diff --git a/nodepool/elements/nodepool-base/README.rst b/nodepool/elements/nodepool-base/README.rst index 2ee6432f56..703ae79415 100644 --- a/nodepool/elements/nodepool-base/README.rst +++ b/nodepool/elements/nodepool-base/README.rst @@ -6,14 +6,26 @@ Tasks to deal with image metadata and other Nodepool cloud specific tweaks. Environment variables: -`NODEPOOL_SCRIPTDIR` path to copy Nodepool scripts from. It is set +``NODEPOOL_SCRIPTDIR`` path to copy Nodepool scripts from. It is set automatically by Nodepool. For local hacking override it to where your scripts are. Default: -`$TMP_MOUNT_PATH/opt/git/openstack-infra/project-config/nodepool/scripts`. +``$TMP_MOUNT_PATH/opt/git/openstack-infra/project-config/nodepool/scripts``. + +Name resolution +--------------- The image should have the unbound DNS resolver package installed, the -nodepool-base element then configures it to forward DNS queries to: - `NODEPOOL_STATIC_NAMESERVER_V6`, default: `2620:0:ccc::2` - `NODEPOOL_STATIC_NAMESERVER_V4`, default: `208.67.222.222` - `NODEPOOL_STATIC_NAMESERVER_V6_FALLBACK`, default: `2001:4860:4860::8888` - `NODEPOOL_STATIC_NAMESERVER_V4_FALLBACK`, default: `8.8.8.8`. +``nodepool-base`` element then configures it to forward DNS queries +to: + + ``NODEPOOL_STATIC_NAMESERVER_V4``, default: ``208.67.222.222`` + ``NODEPOOL_STATIC_NAMESERVER_V4_FALLBACK``, default: ``8.8.8.8``. + +If ``NODEPOOL_STATIC_NAMESERVER_POPULATE_IPV6`` is set to ``1`` then +the following two servers will be configured as forwarders too + + ``NODEPOOL_STATIC_NAMESERVER_V6``, default: ``2620:0:ccc::2`` + ``NODEPOOL_STATIC_NAMESERVER_V6_FALLBACK``, default: ``2001:4860:4860::8888`` + +Note externally setting either of these values implies +``NODEPOOL_STATIC_NAMESERVER_POPULATE_IPV6=1`` diff --git a/nodepool/elements/nodepool-base/finalise.d/89-unbound b/nodepool/elements/nodepool-base/finalise.d/89-unbound index 93561830a5..65af8dcd39 100755 --- a/nodepool/elements/nodepool-base/finalise.d/89-unbound +++ b/nodepool/elements/nodepool-base/finalise.d/89-unbound @@ -21,11 +21,29 @@ if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then fi set -e -NODEPOOL_STATIC_NAMESERVER_V6=${NODEPOOL_STATIC_NAMESERVER_V6:-2620:0:ccc::2} +# +# Note that in OpenStack infra, the configure-unbound role [1] that is +# part of the base jobs will reconfigure unbound based on the host's +# ipv6 support very early in the job setup. Thus the following +# forwarder setup is only relevant to the initial boot and some parts +# of the integration-tests before configure-unbound role is used. +# +# [1] http://git.openstack.org/cgit/openstack-infra/openstack-zuul-jobs/tree/roles/configure-unbound +# + NODEPOOL_STATIC_NAMESERVER_V4=${NODEPOOL_STATIC_NAMESERVER_V4:-208.67.222.222} -NODEPOOL_STATIC_NAMESERVER_V6_FALLBACK=${NODEPOOL_STATIC_NAMESERVER_V6_FALLBACK:-2001:4860:4860::8888} NODEPOOL_STATIC_NAMESERVER_V4_FALLBACK=${NODEPOOL_STATIC_NAMESERVER_V4_FALLBACK:-8.8.8.8} -dd of=/tmp/forwarding.conf <