ path: /etc/NetworkManager/system-connections/default_connection.nmconnection
+ section: ipv4
+ option: dns
+ value: "{{ ( coredns_server + nameservers|d([]) + cloud_resolver|d([])) | unique | join(';') }}"
+ mode: '0600'
+ backup: yes
+ notify: Preinstall | update resolvconf for Fedora CoreOS
+
+- name: NetworkManager | Add DNS search to NM configuration
+ ini_file:
+ path: /etc/NetworkManager/system-connections/default_connection.nmconnection
+ section: ipv4
+ option: dns-search
+ value: "{{ ([ 'default.svc.' + dns_domain, 'svc.' + dns_domain ] + searchdomains|default([])) | join(';') }}"
+ mode: '0600'
+ backup: yes
+ notify: Preinstall | update resolvconf for Fedora CoreOS
+
+- name: NetworkManager | Add DNS options to NM configuration
+ ini_file:
+ path: /etc/NetworkManager/system-connections/default_connection.nmconnection
+ section: ipv4
+ option: dns-options
+ value: "ndots:{{ ndots }};timeout:2;attempts:2;"
+ mode: '0600'
+ backup: yes
+ notify: Preinstall | update resolvconf for Fedora CoreOS
+
+- name: NetworkManager | Ignore DNS auto configuration
+ ini_file:
+ path: /etc/NetworkManager/system-connections/default_connection.nmconnection
+ section: ipv4
+ option: ignore-auto-dns
+ value: 'true'
+ mode: '0600'
+ backup: yes
+ notify: Preinstall | update resolvconf for Fedora CoreOS
diff --git a/roles/kubernetes/preinstall/tasks/main.yml b/roles/kubernetes/preinstall/tasks/main.yml
index 932f99dee..e1a6a71af 100644
--- a/roles/kubernetes/preinstall/tasks/main.yml
+++ b/roles/kubernetes/preinstall/tasks/main.yml
@@ -33,6 +33,7 @@
- dns_mode != 'none'
- resolvconf_mode == 'host_resolvconf'
- systemd_resolved_enabled.rc != 0
+ - not is_fedora_coreos
tags:
- bootstrap-os
- resolvconf
@@ -46,6 +47,15 @@
- bootstrap-os
- resolvconf
+- import_tasks: 0062-networkmanager.yml
+ when:
+ - dns_mode != 'none'
+ - resolvconf_mode == 'host_resolvconf'
+ - is_fedora_coreos
+ tags:
+ - bootstrap-os
+ - resolvconf
+
- import_tasks: 0070-system-packages.yml
when:
- not dns_late
--
GitLab