From 0a687a22ffd8e38ca7983f04e277cb20f43ca0e9 Mon Sep 17 00:00:00 2001 From: Sergii Golovatiuk Date: Thu, 20 Apr 2017 11:07:34 +0200 Subject: [PATCH] Change DNS policy for kubernetes components According to code apiserver, scheduler, controller-manager, proxy don't use resolution of objects they created. It's not harmful to change policy to have external resolver. Signed-off-by: Sergii Golovatiuk --- .../master/templates/manifests/kube-apiserver.manifest.j2 | 2 +- .../templates/manifests/kube-controller-manager.manifest.j2 | 2 +- .../master/templates/manifests/kube-scheduler.manifest.j2 | 2 +- .../kubernetes/node/templates/manifests/kube-proxy.manifest.j2 | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 index ae014f8d3..b0f1a2f53 100644 --- a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 +++ b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 @@ -9,7 +9,7 @@ metadata: spec: hostNetwork: true {% if kube_version | version_compare('v1.6', '>=') %} - dnsPolicy: ClusterFirstWithHostNet + dnsPolicy: ClusterFirst {% endif %} containers: - name: kube-apiserver diff --git a/roles/kubernetes/master/templates/manifests/kube-controller-manager.manifest.j2 b/roles/kubernetes/master/templates/manifests/kube-controller-manager.manifest.j2 index b483047db..d3f8a23a5 100644 --- a/roles/kubernetes/master/templates/manifests/kube-controller-manager.manifest.j2 +++ b/roles/kubernetes/master/templates/manifests/kube-controller-manager.manifest.j2 @@ -8,7 +8,7 @@ metadata: spec: hostNetwork: true {% if kube_version | version_compare('v1.6', '>=') %} - dnsPolicy: ClusterFirstWithHostNet + dnsPolicy: ClusterFirst {% endif %} containers: - name: kube-controller-manager diff --git a/roles/kubernetes/master/templates/manifests/kube-scheduler.manifest.j2 b/roles/kubernetes/master/templates/manifests/kube-scheduler.manifest.j2 index 694450ce7..441f991eb 100644 --- a/roles/kubernetes/master/templates/manifests/kube-scheduler.manifest.j2 +++ b/roles/kubernetes/master/templates/manifests/kube-scheduler.manifest.j2 @@ -8,7 +8,7 @@ metadata: spec: hostNetwork: true {% if kube_version | version_compare('v1.6', '>=') %} - dnsPolicy: ClusterFirstWithHostNet + dnsPolicy: ClusterFirst {% endif %} containers: - name: kube-scheduler diff --git a/roles/kubernetes/node/templates/manifests/kube-proxy.manifest.j2 b/roles/kubernetes/node/templates/manifests/kube-proxy.manifest.j2 index 745c671d8..9b7d53857 100644 --- a/roles/kubernetes/node/templates/manifests/kube-proxy.manifest.j2 +++ b/roles/kubernetes/node/templates/manifests/kube-proxy.manifest.j2 @@ -8,7 +8,7 @@ metadata: spec: hostNetwork: true {% if kube_version | version_compare('v1.6', '>=') %} - dnsPolicy: ClusterFirstWithHostNet + dnsPolicy: ClusterFirst {% endif %} containers: - name: kube-proxy