kubespray/roles/container-engine/docker/tasks/set_facts_dns.yml

---

- name: set dns server for docker
  set_fact:
    docker_dns_servers: "{{ dns_servers }}"

- name: show docker_dns_servers
  debug:
    msg: "{{ docker_dns_servers }}"

- name: add upstream dns servers
  set_fact:
    docker_dns_servers: "{{ docker_dns_servers + upstream_dns_servers|default([]) }}"
  when: dns_mode in ['coredns', 'coredns_dual']

- name: add global searchdomains
  set_fact:
    docker_dns_search_domains: "{{ docker_dns_search_domains + searchdomains|default([]) }}"

- name: check system nameservers
  shell: set -o pipefail && grep "^nameserver" /etc/resolv.conf | sed -r 's/^nameserver\s*([^#\s]+)\s*(#.*)?/\1/'
  args:
    executable: /bin/bash
  changed_when: False
  register: system_nameservers
  check_mode: no

- name: check system search domains
  # noqa 306 - if resolf.conf has no search domain, grep will exit 1 which would force us to add failed_when: false
  # Therefore -o pipefail is not applicable in this specific instance
  shell: grep "^search" /etc/resolv.conf | sed -r 's/^search\s*([^#]+)\s*(#.*)?/\1/'
  args:
    executable: /bin/bash
  changed_when: False
  register: system_search_domains
  check_mode: no

- name: add system nameservers to docker options
  set_fact:
    docker_dns_servers: "{{ docker_dns_servers | union(system_nameservers.stdout_lines) | unique }}"
  when: system_nameservers.stdout

- name: add system search domains to docker options
  set_fact:
    docker_dns_search_domains: "{{ docker_dns_search_domains | union(system_search_domains.stdout.split()|default([])) | unique }}"
  when: system_search_domains.stdout

- name: check number of nameservers
  fail:
    msg: "Too many nameservers. You can relax this check by set docker_dns_servers_strict=false in all.yml and we will only use the first 3."
  when: docker_dns_servers|length > 3 and docker_dns_servers_strict|bool

- name: rtrim number of nameservers to 3
  set_fact:
    docker_dns_servers: "{{ docker_dns_servers[0:3] }}"
  when: docker_dns_servers|length > 3 and not docker_dns_servers_strict|bool

- name: check number of search domains
  fail:
    msg: "Too many search domains"
  when: docker_dns_search_domains|length > 6

- name: check length of search domains
  fail:
    msg: "Search domains exceeded limit of 256 characters"
  when: docker_dns_search_domains|join(' ')|length > 256