Merge "Add global-system-config with LLGR"
diff --git a/.kitchen.yml b/.kitchen.yml
index eeb310a..cc0e724 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml
@@ -59,7 +59,7 @@
- name: single3
provisioner:
pillars-from-files:
- opencontrail.sls: tests/pillar/single.sls
+ opencontrail.sls: tests/pillar/single3.sls
- name: single40
provisioner:
pillars-from-files:
@@ -69,7 +69,7 @@
- name: analytics3
provisioner:
pillars-from-files:
- opencontrail.sls: tests/pillar/analytics.sls
+ opencontrail.sls: tests/pillar/analytics3.sls
- name: analytics40
provisioner:
pillars-from-files:
@@ -79,7 +79,7 @@
- name: control3
provisioner:
pillars-from-files:
- opencontrail.sls: tests/pillar/control.sls
+ opencontrail.sls: tests/pillar/control3.sls
- name: control40
provisioner:
pillars-from-files:
@@ -89,7 +89,7 @@
- name: cluster3
provisioner:
pillars-from-files:
- opencontrail.sls: tests/pillar/cluster.sls
+ opencontrail.sls: tests/pillar/cluster3.sls
- name: cluster40
provisioner:
pillars-from-files:
@@ -99,7 +99,7 @@
- name: tor3
provisioner:
pillars-from-files:
- opencontrail.sls: tests/pillar/tor.sls
+ opencontrail.sls: tests/pillar/tor3.sls
- name: tor40
provisioner:
pillars-from-files:
@@ -109,7 +109,7 @@
- name: vrouter3
provisioner:
pillars-from-files:
- opencontrail.sls: tests/pillar/vrouter.sls
+ opencontrail.sls: tests/pillar/vrouter3.sls
excludes:
- ubuntu-trusty
- name: vrouter40
diff --git a/README.rst b/README.rst
index 8e3f7df..bebe7d7 100644
--- a/README.rst
+++ b/README.rst
@@ -1105,6 +1105,44 @@
virtual_network: 'virtual-network'
+Contrail DNS custom forwarders
+------------------------------
+
+By default Contrail uses the /etc/resolv.conf file to determine the upstream DNS servers.
+This can have some side-affects, like resolving internal DNS entries on you public instances.
+
+In order to overrule this default set, you can configure nameservers using pillar data.
+The formula is then responsible for configuring and generating a alternate resolv.conf file.
+
+Note: this has been patched recently in the Contrail distribution of Mirantis:
+https://github.com/Mirantis/contrail-controller/commit/ed9a25ccbcfebd7d079a93aecc5a1a7bf1265ea4
+https://github.com/Mirantis/contrail-controller/commit/94c844cf2e9bcfcd48587aec03d10b869e737ade
+
+
+To change forwarders for the default-dns option (which is handled by compute nodes):
+
+.. code-block:: yaml
+
+ compute:
+ ....
+ dns:
+ forwarders:
+ - 8.8.8.8
+ - 8.8.4.4
+ ....
+
+To change forwarders for vDNS zones (handled by control nodes):
+
+.. code-block:: yaml
+
+ control:
+ ....
+ dns:
+ forwarders:
+ - 8.8.8.8
+ - 8.8.4.4
+ ....
+
Usage
=====
diff --git a/opencontrail/common.sls b/opencontrail/common.sls
index 020bc0e..b3ae6a7 100644
--- a/opencontrail/common.sls
+++ b/opencontrail/common.sls
@@ -122,4 +122,5 @@
- require:
- file: /etc/contrail
{%- endif %}
+
{%- endif %}
diff --git a/opencontrail/compute.sls b/opencontrail/compute.sls
index c047a5a..8462c7f 100644
--- a/opencontrail/compute.sls
+++ b/opencontrail/compute.sls
@@ -59,6 +59,18 @@
- require:
- pkg: opencontrail_compute_packages
+{%- if compute.version == 3.0 and compute.get('dns', {}).get('forwarders', False) %}
+contrail_compute_resolv:
+ file.managed:
+ - name: /etc/contrail/resolv.conf
+ - source: salt://opencontrail/files/{{ compute.version }}/resolv.conf
+ - template: jinja
+ - defaults:
+ dns: {{ compute.get('dns', {})|yaml }}
+ - require:
+ - file: /etc/contrail
+{%- endif %}
+
{%- endif %}
/etc/contrail/agent_param:
diff --git a/opencontrail/control.sls b/opencontrail/control.sls
index d3a8bdb..ea00f9b 100644
--- a/opencontrail/control.sls
+++ b/opencontrail/control.sls
@@ -64,6 +64,18 @@
- source: salt://opencontrail/files/{{ control.version }}/control/contrail-rndc.conf
- makedirs: True
+{%- if control.version == 3.0 and control.get('dns', {}).get('forwarders', False) %}
+contrail_control_resolv:
+ file.managed:
+ - name: /etc/contrail/resolv.conf
+ - source: salt://opencontrail/files/{{ control.version }}/resolv.conf
+ - template: jinja
+ - defaults:
+ dns: {{ control.get('dns', {})|yaml }}
+ - require:
+ - file: /etc/contrail
+{%- endif %}
+
{%- if control.version >= 3.0 and grains.get('init') != 'systemd' %}
/etc/contrail/supervisord_control_files/contrail-control-nodemgr.ini:
diff --git a/opencontrail/files/3.0/contrail-dns.conf b/opencontrail/files/3.0/contrail-dns.conf
index 88676bd..256cdbe 100644
--- a/opencontrail/files/3.0/contrail-dns.conf
+++ b/opencontrail/files/3.0/contrail-dns.conf
@@ -13,6 +13,12 @@
# named_log_file=/var/log/contrail/contrail-named.log # named log file
# rndc_config_file=contrail-rndc.conf # rndc config file
# rndc_secret=secretkey # rndc secret
+# resolv_conf_file= # Absolute path to file containing nameservers list
+{%- if control.get('dns', {}).get('forwarders', False) %}
+resolv_conf_file=/etc/contrail/resolv.conf
+{%- endif %}
+# /etc/resolv.conf is used as default if none specified.
