Fix coredns resolver
Forward requests for unknown names to 8.8.8.8 NOTE: Temporarily disable DPDK job which turned to be incompatible with this PR https://review.opendev.org/c/openstack/openstack-helm/+/914399 It wasn't tested with the DPDK job. Change-Id: I936fb1032a736f7b09ad50b749d37095cce4c392
This commit is contained in:
Vladimir Kozhukalov
parent
6ca83be780
commit
cfed816a9a
@ -36,6 +36,8 @@ loopback_device: /dev/loop100
|
|||||||
loopback_image: /var/lib/openstack-helm/ceph-loop.img
|
loopback_image: /var/lib/openstack-helm/ceph-loop.img
|
||||||
loopback_image_size: 12G
|
loopback_image_size: 12G
|
||||||
|
|
||||||
|
coredns_resolver_setup: true
|
||||||
|
|
||||||
metallb_setup: false
|
metallb_setup: false
|
||||||
metallb_pool_cidr: "172.24.128.0/24"
|
metallb_pool_cidr: "172.24.128.0/24"
|
||||||
metallb_openstack_endpoint_cidr: "172.24.128.100/24"
|
metallb_openstack_endpoint_cidr: "172.24.128.100/24"
|
||||||
|
|||||||
@ -14,16 +14,41 @@
|
|||||||
- name: Enable recursive queries for coredns
|
- name: Enable recursive queries for coredns
|
||||||
become: false
|
become: false
|
||||||
shell: |
|
shell: |
|
||||||
PATCH=$(mktemp)
|
tee > /tmp/coredns_configmap.yaml <<EOF
|
||||||
kubectl get configmap coredns -n kube-system -o json | jq -r "{data: .data}" | sed 's/ready\\n/header \{\\n response set ra\\n \}\\n ready\\n/g' > "${PATCH}"
|
apiVersion: v1
|
||||||
kubectl patch configmap coredns -n kube-system --patch-file "${PATCH}"
|
kind: ConfigMap
|
||||||
kubectl set image deployment coredns -n kube-system "coredns=registry.k8s.io/coredns/coredns:v1.9.4"
|
metadata:
|
||||||
|
name: coredns
|
||||||
|
namespace: kube-system
|
||||||
|
data:
|
||||||
|
Corefile: |
|
||||||
|
.:53 {
|
||||||
|
errors
|
||||||
|
health {
|
||||||
|
lameduck 5s
|
||||||
|
}
|
||||||
|
header {
|
||||||
|
response set ra
|
||||||
|
}
|
||||||
|
ready
|
||||||
|
kubernetes cluster.local in-addr.arpa ip6.arpa {
|
||||||
|
pods insecure
|
||||||
|
fallthrough in-addr.arpa ip6.arpa
|
||||||
|
ttl 30
|
||||||
|
}
|
||||||
|
prometheus :9153
|
||||||
|
forward . 8.8.8.8 {
|
||||||
|
max_concurrent 1000
|
||||||
|
}
|
||||||
|
cache 30
|
||||||
|
loop
|
||||||
|
reload
|
||||||
|
loadbalance
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
kubectl apply -f /tmp/coredns_configmap.yaml
|
||||||
kubectl rollout restart -n kube-system deployment/coredns
|
kubectl rollout restart -n kube-system deployment/coredns
|
||||||
sleep 30
|
kubectl rollout status -n kube-system deployment/coredns
|
||||||
kubectl -n kube-system wait --timeout=240s --for=condition=Ready pods -l k8s-app=kube-dns
|
|
||||||
rm -f "${PATCH}"
|
|
||||||
args:
|
|
||||||
executable: /bin/bash
|
|
||||||
when: inventory_hostname in (groups['primary'] | default([]))
|
when: inventory_hostname in (groups['primary'] | default([]))
|
||||||
|
|
||||||
- name: Use coredns as default DNS resolver
|
- name: Use coredns as default DNS resolver
|
||||||
|
|||||||
@ -55,6 +55,7 @@
|
|||||||
- name: Include coredns resolver tasks
|
- name: Include coredns resolver tasks
|
||||||
include_tasks:
|
include_tasks:
|
||||||
file: coredns_resolver.yaml
|
file: coredns_resolver.yaml
|
||||||
|
when: coredns_resolver_setup
|
||||||
|
|
||||||
- name: Include Openstack provider gateway tasks
|
- name: Include Openstack provider gateway tasks
|
||||||
include_tasks:
|
include_tasks:
|
||||||
|
|||||||
@ -33,7 +33,7 @@
|
|||||||
- openstack-helm-infra-compute-kit-2023-2-ubuntu_jammy
|
- openstack-helm-infra-compute-kit-2023-2-ubuntu_jammy
|
||||||
- openstack-helm-infra-cinder-2023-2-ubuntu_jammy
|
- openstack-helm-infra-cinder-2023-2-ubuntu_jammy
|
||||||
- openstack-helm-infra-tls-2023-1-ubuntu_focal
|
- openstack-helm-infra-tls-2023-1-ubuntu_focal
|
||||||
- openstack-helm-infra-compute-kit-dpdk-2023.2-ubuntu_jammy
|
# - openstack-helm-infra-compute-kit-dpdk-2023.2-ubuntu_jammy
|
||||||
gate:
|
gate:
|
||||||
jobs:
|
jobs:
|
||||||
- openstack-helm-lint
|
- openstack-helm-lint
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user