d83cc610b0
This updates the task in the disable-local-nameserver role to include disabling the systemd-resolved service, as this causes the entries we update in /etc/resolv.conf to not be honored as systemd-resolved will use a different set of files for configuring the nameservers it uses. See: https://www.freedesktop.org/software/systemd/man/systemd-resolved.service.html Change-Id: I68a623b7bcb32037b9eeff2d76c7f2cb317cb7d8 Signed-off-by: Steve Wilkerson <sw5822@att.com>
60 lines
2.2 KiB
YAML
60 lines
2.2 KiB
YAML
# Copyright 2017 The Openstack-Helm Authors.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# NOTE(portdirect): We disable the local nameserver as it interferes with the
|
|
# k8s dns-service and other local resolvers used for development use.
|
|
# See the following for the original config:
|
|
# * https://github.com/openstack/project-config/blob/0332c33dd134033e0620645c252f82b77e4c16f5/nodepool/elements/nodepool-base/finalise.d/89-unbound
|
|
|
|
- name: Disable local nameserver and systemd-resolved service
|
|
when: ansible_distribution == 'Ubuntu'
|
|
block:
|
|
- name: update rc.local
|
|
blockinfile:
|
|
path: /etc/rc.local
|
|
mode: 0555
|
|
block: |
|
|
#!/bin/bash
|
|
set -o xtrace
|
|
# Some providers inject dynamic network config statically. Work around this
|
|
# for DNS nameservers. This is expected to fail on some nodes so remove -e.
|
|
set +e
|
|
sed -i -e 's/^\(DNS[0-9]*=[.0-9]\+\)/#\1/g' /etc/sysconfig/network-scripts/ifcfg-*
|
|
sed -i -e 's/^NETCONFIG_DNS_POLICY=.*/NETCONFIG_DNS_POLICY=""/g' /etc/sysconfig/network/config
|
|
set -e
|
|
echo 'nameserver 208.67.222.222' > /etc/resolv.conf
|
|
echo 'nameserver 8.8.8.8' >> /etc/resolv.conf
|
|
exit 0
|
|
- name: write resolv.conf
|
|
blockinfile:
|
|
path: /etc/resolv.conf
|
|
mode: 644
|
|
block: |
|
|
nameserver 208.67.222.222
|
|
nameserver 8.8.8.8
|
|
- name: stop unbound service
|
|
systemd:
|
|
state: stopped
|
|
enabled: no
|
|
masked: yes
|
|
daemon_reload: yes
|
|
name: unbound
|
|
- name: stop systemd-resolved service
|
|
systemd:
|
|
state: stopped
|
|
enabled: no
|
|
masked: yes
|
|
daemon_reload: yes
|
|
name: systemd-resolved
|