+
hostip={{ control.bind.address }} # Resolved IP of `hostname`
{%- if control.name is defined %}
hostname={{ control.name }}
diff --git a/opencontrail/files/3.0/contrail-vrouter-agent.conf b/opencontrail/files/3.0/contrail-vrouter-agent.conf
index f4b5b8d..6522e53 100644
--- a/opencontrail/files/3.0/contrail-vrouter-agent.conf
+++ b/opencontrail/files/3.0/contrail-vrouter-agent.conf
@@ -68,10 +68,6 @@
# Enable/Disable local flow message logging. Possible values are 0 (disable) and 1 (enable)
# log_flow=0
-# Disable sending of flow samples to collector. Possible values are 0 and 1
-# disable_flow_collection=false
-disable_flow_collection={{ compute.get('disable_flow_collection', 'false')|lower }}
-
# Encapsulation type for tunnel. Possible values are MPLSoGRE, MPLSoUDP, VXLAN
# tunnel_type=
@@ -108,6 +104,22 @@
# the value provided by discovery service will be used.
# server=10.0.0.1:53 10.0.0.2:53
+# Client port used by vrouter-agent while connecting to contrail-named
+# dns_client_port=
+
+# Timeout for DNS server queries in milli-seconds
+# dns_timeout=
+
+# Maximum retries for DNS server queries
+# dns_max_retries=
+
+# Absolute path for custom nameserver file for default-dns method
+# If none specified, /etc/resolv.conf will be used instead
+# resolv_conf_file =
+{%- if compute.get('dns', {}).get('forwarders', False) %}
+resolv_conf_file=/etc/contrail/resolv.conf
+{%- endif %}
+
[HYPERVISOR]
# Everything in this section is optional
diff --git a/opencontrail/files/3.0/resolv.conf b/opencontrail/files/3.0/resolv.conf
new file mode 100644
index 0000000..36e2222
--- /dev/null
+++ b/opencontrail/files/3.0/resolv.conf
@@ -0,0 +1,4 @@
+
+{%- for host in dns.get('forwarders', []) %}
+nameserver {{ host }}
+{%- endfor %}
diff --git a/opencontrail/files/4.0/contrail-vrouter-agent.conf b/opencontrail/files/4.0/contrail-vrouter-agent.conf
index f8c6933..e4ad418 100644
--- a/opencontrail/files/4.0/contrail-vrouter-agent.conf
+++ b/opencontrail/files/4.0/contrail-vrouter-agent.conf
@@ -70,10 +70,6 @@
# Enable/Disable local flow message logging. Possible values are 0 (disable) and 1 (enable)
# log_flow=0
-# Disable sending of flow samples to collector. Possible values are 0 and 1
-# disable_flow_collection=false
-disable_flow_collection={{ compute.get('disable_flow_collection', 'false')|lower }}
-
# Encapsulation type for tunnel. Possible values are MPLSoGRE, MPLSoUDP, VXLAN
# tunnel_type=
diff --git a/tests/pillar/analytics.sls b/tests/pillar/analytics3.sls
similarity index 100%
rename from tests/pillar/analytics.sls
rename to tests/pillar/analytics3.sls
diff --git a/tests/pillar/cluster.sls b/tests/pillar/cluster3.sls
similarity index 97%
rename from tests/pillar/cluster.sls
rename to tests/pillar/cluster3.sls
index 0da7506..1f97957 100644
--- a/tests/pillar/cluster.sls
+++ b/tests/pillar/cluster3.sls
@@ -68,6 +68,10 @@
name: ntw-01
bind:
address: 127.0.0.1
+ dns:
+ forwarders:
+ - 8.8.8.8
+ - 8.8.4.4
discovery:
host: 127.0.0.1
master:
diff --git a/tests/pillar/control.sls b/tests/pillar/control3.sls
similarity index 97%
rename from tests/pillar/control.sls
rename to tests/pillar/control3.sls
index 1800c00..4c580df 100644
--- a/tests/pillar/control.sls
+++ b/tests/pillar/control3.sls
@@ -70,6 +70,10 @@
name: ntw-01
bind:
address: 127.0.0.1
+ dns:
+ forwarders:
+ - 8.8.8.8
+ - 8.8.4.4
discovery:
host: 127.0.0.1
master:
diff --git a/tests/pillar/single.sls b/tests/pillar/single3.sls
similarity index 100%
rename from tests/pillar/single.sls
rename to tests/pillar/single3.sls
diff --git a/tests/pillar/vrouter-dpdk.sls b/tests/pillar/vrouter-dpdk3.sls
similarity index 100%
rename from tests/pillar/vrouter-dpdk.sls
rename to tests/pillar/vrouter-dpdk3.sls
diff --git a/tests/pillar/vrouter.sls b/tests/pillar/vrouter3.sls
similarity index 93%
rename from tests/pillar/vrouter.sls
rename to tests/pillar/vrouter3.sls
index d9ba886..807b510 100644
--- a/tests/pillar/vrouter.sls
+++ b/tests/pillar/vrouter3.sls
@@ -18,6 +18,10 @@
host: 127.0.0.1
bind:
address: 127.0.0.1
+ dns:
+ forwarders:
+ - 8.8.8.8
+ - 8.8.4.4
interface:
address: 127.0.0.1
dev: eth0