From aa76e39f7907282b61b26c0dca0307e84a426356 Mon Sep 17 00:00:00 2001
From: Lee Spottiswood <me@lee.io>
Date: Fri, 8 Nov 2024 02:46:44 +0000
Subject: [PATCH] adds nodelocaldns_additional_configs to facilitate additional
 CoreDNS config options (#11657)

---
 docs/advanced/dns-stack.md                                | 8 ++++++++
 roles/kubernetes-apps/ansible/defaults/main.yml           | 5 +++++
 .../ansible/templates/nodelocaldns-config.yml.j2          | 6 ++++++
 3 files changed, 19 insertions(+)

diff --git a/docs/advanced/dns-stack.md b/docs/advanced/dns-stack.md
index ae560d4a8..9524d2f85 100644
--- a/docs/advanced/dns-stack.md
+++ b/docs/advanced/dns-stack.md
@@ -64,6 +64,10 @@ Custom options to be added to the kubernetes coredns plugin.
 
 Extra domains to be forwarded to the kubernetes coredns plugin.
 
+### coredns_additional_configs
+
+Extra configuration to be added to CoreDNS configuration
+
 ### coredns_rewrite_block
 
 [Rewrite](https://coredns.io/plugins/rewrite/) plugin block to perform internal message rewriting.
@@ -290,6 +294,10 @@ nodelocaldns_external_zones:
 
 See [dns_etchosts](#dns_etchosts-coredns) above.
 
+### nodelocaldns_additional_configs
+
+Extra configuration to be added to CoreDNS configuration
+
 ### Nodelocal DNS HA
 
 Under some circumstances the single POD nodelocaldns implementation may not be able to be replaced soon enough and a cluster upgrade or a nodelocaldns upgrade can cause DNS requests to time out for short intervals. If for any reason your applications cannot tolerate this behavior you can enable a redundant nodelocal DNS pod on each node:
diff --git a/roles/kubernetes-apps/ansible/defaults/main.yml b/roles/kubernetes-apps/ansible/defaults/main.yml
index daebd07f6..88cf81e1d 100644
--- a/roles/kubernetes-apps/ansible/defaults/main.yml
+++ b/roles/kubernetes-apps/ansible/defaults/main.yml
@@ -55,6 +55,11 @@ nodelocaldns_ds_nodeselector: "kubernetes.io/os: linux"
 nodelocaldns_prometheus_port: 9253
 nodelocaldns_secondary_prometheus_port: 9255
 
+# nodelocaldns_additional_configs adds any extra configuration to coredns
+# nodelocaldns_additional_configs: |
+#   whoami
+#   local
+
 # Limits for dns-autoscaler
 dns_autoscaler_cpu_requests: 20m
 dns_autoscaler_memory_requests: 10Mi
diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
index e8ce54529..802915b3a 100644
--- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
@@ -75,6 +75,9 @@ data:
         prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:{{ nodelocaldns_prometheus_port }}
     }
     .:53 {
+{% if nodelocaldns_additional_configs is defined %}
+        {{ nodelocaldns_additional_configs | indent(width=8, first=False) }}
+{% endif %}
         errors
         cache 30
         reload
@@ -157,6 +160,9 @@ data:
         prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:{{ nodelocaldns_secondary_prometheus_port }}
     }
     .:53 {
+{% if nodelocaldns_additional_configs is defined %}
+        {{ nodelocaldns_additional_configs | indent(width=8, first=False) }}
+{% endif %}
         errors
         cache 30
         reload
-- 
GitLab