Add a dnsBindAddress configuration to the node

Allows the installer to start node DNS without having to set a config
flag.  BindAddress is consistent with others of this type.

Author: smarterclayton

docs/man/man1/openshift-start-network.1

@@ -35,7 +35,7 @@ will start the network proxy and SDN plugins with given configuration file. The
     The set of network components to disable
 
 .PP
-\fB\-\-enable\fP="plugins,proxy"
+\fB\-\-enable\fP="dns,plugins,proxy"
     The set of network components to enable
 
 .PP

docs/man/man1/openshift-start-node.1

@@ -39,7 +39,7 @@ will start a node with given configuration file. The node will run in the foregr
     The set of node components to disable
 
 .PP
-\fB\-\-enable\fP="kubelet,plugins,proxy"
+\fB\-\-enable\fP="dns,kubelet,plugins,proxy"
     The set of node components to enable
 
 .PP

pkg/cmd/server/api/types.go

@@ -112,10 +112,14 @@ type NodeConfig struct {
 	// MasterClientConnectionOverrides provides overrides to the client connection used to connect to the master.
 	MasterClientConnectionOverrides *ClientConnectionOverrides
 
+	// DNSBindAddress is the ip:port to serve on. If this is not set, the DNS server will not be started.
+	DNSBindAddress string
+
 	// DNSDomain holds the domain suffix
 	DNSDomain string
 
-	// DNSIP holds the IP
+	// DNSIP is the IP address that the DNS server will listen on and which will be reported into pods. Defaults
+	// to the service IP of the Kubernetes master.
 	DNSIP string
 
 	// NetworkConfig provides network options for the node

pkg/cmd/server/api/v1/swagger_doc.go

@@ -531,8 +531,9 @@ var map_NodeConfig = map[string]string{
 	"servingInfo":                     "ServingInfo describes how to start serving",
 	"masterKubeConfig":                "MasterKubeConfig is a filename for the .kubeconfig file that describes how to connect this node to the master",
 	"masterClientConnectionOverrides": "MasterClientConnectionOverrides provides overrides to the client connection used to connect to the master.",
+	"dnsBindAddress":                  "DNSBindAddress is the ip:port to serve on. If this is not set, the DNS server will not be started.",
 	"dnsDomain":                       "DNSDomain holds the domain suffix",
-	"dnsIP":                           "DNSIP holds the IP",
+	"dnsIP":                           "DNSIP is the IP address that the DNS server will listen on and which will be reported into pods. Defaults to the service IP of the Kubernetes master. This IP must be listening on port 53 for compatibility with libc resolvers (which cannot be configured to resolve names from any other port).",
 	"networkPluginName":               "Deprecated and maintained for backward compatibility, use NetworkConfig.NetworkPluginName instead",
 	"networkConfig":                   "NetworkConfig provides network options for the node",
 	"volumeDirectory":                 "VolumeDirectory is the directory that volumes will be stored under",

pkg/cmd/server/api/v1/types.go

@@ -29,10 +29,15 @@ type NodeConfig struct {
 	// MasterClientConnectionOverrides provides overrides to the client connection used to connect to the master.
 	MasterClientConnectionOverrides *ClientConnectionOverrides `json:"masterClientConnectionOverrides"`
 
+	// DNSBindAddress is the ip:port to serve on. If this is not set, the DNS server will not be started.
+	DNSBindAddress string `json:"dnsBindAddress"`
+
 	// DNSDomain holds the domain suffix
 	DNSDomain string `json:"dnsDomain"`
 
-	// DNSIP holds the IP
+	// DNSIP is the IP address that the DNS server will listen on and which will be reported into pods. Defaults
+	// to the service IP of the Kubernetes master. This IP must be listening on port 53 for compatibility with
+	// libc resolvers (which cannot be configured to resolve names from any other port).
 	DNSIP string `json:"dnsIP"`
 
 	// Deprecated and maintained for backward compatibility, use NetworkConfig.NetworkPluginName instead

pkg/cmd/server/api/v1/types_test.go

@@ -31,6 +31,7 @@ authConfig:
   authenticationCacheTTL: ""
   authorizationCacheSize: 0
   authorizationCacheTTL: ""
+dnsBindAddress: ""
 dnsDomain: ""
 dnsIP: ""
 dockerConfig:

pkg/cmd/server/api/validation/node.go

@@ -28,6 +28,9 @@ func ValidateNodeConfig(config *api.NodeConfig, fldPath *field.Path) ValidationR
 	}
 	validationResults.AddErrors(ValidateKubeConfig(config.MasterKubeConfig, fldPath.Child("masterKubeConfig"))...)
 
