scenario
Kubernetes in-cluster Kube-DNS/CoreDNS applies to resolving only cluster-internal domain names or cluster-internal domain names + external domain names. This is the default DNS for workloads.
example :
apiversion : v1 is kind
kind : Pod
metadata :
namespace : default
name : dns - example
spec :
container :
- name : test
image : nginx : alpine
dnspolicy : ClusterFirst
imagePullSecrets :
- name : default - secret
Container’s DNS configuration file:
nameserver 10.247.3.10 search default.svc.cluster.local svc.cluster.local cluster.local options ndots:5
scenario
By default , a dns is used for workload run with hostNetwork . If workload need to use Kube – DNS / CoreDNS , set dnspolicy to ClusterFirstWithHostNet .
example :
apiVersion: v1
kind: Pod
metadata:
name: nginx
spec:
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
containers:
- name: nginx
image: nginx:alpine
ports:
- containerPort: 80
imagePullSecrets:
- name: default-secret
Container’s DNS configuration file:
nameserver 10.247.3.10 search default.svc.cluster.local svc.cluster.local cluster.local options ndots:5
scenario
You can flexibly customize the DNS configuration file for applications. Using dnsPolicy and dnsConfig together can address almost all scenarios, including the scenarios in which an on-premises DNS will be used, multiple DNSs will be cascaded, and DNS configuration options will be modified.
Example 1: Using Your On-Premises DNS
set dnspolicy to None so application ‘s dns configuration file is generate base on dnsConfig .
apiversion : v1 is kind
kind : Pod
metadata :
namespace : default
name : dns - example
spec :
container :
- name : test
image : nginx : alpine
dnspolicy : " None "
dnsconfig :
nameserver :
- 10.2.3.4 # ip address of your on - premise DNS
search :
- ns1.svc.cluster.local
- my.dns.search.suffix
option :
- name : ndot
value : " 2 "
- name : timeout
value : " 3 "
imagePullSecrets :
- name : default - secret
Container’s DNS configuration file:
nameserver 10.2.3.4 search ns1.svc.cluster.local my.dns.search.suffix options timeout:3 ndots:2
Example 2: Modifying the ndots Option in the DNS Configuration File to Reduce Invalid DNS Queries
set dnspolicy to a value other than None so the dns parameter configure in dnsConfig are add to the dns configuration file generate base on dnsPolicy .
apiVersion: v1
kind: Pod
metadata:
namespace: default
name: dns-example
spec:
containers:
- name: test
image: nginx:alpine
dnsPolicy: "ClusterFirst"
dnsConfig:
options:
- name: ndots
value: "2" # The ndots:5 option in the DNS configuration file generated based on the ClusterFirst policy is changed to ndots:2.
imagePullSecrets:
- name: default-secret
Container’s DNS configuration file:
nameserver 10.247.3.10 search default.svc.cluster.local svc.cluster.local cluster.local options ndots:2
Example 3: Using Multiple DNSs in Serial Sequence
apiVersion: v1
kind: Pod
metadata:
namespace: default
name: dns-example
spec:
containers:
- name: test
image: nginx:alpine
dnsPolicy: ClusterFirst # Added DNS configuration. The cluster connects to CoreDNS by default.
dnsConfig:
nameservers:
- 10.2.3.4 # IP address of your on-premises DNS
imagePullSecrets:
- name: default-secret
A maximum of three dns address can be configure for a nameserver in the container dns configuration file .
- If dnsPolicy is set to ClusterFirst and the cluster uses CoreDNS, you can add two custom DNS addresses in addition to the CoreDNS address. Excess DNS addresses are invalid.
- If dnsPolicy is set to ClusterFirst and the cluster uses CoreDNS and NodeLocal DNSCache, you can add one custom DNS address in addition to the CoreDNS and NodeLocal DNSCache addresses. Excess DNS addresses are invalid.
Container’s DNS configuration file:
nameserver 10.247.3.10 10.2.3.4 search default.svc.cluster.local svc.cluster.local cluster.local options ndots:5
© Copyright notes
The copyright of the article belongs to the author, please do not reprint without permission.
Related posts
No comments...
