[CORD-2161]
Fix DNS server startup issues with unbound/nsd
Change-Id: I4f1a00da40d10e093077e22bdf95643e11f34836
(cherry picked from commit 503aabf6a2827ba4be820d33e1c30b5ae188f536)
diff --git a/prep-headnode-playbook.yml b/prep-headnode-playbook.yml
index 7b1e865..d9d64b3 100644
--- a/prep-headnode-playbook.yml
+++ b/prep-headnode-playbook.yml
@@ -55,8 +55,8 @@
become: yes
roles:
- { role: head-mgmtbr, when: not use_maas }
- - { role: dns-unbound, when: not use_maas }
- { role: dns-nsd, when: not use_maas }
+ - { role: dns-unbound, when: not use_maas }
# needs to be in another set of plays so that nsd/unbound restart handlers run
- name: Configure DNS resolution, DHCP on head node
diff --git a/roles/dns-nsd/defaults/main.yml b/roles/dns-nsd/defaults/main.yml
index c69160a..4e80a0c 100644
--- a/roles/dns-nsd/defaults/main.yml
+++ b/roles/dns-nsd/defaults/main.yml
@@ -16,8 +16,9 @@
# dns-nsd/defaults/main.yml
nsd_ip: 127.0.0.1
-nsd_conf: "/var/nsd/etc/nsd.conf"
-nsd_zonesdir: "/var/nsd/zones"
+
+nsd_conf: "/etc/nsd/nsd.conf"
+nsd_zonesdir: "/var/lib/nsd/zones"
nsd_group: "nsd"
# default DNS TTL
diff --git a/roles/dns-nsd/handlers/main.yml b/roles/dns-nsd/handlers/main.yml
index 5d51273..9822151 100644
--- a/roles/dns-nsd/handlers/main.yml
+++ b/roles/dns-nsd/handlers/main.yml
@@ -1,4 +1,4 @@
-
+---
# Copyright 2017-present Open Networking Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -13,12 +13,17 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-
----
-#file: roles/dns-nsd/handlers/main.yml
+# dns-nsd/handlers/main.yml
- name: reload-nsd
- service: name=nsd state=reloaded
+ service:
+ name: nsd
+ enabled: yes
+ state: reloaded
- name: restart-nsd
- service: name=nsd state=restarted
+ service:
