Dnsmasq running inside container.

packer/scripts/ubuntu/install_docker.sh

@@ -18,6 +18,7 @@ docker pull weaveworks/scope:latest
 docker pull mesosphere/marathon:${MARATHON_VERSION}
 docker pull mesosphere/chronos:${CHRONOS_VERSION}
 docker pull capgemini/dcos-cli:latest
+docker pull andyshinn/dnsmasq:latest
 
 sudo service docker stop
 echo manual | sudo tee /etc/init/docker.override >/dev/null

packer/ubuntu-14.04_amd64-amis.json

@@ -56,7 +56,6 @@
         "scripts/common/sshd.sh",
         "scripts/ubuntu/install_docker.sh",
         "scripts/common/install_consul.sh",
-        "scripts/ubuntu/install_dnsmasq.sh",
         "scripts/common/install_weave.sh"
       ],
       "execute_command": "{{ .Vars }} sudo  -E -S bash -c '{{ .Path }}'"

packer/ubuntu-14.04_amd64-droplet.json

@@ -40,7 +40,6 @@
         "scripts/common/sshd.sh",
         "scripts/ubuntu/install_docker.sh",
         "scripts/common/install_consul.sh",
-        "scripts/ubuntu/install_dnsmasq.sh",
         "scripts/common/install_weave.sh"
       ],
       "execute_command": "{{ .Vars }} sudo -E -S bash -c '{{ .Path }}'"

packer/ubuntu-14.04_amd64-google.json

@@ -42,7 +42,6 @@
         "scripts/common/sshd.sh",
         "scripts/ubuntu/install_docker.sh",
         "scripts/common/install_consul.sh",
-        "scripts/ubuntu/install_dnsmasq.sh",
         "scripts/common/install_weave.sh"
       ],
       "execute_command": "{{ .Vars }} sudo  -E -S bash -c '{{ .Path }}'"

packer/ubuntu-14.04_amd64.json

@@ -114,7 +114,6 @@
         "scripts/common/sshd.sh",
         "scripts/ubuntu/install_docker.sh",
         "scripts/common/install_consul.sh",
-        "scripts/ubuntu/install_dnsmasq.sh",
         "scripts/common/install_weave.sh"
       ],
       "execute_command": "echo '{{user `ssh_pass`}}' | {{ .Vars }} sudo -E -S bash -c '{{ .Path }}'"

roles/dnsmasq/defaults/main.yml

@@ -1,2 +1,4 @@
 ---
 # defaults file for dnsmasq
+dnsmasq_config_folder: "/etc/dnsmasq.d"
+dnsmasq_resolvconf_file: "{{ dnsmasq_config_folder }}/resolv.conf~"

roles/dnsmasq/handlers/main.yml

@@ -6,8 +6,3 @@
     state: restarted
   sudo: yes
 
-- name: reload dnsmasq
-  service:
-    name: dnsmasq
-    state: reloaded
-  sudo: yes

roles/dnsmasq/tasks/main.yml

@@ -1,23 +1,15 @@
 ---
 # tasks file for dnsmasq
-- name: remove dnsmasq override
+- name: create dnsmasq config directory
   file:
-    path: /etc/init/dnsmasq.override
-    state: absent
-  notify:
-    - restart dnsmasq
-  tags:
-    - dnsmasq
-
-- name: ensure dnsmasq is running (and enable it at boot)
-  service:
-    name: dnsmasq
-    state: started
-    enabled: yes
+    path: "/etc/dnsmasq.d"
+    state: directory
+    mode: 0755
+  sudo: yes
   tags:
     - dnsmasq
 
-- name: configure dnsmasq
+- name: configure consul resolution dnsmasq
   sudo: yes
   template:
     src: 10-consul.j2
@@ -29,3 +21,35 @@
     - restart dnsmasq
   tags:
     - dnsmasq
+
+# This should be using -cap-add=NET_ADMIN rather than privileged: true.
+# This will be supported in Ansible 2.0
+- name: run dnsmasq container
+  docker:
+    name: dnsmasq
+    image: "andyshinn/dnsmasq"
+    state: started
+    privileged: true
+    volumes:
+    - "{{ dnsmasq_config_folder }}/:{{ dnsmasq_config_folder }}/"
+    ports:
+    - "53:53/tcp"
+    - "53:53/udp"
+    command: "-r {{ dnsmasq_resolvconf_file }} --conf-dir={{ dnsmasq_config_folder }}"
+
+- name: upload dnsmasq template service
+  template:
+    src: dnsmasq.conf.j2
+    dest: /etc/init/dnsmasq.conf
+    mode: 0755
+  sudo: yes
+  tags:
+    - dnsmasq
+
+- name: ensure dnsmasq is running (and enable it at boot)
+  service:
+    name: dnsmasq
+    state: started
+    enabled: yes
+  tags:
+    - dnsmasq

