Fix: Remove stale Packer nameserver in RHEL-based images on OpenStack

TruongHoangPhuLoc · TruongHoangPhuLoc · commit 75c62e1b9452 · 2025-08-11T10:41:24.000Z
Adds a final shell provisioner at the end of the build to remove all 'nameserver' entries from /etc/resolv.conf before finalizing RHEL-based images. This addresses a bug where RHEL/NetworkManager retains the temporary Packer build subnet nameserver (e.g., 10.0.2.3) alongside DHCP-provided ones, causing intermittent DNS resolution failures for internal domains in OpenStack. Implementation details: - A variable is introduced in packer.json.tmpl (default: false). - This variable is overridden to true in qemu-rockylinux-9.json so the cleanup runs for all RHEL-based images. - Non-RHEL builds remain unaffected. Placed after Goss validation so: - Goss runs with working DNS during build - Final image boots with only DHCP-provided nameservers - Cloud-init does not reintroduce stale nameservers Fixes #1832 Signed-off-by: Truong Hoang Phu Loc <truongphuloc030499@gmail.com>
diff --git a/images/capi/packer/qemu/packer.json.tmpl b/images/capi/packer/qemu/packer.json.tmpl
@@ -152,6 +152,23 @@
         "kubernetes_version": "{{user `kubernetes_semver` | replace \"v\" \"\" 1}}"
       },
       "version": "{{user `goss_version`}}"
+    },      
+    {
+        "type": "shell",
+        "environment_vars": [
+          "REMOVE_NAMESERVER={{user `remove_nameserver`}}"
+        ],
+        "inline": [
+          "if [ \"$REMOVE_NAMESERVER\" = \"true\" ]; then",
+          "  cat /etc/resolv.conf",
+          "  echo 'Removing nameserver from resolv.conf...'",
+          "  sudo sed -i '/^nameserver/d' /etc/resolv.conf",
+          "  echo 'Removing stale nameserver is done, checking the current content of /etc/resolv.conf...'",
+          "  cat /etc/resolv.conf",
+          "else",
+          "  echo 'Skipping nameserver cleanup.'",
+          "fi"
+        ]
     }
   ],
   "variables": {
diff --git a/images/capi/packer/qemu/qemu-rockylinux-9.json b/images/capi/packer/qemu/qemu-rockylinux-9.json
@@ -13,5 +13,6 @@
   "iso_url": "https://dl.rockylinux.org/vault/rocky/9.4/isos/x86_64/Rocky-9.4-x86_64-minimal.iso",
   "os_display_name": "RockyLinux 9",
   "redhat_epel_rpm": "https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm",
+  "remove_nameserver": "true",
   "shutdown_command": "/sbin/halt -h -p"
 }

Original file line number	Diff line number	Diff line change
`@@ -13,5 +13,6 @@`
`13`	`13`	`"iso_url": "https://dl.rockylinux.org/vault/rocky/9.4/isos/x86_64/Rocky-9.4-x86_64-minimal.iso",`
`14`	`14`	`"os_display_name": "RockyLinux 9",`
`15`	`15`	`"redhat_epel_rpm": "https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm",`
	`16`	`+ "remove_nameserver": "true",`
`16`	`17`	`"shutdown_command": "/sbin/halt -h -p"`
`17`	`18`	`}`