Preconfigure DNS stack and docker early

In order to enable offline/intranet installation cases: * Move DNS/resolvconf configuration to preinstall role. Remove skip_dnsmasq_k8s var as not needed anymore. * Preconfigure DNS stack early, which may be the case when downloading artifacts from intranet repositories. Do not configure K8s DNS resolvers for hosts /etc/resolv.conf yet early (as they may be not existing). * Reconfigure K8s DNS resolvers for hosts only after kubedns/dnsmasq was set up and before K8s apps to be created. * Move docker install task to early stage as well and unbind it from the etcd role's specific install path. Fix external flannel dependency on docker role handlers. Also fix the docker restart handlers' steps ordering to match the expected sequence (the socket then the service). * Add default resolver fact, which is the cloud provider specific and remove hardcoded GCE resolver. * Reduce default ndots for hosts /etc/resolv.conf to 2. Multiple search domains combined with high ndots values lead to poor performance of DNS stack and make ansible workers to fail very often with the "Timeout (12s) waiting for privilege escalation prompt:" error. * Update docs. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2026-02-01 09:38:12 -03:30 · 2016-12-07 16:57:05 +01:00
parent 7897c34ba3
commit a15d626771
20 changed files with 195 additions and 123 deletions
--- a/roles/network_plugin/flannel/handlers/main.yml
+++ b/roles/network_plugin/flannel/handlers/main.yml
@@ -1,8 +1,42 @@
 ---
- name: delete default docker bridge
+- name: Flannel | delete default docker bridge
  command: ip link delete docker0
  ignore_errors: yes
-  notify: restart docker
+  notify: Flannel | restart docker
+
+- name: Flannel | restart docker
+  command: /bin/true
+  notify:
+    - Flannel | reload systemd
+    - Flannel | reload docker.socket
+    - Flannel | reload docker
+    - Flannel | pause while Docker restarts
+    - Flannel | wait for docker
+
+- name : Flannel | reload systemd
+  shell: systemctl daemon-reload
+  when: ansible_service_mgr == "systemd"
+
+- name: Flannel | reload docker.socket
+  service:
+    name: docker.socket
+    state: restarted
+  when: ansible_os_family == 'CoreOS'
+
+- name: Flannel | reload docker
+  service:
+    name: docker
+    state: restarted
+
+- name: Flannel | pause while Docker restarts
+  pause: seconds=10 prompt="Waiting for docker restart"
+
+- name: Flannel | wait for docker
+  command: /usr/bin/docker images
+  register: docker_ready
+  retries: 10
+  delay: 5
+  until: docker_ready.rc == 0

 - name: Flannel | reload kubelet
  service:
--- a/roles/network_plugin/flannel/tasks/main.yml
+++ b/roles/network_plugin/flannel/tasks/main.yml
@@ -11,7 +11,7 @@
  template:
    src: flannel-pod.yml
    dest: /etc/kubernetes/manifests/flannel-pod.manifest
-  notify: delete default docker bridge
+  notify: Flannel | delete default docker bridge

 - name: Flannel | Wait for flannel subnet.env file presence
  wait_for:
@@ -67,7 +67,7 @@
    group: root
    mode: 0644
  notify:
-    - restart docker
+    - Flannel | restart docker
  when: ansible_service_mgr in ["sysvinit","upstart"]

 - name: Flannel | Create docker network systemd drop-in
@@ -75,7 +75,7 @@
    src: flannel-options.conf.j2
    dest: "/etc/systemd/system/docker.service.d/flannel-options.conf"
  notify:
-    - restart docker
+    - Flannel | restart docker
  when: ansible_service_mgr == "systemd"

 - meta: flush_handlers