on-prem: make kubelet wait for resolv-prepender

Without a properly configured resolv.conf, openshift-dns coredns will fail to run. These pods have a default DNS policy and will use the host resolv.conf, which is the one kubelet gets when it starts. Signed-off-by: Jaime Caamaño Ruiz <[email protected]>
openshift · Aug 16, 2022 · 5b18d21 · 5b18d21
1 parent 5121552
commit 5b18d21
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/templates/common/on-prem/units/kubelet.service-wait-resolv.yaml b/templates/common/on-prem/units/kubelet.service-wait-resolv.yaml
@@ -0,0 +1,11 @@
+name: kubelet.service
+dropins:
+  - name: 10-mco-on-prem-wait-resolv.conf
+    contents: |
+      {{ if (onPremPlatformAPIServerInternalIP .) -}}
+      [Service]
+      # Wait for resolv-prepender to configure nameservers, exit 255 otherwise
+      # to mark the unit as failed and retry later
+      ExecCondition=/bin/bash -c '! systemctl -q is-enabled systemd-resolved || [ -f /etc/systemd/resolved.conf.d/60-kni.conf ] || exit 255'
+      ExecCondition=/bin/bash -c 'systemctl -q is-enabled systemd-resolved || grep -qs "KNI resolv prepender" /etc/resolv.conf || exit 255'
+      {{end -}}