From db50b11f29ee95fa6128257141bba9c39fe36de3 Mon Sep 17 00:00:00 2001
From: Michael Gugino <mgugino@redhat.com>
Date: Wed, 25 Oct 2017 17:01:26 -0400
Subject: Change dnsmasq to bind-interfaces + except-interfaces

Currently, we have to set the listen ip for dnsmasq via ansible
during installation.

This commit enables dnsmasq to bind-interfaces + exclude interfaces
to ensure dnsmasq doesn't listen on lo interface.
---
 roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2 | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2')

diff --git a/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2 b/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2
index ef3ba2880..5c9601277 100644
--- a/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2
+++ b/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2
@@ -4,4 +4,7 @@ no-negcache
 max-cache-ttl=1
 enable-dbus
 bind-interfaces
-listen-address={{ openshift.node.dns_ip }}
+{% for interface in openshift_node_dnsmasq_except_interfaces %}
+except-interface={{ interface }}
+{% endfor %}
+# End of config
-- 
cgit v1.2.3