Add support for running a nodelocal dns cache #3861
Conversation
k8s-ci-robot
added
size/L
nysthee
force-pushed
the
feature/add-node-local-dns-cache
branch
from
aa19156 to
4a31e48
Compare
|
I would like a suggestion as well on where to put the documentation for this. |
nysthee
force-pushed
the
feature/add-node-local-dns-cache
branch
2 times, most recently
from
c803ca5 to
0a46af3
Compare
After encountering dns issues in a cluster I was recently working on I noticed Kubernetes 1.13 introduced support for running a nodelocal dns cache. I believe this can usefull for more people. kubernetes/kubernetes@73b548d https://github.com/kubernetes/enhancements/blob/master/keps/sig-network/0030-nodelocal-dns-cache.md
nysthee
force-pushed
the
feature/add-node-local-dns-cache
branch
from
0a46af3 to
8172b6b
Compare
There was a problem hiding this comment.
- Can you describe what DNS issues you were encountering?
- Can you please provide a doc in
/docsfolder and eventually update the DNS stack documentation
I guess to use the nodelocaldns cache, you'll have to use the defined local dns ip as resolver? 169.254.25.10 that is, currently ?
If you had issues with the conntract table being filled up with DNS entries, the you can avoid that by setting the following sysctl:
- name: 'net.netfilter.nf_conntrack_udp_timeout_stream'
value: '10'
- name: 'net.netfilter.nf_conntrack_udp_timeout'
value: '10'
roles/kubernetes-apps/ansible/templates/nodelocaldns-deamonset.yml.j2
Outdated
Show resolved
Hide resolved
roles/kubernetes-apps/ansible/templates/nodelocaldns-deamonset.yml.j2
Outdated
Show resolved
Hide resolved
roles/kubernetes-apps/ansible/templates/nodelocaldns-deamonset.yml.j2
Outdated
Show resolved
Hide resolved
roles/kubernetes-apps/ansible/templates/nodelocaldns-deamonset.yml.j2
Outdated
Show resolved
Hide resolved
|
Just ping me when you want me to review again :) |
|
Will do :) |
|
The issues I was encountering were unexplainable DNS timeouts. Like every few requests. References: |
|
@woopstar if you could review again please |
roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
Outdated
Show resolved
Hide resolved
roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
Outdated
Show resolved
Hide resolved
roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
Outdated
Show resolved
Hide resolved
roles/kubernetes-apps/ansible/templates/nodelocaldns-deamonset.yml.j2
Outdated
Show resolved
Hide resolved
roles/kubernetes-apps/ansible/templates/nodelocaldns-deamonset.yml.j2
Outdated
Show resolved
Hide resolved
done |
|
ci check this |
|
Latest changes pushed as well. |
|
Maybe I should squash the commits? |
|
auto squash is enabled |
|
ci check this |
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: ant31, nysthee The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
I still don't get how this works as a cache unless you use the |
|
Seems I'm right. Looking here they set the nodelocal ip as the first cluster ip that gets populated into the pod. You need to apply a PR fix asap where you apply the nodelocaldns_ip as the first ip in the list here What this basically does is to simply just start a DNS pod on each node instead. Then you forwards requests from pods on a node to the local DNS pods running on the same node, which will prevent a DNAT. If that pod does not work, the clusterIP for the DNS plugin (kube-dns, coredns etc) is used. Here they just use CoreDNS as cache too. You can use Unbound, dnsmasq etc. too. This should be enabled by default btw. |
Sorry. What you actually need to do is to overwrite the |
* Add support for running a nodelocal dns cache After encountering dns issues in a cluster I was recently working on I noticed Kubernetes 1.13 introduced support for running a nodelocal dns cache. I believe this can usefull for more people. kubernetes/kubernetes@73b548d https://github.com/kubernetes/enhancements/blob/master/keps/sig-network/0030-nodelocal-dns-cache.md * Add requested changes * Add additional requested changes + documentation * Add requested changes after review * Replace incorrect variable
* Add support for running a nodelocal dns cache After encountering dns issues in a cluster I was recently working on I noticed Kubernetes 1.13 introduced support for running a nodelocal dns cache. I believe this can usefull for more people. kubernetes/kubernetes@73b548d https://github.com/kubernetes/enhancements/blob/master/keps/sig-network/0030-nodelocal-dns-cache.md * Add requested changes * Add additional requested changes + documentation * Add requested changes after review * Replace incorrect variable
* Add support for running a nodelocal dns cache After encountering dns issues in a cluster I was recently working on I noticed Kubernetes 1.13 introduced support for running a nodelocal dns cache. I believe this can usefull for more people. kubernetes/kubernetes@73b548d https://github.com/kubernetes/enhancements/blob/master/keps/sig-network/0030-nodelocal-dns-cache.md * Add requested changes * Add additional requested changes + documentation * Add requested changes after review * Replace incorrect variable
|
Sorry for digging up the grave. |
After encountering dns issues in a cluster I was recently working on I
noticed Kubernetes 1.13 introduced support for running a nodelocal dns
cache.
I believe this can usefull for more people.
kubernetes/kubernetes@73b548d
https://github.com/kubernetes/enhancements/blob/master/keps/sig-network/0030-nodelocal-dns-cache.md
Feedback welcome!