Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport][ipa-4-8] Add systemd-resolved support #5141

Closed
wants to merge 5 commits into from
Closed

[Backport][ipa-4-8] Add systemd-resolved support #5141

wants to merge 5 commits into from

Conversation

tiran
Copy link
Member

@tiran tiran commented Sep 23, 2020

Manual backport of PR #5125 to 4.8 branch.

61ec5de had a minor conflict in ipaserver/install/bindinstance.py.

@tiran
Add helpers for resolve1 and nameservers
f486b9f 
detect_resolve1_resolv_conf() detects if systemd-resolved is enabled and
manages /etc/resolv.conf.

get_resolve1_nameservers() gets upstream DNS servers from
systemd-resolved's D-Bus interface.

get_dnspython_nameservers() gets upstream DNS servers from
/etc/resolv.conf via dns.python.

get_nameservers() gets a list of unique, non-loopback DNS server IP
addresses.

Also fixes setup.py to include D-Bus for ipalib instead of ipapython.

See: https://pagure.io/freeipa/issue/8275
Signed-off-by: Christian Heimes <cheimes@redhat.com>
@tiran
Configure NetworkManager to use systemd-resolved
3b28643 
zzz-ipa.conf now enables NetworkManager's systemd-resolved plugin when
systemd-resolved is detected.

See: https://pagure.io/freeipa/issue/8275
Signed-off-by: Christian Heimes <cheimes@redhat.com>
@tiran
Use new API for auto-forwarders
80979a1 
Auto-forwarders and manual configuration now use the new API to get a
list of DNS servers. Manual installer refuses loopback, too.

See: https://pagure.io/freeipa/issue/8275
Signed-off-by: Christian Heimes <cheimes@redhat.com>
@tiran
Configure systemd-resolved to use IPA's BIND
0025681 
IPA installer now instructs systemd-resolved to use IPA's BIND DNS
server as primary DNS server.

Fixes: https://pagure.io/freeipa/issue/8275
Signed-off-by: Christian Heimes <cheimes@redhat.com>
@tiran
Create systemd-resolved configuration on update
8610cf6 
Create systemd-resolved drop-in and restart the service when the drop-in
config file is missing and /etc/resolv.conf points to stub resolver
config file.

Signed-off-by: Christian Heimes <cheimes@redhat.com>
@tiran tiran added the ack Pull Request approved, can be merged label Sep 23, 2020
@fcami
Copy link
Contributor

fcami commented Sep 23, 2020

/azp run

@fcami fcami added the re-run Trigger a new run of PR-CI label Sep 23, 2020
@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@freeipa-pr-ci freeipa-pr-ci removed the re-run Trigger a new run of PR-CI label Sep 23, 2020
@fcami
Copy link
Contributor

fcami commented Sep 23, 2020

/azp run

@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@fcami fcami added the re-run Trigger a new run of PR-CI label Sep 23, 2020
@freeipa-pr-ci freeipa-pr-ci removed the re-run Trigger a new run of PR-CI label Sep 23, 2020
@tiran tiran added the pushed Pull Request has already been pushed label Sep 24, 2020
@tiran
Copy link
Member Author

tiran commented Sep 24, 2020

ipa-4-8:

  • 489ddc6 Add helpers for resolve1 and nameservers
  • d6827f5 Configure NetworkManager to use systemd-resolved
  • 6dc5566 Use new API for auto-forwarders
  • c67aba2 Configure systemd-resolved to use IPA's BIND
  • 3b3cb99 Create systemd-resolved configuration on update

@tiran tiran closed this Sep 24, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
ack Pull Request approved, can be merged pushed Pull Request has already been pushed
Projects
None yet
Milestone
No milestone
3 participants
@tiran @fcami @freeipa-pr-ci