@@ -261,6 +261,93 @@ kubernetesMasterConfig:
261
261
# systemctl enable origin-master-controllers
262
262
----
263
263
264
+ . Configure Dnsmasq. Because of changes made in {product-title} 3.6, you will need to
265
+ perform the following steps to configure dnsmasq as part of the upgrade. See DNS Changes
266
+ under xref:../../release_notes/ocp_3_6_release_notes.adoc#ocp-36-notable-technical-changes[Notable Technical Changes]
267
+ in the {product-title} 3.6 Release Notes.
268
+ +
269
+ .. Create a *_/etc/origin/node/node-dnsmasq.conf_* node configuration file.
270
+ +
271
+ ----
272
+ server=/in-addr.arpa/127.0.0.1
273
+ server=/cluster.local/127.0.0.1
274
+ ----
275
+
276
+ .. Edit the *_/etc/dnsmasq.d/origin-dns.conf_* file as follows:
277
+ +
278
+ ----
279
+ no-resolv
280
+ domain-needed
281
+ no-negcache
282
+ max-cache-ttl=1
283
+ enable-dbus
284
+ bind-interfaces
285
+ listen-address=<node_ip_address> <1>
286
+ ----
287
+ +
288
+ <1> This is the IP address of the node host.
289
+
290
+ .. Edit the *_/etc/dnsmasq.d/origin-upstream-dns.conf_* file as follows:
291
+ +
292
+ ----
293
+ server=<dns_server1_ip_address>
294
+ server=<dns_server2_ip_address>
295
+ ----
296
+
297
+ .. Edit the *_/etc/origin/node/node-config.yaml_* as follows:
298
+ +
299
+ ----
300
+ dnsBindAddress: 127.0.0.1:53
301
+ dnsRecursiveResolvConf: /etc/origin/node/resolv.conf
302
+ dnsDomain: cluster.local
303
+ dnsIP: <node_ip_address> <1>
304
+ ----
305
+ +
306
+ <1> This is the IP address of the node host.
307
+
308
+ .. Update the *_/etc/systemd/system/atomic-openshift-node.service_* node systemd unit file:
309
+ +
310
+ ----
311
+ [Unit]
312
+ Description=OpenShift Node
313
+ After=docker.service
314
+ Wants=openvswitch.service
315
+ After=ovsdb-server.service
316
+ After=ovs-vswitchd.service
317
+ Wants=docker.service
318
+ Documentation=https://github.com/openshift/origin
319
+ Requires=dnsmasq.service
320
+ After=dnsmasq.service
321
+
322
+ [Service]
323
+ Type=notify
324
+ EnvironmentFile=/etc/sysconfig/atomic-openshift-node
325
+ Environment=GOTRACEBACK=crash
326
+ ExecStartPre=/usr/bin/cp /etc/origin/node/node-dnsmasq.conf /etc/dnsmasq.d/
327
+ ExecStartPre=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:/in-addr.arpa/127.0.0.1,/cluster.local/127.0.0.1
328
+ ExecStopPost=/usr/bin/rm /etc/dnsmasq.d/node-dnsmasq.conf
329
+ ExecStopPost=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:
330
+ ExecStart=/usr/bin/openshift start node --config=${CONFIG_FILE} $OPTIONS
331
+ LimitNOFILE=65536
332
+ LimitCORE=infinity
333
+ WorkingDirectory=/var/lib/origin/
334
+ SyslogIdentifier=atomic-openshift-node
335
+ Restart=always
336
+ RestartSec=5s
337
+ TimeoutStartSec=300
338
+ OOMScoreAdjust=-999
339
+
340
+ [Install]
341
+ WantedBy=multi-user.target
342
+ ----
343
+ +
344
+ .. Reload systemd and restart node service.
345
+ +
346
+ ----
347
+ # systemctl daemon-reload
348
+ # systemctl restart atomic-openshift-node dnsmaq
349
+ ----
350
+
264
351
. Restart the master service(s) on each master and review logs to ensure they
265
352
restart successfully.
266
353
+
@@ -311,6 +398,31 @@ IMAGE_VERSION=<tag>
311
398
+
312
399
Replace `<tag>` with `{latest-tag}` for the latest version.
313
400
401
+ . Configure Dnsmasq. Because of changes made in {product-title} 3.6, you will need to
402
+ perform the following steps to configure dnsmasq as part of the upgrade. See DNS Changes
403
+ under xref:../../release_notes/ocp_3_6_release_notes.adoc#ocp-36-notable-technical-changes[Notable Technical Changes]
404
+ in the {product-title} 3.6 Release Notes.
405
+ +
406
+ .. Download the following script:
407
+ +
408
+ ----
409
+ # wget https://raw.githubusercontent.com/openshift/openshift-ansible/release-3.6/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh -O /etc/NetworkManager/dispatcher.d/99-origin-dns.sh
410
+ # chmod 755 /etc/NetworkManager/dispatcher.d/99-origin-dns.sh
411
+ ----
412
+ +
413
+ This command downloads the *99-origin-dns.sh* script and copies the script to the *_/etc/NetworkManager/dispatcher.d/_* directory.
414
+ This script configure pods to use the node IP address as resolver. Using 127.0.0.1 inside a pod would fail.
415
+
416
+ .. Edit the master DNS configuration file to listen on port 8053. This avoids conflicts on port 53 and opens port 8053 in the firewall.
417
+
418
+ .. Restart Network Manager:
419
+ +
420
+ ----
421
+ # systemctl restart NetworkManager
422
+ ----
423
+
424
+ .. Edit the *_/etc/origin/node/node-config.yaml_* file to set the `dnsIP` field to the IP address of this node.
425
+
314
426
. Restart the master service(s) on each master and review logs to ensure they
315
427
restart successfully.
316
428
+
0 commit comments