Skip to content

Commit

Permalink
Merge pull request #54 from CiscoCloud/task/dnsmaq_setup
Browse files Browse the repository at this point in the history
dnsmaq setup
  • Loading branch information
altvnk committed Aug 21, 2015
2 parents 812396f + 9951bd8 commit 5eaba06
Show file tree
Hide file tree
Showing 10 changed files with 145 additions and 2 deletions.
4 changes: 4 additions & 0 deletions roles/dnsmasq/handlers/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
---
- name: restart dnsmasq
sudo: yes
command: systemctl restart dnsmasq
62 changes: 62 additions & 0 deletions roles/dnsmasq/tasks/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
---
- name: install dnsmasq and bind-utils
sudo: yes
yum:
name: "{{ item }}"
state: latest
with_items:
- dnsmasq
- bind-utils
when: inventory_hostname in groups[master_group_name]
tags:
- dnsmasq

- name: ensure dnsmasq.d directory exists
sudo: yes
file:
path: /etc/dnsmasq.d
state: directory
when: inventory_hostname in groups[master_group_name]
tags:
- dnsmasq

- name: configure dnsmasq
sudo: yes
template:
src: 01-kube-dns.conf.j2
dest: /etc/dnsmasq.d/01-kube-dns.conf
mode: 755
notify:
- restart dnsmasq
when: inventory_hostname in groups[master_group_name]
tags:
- dnsmasq

- name: enable dnsmasq
sudo: yes
service:
name: dnsmasq
state: started
enabled: yes
when: inventory_hostname in groups[master_group_name]
tags:
- dnsmasq

- name: update resolv.conf with new DNS setup
sudo: yes
template:
src: resolv.conf.j2
dest: /etc/resolv.conf
mode: 644
tags:
- dnsmasq

- name: disable resolv.conf modification by dhclient
sudo: yes
lineinfile:
dest: "/etc/sysconfig/network-scripts/ifcfg-{{ ansible_default_ipv4.interface }}"
state: present
regexp: '^PEERDNS'
line: 'PEERDNS="no"'
tags:
- dnsmasq
13 changes: 13 additions & 0 deletions roles/dnsmasq/templates/01-kube-dns.conf.j2
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
#Listen on all interfaces
interface=*

addn-hosts=/etc/hosts

bogus-priv

#Set upstream dns servers
server=8.8.8.8
server=8.8.4.4

# Forward k8s domain to kube-dns
server=/{{ dns_domain }}/{{ dns_server }}
5 changes: 5 additions & 0 deletions roles/dnsmasq/templates/resolv.conf.j2
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
; generated by ansible
search {{ [ 'default.svc.' + dns_domain, 'svc.' + dns_domain, dns_domain ] | join(' ') }}
{% for host in groups[master_group_name] %}
nameserver {{ hostvars[host]['ansible_default_ipv4']['address'] }}
{% endfor %}
2 changes: 1 addition & 1 deletion roles/kubernetes/tasks/gen_tokens.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
environment:
TOKEN_DIR: "{{ kube_token_dir }}"
with_nested:
- [ "system:controller_manager", "system:scheduler", "system:kubectl" ]
- [ "system:controller_manager", "system:scheduler", "system:kubectl", 'system:proxy' ]
- "{{ groups[master_group_name] }}"
register: gentoken
changed_when: "'Added' in gentoken.stdout"
Expand Down
7 changes: 7 additions & 0 deletions roles/master/handlers/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
- restart apiserver
- restart controller-manager
- restart scheduler
- restart proxy

- name: restart apiserver
sudo: yes
Expand All @@ -24,3 +25,9 @@
service:
name: kube-scheduler
state: restarted

- name: restart proxy
sudo: yes
service:
name: kube-proxy
state: restarted
27 changes: 26 additions & 1 deletion roles/master/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
- name: install kubernetes master
sudo: yes
yum:
pkg=kubernetes-master
pkg=kubernetes
state=latest
enablerepo=virt7-docker-common-candidate
notify:
Expand All @@ -18,6 +18,7 @@
- "system:controller_manager"
- "system:scheduler"
- "system:kubectl"
- "system:proxy"
register: tokens
delegate_to: "{{ groups[master_group_name][0] }}"
tags:
Expand All @@ -28,6 +29,7 @@
controller_manager_token: "{{ tokens.results[0].content|b64decode }}"
scheduler_token: "{{ tokens.results[1].content|b64decode }}"
kubectl_token: "{{ tokens.results[2].content|b64decode }}"
proxy_token: "{{ tokens.results[3].content|b64decode }}"
tags:
- master

Expand Down Expand Up @@ -77,6 +79,20 @@
tags:
- master

- name: write the config files for proxy
sudo: yes
template: src=proxy.j2 dest={{ kube_config_dir }}/proxy
notify:
- restart daemons
tags:
- master

- name: write the kubecfg (auth) file for proxy
sudo: yes
template: src=proxy.kubeconfig.j2 dest={{ kube_config_dir }}/proxy.kubeconfig
tags:
- master

- name: populate users for basic auth in API
sudo: yes
lineinfile:
Expand Down Expand Up @@ -113,5 +129,14 @@
name: kube-scheduler
enabled: yes
state: started
tags:
- master

- name: Enable kube-proxy
sudo: yes
service:
name: kube-proxy
enabled: yes
state: started
tags:
- master
7 changes: 7 additions & 0 deletions roles/master/templates/proxy.j2
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
###
# kubernetes proxy config

# default config should be adequate

# Add your own!
KUBE_PROXY_ARGS="--kubeconfig={{ kube_config_dir }}/proxy.kubeconfig"
18 changes: 18 additions & 0 deletions roles/master/templates/proxy.kubeconfig.j2
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
apiVersion: v1
kind: Config
current-context: proxy-to-{{ cluster_name }}
preferences: {}
contexts:
- context:
cluster: {{ cluster_name }}
user: proxy
name: proxy-to-{{ cluster_name }}
clusters:
- cluster:
certificate-authority: {{ kube_cert_dir }}/ca.crt
server: https://{{ groups[master_group_name][0] }}:{{ kube_master_port }}
name: {{ cluster_name }}
users:
- name: proxy
user:
token: {{ proxy_token }}
2 changes: 2 additions & 0 deletions setup.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
- flannel
- master
- addons
- dnsmasq

# provide the execution plane
- hosts: role=node
Expand All @@ -21,3 +22,4 @@
- docker
- flannel
- minion
- dnsmasq

0 comments on commit 5eaba06

Please sign in to comment.