If you sometimes need to use a DNS-server in kubernetes at work you can add this to your network-settings. But reconfiguring the settings can be tedious.
I wrote a DNS-forwarder that could talk to one or more public DNS-servers and the kubernetes DNS-server, and let it handle the rest. This way I always have a working DNS-resolution even if not all DNS-servers are reachable. The DNS-load-balancer can be found at https://github.com/kometen/dns-load-balancer/.
As an example here is my config.toml:
$ cat /usr/local/etc/dns-load-balancer/config.toml
[[servers]]
address = "1.1.1.1"
use_tls = true
description = "Cloudflare DNS"
[[servers]]
address = "8.8.8.8"
use_tls = true
description = "Google DNS"
[[servers]]
address = "10.152.183.10"
use_tls = false
description = "Kubernetes DNS"
When the Wireguard VPN-tunnel is not connected to the kubernetes-cluster:
$ host postgresql.invoice.svc.cluster.local
DNS resolution failed: Failed to resolve hostname: postgresql.invoice.svc.cluster.local.
Root cause: no record found for Query { name: Name("postgresql.invoice.svc.cluster.local."), query_type: AAAA, query_class: IN }
Error: Failed to resolve hostname: postgresql.invoice.svc.cluster.local.
Caused by:
no record found for Query { name: Name("postgresql.invoice.svc.cluster.local."), query_type: AAAA, query_class: IN }
When connected:
$ host postgresql.invoice.svc.cluster.local
postgresql.invoice.svc.cluster.local has address 10.152.183.95
Had I configured the Kubernetes DNS as the only DNS-server, either in network-settings or in config.toml no nameresolution would take place. By adding Cloudflare and Google nameresolution will usually work and only fail if the Wireguard VPN is not connected and I query for services in Kubernetes.
Top comments (0)