Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Do not assume systemd-resolved for resolv.conf #11813

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion roles/kubernetes/node/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ kubelet_address: "{{ ip | default(fallback_ip) }}{{ (',' + ip6) if enable_dual_s
kubelet_bind_address: "{{ ip | default('0.0.0.0') }}"

# resolv.conf to base dns config
kube_resolv_conf: "/etc/resolv.conf"
kube_resolv_conf: "{{ '/run/systemd/resolve/resolv.conf' if 'systemd-resolved' in active_dns_services else '/etc/resolv.conf' }}"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know that some resolv.conf modes (static if I remember correctly) check /etc/resolv.conf for files.
Using the systemd-resolved enablement as a check doesn't seem to be accurate.

kube_resolv_conf is by default still /etc/resolv.conf.
If systemd-resolved is enabled and /etc/resolv.conf is a soft link, change kube_resolv_conf to /run/systemd/resolve/resolv.conf.

What do you think?


# Set to empty to avoid cgroup creation
kubelet_enforce_node_allocatable: "\"\""
Expand Down
2 changes: 0 additions & 2 deletions roles/kubernetes/node/vars/fedora.yml

This file was deleted.

2 changes: 0 additions & 2 deletions roles/kubernetes/node/vars/ubuntu-18.yml

This file was deleted.

2 changes: 0 additions & 2 deletions roles/kubernetes/node/vars/ubuntu-20.yml

This file was deleted.

2 changes: 0 additions & 2 deletions roles/kubernetes/node/vars/ubuntu-22.yml

This file was deleted.

2 changes: 0 additions & 2 deletions roles/kubernetes/node/vars/ubuntu-24.yml

This file was deleted.

26 changes: 11 additions & 15 deletions roles/kubernetes/preinstall/tasks/0020-set_facts.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,21 +40,17 @@
src: /etc/resolv.conf
register: resolvconf_slurp

- name: NetworkManager | Check if host has NetworkManager
# noqa command-instead-of-module - Should we use service_facts for this?
command: systemctl is-active --quiet NetworkManager.service
register: networkmanager_enabled
failed_when: false
changed_when: false
check_mode: false

- name: Check systemd-resolved
# noqa command-instead-of-module - Should we use service_facts for this?
command: systemctl is-active systemd-resolved
register: systemd_resolved_enabled
failed_when: false
changed_when: false
check_mode: false
- name: Register which network services are active
systemd:
name: "{{ item }}.service"
loop:
- NetworkManager
- systemd-resolved
register: network_services

- name: Save list of active network service
set_fact:
active_dns_services: "{{ network_services.results | selectattr('status.ActiveState', '==', 'active') | map(attribute='item') }}"

- name: Set default dns if remove_default_searchdomains is false
set_fact:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
backup: true
when:
- ('127.0.0.53' not in nameserverentries
or systemd_resolved_enabled.rc != 0)
or 'systemd-resolved' not in active_dns_services)
notify: Preinstall | update resolvconf for networkmanager

- name: Set default dns if remove_default_searchdomains is false
Expand Down
33 changes: 16 additions & 17 deletions roles/kubernetes/preinstall/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,8 @@
when:
- dns_mode != 'none'
- resolvconf_mode == 'host_resolvconf'
- systemd_resolved_enabled.rc != 0
- networkmanager_enabled.rc != 0
- ('systemd-resolved' not in active_dns_services )
- ('NetworkManager' not in active_dns_services )
tags:
- bootstrap-os
- resolvconf
Expand All @@ -40,27 +40,26 @@
when:
- dns_mode != 'none'
- resolvconf_mode == 'host_resolvconf'
- systemd_resolved_enabled.rc == 0
- ('systemd-resolved' in active_dns_services )
tags:
- bootstrap-os
- resolvconf

- name: Apply networkmanager unmanaged devices settings
import_tasks: 0062-networkmanager-unmanaged-devices.yml
when:
- networkmanager_enabled.rc == 0
tags:
- bootstrap-os

- name: Apply networkmanager DNS settings
import_tasks: 0063-networkmanager-dns.yml
when:
- dns_mode != 'none'
- resolvconf_mode == 'host_resolvconf'
- networkmanager_enabled.rc == 0
- name: NetworkManager | Apply settings
when: ('NetworkManager' in active_dns_services )
tags:
- bootstrap-os
- resolvconf
block:
- name: Apply networkmanager unmanaged devices settings
import_tasks: 0062-networkmanager-unmanaged-devices.yml

- name: Apply networkmanager DNS settings
import_tasks: 0063-networkmanager-dns.yml
when:
- dns_mode != 'none'
- resolvconf_mode == 'host_resolvconf'
tags:
- resolvconf

- name: Install required system packages
import_tasks: 0070-system-packages.yml
Expand Down