kubespray/roles/kubernetes/preinstall/tasks/0063-networkmanager-dns.yml

---
- name: NetworkManager | Add nameservers to NM configuration
  community.general.ini_file:
    path: /etc/NetworkManager/conf.d/dns.conf
    section: global-dns-domain-*
    option: servers
    value: "{{ nameserverentries }}"
    mode: '0600'
    backup: yes
  when:
    - nameserverentries != "127.0.0.53" or systemd_resolved_enabled.rc != 0
  notify: Preinstall | update resolvconf for networkmanager

- name: Set default dns if remove_default_searchdomains is false
  set_fact:
    default_searchdomains: ["default.svc.{{ dns_domain }}", "svc.{{ dns_domain }}"]
  when: not remove_default_searchdomains | default() | bool or (remove_default_searchdomains | default() | bool and searchdomains | default([]) | length==0)

- name: NetworkManager | Add DNS search to NM configuration
  community.general.ini_file:
    path: /etc/NetworkManager/conf.d/dns.conf
    section: global-dns
    option: searches
    value: "{{ (default_searchdomains | default([]) + searchdomains | default([])) | join(',') }}"
    mode: '0600'
    backup: yes
  notify: Preinstall | update resolvconf for networkmanager

- name: NetworkManager | Add DNS options to NM configuration
  community.general.ini_file:
    path: /etc/NetworkManager/conf.d/dns.conf
    section: global-dns
    option: options
    value: "ndots:{{ ndots }},timeout:{{ dns_timeout | default('2') }},attempts:{{ dns_attempts | default('2') }}"
    mode: '0600'
    backup: yes
  notify: Preinstall | update resolvconf for networkmanager
Use NetworkManager to manage resolv.conf in FedoraCoreOS (#6291) 2020-06-29 15:26:17 +08:00			`---`
			`- name: NetworkManager \| Add nameservers to NM configuration`
Upgrade ansible (#10190) * project: update all dependencies including ansible Upgrade to ansible 7.x and ansible-core 2.14.x. There seems to be issue with ansible 8/ansible-core 2.15 so we remain on those versions for now. It's quite a big bump already anyway. Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * tests: install aws galaxy collection Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * ansible-lint: disable various rules after ansible upgrade Temporarily disable a bunch of linting action following ansible upgrade. Those should be taken care of separately. Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve deprecated-module ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve no-free-form ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[meta] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[playbook] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[tasks] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve risky-file-permissions ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve risky-shell-pipe ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: remove deprecated warn args Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: use fqcn for non builtin tasks Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve syntax-check[missing-file] for contrib playbook Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: use arithmetic inside jinja to fix ansible 6 upgrade Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> --------- Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> 2023-06-26 18:15:45 +08:00			`community.general.ini_file:`
Fedora coreos networkmanager global dns and bootstrapping fix (#6577) * remove podman cni plugin * configure networkamanger global dns * allow installation of python3-libselinux by disabling update repo temporary * remove ipv4 section because it is not a valid configuration 2020-09-07 17:27:41 +08:00			`path: /etc/NetworkManager/conf.d/dns.conf`
			`section: global-dns-domain-*`
			`option: servers`
Fix host DNS config 1) being edited too soon and 2) not working with NM (#8575) Signed-off-by: Mac Chaffee <me@macchaffee.com> 2022-02-27 02:29:23 +08:00			`value: "{{ nameserverentries }}"`
Use NetworkManager to manage resolv.conf in FedoraCoreOS (#6291) 2020-06-29 15:26:17 +08:00			`mode: '0600'`
			`backup: yes`
Use supported version of fedora in CI (#10108) * tests: replace fedora35 with fedora37 Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * tests: replace fedora36 with fedora38 Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * docs: update fedora version in docs Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * molecule: upgrade fedora version Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * tests: upgrade fedora images for vagrant and kubevirt Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * vagrant: workaround to fix private network ip address in fedora Fedora stop supporting syconfig network script so we added a workaround here https://github.com/hashicorp/vagrant/issues/12762#issuecomment-1535957837 to fix it. * netowrkmanager: do not configure dns if using systemd-resolved We should not configure dns if we point to systemd-resolved. Systemd-resolved is using NetworkManager to infer the upstream DNS server so if we set NetworkManager to 127.0.0.53 it will prevent systemd-resolved to get the correct network DNS server. Thus if we are in this case we just don't set this setting. Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * image-builder: update centos7 image Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * gitlab-ci: mark fedora packet jobs as allow failure Fedora networking is still broken on Packet, let's mark it as allow failure for now. Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> --------- Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> 2023-08-08 15:50:12 +08:00			`when:`
			`- nameserverentries != "127.0.0.53" or systemd_resolved_enabled.rc != 0`
Fix host DNS config 1) being edited too soon and 2) not working with NM (#8575) Signed-off-by: Mac Chaffee <me@macchaffee.com> 2022-02-27 02:29:23 +08:00			`notify: Preinstall \| update resolvconf for networkmanager`
Use NetworkManager to manage resolv.conf in FedoraCoreOS (#6291) 2020-06-29 15:26:17 +08:00
Resolve ansible-lint name errors (#10253) * project: fix ansible-lint name Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: ignore jinja template error in names Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: capitalize ansible name Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: update notify after name capitalization Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> --------- Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> 2023-07-26 22:36:22 +08:00			`- name: Set default dns if remove_default_searchdomains is false`
feat: allows users to have more control on DNS (#9270) Signed-off-by: eminaktas <eminaktas34@gmail.com> Signed-off-by: eminaktas <eminaktas34@gmail.com> 2022-09-24 01:28:26 +08:00			`set_fact:`
			`default_searchdomains: ["default.svc.{{ dns_domain }}", "svc.{{ dns_domain }}"]`