roles/dnsmasq/templates/10-consul.j2

@@ -1 +1,3 @@
-server=/{{ consul_domain }}/127.0.0.1#8600
+{% for host in groups['consul_servers'] %}
+server=/{{ consul_domain }}/{{ hostvars[host]['ansible_ssh_host'] }}#8600
+{% endfor %}

roles/dnsmasq/templates/dnsmasq.conf.j2

@@ -0,0 +1,18 @@
+description "dnsmasq container"
+
+start on started docker
+stop on stopping docker
+
+pre-start script
+sudo resolvconf -u
+sudo cat /run/resolvconf/resolv.conf > {{ dnsmasq_resolvconf_file }}
+sudo sed -i '1s/^/nameserver 127.0.0.1\n/' /run/resolvconf/resolv.conf
+end script
+
+script
+  /usr/bin/docker start -a dnsmasq
+end script
+
+respawn
+respawn limit 10 10
+kill timeout 10

roles/marathon/templates/marathon-wait-for-listen.sh.j2

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-MAX_SECONDS=80
+MAX_SECONDS=120
 while /bin/true
 do
     curl -s http://localhost:{{ marathon_port }}/ping | grep -q "pong" && exit 0 || sleep 1

site.yml

@@ -19,9 +19,9 @@
 - hosts: all:!role=bastion
   roles:
     - consul
-    - dnsmasq
     - docker
     - weave
+    - dnsmasq
     - registrator
     - cadvisor
 

terraform/aws-public/variables.tf

@@ -76,22 +76,23 @@ variable "atlas_artifact" {
 
 variable "atlas_artifact_version" {
   default = {
-    master = "9"
-    slave  = "9"
+    master = "10"
+    slave  = "10"
   }
 }
 
 /* Remember to update the list every time when you build a new artifact on atlas */
 variable "amis" {
   default = {
-    ap-northeast-1 = "ami-7a71c37a"
-    ap-southeast-1 = "ami-e4a5a8b6"
-    ap-southeast-2 = "ami-e5fdbcdf"
-    eu-central-1   = "ami-bc6064a1"
-    eu-west-1      = "ami-b60354c1"
-    sa-east-1      = "ami-3d69e720"
-    us-east-1      = "ami-8f9e3ae4"
-    us-west-1      = "ami-0fd5294b"
-    us-west-2      = "ami-13e7e923"
+    ap-northeast-1 = "ami-364cfe36"
+    ap-southeast-1 = "ami-54b0bd06"
+    ap-southeast-2 = "ami-79145443"
+    eu-central-1 = "ami-fa7571e7"
+    eu-west-1 = "ami-d67c2ba1"
+    sa-east-1 = "ami-ed72fcf0"
+    us-east-1 = "ami-87d374ec"
+    us-west-1 = "ami-bb3fc3ff"
+    us-west-2 = "ami-5fafa16f"
   }
 }
+

terraform/aws/variables.tf

@@ -90,21 +90,21 @@ variable "atlas_artifact" {
 
 variable "atlas_artifact_version" {
   default = {
-    master = "9"
-    slave  = "9"
+    master = "10"
+    slave  = "10"
   }
 }
 
 /* Remember to update the list every time when you build a new artifact on atlas */
 variable "amis" {
   default = {
-    ap-northeast-1 = "ami-7a71c37a"
-    ap-southeast-1 = "ami-e4a5a8b6"
-    ap-southeast-2 = "ami-e5fdbcdf"
-    eu-central-1   = "ami-bc6064a1"
-    eu-west-1      = "ami-b60354c1"
-    sa-east-1      = "ami-3d69e720"
-    us-east-1      = "ami-8f9e3ae4"
-    us-west-1      = "ami-0fd5294b"
-    us-west-2      = "ami-13e7e923"
+    ap-northeast-1 = "ami-364cfe36"
+    ap-southeast-1 = "ami-54b0bd06"
+    ap-southeast-2 = "ami-79145443"
+    eu-central-1 = "ami-fa7571e7"
+    eu-west-1 = "ami-d67c2ba1"
+    sa-east-1 = "ami-ed72fcf0"
+    us-east-1 = "ami-87d374ec"
+    us-west-1 = "ami-bb3fc3ff"
+    us-west-2 = "ami-5fafa16f"
   }

tests/spec/dnsmasq/dnsmasq_spec.rb

@@ -4,12 +4,16 @@
   it { should be_running }
 end
 
-describe file('/etc/init/dnsmasq.override') do
-  it { should_not be_file }
-end
-
 describe file('/etc/dnsmasq.d/10-consul') do
   it { should be_file }
-  it { should contain 'server=/consul/127.0.0.1#8600' }
+  it { should contain 'server=/consul/.*#8600' }
+end
+
+describe docker_container('dnsmasq') do
+  it { should be_running }
+  it { should have_volume('/etc/dnsmasq.d','/etc/dnsmasq.d') }
 end
 
+describe port(53) do
+  it { should be_listening }
+end