From 53c5ee1366abc5e29df45e1842b8ee39ceb067b6 Mon Sep 17 00:00:00 2001
From: stack <stack@dev-director>
Date: Fri, 4 May 2018 18:47:29 +0100
Subject: [PATCH] Allow resolv.conf configuration to be prevented

In some cases we may wish to use an existing DNS resolver configuration, or to
acquire the configuration via a protocol such as DHCP. In these cases the
variable resolv_is_managed should be set to false.

Change-Id: I1e4661f3eedd87da15142d2d6815aaeb0493be6c
Story: 2001967
Task: 15718
---
 ansible/group_vars/all/dns                    |  3 +++
 ansible/network.yml                           |  1 +
 doc/source/configuration/network.rst          | 19 +++++++++++++++++++
 etc/kayobe/dns.yml                            |  3 +++
 .../prevent-resolv.conf-4a09d50f60f3fe28.yaml |  4 ++++
 5 files changed, 30 insertions(+)
 create mode 100644 releasenotes/notes/prevent-resolv.conf-4a09d50f60f3fe28.yaml

diff --git a/ansible/group_vars/all/dns b/ansible/group_vars/all/dns
index 0c26c6278..aa7b47532 100644
--- a/ansible/group_vars/all/dns
+++ b/ansible/group_vars/all/dns
@@ -2,6 +2,9 @@
 ###############################################################################
 # DNS.
 
+# Whether kayobe should configure resolv.conf.
+resolv_is_managed: true
+
 # List of DNS nameservers.
 resolv_nameservers:
   - 8.8.8.8
diff --git a/ansible/network.yml b/ansible/network.yml
index e6be3fb09..1b5aeec9b 100644
--- a/ansible/network.yml
+++ b/ansible/network.yml
@@ -50,6 +50,7 @@
 
   roles:
     - role: ahuffman.resolv
+      when: resolv_is_managed | bool
       become: True
 
     - role: MichaelRigart.interfaces
diff --git a/doc/source/configuration/network.rst b/doc/source/configuration/network.rst
index 0607c3c0d..27f6b9d8b 100644
--- a/doc/source/configuration/network.rst
+++ b/doc/source/configuration/network.rst
@@ -368,6 +368,25 @@ VLAN to be forwarded by the bridge, whereas adding a VLAN interface to an
 Ethernet or bond interface that is a bridge member port will prevent tagged
 traffic for that VLAN being forwarded by the bridge.
 
+Domain Name Service (DNS) Resolver Configuration
+================================================
+
+Kayobe supports configuration of hosts' DNS resolver via ``resolv.conf``.  DNS
+configuration should be added to ``dns.yml``.  For example:
+
+.. code-block:: yaml
+   :caption: ``dns.yml``
+
+   resolv_nameservers:
+     - 8.8.8.8
+     - 8.8.4.4
+   resolv_domain: example.com
+   resolv_search:
+     - kayobe.example.com
+
+It is also possible to prevent kayobe from modifying ``resolv.conf`` by setting
+``resolv_is_managed`` to ``false``.
+
 Network Role Configuration
 ==========================
 
diff --git a/etc/kayobe/dns.yml b/etc/kayobe/dns.yml
index 46c48fb83..2b91aa941 100644
--- a/etc/kayobe/dns.yml
+++ b/etc/kayobe/dns.yml
@@ -2,6 +2,9 @@
 ###############################################################################
 # DNS.
 
+# Whether kayobe should configure resolv.conf.
+#resolv_is_managed:
+
 # List of DNS nameservers.
 #resolv_nameservers:
 
diff --git a/releasenotes/notes/prevent-resolv.conf-4a09d50f60f3fe28.yaml b/releasenotes/notes/prevent-resolv.conf-4a09d50f60f3fe28.yaml
new file mode 100644
index 000000000..bb8ad6c32
--- /dev/null
+++ b/releasenotes/notes/prevent-resolv.conf-4a09d50f60f3fe28.yaml
@@ -0,0 +1,4 @@
+---
+features:
+  - Adds the ability to prevent configuration of the DNS resolver. This can be
+    done by setting ``resolv_is_managed`` to ``false``.