Development VMs: override DNS configuration

Override default DNS configuration of development VMs (including the controller), because it does not work reliably on Windows-based VMs. Use the Google DNS servers instead.
UtrechtUniversity · Mar 28, 2024 · bb12c4f · bb12c4f
1 parent 077ae21
commit bb12c4f
Show file tree

Hide file tree

Showing 7 changed files with 86 additions and 0 deletions.
diff --git a/environments/development/host_vars/epos-msl b/environments/development/host_vars/epos-msl
@@ -7,6 +7,7 @@
 ansible_host: 192.168.60.10                       # EPOS-MSL host
 ansible_user: vagrant                             # Administrative user on instance for Ansible
 ansible_ssh_private_key_file: vagrant/ssh/vagrant # Path to private key file of administrative user
+commons_use_google_dns: true
 
 #########################
 # EPOS-MSL configuration

diff --git a/roles/common/defaults/main.yml b/roles/common/defaults/main.yml
@@ -0,0 +1,4 @@
+---
+# copyright Utrecht University
+
+commons_use_google_dns: false
diff --git a/roles/common/files/resolved.conf b/roles/common/files/resolved.conf
@@ -0,0 +1,24 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+#
+# Entries in this file show the compile time defaults.
+# You can change settings by editing this file.
+# Defaults can be restored by simply deleting this file.
+#
+# See resolved.conf(5) for details
+
+[Resolve]
+DNS=8.8.8.8
+FallbackDNS=8.8.4.4
+#Domains=
+#LLMNR=no
+#MulticastDNS=no
+#DNSSEC=no
+#DNSOverTLS=no
+#Cache=no-negative
+#DNSStubListener=yes
+#ReadEtcHosts=yes
diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml
@@ -5,3 +5,9 @@
   ansible.builtin.service:
     name: firewalld
     state: restarted
+
+
+- name: Restart systemd-resolved
+  ansible.builtin.service:
+    name: systemd-resolved
+    state: restarted
diff --git a/roles/common/tasks/google_dns.yml b/roles/common/tasks/google_dns.yml
@@ -0,0 +1,15 @@
+---
+# copyright Utrecht University
+
+- name: Update systemd-resolved config to use Google DNS servers
+  ansible.builtin.copy:
+    src: files/resolved.conf
+    dest: /etc/systemd/resolved.conf
+    owner: root
+    group: root
+    mode: "0644"
+  notify: Restart systemd-resolved
+
+
+- name: Flush handlers for immediate effect of changing DNS configuration
+  ansible.builtin.meta: flush_handlers
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
@@ -1,6 +1,9 @@
 ---
 # copyright Utrecht University
 
+- name: Update local DNS settings
+  ansible.builtin.import_tasks: google_dns.yml
+  when: commons_use_google_dns
 - name: Run apt update
   ansible.builtin.import_tasks: apt_update.yml
 - name: Configure firewall

diff --git a/vagrant/provision_controller.sh b/vagrant/provision_controller.sh
@@ -4,6 +4,39 @@
 set -e
 set -x
 
+# Configure VM to use Google DNS servers - the default configuration
+# does not work reliably on Windows.
+
+cat << RESOLVEDCONF > resolved.conf
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+#
+# Entries in this file show the compile time defaults.
+# You can change settings by editing this file.
+# Defaults can be restored by simply deleting this file.
+#
+# See resolved.conf(5) for details
+
+[Resolve]
+DNS=8.8.8.8
+FallbackDNS=8.8.4.4
+#Domains=
+#LLMNR=no
+#MulticastDNS=no
+#DNSSEC=no
+#DNSOverTLS=no
+#Cache=no-negative
+#DNSStubListener=yes
+#ReadEtcHosts=yes
+RESOLVEDCONF
+
+sudo cp resolved.conf /etc/systemd
+sudo systemctl restart systemd-resolved
+
 sudo apt update
 
 # Install Git if not present.