Kubedns and node nameservers
171 views
Skip to first unread message
Todd VanderVeen
Oct 17, 2016, 4:11:11 PM10/17/16
to Kubernetes user discussion and Q&A
I've setup a k8s 1.4 cluster with the kubedns addon. In-cluster resolution is working as expected, but external names cannot be resolved. As I understand it, the nodes defined nameservers are used for resolution (with the caveat that only 3 entries are permitted, with skydns taking one) outside of the cluster. Am I misunderstanding this expected behavior, or do external nameservers need to be explicitly configured somehow?
Tim Hockin
Oct 17, 2016, 7:52:51 PM10/17/16
to kubernet...@googlegroups.com
kube-dns should pass-thru to whatever nameserver(s) are configured in
the node's resolv.conf
> --
> You received this message because you are subscribed to the Google Groups
> "Kubernetes user discussion and Q&A" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to kubernetes-use...@googlegroups.com.
> To post to this group, send email to kubernet...@googlegroups.com.
> Visit this group at https://groups.google.com/group/kubernetes-users.
> For more options, visit https://groups.google.com/d/optout.
the node's resolv.conf
> You received this message because you are subscribed to the Google Groups
> "Kubernetes user discussion and Q&A" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to kubernetes-use...@googlegroups.com.
> To post to this group, send email to kubernet...@googlegroups.com.
> Visit this group at https://groups.google.com/group/kubernetes-users.
> For more options, visit https://groups.google.com/d/optout.
Matthias Rampke
Oct 18, 2016, 3:46:36 AM10/18/16
to kubernet...@googlegroups.com
To debug, you can `kubectl exec` into a kubedns pod and inspect the /etc/resolv.conf it got.
Todd VanderVeen
Oct 18, 2016, 12:14:32 PM10/18/16
to kubernet...@googlegroups.com
Sorry, I should have been clearer about what I am observing. My nodes /etc/resolv.conf lists 3 name servers and 3 search domains. However, my containers show only a single name server, as specified by the kubelet. The search domain list is properly extended to 6 entries, being prefixed with the 3 expected cluster domains.
The only dns related configuration I've used are the kubelet flags:
--cluster-dns=10.3.0.10
--cluster-domain=cluster.local
What else would play into this?
Thanks,
On Tue, Oct 18, 2016 at 1:46 AM, Matthias Rampke <m...@soundcloud.com> wrote:
To debug, you can `kubectl exec` into a kubedns pod and inspect the /etc/resolv.conf it got.
On Tue, Oct 18, 2016, 01:52 'Tim Hockin' via Kubernetes user discussion and Q&A <kubernetes-users@googlegroups.com> wrote:
kube-dns should pass-thru to whatever nameserver(s) are configured in
the node's resolv.conf
On Mon, Oct 17, 2016 at 1:11 PM, Todd VanderVeen
<todd.vanderveen@collectivemedicaltech.com> wrote:
> I've setup a k8s 1.4 cluster with the kubedns addon. In-cluster resolution
> is working as expected, but external names cannot be resolved. As I
> understand it, the nodes defined nameservers are used for resolution (with
> the caveat that only 3 entries are permitted, with skydns taking one)
> outside of the cluster. Am I misunderstanding this expected behavior, or do
> external nameservers need to be explicitly configured somehow?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Kubernetes user discussion and Q&A" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to kubernetes-users+unsubscribe@googlegroups.com.
> To post to this group, send email to kubernetes-users@googlegroups.com.
> Visit this group at https://groups.google.com/group/kubernetes-users.
> For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Kubernetes user discussion and Q&A" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-users+unsubscribe@googlegroups.com.
To post to this group, send email to kubernetes-users@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to a topic in the Google Groups "Kubernetes user discussion and Q&A" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/kubernetes-users/bQ2gQ7algEU/unsubscribe.
To unsubscribe from this group and all its topics, send an email to kubernetes-users+unsubscribe@googlegroups.com.
To post to this group, send email to kubernetes-users@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.
