Revert "openstack: Del DNS from service VM update docs" #1094

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

openshift-merge-robot merged 1 commit into openshift:master from tomassedovic:reverte-openstack-dns-removal

Jan 23, 2019

data/data/openstack/bootstrap/main.tf

-Original file line number
+Diff line change
@@ Expand Up / @@ -15,6 +15,29 @@ data "ignition_config" "redirect" { @@
       append {
         source = "${openstack_objectstorage_tempurl_v1.ignition_tmpurl.url}"
       }
+      files = [
+        "${data.ignition_file.bootstrap_ifcfg.id}",
+      ]
+    }
+    data "ignition_file" "bootstrap_ifcfg" {
+      filesystem = "root"
+      mode       = "420"                                       // 0644
+      path       = "/etc/sysconfig/network-scripts/ifcfg-eth0"
+      content {
+        content = <<EOF
+    DEVICE="eth0"
+    BOOTPROTO="dhcp"
+    ONBOOT="yes"
+    TYPE="Ethernet"
+    PERSISTENT_DHCLIENT="yes"
+    DNS1="${var.service_vm_fixed_ip}"
+    PEERDNS="no"
+    NM_CONTROLLED="yes"
+    EOF
+      }
     }
     data "openstack_images_image_v2" "bootstrap_image" {
@@ Expand Down @@

data/data/openstack/lb/main.tf

-Original file line number
+Diff line change
@@ Expand Up / @@ -35,6 +35,33 @@ data "ignition_file" "haproxy_conf" { @@
       }
     }
+    data "ignition_file" "openshift_hosts" {
+      filesystem = "root"
+      mode       = "420"                  // 0644
+      path       = "/etc/openshift-hosts"
+      content {
+        content = <<EOF
+    ${replace(join("\n", formatlist("%s ${var.cluster_name}-etcd-%s.${var.cluster_domain}", var.master_ips, var.master_port_names)), "master-port-", "")}
+    EOF
+      }
+    }
+    data "ignition_systemd_unit" "local_dns" {
+      name = "local-dns.service"
+      content = <<EOF
+    [Unit]
+    Description=Internal DNS server for running OpenShift on OpenStack
+    [Service]
+    ExecStart=/bin/podman run --name bootstrap-dns --rm -t -i -p 53:53/tcp -p 53:53/udp -v /etc/openshift-hosts:/etc/openshift-hosts:z --cap-add=NET_ADMIN docker.io/andyshinn/dnsmasq:latest --keep-in-foreground --log-facility=- --log-queries --no-resolv --addn-hosts=/etc/openshift-hosts --server=10.0.0.2 ${replace(join(" ", formatlist("--srv-host=_etcd-server-ssl._tcp.${var.cluster_name}.${var.cluster_domain},${var.cluster_name}-etcd-%s.${var.cluster_domain},2380,0,10", var.master_port_names)), "master-port-", "")}
+    [Install]
+    WantedBy=multi-user.target
+    EOF
+    }
     data "ignition_user" "core" {
       name = "core"
     }
@@ Expand All / @@ -59,10 +86,12 @@ data "ignition_config" "lb_redirect" { @@
       files = [
         "${data.ignition_file.haproxy_conf.id}",
+        "${data.ignition_file.openshift_hosts.id}",
       ]
       systemd = [
         "${data.ignition_systemd_unit.haproxy_unit.id}",
+        "${data.ignition_systemd_unit.local_dns.id}",
       ]
       users = [
@@ Expand Down @@

data/data/openstack/masters/main.tf

-Original file line number
+Diff line change
@@ Expand Up / @@ -13,6 +13,7 @@ data "ignition_config" "master_ignition_config" { @@
       }
       files = [
+        "${data.ignition_file.master_ifcfg.id}",
         "${data.ignition_file.master_hacks_script.id}",
       ]
@@ Expand All / @@ -21,6 +22,25 @@ data "ignition_config" "master_ignition_config" { @@
       ]
     }
+    data "ignition_file" "master_ifcfg" {
+      filesystem = "root"
+      mode       = "420"                                       // 0644
+      path       = "/etc/sysconfig/network-scripts/ifcfg-eth0"
+      content {
+        content = <<EOF
+    DEVICE="eth0"
+    BOOTPROTO="dhcp"
+    ONBOOT="yes"
+    TYPE="Ethernet"
+    PERSISTENT_DHCLIENT="yes"
+    DNS1="${var.service_vm_fixed_ip}"
+    PEERDNS="no"
+    NM_CONTROLLED="yes"
+    EOF
+      }
+    }
     data "ignition_file" "master_hacks_script" {
       filesystem = "root"
       mode       = "493"           // 0755
@@ Expand Down @@

