Hide DNS variables away from the user

Fewer knobs == more winning. Also rename from kube.local to cluster.local. Some e2e tests really want that.
2025-08-17 15:50:10 +00:00 · 2015-06-26 18:06:33 -04:00 · 2015-06-26 18:06:33 -04:00 · 3cacc42985
commit 3cacc42985
parent 3a78104267
2 changed files with 20 additions and 16 deletions
--- a/contrib/ansible/group_vars/all.yml
+++ b/contrib/ansible/group_vars/all.yml
@ -1,6 +1,7 @@
-# Only used for the location to store flannel info in etcd, but may be used
-# for dns purposes and cluster id purposes in the future.
-cluster_name: kube.local
+# will be used as the Internal dns domain name if DNS is enabled. Services
+# will be discoverable under <service-name>.<namespace>.svc.<domainname>, e.g.
+# myservice.default.svc.cluster.local
+cluster_name: cluster.local

 # Account name of remote user. Ansible will use this user account to ssh into
 # the managed machines. The user must be able to use sudo without asking
@ -54,16 +55,6 @@ dns_setup: true
 # How many replicas in the Replication Controller
 dns_replicas: 1

-# Internal DNS domain name.
-# This domain must not be used in your network. Services will be discoverable
-# under <service-name>.<namespace>.<domainname>, e.g.
-# myservice.default.kube.local
-dns_domain: kube.local
-
-# IP address of the DNS server.
-# Kubernetes will create a pod with several containers, serving as the DNS
-# server and expose it under this IP address. The IP address must be from
-# the range specified as kube_service_addresses above.
-# And this is the IP address you should use as address of the DNS server
-# in your containers.
-dns_server: 10.254.0.10
+# There are other variable in roles/kubernetes/defaults/main.yml but changing
+# them comes with a much higher risk to your cluster. So proceed over there
+# with caution.
--- a/contrib/ansible/roles/kubernetes/defaults/main.yml
+++ b/contrib/ansible/roles/kubernetes/defaults/main.yml
@ -24,3 +24,16 @@ kube_manifest_dir: "{{ kube_config_dir }}/manifests"
 # This is the group that the cert creation scripts chgrp the
 # cert files to. Not really changable...
 kube_cert_group: kube-cert
+
+# Internal DNS domain name.
+# This domain must not be used in your network. Services will be discoverable
+# under <service-name>.<namespace>.<domainname>, e.g.
+# myservice.default.cluster.local
+dns_domain: "{{ cluster_name }}"
+
+# IP address of the DNS server.
+# Kubernetes will create a pod with several containers, serving as the DNS
+# server and expose it under this IP address. The IP address must be from
+# the range specified as kube_service_addresses. This magic will actually
+# pick the 10th ip address in the kube_service_addresses range and use that.
+dns_server: "{{ kube_service_addresses|ipaddr('net')|ipaddr(10)|ipaddr('address') }}"