Skip to content
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit 55450e1

Browse files
authoredFeb 21, 2018
Merge pull request #6864 from mburke5678/BZ-1518022
Add dnsmasq configuration per BZ
2 parents 59d4ad6 + e6cb65c commit 55450e1

File tree

1 file changed

+112
-0
lines changed

1 file changed

+112
-0
lines changed
 

‎install_config/upgrading/manual_upgrades.adoc

Lines changed: 112 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -261,6 +261,93 @@ kubernetesMasterConfig:
261261
# systemctl enable origin-master-controllers
262262
----
263263

264+
. Configure Dnsmasq. Because of changes made in {product-title} 3.6, you will need to
265+
perform the following steps to configure dnsmasq as part of the upgrade. See DNS Changes
266+
under xref:../../release_notes/ocp_3_6_release_notes.adoc#ocp-36-notable-technical-changes[Notable Technical Changes]
267+
in the {product-title} 3.6 Release Notes.
268+
+
269+
.. Create a *_/etc/origin/node/node-dnsmasq.conf_* node configuration file.
270+
+
271+
----
272+
server=/in-addr.arpa/127.0.0.1
273+
server=/cluster.local/127.0.0.1
274+
----
275+
276+
.. Edit the *_/etc/dnsmasq.d/origin-dns.conf_* file as follows:
277+
+
278+
----
279+
no-resolv
280+
domain-needed
281+
no-negcache
282+
max-cache-ttl=1
283+
enable-dbus
284+
bind-interfaces
285+
listen-address=<node_ip_address> <1>
286+
----
287+
+
288+
<1> This is the IP address of the node host.
289+
290+
.. Edit the *_/etc/dnsmasq.d/origin-upstream-dns.conf_* file as follows:
291+
+
292+
----
293+
server=<dns_server1_ip_address>
294+
server=<dns_server2_ip_address>
295+
----
296+
297+
.. Edit the *_/etc/origin/node/node-config.yaml_* as follows:
298+
+
299+
----
300+
dnsBindAddress: 127.0.0.1:53
301+
dnsRecursiveResolvConf: /etc/origin/node/resolv.conf
302+
dnsDomain: cluster.local
303+
dnsIP: <node_ip_address> <1>
304+
----
305+
+
306+
<1> This is the IP address of the node host.
307+
308+
.. Update the *_/etc/systemd/system/atomic-openshift-node.service_* node systemd unit file:
309+
+
310+
----
311+
[Unit]
312+
Description=OpenShift Node
313+
After=docker.service
314+
Wants=openvswitch.service
315+
After=ovsdb-server.service
316+
After=ovs-vswitchd.service
317+
Wants=docker.service
318+
Documentation=https://github.com/openshift/origin
319+
Requires=dnsmasq.service
320+
After=dnsmasq.service
321+
322+
[Service]
323+
Type=notify
324+
EnvironmentFile=/etc/sysconfig/atomic-openshift-node
325+
Environment=GOTRACEBACK=crash
326+
ExecStartPre=/usr/bin/cp /etc/origin/node/node-dnsmasq.conf /etc/dnsmasq.d/
327+
ExecStartPre=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:/in-addr.arpa/127.0.0.1,/cluster.local/127.0.0.1
328+
ExecStopPost=/usr/bin/rm /etc/dnsmasq.d/node-dnsmasq.conf
329+
ExecStopPost=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:
330+
ExecStart=/usr/bin/openshift start node --config=${CONFIG_FILE} $OPTIONS
331+
LimitNOFILE=65536
332+
LimitCORE=infinity
333+
WorkingDirectory=/var/lib/origin/
334+
SyslogIdentifier=atomic-openshift-node
335+
Restart=always
336+
RestartSec=5s
337+
TimeoutStartSec=300
338+
OOMScoreAdjust=-999
339+
340+
[Install]
341+
WantedBy=multi-user.target
342+
----
343+
+
344+
.. Reload systemd and restart node service.
345+
+
346+
----
347+
# systemctl daemon-reload
348+
# systemctl restart atomic-openshift-node dnsmaq
349+
----
350+
264351
. Restart the master service(s) on each master and review logs to ensure they
265352
restart successfully.
266353
+
@@ -311,6 +398,31 @@ IMAGE_VERSION=<tag>
311398
+
312399
Replace `<tag>` with `{latest-tag}` for the latest version.
313400

401+
. Configure Dnsmasq. Because of changes made in {product-title} 3.6, you will need to
402+
perform the following steps to configure dnsmasq as part of the upgrade. See DNS Changes
403+
under xref:../../release_notes/ocp_3_6_release_notes.adoc#ocp-36-notable-technical-changes[Notable Technical Changes]
404+
in the {product-title} 3.6 Release Notes.
405+
+
406+
.. Download the following script:
407+
+
408+
----
409+
# wget https://raw.githubusercontent.com/openshift/openshift-ansible/release-3.6/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh -O /etc/NetworkManager/dispatcher.d/99-origin-dns.sh
410+
# chmod 755 /etc/NetworkManager/dispatcher.d/99-origin-dns.sh
411+
----
412+
+
413+
This command downloads the *99-origin-dns.sh* script and copies the script to the *_/etc/NetworkManager/dispatcher.d/_* directory.
414+
This script configure pods to use the node IP address as resolver. Using 127.0.0.1 inside a pod would fail.
415+
416+
.. Edit the master DNS configuration file to listen on port 8053. This avoids conflicts on port 53 and opens port 8053 in the firewall.
417+
418+
.. Restart Network Manager:
419+
+
420+
----
421+
# systemctl restart NetworkManager
422+
----
423+
424+
.. Edit the *_/etc/origin/node/node-config.yaml_* file to set the `dnsIP` field to the IP address of this node.
425+
314426
. Restart the master service(s) on each master and review logs to ensure they
315427
restart successfully.
316428
+

0 commit comments

Comments
 (0)
Please sign in to comment.