External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-02-12 06:54:46 -03:30
Code Issues Packages Projects Releases Wiki Activity

Do not forward bogus domains for upstream resolvers

Browse Source 
Also fix kube log level 4 to log dnsmasq queries.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
This commit is contained in:
Bogdan Dobrelya
2016-11-30 14:06:11 +01:00
parent 36a5143478
commit bb0c3537cb
4 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
roles/dnsmasq/templates/01-kube-dns.conf.j2
View File

@@ -7,6 +7,8 @@ addn-hosts=/etc/hosts
strict-order
# Forward k8s domain to kube-dns
server=/{{ dns_domain }}/{{ skydns_server }}
# Reply NXDOMAIN to bogus domains requests like com.cluster.local.cluster.local
local=/{{ bogus_domains }}
#Set upstream dns servers
{% if upstream_dns_servers is defined %}
@@ -17,7 +19,7 @@ server={{ srv }}
server={{ default_resolver }}
{% endif %}
{% if kube_log_level == 4 %}
{% if kube_log_level == '4' %}
log-queries
{% endif %}
bogus-priv

2
roles/kubernetes-apps/ansible/templates/kubedns-rc.yml
View File

@@ -79,7 +79,7 @@ spec:
- --cache-size=1000
- --no-resolv
- --server=127.0.0.1#10053
{% if kube_log_level == 4 %}
{% if kube_log_level == '4' %}
- --log-queries
{% endif %}
ports:

2
roles/kubernetes/preinstall/tasks/set_resolv_facts.yml
View File

@@ -10,7 +10,7 @@
{%- if resolvconf.rc == 0 -%}true{%- else -%}false{%- endif -%}
- set_fact:
private_domains: |-
bogus_domains: |-
{% for d in [ 'default.svc.' + dns_domain, 'svc.' + dns_domain ] + searchdomains|default([]) -%}
{{dns_domain}}.{{d}}./{{d}}.{{d}}./com.{{d}}./
{%- endfor %}