Added new resolver role, which configures dnsmasq to use the nameserv…

…ers listed in group_vars for a cluster.
rug-cit-hpc · Feb 6, 2019 · 48d1910 · 48d1910
1 parent b69ce37
commit 48d1910
Show file tree

Hide file tree

Showing 8 changed files with 76 additions and 0 deletions.
diff --git a/cluster.yml b/cluster.yml
@@ -19,6 +19,7 @@
      - ldap
      - node_exporter
      - cluster
+     - resolver
 
 - name: Install ansible on admin interfaces (DAI & SAI).
   hosts:

diff --git a/group_vars/gearshift-cluster/vars.yml b/group_vars/gearshift-cluster/vars.yml
@@ -23,4 +23,9 @@ ldap_port: 389
 ldaps_port: 636
 ldap_base: ou=umcg,o=asds
 ldap_binddn: cn=clusteradminumcg,o=asds
+nameservers: [
+  '172.23.40.244', # Order is important: local DNS for Isilon storage first!
+  '8.8.4.4',       # Google DNS.
+  '8.8.8.8',       # Google DNS.
+]
 ...
diff --git a/group_vars/hyperchicken-cluster/vars.yml b/group_vars/hyperchicken-cluster/vars.yml
@@ -32,4 +32,9 @@ security_group_id: SSH-and-ping-2
 slurm_ldap: false
 availability_zone: AZ_1
 local_volume_size: 1
+nameservers: [
+  '/em-isi-3126.ebi.ac.uk/10.35.126.201', # Local DNS lookups for shared storage.
+  '8.8.4.4',  # Google DNS.
+  '8.8.8.8',  # Google DNS.
+]
 ...
diff --git a/group_vars/talos-cluster/vars.yml b/group_vars/talos-cluster/vars.yml
@@ -23,4 +23,9 @@ ldap_port: 389
 ldaps_port: 636
 ldap_base: ou=umcg,o=asds
 ldap_binddn: cn=clusteradminumcg,o=asds
+nameservers: [
+  '172.23.40.244', # Order is important: local DNS for Isilon storage first!
+  '8.8.4.4',       # Google DNS.
+  '8.8.8.8',       # Google DNS.
+]
 ...
diff --git a/resolver.yml b/resolver.yml
@@ -0,0 +1,5 @@
+---
+- hosts: cluster
+  roles:
+    - resolver
+...
diff --git a/roles/resolver/handlers/main.yml b/roles/resolver/handlers/main.yml
@@ -0,0 +1,13 @@
+---
+#
+# Important: maintain correct handler order.
+# Handlers are executed in the order in which they are defined 
+# and not in the order in whch they are listed in a "notify: handler_name" statement!
+#
+- name: Restart dnsmasq service.
+  service:
+    name: dnsmasq
+    state: restarted
+  become: true
+  listen: restart_dnsmasq
+...
diff --git a/roles/resolver/tasks/main.yml b/roles/resolver/tasks/main.yml
@@ -0,0 +1,39 @@
+---
+- name: Install dnsmasq
+  yum:
+    state: latest
+    update_cache: yes
+    name:
+      - dnsmasq
+  become: true
+  notify: restart_dnsmasq
+
+- name: Configure /etc/dnsmasq.conf to use nameservers as listed in group_vars for this cluster.
+  template:
+    dest: '/etc/dnsmasq.conf'
+    src: 'templates/dnsmasq.conf.j2'
+    owner: root
+    group: root
+    mode: 0644
+  become: true
+  notify: restart_dnsmasq
+
+- name: Configure /etc/resolv.conf to use dnsmasq on localhost.
+  copy:
+    dest: '/etc/resolv.conf'
+    content: nameserver 127.0.0.1
+    owner: root
+    group: root
+    mode: 0644
+  become: true
+  notify: restart_dnsmasq
+
+- name: Enable dnsmasq service.
+  systemd:
+    name: 'dnsmasq.service'
+    enabled: yes
+  become: true
+  notify: restart_dnsmasq
+
+- meta: flush_handlers
+...
diff --git a/roles/resolver/templates/dnsmasq.conf.j2 b/roles/resolver/templates/dnsmasq.conf.j2
@@ -0,0 +1,3 @@
+{% for nameserver in nameservers %}
+server={{ nameserver }}
+{% endfor %}
-Original file line number
+Diff line change
@@ Expand Up / @@ -19,6 +19,7 @@ @@
          - ldap
          - node_exporter
          - cluster
+         - resolver
     - name: Install ansible on admin interfaces (DAI & SAI).
       hosts:
@@ Expand Down @@