From f58b4d3dd61a152acbd094d0cec1083736d7dc86 Mon Sep 17 00:00:00 2001
From: Smaine Kahlouch <smaine.kahlouch@arkena.com>
Date: Tue, 19 Jan 2016 10:29:33 +0100
Subject: [PATCH] dnsmasq listens on localhost

---
 roles/dnsmasq/tasks/main.yml            | 7 +++----
 roles/dnsmasq/templates/dnsmasq-pod.yml | 2 ++
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/roles/dnsmasq/tasks/main.yml b/roles/dnsmasq/tasks/main.yml
index d8050d514..105a08831 100644
--- a/roles/dnsmasq/tasks/main.yml
+++ b/roles/dnsmasq/tasks/main.yml
@@ -63,22 +63,21 @@
 
 - name: Add search resolv.conf
   lineinfile:
-    line: search {{ [ 'default.svc.' + dns_domain, 'svc.' + dns_domain, dns_domain ] | join(' ') }}
+    line: "search {{ [ 'default.svc.' + dns_domain, 'svc.' + dns_domain, dns_domain ] | join(' ') }}"
     dest: "{{resolvconffile}}"
     state: present
     insertbefore: BOF
     backup: yes
     follow: yes
 
-- name: Add all masters as nameserver
+- name: Add local dnsmasq to resolv.conf
   lineinfile:
-    line: nameserver {{ hostvars[item]['ansible_default_ipv4']['address'] }}
+    line: "nameserver 127.0.0.1"
     dest: "{{resolvconffile}}"
     state: present
     insertafter: "^search.*$"
     backup: yes
     follow: yes
-  with_items: groups['kube-master']
 
 - name: Add options to resolv.conf
   lineinfile:
diff --git a/roles/dnsmasq/templates/dnsmasq-pod.yml b/roles/dnsmasq/templates/dnsmasq-pod.yml
index 1150e14c7..70a826600 100644
--- a/roles/dnsmasq/templates/dnsmasq-pod.yml
+++ b/roles/dnsmasq/templates/dnsmasq-pod.yml
@@ -29,9 +29,11 @@ spec:
         - name: dns
           containerPort: 53
           hostPort: 53
+          hostIP: 127.0.0.1
           protocol: UDP
         - name: dns-tcp
           containerPort: 53
+          hostIP: 127.0.0.1
           hostPort: 53
           protocol: TCP
       volumeMounts: