Join Log in
Score:0
user3142695 avatar Server

How to configure /etc/resolv.conf in my kube-flannel-ds pods of a k8s cluster?

cn flag
user3142695

I'm running a kubernetes cluster (bare metal; v1.23) with one master and three workers. I'm using flannel (v0.19.2) for pod network.

In my syslog I see errors like: Nameserver limits were exceeded, some nameservers have been omitted, the applied nameserver line is: 46.38.252.230 46.38.225.230 2a03:4000:8000::fce6, which has its origin in the kube-flannel-ds pods. Inside of the pods I see:

$ cat /etc/resolv.conf

nameserver 46.38.252.230
nameserver 46.38.225.230
nameserver 2a03:4000:0:1::e1e6
search

As there are more than three lines, the error message occurs. But I am not sure, how to solve this as I do not know how this conf file is generated.

On k8s cluster creation I did: kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/v0.19.2/Documentation/kube-flannel.yml >> pod_network_setup.txt

Update

The worker nodes are running on a ubuntu 22.04 machine.

cat /etc/resolv.conf

# This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8).
# Do not edit.
#
# This file might be symlinked as /etc/resolv.conf. If you're looking at
# /etc/resolv.conf and seeing this text, you have followed the symlink.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs should typically not access this file directly, but only
# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
# different way, replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.

nameserver 127.0.0.53
options edns0 trust-ad
search .

resolvectl status

Global
         Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
  resolv.conf mode: stub
Current DNS Server: 46.38.252.230
       DNS Servers: 46.38.252.230 46.38.225.230 2a03:4000:8000::fce6 2a03:4000:0:1::e1e6

Link 2 (eth0)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 3 (docker0)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
828
1 + 0
Score:0
A. Darwin avatar Server
my flag
A. Darwin

If dnsPolicy is set to Default, Kubernetes pods inherit DNS configuration from the worker nodes they're on.

Depending on your worker Linux distribution and other details, you may find that configuration in:

  • /etc/resolv.conf

  • /etc/dhcp/dhclient.conf

  • /etc/sysconfig/network-scripts/ (Fedora, Centos and RHEL)

+ 2
user3142695 avatar
cn flag
user3142695
I've updated the post with some more infos
0
Reply
Ginnungagap avatar
gu flag
Ginnungagap
FYI, RHEL 9 finally abandoned `/etc/sysconfig/network-scripts` in favor of NetworkManager.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.