DNM Check binding dnsmasq listen-address to 0.0.0.0 #2454
Conversation
|
Skipping CI for Draft Pull Request. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/ok-to-test |
|
Build failed (check pipeline). Post https://softwarefactory-project.io/zuul/t/rdoproject.org/buildset/feb9d6a98c7245719a35903b68cb9285 ✔️ openstack-k8s-operators-content-provider SUCCESS in 1h 49m 44s |
danpawlik
force-pushed
the
improve-dns-config
branch
2 times, most recently
from
a4ec153
to
9a66deb
Compare
There is an issue, that the DNS requests are redirected to the cloud provider to resolve domain: api-int.crc.testing. Normally it is right that it want to resolve, but the dnsmasq should take the query and reply, however this is not the case. Let's set the dnsmasq listen-address to be accessible to all addresses on that host.
danpawlik
force-pushed
the
improve-dns-config
branch
from
9a66deb
to
e816ecb
Compare
|
Build failed (check pipeline). Post https://softwarefactory-project.io/zuul/t/rdoproject.org/buildset/f79008ea1cc64676997c6a96481acbc4 ✔️ openstack-k8s-operators-content-provider SUCCESS in 2h 22m 41s |
|
recheck |
| @@ -197,7 +197,8 @@ | |||
| cifmw_dnsmasq_network_name: "{{ item.name }}" | |||
| cifmw_dnsmasq_network_state: present | |||
| cifmw_dnsmasq_network_definition: "{{ item }}" | |||
| cifmw_dnsmasq_network_listen_addresses: "{{ _dns_address[item.name] }}" | |||
| cifmw_dnsmasq_network_listen_addresses: | |||
There was a problem hiding this comment.
Please drop this file from this PR
| @@ -1,5 +1,5 @@ | |||
| # This file is generated by ci-framework tool | |||
| listen-address={{ config.listen_addresses | join(',') }} | |||
| listen-address=0.0.0.0 | |||
There was a problem hiding this comment.
Please drop this file from this PR
| @@ -60,8 +60,7 @@ | |||
| vars: | |||
| data: | |||
| listen_addresses: | |||
| - "127.0.0.1" | |||
| - "{{ ansible_default_ipv4.address }}" | |||
| - "0.0.0.0" | |||
There was a problem hiding this comment.
Please drop this file from this PR
| - name: Configure dnsmasq listen-address to listen on both br-ex and ci-private-network | ||
| when: | ||
| - not _dnsmasq.stat.exists | ||
| become: true | ||
| ansible.builtin.lineinfile: | ||
| path: "{{ _dnsmasq_config }}" | ||
| insertafter: '^listen-address=' | ||
| line: "listen-address={{ _crc_default_net_ip | ansible.utils.ipaddr('address') }}" | ||
| insertbefore: '^expand-hosts' |
There was a problem hiding this comment.
Is there a reason it needs to be before expand-hosts? if not, please just add it to EOF like line 95
| insertbefore: '^expand-hosts' | |
| insertafter: "EOF" |
| validate: "{{ _validate }}" | ||
|
|
||
| - name: Print current config |
There was a problem hiding this comment.
Please remove this after your testing.
|
Build failed (check pipeline). Post https://softwarefactory-project.io/zuul/t/rdoproject.org/buildset/ae5b7ea489f14dd9ad2ac4f792c5c7d8 ✔️ openstack-k8s-operators-content-provider SUCCESS in 2h 08m 11s |
|
recheck |
|
Build failed (check pipeline). Post https://softwarefactory-project.io/zuul/t/rdoproject.org/buildset/2cdaca7fde544665ab344402da7ccd83 ✔️ openstack-k8s-operators-content-provider SUCCESS in 1h 58m 11s |
|
Probably that change will require additional task that was proposed https://review.rdoproject.org/r/c/config/+/55035/4/roles/prepare-crc-extracted/tasks/dnsmasq-nm.yaml#80 which contains: It is just a PoC. |
|
This PR is stale because it has been for over 15 days with no activity. |
There is an issue, that the DNS requests are redirected to the cloud provider to resolve domain: api-int.crc.testing. Normally it is right that it want to resolve, but the dnsmasq should take the query and reply, however this is not the case.
Let's set the dnsmasq listen-address to be accessible to all addresses on that host.