82ee60fe8b
Change additional dnsmasq opts: - Adjust caching size and TTL - Disable resolve conf to not create loops - Change dnsPolicy to default (similarly to kubedns's dnsmasq). The ClusterFirst should not be used to not create loops - Disable negative NXDOMAIN replies to be cached - Make its very installation as optional step (enabled by default). If you don't want more than 3 DNS servers, including 1 for K8s, disable it. - Add docs and a drawing to clarify DNS setup. - Fix stdout logs for dnsmasq/kubedns app configs - Add missed notifies to resolvconf -u handler - Fix idempotency of resolvconf head file changes Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
21 lines
926 B
Markdown
21 lines
926 B
Markdown
K8s DNS stack by Kargo
|
|
======================
|
|
|
|
Here is an approximate picture of how DNS things working and
|
|
being configured by Kargo ansible playbooks:
|
|
|
|
|
|
|
|
Note that an additional dnsmasq daemon set is installed by Kargo
|
|
by default. Kubelet will configure DNS base of all pods to use that
|
|
dnsmasq cluster IP. You can disable it with the ``skip_dnsmasq``
|
|
var. This may be the case, if you're fine with Linux limit of max 3
|
|
nameservers in the ``/etc/resolv.conf``. When skipped and bypassed
|
|
directly to Kubedns's dnsmasq cluster IP, it greatly simplifies things
|
|
by the price of limited nameservers though.
|
|
|
|
Nameservers are configured in the hosts' ``/etc/resolv.conf`` files
|
|
from the ``nameservers`` (see also ``searchdomains``) vars. While the
|
|
``upstream_dns_servers`` will define additional DNS servers for the
|
|
dnsmasq daemon set running on all hosts (unless bypassed with
|
|
``skip_dnsmasq``).
|