Todd VanderVeen
Todd VanderVeen
Oct 18, 2016, 12:21:48 PM10/18/16
to kubernet...@googlegroups.com
The kube-dns pod does reflect the node's nameservers and external name resolution does work from within the container.
Tim Hockin
Oct 18, 2016, 4:16:10 PM10/18/16
to kubernet...@googlegroups.com
What you describe is correct - normal containers get the kube-dns as
their sole nameserver. kube-dns is responsible for forwarding DNS for
domains it does not own.
On Tue, Oct 18, 2016 at 9:21 AM, Todd VanderVeen
>>>> > email to kubernetes-use...@googlegroups.com.
>>>> To post to this group, send email to kubernet...@googlegroups.com.
>>> To post to this group, send email to kubernet...@googlegroups.com.
> To post to this group, send email to kubernet...@googlegroups.com.
their sole nameserver. kube-dns is responsible for forwarding DNS for
domains it does not own.
On Tue, Oct 18, 2016 at 9:21 AM, Todd VanderVeen
>>>> > To post to this group, send email to
>>>> > kubernet...@googlegroups.com.
>>>> > Visit this group at https://groups.google.com/group/kubernetes-users.
>>>> > For more options, visit https://groups.google.com/d/optout.
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Kubernetes user discussion and Q&A" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to kubernetes-use...@googlegroups.com.
>>>> > For more options, visit https://groups.google.com/d/optout.
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Kubernetes user discussion and Q&A" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> To post to this group, send email to kubernet...@googlegroups.com.
>>>> Visit this group at https://groups.google.com/group/kubernetes-users.
>>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>> --
>>> You received this message because you are subscribed to a topic in the
>>> Google Groups "Kubernetes user discussion and Q&A" group.
>>> To unsubscribe from this topic, visit
>>> https://groups.google.com/d/topic/kubernetes-users/bQ2gQ7algEU/unsubscribe.
>>> To unsubscribe from this group and all its topics, send an email to
>>> kubernetes-use...@googlegroups.com.
>>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>> --
>>> You received this message because you are subscribed to a topic in the
>>> Google Groups "Kubernetes user discussion and Q&A" group.
>>> To unsubscribe from this topic, visit
>>> https://groups.google.com/d/topic/kubernetes-users/bQ2gQ7algEU/unsubscribe.
>>> To unsubscribe from this group and all its topics, send an email to
>>> To post to this group, send email to kubernet...@googlegroups.com.
>>> Visit this group at https://groups.google.com/group/kubernetes-users.
>>> For more options, visit https://groups.google.com/d/optout.
>>
>>
>>
>>
>> --
>> Todd VanderVeen
>> Collective Medical Technologies
>>
>> (801) 419-2288 (c)
>> 9815 S. Monroe St. Ste. 501
>> Salt Lake City, UT 84070
>> http://www.collectivemedicaltech.com
>
>
>
>
> --
> Todd VanderVeen
> Collective Medical Technologies
>
> (801) 419-2288 (c)
> 9815 S. Monroe St. Ste. 501
> Salt Lake City, UT 84070
> http://www.collectivemedicaltech.com
>
>>> For more options, visit https://groups.google.com/d/optout.
>>
>>
>>
>>
>> --
>> Todd VanderVeen
>> Collective Medical Technologies
>>
>> (801) 419-2288 (c)
>> 9815 S. Monroe St. Ste. 501
>> Salt Lake City, UT 84070
>> http://www.collectivemedicaltech.com
>
>
>
>
> --
> Todd VanderVeen
> Collective Medical Technologies
>
> (801) 419-2288 (c)
> 9815 S. Monroe St. Ste. 501
> Salt Lake City, UT 84070
> http://www.collectivemedicaltech.com
>
> --
> You received this message because you are subscribed to the Google Groups
> "Kubernetes user discussion and Q&A" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to kubernetes-use...@googlegroups.com.
> You received this message because you are subscribed to the Google Groups
> "Kubernetes user discussion and Q&A" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> To post to this group, send email to kubernet...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages