scl/kubespray
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

#3475 - make dnsmasq to send queries to all servers in upstream. Make… (#3481)

Browse Source 
* #3475 - make dnsmasq to send queries to all servers in upstream. Make dnsmasq config file customizable.

* Code style fixes. Return current behaviour for dnsmasq strict-order flag.
This commit is contained in:
pastushenko
2018-10-10 09:29:06 +03:00
committed by k8s-ci-robot
parent c27a91f7f0
commit b35a9fcb04
2 changed files with 76 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
roles/dnsmasq/defaults/main.yml
View File

@ -11,9 +11,6 @@
# nameservers: # nameservers:
# - 127.0.0.1 # - 127.0.0.1
dns_forward_max: 150
cache_size: 1000
# Versions # Versions
dnsmasq_version: 2.72 dnsmasq_version: 2.72
@ -33,3 +30,46 @@ dnsmasq_min_replicas: 1
# Custom name servers # Custom name servers
dnsmasq_upstream_dns_servers: [] dnsmasq_upstream_dns_servers: []
# Try each query with each server strictly in the order
dnsmasq_enable_strict_order: true
# Send queries to all servers
dnsmasq_enable_all_servers: false
# Maximum number of concurrent DNS queries.
dns_forward_max: 150
# Caching params
cache_size: 1000
dnsmasq_max_cache_ttl: 10
dnsmasq_enable_no_negcache: true
# Maximum TTL value that will be handed out to clients.
# The specified maximum TTL will be given to clients
# instead of the true TTL value if it is lower.
dnsmasq_max_ttl: 20
# If enabled - don't read /etc/resolv.conf.
dnsmasq_enable_no_resolv: true
# Bogus private reverse lookups.
# All reverse lookups for private IP ranges (ie 192.168.x.x, etc)
# which are not found in /etc/hosts or the DHCP leases file are
# answered with "no such domain" rather than being forwarded upstream.
# The set of prefixes affected is the list given in RFC6303, for IPv4 and IPv6.
dnsmasq_enable_bogus_priv: true
# This option forces dnsmasq to really bind only the interfaces it is listening on
dnsmasq_enable_bind_interfaces: true
dnsmasq_listen_address: "0.0.0.0"
# Additional hosts file or directory
dnsmasq_addn_hosts: /etc/hosts
# Facility to which dnsmasq will send syslog entries.
# If the facility is '-' then dnsmasq logs to stderr.
dnsmasq_log_facility: "-"
# Additional startup parameters
dnsmasq_additional_startup_parameters: []

38
roles/dnsmasq/templates/01-kube-dns.conf.j2
View File

@ -1,10 +1,24 @@
#Listen on localhost #Listen on localhost
{% if dnsmasq_enable_bind_interfaces %}
bind-interfaces bind-interfaces
listen-address=0.0.0.0 {% endif %}
addn-hosts=/etc/hosts {% if dnsmasq_listen_address|length > 0 %}
listen-address={{ dnsmasq_listen_address }}
{% endif %}
{% if dnsmasq_addn_hosts|length > 0 %}
addn-hosts={{ dnsmasq_addn_hosts }}
{% endif %}
{% if dnsmasq_enable_strict_order %}
strict-order strict-order
{% endif %}
{% if dnsmasq_enable_all_servers %}
all-servers
{% endif %}
# Forward k8s domain to kube-dns # Forward k8s domain to kube-dns
server=/{{ dns_domain }}/{{ skydns_server }} server=/{{ dns_domain }}/{{ skydns_server }}
# Reply NXDOMAIN to bogus domains requests like com.cluster.local.cluster.local # Reply NXDOMAIN to bogus domains requests like com.cluster.local.cluster.local
@ -28,11 +42,25 @@ server={{ cloud_resolver }}
{% if kube_log_level == '4' %} {% if kube_log_level == '4' %}
log-queries log-queries
{% endif %} {% endif %}
{% if dnsmasq_enable_no_resolv %}
no-resolv no-resolv
{% endif %}
{% if dnsmasq_enable_bogus_priv %}
bogus-priv bogus-priv
{% endif %}
{% if dnsmasq_enable_no_negcache %}
no-negcache no-negcache
{% endif %}
cache-size={{ cache_size }} cache-size={{ cache_size }}
dns-forward-max={{ dns_forward_max }} dns-forward-max={{ dns_forward_max }}
max-cache-ttl=10 max-cache-ttl={{ dnsmasq_max_cache_ttl }}
max-ttl=20 max-ttl={{ dnsmasq_max_ttl }}
log-facility=- log-facility={{ dnsmasq_log_facility }}
{% for dnsmasq_additional_startup_parameter in dnsmasq_additional_startup_parameters %}
{{ dnsmasq_additional_startup_parameter }}
{% endfor %}