Merge pull request #70 from Smana/localhost_dnsmasq

Localhost dnsmasq
8 years ago · 59614fc60d
4 changed files with 26 additions and 11 deletions
--- a/roles/apps/k8s-kubedns
+++ b/roles/apps/k8s-kubedns
@ -1 +1 @@
-Subproject commit b5015aed8ff5eed9c325911205cfbb23ad0e57be
+Subproject commit d6df09a89721d98e2969a8abf29b4eb5e787fca6
--- a/roles/dnsmasq/tasks/main.yml
+++ b/roles/dnsmasq/tasks/main.yml
@ -32,7 +32,6 @@
  file:
    path: /etc/dnsmasq.d
    state: directory
-  when: inventory_hostname in groups['kube-master']

 - name: Write dnsmasq configuration
  template:
@ -40,17 +39,14 @@
    dest: /etc/dnsmasq.d/01-kube-dns.conf
    mode: 755
    backup: yes
-  when: inventory_hostname in groups['kube-master']

 - name: Create dnsmasq pod manifest
  template: src=dnsmasq-pod.yml dest=/etc/kubernetes/manifests/dnsmasq-pod.manifest
-  when: inventory_hostname in groups['kube-master']

 - name: Check for dnsmasq port (pulling image and running container)
  wait_for:
    port: 53
    delay: 5
-  when: inventory_hostname in groups['kube-master']

 - name: check resolvconf
  stat: path=/etc/resolvconf/resolv.conf.d/head
@ -63,22 +59,34 @@

 - name: Add search resolv.conf
  lineinfile:
-    line: search {{ [ 'default.svc.' + dns_domain, 'svc.' + dns_domain, dns_domain ] | join(' ') }}
+    line: "search {{ [ 'default.svc.' + dns_domain, 'svc.' + dns_domain, dns_domain ] | join(' ') }}"
    dest: "{{resolvconffile}}"
    state: present
    insertbefore: BOF
    backup: yes
    follow: yes

- name: Add all masters as nameserver
+- name: Add local dnsmasq to resolv.conf
  lineinfile:
-    line: nameserver {{ hostvars[item]['ansible_default_ipv4']['address'] }}
+    line: "nameserver 127.0.0.1"
    dest: "{{resolvconffile}}"
    state: present
    insertafter: "^search.*$"
    backup: yes
    follow: yes
-  with_items: groups['kube-master']
+
+- name: Add options to resolv.conf
+  lineinfile:
+    line: options {{ item }}
+    dest: "{{resolvconffile}}"
+    state: present
+    regexp: "^options.*{{ item }}$"
+    insertafter: EOF
+    backup: yes
+    follow: yes
+  with_items:
+    - timeout:2
+    - attempts:2

 - name: disable resolv.conf modification by dhclient
  copy: src=dhclient_nodnsupdate dest=/etc/dhcp/dhclient-enter-hooks.d/nodnsupdate mode=u+x backup=yes
--- a/roles/dnsmasq/templates/01-kube-dns.conf.j2
+++ b/roles/dnsmasq/templates/01-kube-dns.conf.j2
@ -1,5 +1,6 @@
-#Listen on all interfaces
-interface=*
+#Listen on localhost
+bind-interfaces
+listen-address=127.0.0.1

 addn-hosts=/etc/hosts

--- a/roles/network_plugin/handlers/main.yml
+++ b/roles/network_plugin/handlers/main.yml
@ -10,6 +10,7 @@
  notify:
    - reload systemd
    - restart docker
+    - restart kubelet

 - name: delete default docker bridge
  command: ip link delete docker0
@ -28,3 +29,8 @@
  service:
    name: docker
    state: restarted
+
+- name: restart kubelet
+  service:
+    name: kubelet
+    state: restarted