Make dnsmasq daemon set optional

Change additional dnsmasq opts:
- Adjust caching size and TTL
- Disable resolve conf to not create loops
- Change dnsPolicy to default (similarly to kubedns's dnsmasq). The
  ClusterFirst should not be used to not create loops
- Disable negative NXDOMAIN replies to be cached
- Make its very installation as optional step (enabled by default).
  If you don't want more than 3 DNS servers, including 1 for K8s, disable
  it.
- Add docs and a drawing to clarify DNS setup.
- Fix stdout logs for dnsmasq/kubedns app configs
- Add missed notifies to resolvconf -u handler
- Fix idempotency of resolvconf head file changes

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>

roles/dnsmasq/templates/01-kube-dns.conf.j2

@@ -4,6 +4,10 @@ listen-address=0.0.0.0
 
 addn-hosts=/etc/hosts
 
+strict-order
+# Forward k8s domain to kube-dns
+server=/{{ dns_domain }}/{{ skydns_server }}
+
 #Set upstream dns servers
 {% if upstream_dns_servers is defined %}
 {% for srv in upstream_dns_servers %}
@@ -14,8 +18,9 @@ server={{ srv }}
  server=8.8.4.4
 {% endif %}
 
-# Forward k8s domain to kube-dns
-server=/{{ dns_domain }}/{{ skydns_server }}
-
-# Forward reverse lookups for k8s service addresses to kube-dns
-rev-server={{ kube_service_addresses }},{{ skydns_server }}
+no-resolv
+no-negcache
+cache-size=1000
+max-cache-ttl=10
+max-ttl=20
+log-facility=-

roles/dnsmasq/templates/dnsmasq-ds.yml

@@ -50,3 +50,4 @@ spec:
         - name: etcdnsmasqdavailable
           hostPath:
             path: /etc/dnsmasq.d-available
+      dnsPolicy: Default  # Don't use cluster DNS.