From 79d11e4044c095d12e3fa765c093b85c1390647b Mon Sep 17 00:00:00 2001
From: Pete Birley <pete@port.direct>
Date: Fri, 14 Sep 2018 15:34:47 -0500
Subject: [PATCH] Gate/Dev: Allow custom upstream dns servers to be preserved

This PS updates the dns redirect pod deployment to support a persistant
set of customised upstream nameservers to be used.

Change-Id: Ib163f8ed9ceadca69b56cd5f146ffd194d98cdc3
Signed-off-by: Pete Birley <pete@port.direct>
---
 .../roles/deploy-kubelet/tasks/kubelet.yaml          | 10 ++++++++++
 .../templates/osh-dns-redirector.yaml.j2             | 12 +++++++++---
 .../deploy-kubelet/templates/resolv-upstream.conf.j2 |  4 ++++
 3 files changed, 23 insertions(+), 3 deletions(-)
 create mode 100644 tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubelet/templates/resolv-upstream.conf.j2

diff --git a/tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubelet/tasks/kubelet.yaml b/tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubelet/tasks/kubelet.yaml
index aba844bd0..97691e221 100644
--- a/tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubelet/tasks/kubelet.yaml
+++ b/tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubelet/tasks/kubelet.yaml
@@ -181,6 +181,16 @@
       file:
         path: "/etc/kubernetes/manifests/"
         state: directory
+    - name: Setup DNS redirector | check if an resolv-upstream.conf exists
+      stat:
+        path: /etc/resolv-upstream.conf
+      register: resolv_upstream_conf
+    - name: Setup DNS redirector | Placing pod manifest on host
+      when: resolv_upstream_conf.stat.exists == False
+      template:
+        src: resolv-upstream.conf.j2
+        dest: /etc/resolv-upstream.conf
+        mode: 0640
     - name: Setup DNS redirector | Placing pod manifest on host
       template:
         src: osh-dns-redirector.yaml.j2
diff --git a/tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubelet/templates/osh-dns-redirector.yaml.j2 b/tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubelet/templates/osh-dns-redirector.yaml.j2
index e3a7b7c61..0ff2b3be4 100644
--- a/tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubelet/templates/osh-dns-redirector.yaml.j2
+++ b/tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubelet/templates/osh-dns-redirector.yaml.j2
@@ -20,11 +20,17 @@ spec:
         - --no-hosts
         - --bind-interfaces
         - --all-servers
-        {% for nameserver in external_dns_nameservers %}
-        - --server={{ nameserver }}
-        {% endfor %}
         - --address
         - /{{ gate.fqdn_tld }}/{{ gate.ingress_ip }}
         # NOTE(portdirect): just listen on the docker0 interface
         - --listen-address
         - 172.17.0.1
+      volumeMounts:
+        - mountPath: /etc/resolv.conf
+          name: resolv-conf
+          readOnly: true
+  volumes:
+    - name: resolv-conf
+      hostPath:
+        path: /etc/resolv-upstream.conf
+        type: FileOrCreate
diff --git a/tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubelet/templates/resolv-upstream.conf.j2 b/tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubelet/templates/resolv-upstream.conf.j2
new file mode 100644
index 000000000..cca51052d
--- /dev/null
+++ b/tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubelet/templates/resolv-upstream.conf.j2
@@ -0,0 +1,4 @@
+{% for nameserver in external_dns_nameservers %}
+nameserver {{ nameserver }}
+{% endfor %}
+options timeout:1 attempts:1