Add configuration options for Default and vDNS default forwarders
The default forwarders are read from resolv.conf file
so basically it is just rendering a custom resolv.conf file
and configuring the location.
diff --git a/README.rst b/README.rst
index 8e3f7df..bebe7d7 100644
--- a/README.rst
+++ b/README.rst
@@ -1105,6 +1105,44 @@
virtual_network: 'virtual-network'
+Contrail DNS custom forwarders
+------------------------------
+
+By default Contrail uses the /etc/resolv.conf file to determine the upstream DNS servers.
+This can have some side-affects, like resolving internal DNS entries on you public instances.
+
+In order to overrule this default set, you can configure nameservers using pillar data.
+The formula is then responsible for configuring and generating a alternate resolv.conf file.
+
+Note: this has been patched recently in the Contrail distribution of Mirantis:
+https://github.com/Mirantis/contrail-controller/commit/ed9a25ccbcfebd7d079a93aecc5a1a7bf1265ea4
+https://github.com/Mirantis/contrail-controller/commit/94c844cf2e9bcfcd48587aec03d10b869e737ade
+
+
+To change forwarders for the default-dns option (which is handled by compute nodes):
+
+.. code-block:: yaml
+
+ compute:
+ ....
+ dns:
+ forwarders:
+ - 8.8.8.8
+ - 8.8.4.4
+ ....
+
+To change forwarders for vDNS zones (handled by control nodes):
+
+.. code-block:: yaml
+
+ control:
+ ....
+ dns:
+ forwarders:
+ - 8.8.8.8
+ - 8.8.4.4
+ ....
+
Usage
=====
diff --git a/opencontrail/common.sls b/opencontrail/common.sls
index 020bc0e..1ce1f8a 100644
--- a/opencontrail/common.sls
+++ b/opencontrail/common.sls
@@ -123,3 +123,12 @@
- file: /etc/contrail
{%- endif %}
{%- endif %}
+
+{%- if common.version == 3.0 and pillar.opencontrail.get('compute', {}).get('dns', {}).get('forwarders', pillar.opencontrail.get('control', {}).get('dns', {}).get('forwarders', False) ) %}
+/etc/contrail/resolv.conf:
+ file.managed:
+ - source: salt://opencontrail/files/{{ common.version }}/resolv.conf
+ - template: jinja
+ - require:
+ - file: /etc/contrail
+{%- endif %}
diff --git a/opencontrail/files/3.0/contrail-dns.conf b/opencontrail/files/3.0/contrail-dns.conf
index 88676bd..7170be9 100644
--- a/opencontrail/files/3.0/contrail-dns.conf
+++ b/opencontrail/files/3.0/contrail-dns.conf
@@ -13,6 +13,12 @@
# named_log_file=/var/log/contrail/contrail-named.log # named log file
# rndc_config_file=contrail-rndc.conf # rndc config file
# rndc_secret=secretkey # rndc secret
+# resolv_conf_file= # Absolute path to file containing nameservers list
+{%- if control.get('dns', {}).get('forwarders', []) %}
+resolv_conf_file=/etc/contrail/resolv.conf
+{%- endif %}
+# /etc/resolv.conf is used as default if none specified.
+
hostip={{ control.bind.address }} # Resolved IP of `hostname`
{%- if control.name is defined %}
hostname={{ control.name }}
diff --git a/opencontrail/files/3.0/contrail-vrouter-agent.conf b/opencontrail/files/3.0/contrail-vrouter-agent.conf
index 16bd5d9..0ef4d0e 100644
--- a/opencontrail/files/3.0/contrail-vrouter-agent.conf
+++ b/opencontrail/files/3.0/contrail-vrouter-agent.conf
@@ -104,6 +104,22 @@
# the value provided by discovery service will be used.
# server=10.0.0.1:53 10.0.0.2:53
+# Client port used by vrouter-agent while connecting to contrail-named
+# dns_client_port=
+
+# Timeout for DNS server queries in milli-seconds
+# dns_timeout=
+
+# Maximum retries for DNS server queries
+# dns_max_retries=
+
+# Absolute path for custom nameserver file for default-dns method
+# If none specified, /etc/resolv.conf will be used instead
+# resolv_conf_file =
+{%- if compute.get('dns', {}).get('forwarders', []) %}
+resolv_conf_file=/etc/contrail/resolv.conf
+{%- endif %}
+
[HYPERVISOR]
# Everything in this section is optional
diff --git a/opencontrail/files/3.0/resolv.conf b/opencontrail/files/3.0/resolv.conf
new file mode 100644
index 0000000..780e155
--- /dev/null
+++ b/opencontrail/files/3.0/resolv.conf
@@ -0,0 +1,19 @@
+{%- from "opencontrail/map.jinja" import control, compute with context %}
+
+# Custom resolv.conf file for contrail dns
+{%- if control.get('dns', {}).get('forwarders', []) %}
+# vDNS is handled on contrail-api nodes
+{%- set forwarders = control.dns.forwarders %}
+
+{%- elif compute.get('dns', {}).get('forwarders', []) %}
+# Default DNS is handled on the compute node
+{%- set forwarders = compute.dns.forwarders %}
+
+{%- else %}
+# No forwarders/nameservers found to configure
+{%- set forwarders = [] %}
+{%- endif %}
+
+{%- for host in forwarders %}
+nameserver {{ host }}
+{%- endfor %}
diff --git a/tests/pillar/cluster3.sls b/tests/pillar/cluster3.sls
index 0da7506..1f97957 100644
--- a/tests/pillar/cluster3.sls
+++ b/tests/pillar/cluster3.sls
@@ -68,6 +68,10 @@
name: ntw-01
bind:
address: 127.0.0.1
+ dns:
+ forwarders:
+ - 8.8.8.8
+ - 8.8.4.4
discovery:
host: 127.0.0.1
master:
diff --git a/tests/pillar/control3.sls b/tests/pillar/control3.sls
index 1800c00..4c580df 100644
--- a/tests/pillar/control3.sls
+++ b/tests/pillar/control3.sls
@@ -70,6 +70,10 @@
name: ntw-01
bind:
address: 127.0.0.1
+ dns:
+ forwarders:
+ - 8.8.8.8
+ - 8.8.4.4
discovery:
host: 127.0.0.1
master:
diff --git a/tests/pillar/vrouter3.sls b/tests/pillar/vrouter3.sls
index d9ba886..807b510 100644
--- a/tests/pillar/vrouter3.sls
+++ b/tests/pillar/vrouter3.sls
@@ -18,6 +18,10 @@
host: 127.0.0.1
bind:
address: 127.0.0.1
+ dns:
+ forwarders:
+ - 8.8.8.8
+ - 8.8.4.4
interface:
address: 127.0.0.1
dev: eth0