Bug 1794661 - baremetal: DNS server prepend via dhclient doesn't work for ipv6
Summary: baremetal: DNS server prepend via dhclient doesn't work for ipv6
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Machine Config Operator
Version: 4.3.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 4.4.0
Assignee: Steven Hardy
QA Contact: Michael Nguyen
URL:
Whiteboard:
Depends On:
Blocks: 1794699
TreeView+ depends on / blocked
 
Reported: 2020-01-24 09:26 UTC by Steven Hardy
Modified: 2020-02-12 09:42 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1794699 (view as bug list)
Environment:
Last Closed: 2020-02-12 09:42:20 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift machine-config-operator pull 1396 0 None closed baremetal: ipv6, switch to NM dispatcher for DNS VIP prepending 2020-09-16 13:52:23 UTC
Red Hat Product Errata RHBA-2020:0391 0 None None None 2020-02-12 09:42:53 UTC

Description Steven Hardy 2020-01-24 09:26:55 UTC
The prepend via dhclient doesn't work via ipv6, so we need to switch to a
NetworkManager dispatcher that runs after dhclient instead as a
workaround.

- What I did

Reworked the prepender implementation to avoid using the prepend domain-name-servers option in dhclient.conf - it seems this option only works for ipv4[1] and the suggested alternative of prepend dhcp6.name-servers also doesn't seem to work when the resolv.conf is managed by NetworkManager.

Instead we configure NetworkManager to no longer manage the resolv.conf directly, and rely on a dispatcher script which injects the necessary IP on master/worker nodes to correctly reference coredns for the baremetal platform.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=643890

- How to verify it

Deploy with ipv4 and ipv6, confirm that on the masters the DNS VIP is prepended to the resolv.conf, and on the workers the local nic IP for the controlplane network (not the DNS VIP) is configured.

Also check sudo journalctl -b | grep prepender to see the log output from the dispatcher scripts.

- Description for the changelog

For the baremetal platform management of the resolv.conf is now handled via a NetworkManager dispatcher script, so that the necessary DNS server can be prepended for both ipv4 and ipv6 environments.

Comment 1 Russell Bryant 2020-01-24 14:58:54 UTC
I have tested this change successfully.

Comment 3 errata-xmlrpc 2020-02-12 09:42:20 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0391


Note You need to log in before you can comment on or make changes to this bug.