Add a dnsmasq-forwarder element so that launched instances can install packages

from internal hosts.

Uses an environment.d file so that when setup-neutron gets run, the subnet will
get created with 192.0.2.1 as the nameserver.

elements/dnsmasq-forwarder/README.md

@@ -0,0 +1,5 @@
+Sets up a dnsmasq process for forwarding dns requests. Also opens port 53 and
+adds a rule to forward all traffic.
+
+When applied to the undercloud, this will allow launched instances to install
+packages from internal hosts.

elements/dnsmasq-forwarder/dnsmasq-forwarder.service

@@ -0,0 +1,10 @@
+[Unit]
+Description=dnsmasq service to forward dns requests
+After=openvswitch.service
+
+[Service]
+Type=simple
+ExecStart=/sbin/dnsmasq -d -q
+
+[Install]
+WantedBy=multi-user.target

elements/dnsmasq-forwarder/install.d/10-dnsmasq-forwarder

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+set -eux
+set -o pipefail
+
+cp $(dirname $0)/../dnsmasq-forwarder.service /lib/systemd/system/dnsmasq-forwarder.service

elements/dnsmasq-forwarder/os-refresh-config/environment.d/10-dnsmasq-forwarder

@@ -0,0 +1 @@
+export UNDERCLOUD_NAME_SERVER=${UNDERCLOUD_NAME_SERVER:-192.0.2.1}

elements/dnsmasq-forwarder/os-refresh-config/post-install.d/10-dnsmasq-forwarder

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+set -eux
+set -o pipefail
+
+systemctl enable dnsmasq-forwarder
+systemctl start dnsmasq-forwarder
+
+iptables -I INPUT -p udp --dport 53 -j ACCEPT
+iptables -I FORWARD -j ACCEPT

json-files/rhel-7-rhos-6-undercloud-packages.json

@@ -46,7 +46,8 @@
       "os-cloud-config",
       "install-server",
       "selinux-permissive",
-      "selinux-setenforce-0"
+      "selinux-setenforce-0",
+      "dnsmasq-forwarder"
     ],
     "hook": [
       "extra-data",