From 85b327699a3ed9f8c7891c352aa1d6eaae5a75b7 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Wed, 17 May 2023 01:04:29 +0200
Subject: kubernetes/kubeadm: add support for node-local dns combined with
 cilium

---
 roles/kubernetes/kubeadm/base/tasks/net_cilium.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'roles/kubernetes/kubeadm/base/tasks')

diff --git a/roles/kubernetes/kubeadm/base/tasks/net_cilium.yml b/roles/kubernetes/kubeadm/base/tasks/net_cilium.yml
index 8620ffea..d6b583e9 100644
--- a/roles/kubernetes/kubeadm/base/tasks/net_cilium.yml
+++ b/roles/kubernetes/kubeadm/base/tasks/net_cilium.yml
@@ -1,6 +1,6 @@
 ---
-- name: make sure kubernetes_enable_nodelocal_dnscache is not set
+- name: make sure local-redirect-policy is confgured when node-local dnscache is enabled
   run_once: yes
   assert:
-    msg: "we currently don't support nodelocal dns-caches when using cilium, please set kubernetes_enable_nodelocal_dnscache to false."
-    that: not kubernetes_enable_nodelocal_dnscache
+    msg: "nodelocal dns-caches needs cilium local-redirect policies to be enabled, please enable it like this kubernetes_cilium_config['enable-local-redirect-policy'] = true."
+    that: "(not kubernetes_enable_nodelocal_dnscache) or (('enable-local-redirect-policy' in kubernetes_cilium_config) and (kubernetes_cilium_config['enable-local-redirect-policy']))"
-- 
cgit v1.2.3