summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/openshift_node/defaults/main.yml2
-rw-r--r--roles/openshift_node/handlers/main.yml2
-rw-r--r--roles/openshift_node/meta/main.yml2
-rw-r--r--roles/openshift_node/tasks/main.yml8
-rwxr-xr-xroles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh29
-rw-r--r--roles/openshift_node_upgrade/handlers/main.yml5
-rw-r--r--roles/openshift_node_upgrade/tasks/main.yml4
7 files changed, 34 insertions, 18 deletions
diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml
index 5904ca9bc..47073ee0f 100644
--- a/roles/openshift_node/defaults/main.yml
+++ b/roles/openshift_node/defaults/main.yml
@@ -8,7 +8,7 @@ os_firewall_allow:
port: 443/tcp
- service: OpenShift OVS sdn
port: 4789/udp
- when: openshift.common.use_openshift_sdn | bool
+ when: openshift.common.use_openshift_sdn | default(true) | bool
- service: Calico BGP Port
port: 179/tcp
when: openshift.common.use_calico | bool
diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml
index 6b38da7f8..f2c45a4bd 100644
--- a/roles/openshift_node/handlers/main.yml
+++ b/roles/openshift_node/handlers/main.yml
@@ -3,7 +3,7 @@
systemd:
name: openvswitch
state: restarted
- when: (not skip_node_svc_handlers | default(False) | bool) and not (ovs_service_status_changed | default(false) | bool) and openshift.common.use_openshift_sdn | bool
+ when: (not skip_node_svc_handlers | default(False) | bool) and not (ovs_service_status_changed | default(false) | bool) and openshift.common.use_openshift_sdn | default(true) | bool
register: l_openshift_node_stop_openvswitch_result
until: not l_openshift_node_stop_openvswitch_result | failed
retries: 3
diff --git a/roles/openshift_node/meta/main.yml b/roles/openshift_node/meta/main.yml
index 3b7e8126a..e19d82ddc 100644
--- a/roles/openshift_node/meta/main.yml
+++ b/roles/openshift_node/meta/main.yml
@@ -30,7 +30,7 @@ dependencies:
os_firewall_allow:
- service: OpenShift OVS sdn
port: 4789/udp
- when: openshift.common.use_openshift_sdn | bool
+ when: openshift.common.use_openshift_sdn | default(true) | bool
- role: os_firewall
os_firewall_allow:
- service: Calico BGP Port
diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
index 0133533fc..8b4931e7c 100644
--- a/roles/openshift_node/tasks/main.yml
+++ b/roles/openshift_node/tasks/main.yml
@@ -90,7 +90,9 @@
package:
name: "{{ openshift.common.service_type }}-sdn-ovs{{ openshift_pkg_version | oo_image_tag_to_rpm_version(include_dash=True) }}"
state: present
- when: openshift.common.use_openshift_sdn and not openshift.common.is_containerized | bool
+ when:
+ - openshift.common.use_openshift_sdn | default(true) | bool
+ - not openshift.common.is_containerized | bool
- name: Install conntrack-tools package
package:
@@ -119,7 +121,9 @@
enabled: yes
state: started
daemon_reload: yes
- when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool
+ when:
+ - openshift.common.is_containerized | bool
+ - openshift.common.use_openshift_sdn | default(true) | bool
register: ovs_start_result
until: not ovs_start_result | failed
retries: 3
diff --git a/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh b/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh
index 924226d09..4aab8f2e9 100755
--- a/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh
+++ b/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh
@@ -37,6 +37,8 @@ if [[ $2 =~ ^(up|dhcp4-change|dhcp6-change)$ ]]; then
UPSTREAM_DNS_TMP_SORTED=`mktemp`
CURRENT_UPSTREAM_DNS_SORTED=`mktemp`
NEW_RESOLV_CONF=`mktemp`
+ NEW_NODE_RESOLV_CONF=`mktemp`
+
######################################################################
# couldn't find an existing method to determine if the interface owns the
@@ -60,12 +62,14 @@ EOF
fi
######################################################################
- # Generate a new origin dns config file