project: fix var-spacing ansible rule (#10266) * project: fix var-spacing ansible rule Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix spacing on the beginning/end of jinja template Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix spacing of default filter Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix spacing between filter arguments Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix double space at beginning/end of jinja Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix remaining jinja[spacing] ansible-lint warning Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> --------- Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> 2023-07-05 11:36:54 +08:00			`when: not remove_default_searchdomains \| default() \| bool or (remove_default_searchdomains \| default() \| bool and searchdomains \| default([]) \| length==0)`
feat: allows users to have more control on DNS (#9270) Signed-off-by: eminaktas <eminaktas34@gmail.com> Signed-off-by: eminaktas <eminaktas34@gmail.com> 2022-09-24 01:28:26 +08:00
Use NetworkManager to manage resolv.conf in FedoraCoreOS (#6291) 2020-06-29 15:26:17 +08:00			`- name: NetworkManager \| Add DNS search to NM configuration`
Upgrade ansible (#10190) * project: update all dependencies including ansible Upgrade to ansible 7.x and ansible-core 2.14.x. There seems to be issue with ansible 8/ansible-core 2.15 so we remain on those versions for now. It's quite a big bump already anyway. Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * tests: install aws galaxy collection Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * ansible-lint: disable various rules after ansible upgrade Temporarily disable a bunch of linting action following ansible upgrade. Those should be taken care of separately. Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve deprecated-module ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve no-free-form ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[meta] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[playbook] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[tasks] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve risky-file-permissions ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve risky-shell-pipe ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: remove deprecated warn args Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: use fqcn for non builtin tasks Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve syntax-check[missing-file] for contrib playbook Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: use arithmetic inside jinja to fix ansible 6 upgrade Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> --------- Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> 2023-06-26 18:15:45 +08:00			`community.general.ini_file:`
Fedora coreos networkmanager global dns and bootstrapping fix (#6577) * remove podman cni plugin * configure networkamanger global dns * allow installation of python3-libselinux by disabling update repo temporary * remove ipv4 section because it is not a valid configuration 2020-09-07 17:27:41 +08:00			`path: /etc/NetworkManager/conf.d/dns.conf`
			`section: global-dns`
			`option: searches`
project: fix var-spacing ansible rule (#10266) * project: fix var-spacing ansible rule Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix spacing on the beginning/end of jinja template Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix spacing of default filter Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix spacing between filter arguments Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix double space at beginning/end of jinja Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix remaining jinja[spacing] ansible-lint warning Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> --------- Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> 2023-07-05 11:36:54 +08:00			`value: "{{ (default_searchdomains \| default([]) + searchdomains \| default([])) \| join(',') }}"`
Use NetworkManager to manage resolv.conf in FedoraCoreOS (#6291) 2020-06-29 15:26:17 +08:00			`mode: '0600'`
			`backup: yes`
Fix host DNS config 1) being edited too soon and 2) not working with NM (#8575) Signed-off-by: Mac Chaffee <me@macchaffee.com> 2022-02-27 02:29:23 +08:00			`notify: Preinstall \| update resolvconf for networkmanager`
Use NetworkManager to manage resolv.conf in FedoraCoreOS (#6291) 2020-06-29 15:26:17 +08:00
			`- name: NetworkManager \| Add DNS options to NM configuration`
Upgrade ansible (#10190) * project: update all dependencies including ansible Upgrade to ansible 7.x and ansible-core 2.14.x. There seems to be issue with ansible 8/ansible-core 2.15 so we remain on those versions for now. It's quite a big bump already anyway. Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * tests: install aws galaxy collection Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * ansible-lint: disable various rules after ansible upgrade Temporarily disable a bunch of linting action following ansible upgrade. Those should be taken care of separately. Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve deprecated-module ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve no-free-form ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[meta] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[playbook] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[tasks] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve risky-file-permissions ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve risky-shell-pipe ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: remove deprecated warn args Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: use fqcn for non builtin tasks Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve syntax-check[missing-file] for contrib playbook Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: use arithmetic inside jinja to fix ansible 6 upgrade Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> --------- Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> 2023-06-26 18:15:45 +08:00			`community.general.ini_file:`
Fedora coreos networkmanager global dns and bootstrapping fix (#6577) * remove podman cni plugin * configure networkamanger global dns * allow installation of python3-libselinux by disabling update repo temporary * remove ipv4 section because it is not a valid configuration 2020-09-07 17:27:41 +08:00			`path: /etc/NetworkManager/conf.d/dns.conf`
			`section: global-dns`
			`option: options`
project: fix var-spacing ansible rule (#10266) * project: fix var-spacing ansible rule Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix spacing on the beginning/end of jinja template Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix spacing of default filter Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix spacing between filter arguments Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix double space at beginning/end of jinja Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: fix remaining jinja[spacing] ansible-lint warning Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> --------- Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> 2023-07-05 11:36:54 +08:00			`value: "ndots:{{ ndots }},timeout:{{ dns_timeout \| default('2') }},attempts:{{ dns_attempts \| default('2') }}"`
Use NetworkManager to manage resolv.conf in FedoraCoreOS (#6291) 2020-06-29 15:26:17 +08:00			`mode: '0600'`
			`backup: yes`
Fix host DNS config 1) being edited too soon and 2) not working with NM (#8575) Signed-off-by: Mac Chaffee <me@macchaffee.com> 2022-02-27 02:29:23 +08:00			`notify: Preinstall \| update resolvconf for networkmanager`