Ben Vincent
6e4bc9fbc7
- manage rke2 repos - add rke2 module (init, params, install, config, service) - split roles::infra::k8s::node -> control/compute roles - moved common k8s config into k8s.yaml - add bootstrap_node, manage server and token fields in rke2 config - manage install of helm - manage node attributes (from puppet facts) - manage frr exclusions for service/cluster network Reviewed-on: #394
68 lines
2.1 KiB
Puppet
68 lines
2.1 KiB
Puppet
# profiles::dns::base
|
|
class profiles::dns::base (
|
|
Array $search = [],
|
|
Array $nameservers = ['198.18.13.12', '198.18.13.13'],
|
|
Optional[Enum[
|
|
'all',
|
|
'region',
|
|
'country'
|
|
]] $use_ns = undef,
|
|
String $primary_interface = $facts['networking']['primary'],
|
|
Optional[String] $ns_role = undef,
|
|
){
|
|
|
|
# install bind_utils
|
|
include bind::updater
|
|
|
|
# if ns_role is set, find all hosts matching that enc_role
|
|
$nameserver_array = $ns_role ? {
|
|
undef => $nameservers,
|
|
default => $use_ns ? {
|
|
'all' => query_nodes("enc_role='${ns_role}'", 'networking.ip'),
|
|
'region' => query_nodes("enc_role='${ns_role}' and region=${facts['region']}", 'networking.ip'),
|
|
'country' => query_nodes("enc_role='${ns_role}' and country=${facts['country']}", 'networking.ip'),
|
|
}
|
|
}
|
|
|
|
# if nameservers not returned from puppetdb, use default
|
|
$use_nameservers = empty($nameserver_array) ? {
|
|
true => $nameservers,
|
|
false => $nameserver_array,
|
|
}
|
|
|
|
# if search is undef, fallback to domainname from facts
|
|
if $search == [] {
|
|
$search_array = [$::facts['networking']['domain']]
|
|
}else{
|
|
$search_array = $search
|
|
}
|
|
|
|
# include resolvconf class
|
|
class { 'profiles::dns::resolvconf':
|
|
nameservers => sort($use_nameservers),
|
|
search_domains => sort($search_array),
|
|
}
|
|
|
|
# export dns records for client
|
|
$facts['networking']['interfaces'].each | $interface, $data | {
|
|
|
|
# exclude those without ipv4 address, lo, docker0 and anycast addresses
|
|
if $data['ip'] and $interface != 'lo' and $interface != 'docker0' and $interface !~ /^anycast[0-9]$/ and $interface !~ /^cilium_/ {
|
|
|
|
# use defaults for the primary_interface
|
|
if $interface == $primary_interface {
|
|
profiles::dns::client {"${facts['networking']['fqdn']}-${interface}":
|
|
interface => $interface,
|
|
}
|
|
|
|
# update secondary interfaces
|
|
}else{
|
|
profiles::dns::client {"${facts['networking']['fqdn']}-${interface}":
|
|
interface => $interface,
|
|
hostname => "${facts['networking']['hostname']}-${interface}",
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|