+ # Write out default nameservers for /etc/dnsmasq.d/origin-upstream-dns.conf
+ # and /etc/origin/node/resolv.conf in their respective formats
for ns in ${IP4_NAMESERVERS}; do
if [[ ! -z $ns ]]; then
- echo "server=${ns}"
+ echo "server=${ns}" >> $UPSTREAM_DNS_TMP
+ echo "nameserver ${ns}" >> $NEW_NODE_RESOLV_CONF
fi
- done > $UPSTREAM_DNS_TMP
+ done
# Sort it in case DNS servers arrived in a different order
sort $UPSTREAM_DNS_TMP > $UPSTREAM_DNS_TMP_SORTED
@@ -74,7 +78,6 @@ EOF
# Compare to the current config file (sorted)
NEW_DNS_SUM=`md5sum ${UPSTREAM_DNS_TMP_SORTED} | awk '{print $1}'`
CURRENT_DNS_SUM=`md5sum ${CURRENT_UPSTREAM_DNS_SORTED} | awk '{print $1}'`
-
if [ "${NEW_DNS_SUM}" != "${CURRENT_DNS_SUM}" ]; then
# DNS has changed, copy the temp file to the proper location (-Z
# sets default selinux context) and set the restart flag
@@ -82,6 +85,13 @@ EOF
NEEDS_RESTART=1
fi
+ # compare /etc/origin/node/resolv.conf checksum and replace it if different
+ NEW_NODE_RESOLV_CONF_MD5=`md5sum ${NEW_NODE_RESOLV_CONF}`
+ OLD_NODE_RESOLV_CONF_MD5=`md5sum /etc/origin/node/resolv.conf`
+ if [ "${NEW_NODE_RESOLV_CONF_MD5}" != "${OLD_NODE_RESOLV_CONF_MD5}" ]; then
+ cp -Z $NEW_NODE_RESOLV_CONF /etc/origin/node/resolv.conf
+ fi
+
if ! `systemctl -q is-active dnsmasq.service`; then
NEEDS_RESTART=1
fi
@@ -91,17 +101,14 @@ EOF
systemctl restart dnsmasq
fi
- # Only if dnsmasq is running properly make it our only nameserver, copy
- # original resolv.conf to /etc/origin/node/resolv.conf for node service to
- # bypass dnsmasq
+ # Only if dnsmasq is running properly make it our only nameserver and place
+ # a watermark on /etc/resolv.conf
if `systemctl -q is-active dnsmasq.service`; then
- if ! grep -q '99-origin-dns.sh' ${NEW_RESOLV_CONF}; then
+ if ! grep -q '99-origin-dns.sh' /etc/resolv.conf; then
echo "# nameserver updated by /etc/NetworkManager/dispatcher.d/99-origin-dns.sh" >> ${NEW_RESOLV_CONF}
- cp /etc/resolv.conf /etc/origin/node/resolv.conf
fi
- sed -e '/^nameserver.*$/d' /etc/resolv.conf > ${NEW_RESOLV_CONF}
+ sed -e '/^nameserver.*$/d' /etc/resolv.conf >> ${NEW_RESOLV_CONF}
echo "nameserver "${def_route_ip}"" >> ${NEW_RESOLV_CONF}
-
if ! grep -q 'search.*cluster.local' ${NEW_RESOLV_CONF}; then
sed -i '/^search/ s/$/ cluster.local/' ${NEW_RESOLV_CONF}
fi
diff --git a/roles/openshift_node_upgrade/handlers/main.yml b/roles/openshift_node_upgrade/handlers/main.yml
index 110dfe5ce..f26f5d573 100644
--- a/roles/openshift_node_upgrade/handlers/main.yml
+++ b/roles/openshift_node_upgrade/handlers/main.yml
@@ -3,7 +3,10 @@
systemd:
name: openvswitch
state: restarted
- when: (not skip_node_svc_handlers | default(False) | bool) and not (ovs_service_status_changed | default(false) | bool) and openshift.common.use_openshift_sdn | bool
+ when:
+ - not skip_node_svc_handlers | default(False) | bool
+ - not (ovs_service_status_changed | default(false) | bool)
+ - openshift.common.use_openshift_sdn | default(true) | bool
register: l_openshift_node_upgrade_stop_openvswitch_result
until: not l_openshift_node_upgrade_stop_openvswitch_result | failed
retries: 3
diff --git a/roles/openshift_node_upgrade/tasks/main.yml b/roles/openshift_node_upgrade/tasks/main.yml
index ac9ea32cb..f984a04b2 100644
--- a/roles/openshift_node_upgrade/tasks/main.yml
+++ b/roles/openshift_node_upgrade/tasks/main.yml
@@ -43,7 +43,9 @@
docker pull {{ openshift.node.ovs_image }}:{{ openshift_image_tag }}
register: pull_result
changed_when: "'Downloaded newer image' in pull_result.stdout"
- when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool
+ when:
+ - openshift.common.is_containerized | bool
+ - openshift.common.use_openshift_sdn | default(true) | bool
- include: docker/upgrade.yml
vars:
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-31 19:37:10 +0000