How to prevent kube-dns from forwarding request to 8.8.8.8:53

[Dongwon Kim]

* I already post this question in http://stackoverflow.com/questions/42291264/how-to-prevent-kube-dns-from-forwarding-request-to-8-8-8-853

How can I prevent kube-dns from forwarding request to Google's name servers (8.8.8.8:53 and 8.8.4.4:53)? I just want to launch pods only for internal use, which means containers in pods are not supposed to connect to the outside at all. When a Zookeeper client connects to a Zookeeper server using hostname (e.g. zkCli.sh -server zk-1.zk-headless), it takes 10 seconds for the client to change its state from [Connecting] to [Connected]. The reason I suspect kube-dns is that, with pods' IP address, the client gets connected instantly. When I take a look at the log of kube-dns, I found the following two lines:

• 07:25:35:170773 1 logs.go:41] skydns: failure to forward request "read udp 10.244.0.13:43455->8.8.8.8:53: i/o timeout"
• 07:25:39:172847 1 logs.go:41] skydns: failure to forward request "read udp 10.244.0.13:42388->8.8.8.8:53: i/o timeout"

It was around 07:25:30 when the client starts to connect to the server.

I'm running Kubernetes on a private cluster where internal servers are communicating to internet via http_proxy/https_proxy, which means I cannot connect to 8.8.8.8 for name resolution, AFAIK.

I found the followings from https://github.com/skynetservices/skydns:

• The default value of an environmental variable named SKYDNS_NAMESERVERS is "8.8.8.8:53,8.8.4.4:53"
• I could achieve my purpose by setting no_rec to true

I've been initiating Kubernetes using kubeadm and I couldn't find a way to modify the environmental variable and set the property value of skydns.

How can I prevent kube-dns from forwarding request to the outside of an internal Kubernetes cluster which is deployed by kubeadm?