From 3cacc42985cca7080ed547e1a7654c81584b0123 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Fri, 26 Jun 2015 18:06:33 -0400 Subject: [PATCH] Hide DNS variables away from the user Fewer knobs == more winning. Also rename from kube.local to cluster.local. Some e2e tests really want that. --- contrib/ansible/group_vars/all.yml | 23 ++++++------------- .../roles/kubernetes/defaults/main.yml | 13 +++++++++++ 2 files changed, 20 insertions(+), 16 deletions(-) diff --git a/contrib/ansible/group_vars/all.yml b/contrib/ansible/group_vars/all.yml index 19faa9b1b2c..da6b88e1dcd 100644 --- a/contrib/ansible/group_vars/all.yml +++ b/contrib/ansible/group_vars/all.yml @@ -1,6 +1,7 @@ -# Only used for the location to store flannel info in etcd, but may be used -# for dns purposes and cluster id purposes in the future. -cluster_name: kube.local +# will be used as the Internal dns domain name if DNS is enabled. Services +# will be discoverable under ..svc., e.g. +# myservice.default.svc.cluster.local +cluster_name: cluster.local # Account name of remote user. Ansible will use this user account to ssh into # the managed machines. The user must be able to use sudo without asking @@ -54,16 +55,6 @@ dns_setup: true # How many replicas in the Replication Controller dns_replicas: 1 -# Internal DNS domain name. -# This domain must not be used in your network. Services will be discoverable -# under .., e.g. -# myservice.default.kube.local -dns_domain: kube.local - -# IP address of the DNS server. -# Kubernetes will create a pod with several containers, serving as the DNS -# server and expose it under this IP address. The IP address must be from -# the range specified as kube_service_addresses above. -# And this is the IP address you should use as address of the DNS server -# in your containers. -dns_server: 10.254.0.10 +# There are other variable in roles/kubernetes/defaults/main.yml but changing +# them comes with a much higher risk to your cluster. So proceed over there +# with caution. diff --git a/contrib/ansible/roles/kubernetes/defaults/main.yml b/contrib/ansible/roles/kubernetes/defaults/main.yml index 32965747b90..77d89be2116 100644 --- a/contrib/ansible/roles/kubernetes/defaults/main.yml +++ b/contrib/ansible/roles/kubernetes/defaults/main.yml @@ -24,3 +24,16 @@ kube_manifest_dir: "{{ kube_config_dir }}/manifests" # This is the group that the cert creation scripts chgrp the # cert files to. Not really changable... kube_cert_group: kube-cert + +# Internal DNS domain name. +# This domain must not be used in your network. Services will be discoverable +# under .., e.g. +# myservice.default.cluster.local +dns_domain: "{{ cluster_name }}" + +# IP address of the DNS server. +# Kubernetes will create a pod with several containers, serving as the DNS +# server and expose it under this IP address. The IP address must be from +# the range specified as kube_service_addresses. This magic will actually +# pick the 10th ip address in the kube_service_addresses range and use that. +dns_server: "{{ kube_service_addresses|ipaddr('net')|ipaddr(10)|ipaddr('address') }}"