data/data/openstack/topology/sg-lb.tf

-Original file line number
+Diff line change
@@ Expand Up @@
       security_group_id = "${openstack_networking_secgroup_v2.api.id}"
     }
+    resource "openstack_networking_secgroup_rule_v2" "api_ingress_dns_udp" {
+      direction         = "ingress"
+      ethertype         = "IPv4"
+      protocol          = "udp"
+      port_range_min    = 53
+      port_range_max    = 53
+      remote_ip_prefix  = "0.0.0.0/0"
+      security_group_id = "${openstack_networking_secgroup_v2.api.id}"
+    }
+    resource "openstack_networking_secgroup_rule_v2" "api_ingress_dns_tcp" {
+      direction         = "ingress"
+      ethertype         = "IPv4"
+      protocol          = "tcp"
+      port_range_min    = 53
+      port_range_max    = 53
+      remote_ip_prefix  = "0.0.0.0/0"
+      security_group_id = "${openstack_networking_secgroup_v2.api.id}"
+    }
     resource "openstack_networking_secgroup_rule_v2" "api_ingress_ssh_tcp" {
       direction         = "ingress"
       ethertype         = "IPv4"
@@ Expand Down @@

docs/user/openstack/README.md

-Original file line number
+Diff line change
@@ Expand Up / @@ -60,34 +60,6 @@ openstack network list --long -c ID -c Name -c "Router Type" @@
     +--------------------------------------+----------------+-------------+
     ```
-    * You should add the following records to the DNS server that provides service
-      to your cluster (typically that's the one that the Neutron dns forwards to):
-          Dnsmasq example with three masters
-          ==================================
-          service-host=_etcd-server-ssl._tcp.CLUSTER_NAME.DOMAIN_NAME,CLUSTER_NAME-etcd-0.DOMAIN_NAME,2380,0,10
-          service-host=_etcd-server-ssl._tcp.CLUSTER_NAME.DOMAIN_NAME,CLUSTER_NAME-etcd-1.DOMAIN_NAME,2380,0,10
-          service-host=_etcd-server-ssl._tcp.CLUSTER_NAME.DOMAIN_NAME,CLUSTER_NAME-etcd-2.DOMAIN_NAME,2380,0,10
-          cname=CLUSTER_NAME-etcd-0,CLUSTER_NAME-master-0
-          cname=CLUSTER_NAME-etcd-1,CLUSTER_NAME-master-1
-          cname=CLUSTER_NAME-etcd-2,CLUSTER_NAME-master-2
-          Bind example with three masters
-          ===============================
-          ;                                SVC.PROTO.NAME   TTL    CLASS  PRIORITY WEIGHT PORT                           TARGET
-          _etcd-server-ssl._tcp.CLUSTER_NAME.DOMAIN_NAME.    IN      SRV         0     10 2380  CLUSTER_NAME-etcd-0.DOMAIN_NAME
-                                                             IN      SRV         0     10 2380  CLUSTER_NAME-etcd-1.DOMAIN_NAME
-                                                             IN      SRV         0     10 2380  CLUSTER_NAME-etcd-2.DOMAIN_NAME
-          $ORIGIN DOMAIN_NAME.
-          ;              NAME    TTL   CLASS                            CANONICAL_NAME
-          CLUSTER_NAME-etcd-0     IN   CNAME        CLUSTER_NAME-master-0.DOMAIN_NAME.
-          CLUSTER_NAME-etcd-1     IN   CNAME        CLUSTER_NAME-master-1.DOMAIN_NAME.
-          CLUSTER_NAME-etcd-2     IN   CNAME        CLUSTER_NAME-master-2.DOMAIN_NAME.
     ## Current Expected Behavior
     As mentioned, OpenStack support is still experimental. Currently:
@@ Expand Down @@

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Revert "openstack: Del DNS from service VM update docs" #1094

Uh oh!

Diff view

Diff view

There are no files selected for viewing