+ name: nsd
+ enabled: yes
+ state: restarted
+
diff --git a/roles/dns-nsd/tasks/main.yml b/roles/dns-nsd/tasks/main.yml
index 789790a..91eeabd 100644
--- a/roles/dns-nsd/tasks/main.yml
+++ b/roles/dns-nsd/tasks/main.yml
@@ -1,4 +1,4 @@
-
+---
# Copyright 2017-present Open Networking Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,15 +14,16 @@
# limitations under the License.
----
-#file: roles/dns-nsd/tasks/main.yml
+# dns-nsd/tasks/main.yml
-- name: Include OS specific vars
- include_vars: "{{ ansible_os_family }}.yml"
-
-# Debian specific installation
-- include: nsd-Debian.yml
- when: ansible_os_family == 'Debian'
+- name: Install nsd
+ apt:
+ name: "{{ item }}"
+ state: present
+ update_cache: yes
+ cache_valid_time: 3600
+ with_items:
+ - nsd
- name: Ensure that zones directory exists
file:
@@ -64,3 +65,6 @@
notify:
- reload-nsd
+- name: flush nsd handlers
+ meta: flush_handlers
+
diff --git a/roles/dns-nsd/tasks/nsd-Debian.yml b/roles/dns-nsd/tasks/nsd-Debian.yml
deleted file mode 100644
index 11eb348..0000000
--- a/roles/dns-nsd/tasks/nsd-Debian.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-
-# Copyright 2017-present Open Networking Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
----
-
-- name: Install nsd
- apt:
- name={{ item }}
- state=present
- update_cache=yes
- cache_valid_time=3600
- with_items:
- - nsd
-
diff --git a/roles/dns-nsd/vars/Debian.yml b/roles/dns-nsd/vars/Debian.yml
deleted file mode 100644
index f42308f..0000000
--- a/roles/dns-nsd/vars/Debian.yml
+++ /dev/null
@@ -1,22 +0,0 @@
-
-# Copyright 2017-present Open Networking Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
----
-
-nsd_conf: "/etc/nsd/nsd.conf"
-nsd_zonesdir: "/var/lib/nsd/zones"
-nsd_group: "nsd"
-
diff --git a/roles/dns-unbound/defaults/main.yml b/roles/dns-unbound/defaults/main.yml
index 4ccf5de..a3f4aa7 100644
--- a/roles/dns-unbound/defaults/main.yml
+++ b/roles/dns-unbound/defaults/main.yml
@@ -15,8 +15,8 @@
# dns-unbound/defaults/main.yml
-unbound_conf: "/var/unbound/etc/unbound.conf"
-unbound_group: "wheel"
+unbound_conf: "/etc/unbound/unbound.conf"
+unbound_group: "unbound"
unbound_listen_on_default: False
diff --git a/roles/dns-unbound/handlers/main.yml b/roles/dns-unbound/handlers/main.yml
index 36a3cc0..858b7c0 100644
--- a/roles/dns-unbound/handlers/main.yml
+++ b/roles/dns-unbound/handlers/main.yml
@@ -1,4 +1,4 @@
-
+---
# Copyright 2017-present Open Networking Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -13,9 +13,11 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-
----
-#file: roles/dns-unbound/handlers/main.yml
+# dns-unbound/handlers/main.yml
- name: restart-unbound
- service: name=unbound state=restarted
+ service:
+ name: unbound
+ enabled: yes
+ state: restarted
+
diff --git a/roles/dns-unbound/tasks/main.yml b/roles/dns-unbound/tasks/main.yml
index a57e9c5..e33a167 100644
--- a/roles/dns-unbound/tasks/main.yml
+++ b/roles/dns-unbound/tasks/main.yml
@@ -1,4 +1,4 @@
-
+---
# Copyright 2017-present Open Networking Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -13,16 +13,16 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+# dns-unbound/tasks/main.yml
----
-#file: roles/dns-unbound/tasks/main.yml
-
-- name: Include OS specific vars
- include_vars: "{{ ansible_os_family }}.yml"
-
-# Debian specific installation
-- include: unbound-Debian.yml
- when: ansible_os_family == 'Debian'
+- name: Install unbound
+ apt:
+ name: "{{ item }}"
+ state: present
+ update_cache: yes
+ cache_valid_time: 3600
+ with_items:
+ - unbound
- name: create unbound.conf from template
template:
@@ -35,3 +35,6 @@
notify:
- restart-unbound
+- name: flush unbound handlers
+ meta: flush_handlers
+
diff --git a/roles/dns-unbound/tasks/unbound-Debian.yml b/roles/dns-unbound/tasks/unbound-Debian.yml
deleted file mode 100644
index 6dd309e..0000000
--- a/roles/dns-unbound/tasks/unbound-Debian.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-
-# Copyright 2017-present Open Networking Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
----
-
-- name: Install unbound
- apt:
- name={{ item }}
- state=present
- update_cache=yes
- cache_valid_time=3600
- with_items:
- - unbound
-
diff --git a/roles/dns-unbound/vars/Debian.yml b/roles/dns-unbound/vars/Debian.yml
deleted file mode 100644
index a65c31c..0000000
--- a/roles/dns-unbound/vars/Debian.yml
+++ /dev/null
@@ -1,21 +0,0 @@
-
-# Copyright 2017-present Open Networking Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
----
-
-unbound_conf: "/etc/unbound/unbound.conf"
-unbound_group: "unbound"
-