airship
/
airship-in-a-bottle
Code Issues Proposed changes

Ubuntu 18.04 

Updated the genesis and build node preparation scripts to disable
systemd-resolved.service's local stub DNS, as it interfers with
coreDNS or othe cluster dns on port 53.

Change-Id: I294671c6c13bbba7f7f6599092cc0425b00b11a0
This commit is contained in:
Ahmad Mahmoudi 2019-11-14 21:45:42 +00:00 committed by Ahmad Mahmoudi
parent 87b65e9772
commit 6cf8513ec6
3 changed files with 49 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
tools/multi_nodes_gate/airship_gate/lib/bootaction-runner.sh
View File

@ -80,6 +80,22 @@ install_file(){
fi
}
disable_dns_stub_listener() {
resolved_conf="/etc/systemd/resolved.conf"
if [[ -f $resolved_conf ]]; then
cp "$resolved_conf" "$resolved_conf.$(date '+%Y_%m_%d__%H_%M_%S')"
if grep -q "^DNSStubListener=" $resolved_conf; then
sed s/DNSStubListener=.*/DNSStubListener=no/g $resolved_conf
echo "Updated DNSStubListener entry."
else
echo "DNSStubListener=no" | sudo tee -a $resolved_conf
echo "Added DNSStubListener."
fi
systemctl restart systemd-resolved.service
echo "Restarted systemd_resolved.service"
fi
}
###############################################################################
# Script inputs and validations
@ -111,6 +127,12 @@ echo "Using rendered manifests file '$rendered_file'"
: "${DISABLE_SECCOMP_PROFILE:=}"
: "${DISABLE_APPARMOR_PROFILES:=}"
###############################################################################
# pre-genesis: disable systemd-resolved stub listener
###############################################################################
echo "Disabling dns sub listener."
disable_dns_stub_listener
sleep 20
###############################################################################
# bootaction: seccomp-profiles

22
tools/multi_nodes_gate/airship_gate/lib/resolved.sh Executable file
View File

@ -0,0 +1,22 @@
#!/bin/bash
disable_dns_stub_listener() {
resolved_conf="/etc/systemd/resolved.conf"
if [[ -f $resolved_conf ]]; then
cp "$resolved_conf" "$resolved_conf.$(date '+%Y_%m_%d__%H_%M_%S')"
if grep -q "^DNSStubListener=" $resolved_conf; then
sed s/DNSStubListener=.*/DNSStubListener=no/g $resolved_conf
echo "Updated DNSStubListener entry."
else
echo "DNSStubListener=no" | sudo tee -a $resolved_conf
echo "Added DNSStubListener."
fi
systemctl restart systemd-resolved.service
echo "Restarted systemd_resolved.service"
fi
}
echo "Disabling dns stub listener to avoid port collision with coreDNS."
disable_dns_stub_listener
sleep 20

5
tools/multi_nodes_gate/airship_gate/stages/ingress-dns.sh
View File

@ -21,3 +21,8 @@ DNS_SERVER="$1"
ingress_dns_config
ingress_dns_start "${DNS_SERVER}"
rsync_cmd "${REPO_ROOT}/tools/multi_nodes_gate/airship_gate/lib/resolved.sh" "${DNS_SERVER}:/root/airship/"
set -o pipefail
ssh_cmd "${DNS_SERVER}" /root/airship/resolved.sh 2>&1 | tee -a "${LOG_FILE}"
set +o pipefail