1794661 – baremetal: DNS server prepend via dhclient doesn't work for ipv6

Bug 1794661 - baremetal: DNS server prepend via dhclient doesn't work for ipv6

Summary: baremetal: DNS server prepend via dhclient doesn't work for ipv6

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Machine Config Operator
Sub Component:
Version:	4.3.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	4.4.0
Assignee:	Steven Hardy
QA Contact:	Michael Nguyen
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1794699
TreeView+	depends on / blocked

Reported:	2020-01-24 09:26 UTC by Steven Hardy
Modified:	2020-02-12 09:42 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Clones:	1794699 (view as bug list)
Environment:
Last Closed:	2020-02-12 09:42:20 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	openshift machine-config-operator pull 1396	0	None	closed	baremetal: ipv6, switch to NM dispatcher for DNS VIP prepending	2020-09-16 13:52:23 UTC
Red Hat Product Errata	RHBA-2020:0391	0	None	None	None	2020-02-12 09:42:53 UTC

Description Steven Hardy 2020-01-24 09:26:55 UTC

The prepend via dhclient doesn't work via ipv6, so we need to switch to a
NetworkManager dispatcher that runs after dhclient instead as a
workaround.

- What I did

Reworked the prepender implementation to avoid using the prepend domain-name-servers option in dhclient.conf - it seems this option only works for ipv4[1] and the suggested alternative of prepend dhcp6.name-servers also doesn't seem to work when the resolv.conf is managed by NetworkManager.

Instead we configure NetworkManager to no longer manage the resolv.conf directly, and rely on a dispatcher script which injects the necessary IP on master/worker nodes to correctly reference coredns for the baremetal platform.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=643890

- How to verify it

Deploy with ipv4 and ipv6, confirm that on the masters the DNS VIP is prepended to the resolv.conf, and on the workers the local nic IP for the controlplane network (not the DNS VIP) is configured.

Also check sudo journalctl -b | grep prepender to see the log output from the dispatcher scripts.

- Description for the changelog

For the baremetal platform management of the resolv.conf is now handled via a NetworkManager dispatcher script, so that the necessary DNS server can be prepended for both ipv4 and ipv6 environments.

Comment 1 Russell Bryant 2020-01-24 14:58:54 UTC

I have tested this change successfully.

Comment 3 errata-xmlrpc 2020-02-12 09:42:20 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0391

Note You need to log in before you can comment on or make changes to this bug.