+	if len(config.DNSBindAddress) > 0 {
+		validationResults.AddErrors(ValidateHostPort(config.DNSBindAddress, fldPath.Child("dnsBindAddress"))...)
+	}
 	if len(config.DNSIP) > 0 {
 		validationResults.AddErrors(ValidateSpecifiedIP(config.DNSIP, fldPath.Child("dnsIP"))...)
 	}

pkg/cmd/server/kubernetes/node_config.go

@@ -317,6 +317,9 @@ func BuildKubernetesNodeConfig(options configapi.NodeConfig, enableProxy, enable
 		if len(options.DNSIP) > 0 {
 			dnsConfig.DnsAddr = options.DNSIP + ":53"
 		}
+		if len(options.DNSBindAddress) > 0 {
+			dnsConfig.DnsAddr = options.DNSBindAddress
+		}
 		dnsConfig.Domain = server.ClusterDomain + "."
 		dnsConfig.Local = "openshift.default.svc." + dnsConfig.Domain
 
@@ -329,7 +332,7 @@ func BuildKubernetesNodeConfig(options configapi.NodeConfig, enableProxy, enable
 
 		// TODO: use kubeletConfig.ResolverConfig as an argument to etcd in the event the
 		//   user sets it, instead of passing it to the kubelet.
-
+		glog.Infof("DNS Bind to %s", options.DNSBindAddress)
 		config.ServiceStore = serviceStore
 		config.EndpointsStore = endpointsStore
 		config.DNSServer = &dns.Server{

pkg/cmd/server/start/node_args.go

@@ -37,12 +37,12 @@ func NewNodeComponentFlag() *utilflags.ComponentFlag {
 	return utilflags.NewComponentFlag(
 		map[string][]string{ComponentGroupNetwork: {ComponentProxy, ComponentPlugins}},
 		ComponentKubelet, ComponentProxy, ComponentPlugins, ComponentDNS,
-	).DefaultDisable(ComponentDNS)
+	).DefaultEnable(ComponentDNS)
 }
 
 // NewNodeComponentFlag returns a flag capable of handling enabled components for the network
 func NewNetworkComponentFlag() *utilflags.ComponentFlag {
-	return utilflags.NewComponentFlag(nil, ComponentProxy, ComponentPlugins, ComponentDNS).DefaultDisable(ComponentDNS)
+	return utilflags.NewComponentFlag(nil, ComponentProxy, ComponentPlugins, ComponentDNS).DefaultEnable(ComponentDNS)
 }
 
 // NodeArgs is a struct that the command stores flag values into.  It holds a partially complete set of parameters for starting a node.
@@ -69,6 +69,8 @@ type NodeArgs struct {
 	DefaultKubernetesURL *url.URL
 	ClusterDomain        string
 	ClusterDNS           net.IP
+	// DNSBindAddr is provided for the all-in-one start only and is not exposed via a flag
+	DNSBindAddr string
 
 	// NetworkPluginName is the network plugin to be called for configuring networking for pods.
 	NetworkPluginName string
@@ -186,8 +188,9 @@ func (args NodeArgs) BuildSerializeableNodeConfig() (*configapi.NodeConfig, erro
 		VolumeDirectory:     args.VolumeDir,
 		AllowDisabledDocker: args.AllowDisabledDocker,
 
-		DNSDomain: args.ClusterDomain,
-		DNSIP:     dnsIP,
+		DNSBindAddress: args.DNSBindAddr,
+		DNSDomain:      args.ClusterDomain,
+		DNSIP:          dnsIP,
 
 		MasterKubeConfig: admin.DefaultNodeKubeConfigFile(args.ConfigDir.Value()),
 

pkg/cmd/server/start/start_allinone.go

@@ -259,11 +259,16 @@ func (o *AllInOneOptions) Complete() error {
 		}
 
 		// if node DNS is still enabled, then default the node cluster DNS to a reachable master address
-		if o.NodeArgs.Components.Enabled(ComponentDNS) && o.NodeArgs.ClusterDNS == nil {
-			if dnsIP, err := findLocalIPForDNS(o.MasterOptions.MasterArgs); err == nil {
-				o.NodeArgs.ClusterDNS = dnsIP
-			} else {
-				glog.V(2).Infof("Unable to find a local address to report as the node DNS - not using node DNS: %v", err)
+		if o.NodeArgs.Components.Enabled(ComponentDNS) {
+			if o.NodeArgs.ClusterDNS == nil {
+				if dnsIP, err := findLocalIPForDNS(o.MasterOptions.MasterArgs); err == nil {
+					o.NodeArgs.ClusterDNS = dnsIP
+					if len(o.NodeArgs.DNSBindAddr) == 0 {
+						o.NodeArgs.DNSBindAddr = net.JoinHostPort(dnsIP.String(), "53")
+					}
+				} else {
+					glog.V(2).Infof("Unable to find a local address to report as the node DNS - not using node DNS: %v", err)
+				}
 			}
 		}
 	}

pkg/cmd/server/start/start_node.go

@@ -325,7 +325,7 @@ func (o NodeOptions) IsRunFromConfig() bool {
 }
 
 func StartNode(nodeConfig configapi.NodeConfig, components *utilflags.ComponentFlag) error {
-	config, err := kubernetes.BuildKubernetesNodeConfig(nodeConfig, components.Enabled(ComponentProxy), components.Enabled(ComponentDNS))
+	config, err := kubernetes.BuildKubernetesNodeConfig(nodeConfig, components.Enabled(ComponentProxy), components.Enabled(ComponentDNS) && len(nodeConfig.DNSBindAddress) > 0)
 	if err != nil {
 		return err
 	}
@@ -367,7 +367,7 @@ func StartNode(nodeConfig configapi.NodeConfig, components *utilflags.ComponentF
 	if components.Enabled(ComponentProxy) {
 		config.RunProxy()
 	}
-	if components.Enabled(ComponentDNS) {
+	if components.Enabled(ComponentDNS) && config.DNSServer != nil {
 		config.RunDNS()
 	}