From ea57ce751471a8cb9177e0f03cfedc1d58a60744 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Thu, 18 Aug 2016 17:14:52 +0200 Subject: [PATCH] Fix resolv.conf search/nameserver * Ensure additional nameserver/search, if defined as vars. * Don't backup changed dhclient hooks as they are going to be executed by dhclient as well, which is not what we want. * For debian OS family only: - Rename nodnsupdate hook the resolvconf hook to be sourced always before it. - Ensure dhclient restarted via network restart to apply the nodnsupdate hook. * For rhel OS family, the fix TBD, it doesn't work the same way. Signed-off-by: Bogdan Dobrelya --- roles/dnsmasq/defaults/main.yml | 12 ++++++++++++ roles/dnsmasq/handlers/main.yml | 10 ++++++++++ roles/dnsmasq/tasks/main.yml | 18 ++++++++++++++---- 3 files changed, 36 insertions(+), 4 deletions(-) create mode 100644 roles/dnsmasq/defaults/main.yml create mode 100644 roles/dnsmasq/handlers/main.yml diff --git a/roles/dnsmasq/defaults/main.yml b/roles/dnsmasq/defaults/main.yml new file mode 100644 index 000000000..48b52c121 --- /dev/null +++ b/roles/dnsmasq/defaults/main.yml @@ -0,0 +1,12 @@ +--- +# Existing search/nameserver resolvconf entries will be purged and +# ensured by this additional data: + +# Max of 4 names is allowed and no more than 256 - 17 chars total +# (a 2 is reserved for the 'default.svc.' and'svc.') +#searchdomains: +# - foo.bar.lc + +# Max of 2 is allowed here (a 1 is reserved for the dns_server) +#nameservers: +# - 127.0.0.1 diff --git a/roles/dnsmasq/handlers/main.yml b/roles/dnsmasq/handlers/main.yml new file mode 100644 index 000000000..95cd80cfc --- /dev/null +++ b/roles/dnsmasq/handlers/main.yml @@ -0,0 +1,10 @@ +- name: Dnsmasq | restart network + service: + name: >- + {% if ansible_os_family == "RedHat" -%} + network + {%- elif ansible_os_family == "Debian" -%} + networking + {%- endif %} + state: restarted + when: ansible_os_family != "CoreOS" diff --git a/roles/dnsmasq/tasks/main.yml b/roles/dnsmasq/tasks/main.yml index 526e162ae..51f02aa9e 100644 --- a/roles/dnsmasq/tasks/main.yml +++ b/roles/dnsmasq/tasks/main.yml @@ -68,9 +68,17 @@ resolvconffile: >- {%- if resolvconf.rc == 0 -%}/etc/resolvconf/resolv.conf.d/head{%- else -%}/etc/resolv.conf{%- endif -%} +- name: generate search domains to resolvconf + set_fact: + searchentries="{{ ([ 'default.svc.' + dns_domain, 'svc.' + dns_domain ] + searchdomains|default([])) | join(' ') }}" + +- name: generate nameservers to resolvconf + set_fact: + nameserverentries="{{ nameservers|default([]) + [ dns_server ] }}" + - name: Add search resolv.conf lineinfile: - line: "search {{ [ 'default.svc.' + dns_domain, 'svc.' + dns_domain, dns_domain ] | join(' ') }}" + line: "search {{searchentries}}" dest: "{{resolvconffile}}" state: present insertbefore: BOF @@ -79,12 +87,13 @@ - name: Add local dnsmasq to resolv.conf lineinfile: - line: "nameserver {{dns_server}}" + line: "nameserver {{item}}" dest: "{{resolvconffile}}" state: present insertafter: "^search.*$" backup: yes follow: yes + with_items: "{{nameserverentries}}" - name: Add options to resolv.conf lineinfile: @@ -100,11 +109,12 @@ - attempts:2 - name: disable resolv.conf modification by dhclient - copy: src=dhclient_nodnsupdate dest=/etc/dhcp/dhclient-enter-hooks.d/nodnsupdate mode=0755 backup=yes + copy: src=dhclient_nodnsupdate dest=/etc/dhcp/dhclient-enter-hooks.d/znodnsupdate mode=0755 + notify: Dnsmasq | restart network when: ansible_os_family == "Debian" - name: disable resolv.conf modification by dhclient - copy: src=dhclient_nodnsupdate dest=/etc/dhcp/dhclient.d/nodnsupdate mode=u+x backup=yes + copy: src=dhclient_nodnsupdate dest=/etc/dhcp/dhclient.d/nodnsupdate mode=u+x when: ansible_os_family == "RedHat" - name: update resolvconf