Rename dns_server, add var for selinux. (#1572)

* Rename dns_server to dnsmasq_dns_server so that it includes role prefix as the var name is generic and conflicts when integrating with existing ansible automation. * Enable selinux state to be configurable with new var preinstall_selinux_state
2026-02-17 03:00:07 -03:30 · 2017-10-11 12:40:21 -07:00
parent e41c0532e3
commit 27ed73e3e3
11 changed files with 14 additions and 11 deletions
--- a/roles/dnsmasq/tasks/main.yml
+++ b/roles/dnsmasq/tasks/main.yml
@@ -102,7 +102,7 @@

 - name: Check for dnsmasq port (pulling image and running container)
  wait_for:
-    host: "{{dns_server}}"
+    host: "{{dnsmasq_dns_server}}"
    port: 53
    timeout: 180
  when: inventory_hostname == groups['kube-node'][0] and groups['kube-node'][0] in ansible_play_hosts
--- a/roles/dnsmasq/templates/dnsmasq-svc.yml
+++ b/roles/dnsmasq/templates/dnsmasq-svc.yml
@@ -18,6 +18,6 @@ spec:
      targetPort: 53
      protocol: UDP
  type: ClusterIP
-  clusterIP: {{dns_server}}
+  clusterIP: {{dnsmasq_dns_server}}
  selector:
    k8s-app: dnsmasq
--- a/roles/docker/tasks/set_facts_dns.yml
+++ b/roles/docker/tasks/set_facts_dns.yml
@@ -6,7 +6,7 @@
      {%- if dns_mode == 'kubedns' -%}
        {{ [ skydns_server ] }}
      {%- elif dns_mode == 'dnsmasq_kubedns' -%}
-        {{ [ dns_server ] }}
+        {{ [ dnsmasq_dns_server ] }}
      {%- endif -%}

 - name: set base docker dns facts
--- a/roles/kubernetes/node/templates/kubelet.standard.env.j2
+++ b/roles/kubernetes/node/templates/kubelet.standard.env.j2
@@ -28,7 +28,7 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
 {% if dns_mode == 'kubedns' %}
 {% set kubelet_args_cluster_dns %}--cluster-dns={{ skydns_server }}{% endset %}
 {% elif dns_mode == 'dnsmasq_kubedns' %}
-{% set kubelet_args_cluster_dns %}--cluster-dns={{ dns_server }}{% endset %}
+{% set kubelet_args_cluster_dns %}--cluster-dns={{ dnsmasq_dns_server }}{% endset %}
 {% else %}
 {% set kubelet_args_cluster_dns %}{% endset %}
 {% endif %}
--- a/roles/kubernetes/preinstall/defaults/main.yml
+++ b/roles/kubernetes/preinstall/defaults/main.yml
@@ -56,3 +56,5 @@ resolveconf_cloud_init_conf: /etc/resolveconf_cloud_init.conf

 # All inventory hostnames will be written into each /etc/hosts file.
 populate_inventory_to_hosts_file: true
+
+preinstall_selinux_state: permissive
--- a/roles/kubernetes/preinstall/tasks/main.yml
+++ b/roles/kubernetes/preinstall/tasks/main.yml
@@ -176,10 +176,10 @@
  when: ansible_os_family == "RedHat"
  register: slc

- name: Set selinux policy to permissive
+- name: Set selinux policy
  selinux:
    policy: targeted
-    state: permissive
+    state: "{{ preinstall_selinux_state }}"
  when:
    - ansible_os_family == "RedHat"
    - slc.stat.exists == True
--- a/roles/kubernetes/preinstall/tasks/set_resolv_facts.yml
+++ b/roles/kubernetes/preinstall/tasks/set_resolv_facts.yml
@@ -98,7 +98,7 @@
      {%- elif dns_early|bool -%}
        {{ upstream_dns_servers|default([]) }}
      {%- else -%}
-        {{ [ dns_server ] }}
+        {{ [ dnsmasq_dns_server ] }}
      {%- endif -%}

 - name: generate nameservers to resolvconf
--- a/roles/kubespray-defaults/defaults/main.yaml
+++ b/roles/kubespray-defaults/defaults/main.yaml
@@ -36,7 +36,7 @@ resolvconf_mode: docker_dns
 deploy_netchecker: false
 # Ip address of the kubernetes skydns service
 skydns_server: "{{ kube_service_addresses|ipaddr('net')|ipaddr(3)|ipaddr('address') }}"
-dns_server: "{{ kube_service_addresses|ipaddr('net')|ipaddr(2)|ipaddr('address') }}"
+dnsmasq_dns_server: "{{ kube_service_addresses|ipaddr('net')|ipaddr(2)|ipaddr('address') }}"
 dns_domain: "{{ cluster_name }}"

 # Kubernetes configuration dirs and system namespace.